Surveya

Privacy Policy

Last updated: 13 November 2025

Surveya Pty Ltd ("Surveya", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our survey platform and services.

1. Introduction

Surveya Pty Ltd (ABN: [ABN Number]) operates from Melbourne, Victoria, Australia. We provide survey creation, distribution, and analytics services to organizations worldwide. This Privacy Policy applies to all users of our platform, including survey creators, respondents, and enterprise clients.

We are committed to complying with:

  • The Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)
  • The General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA)
  • Other applicable data protection laws in jurisdictions where we operate

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account information (name, email address, organization, job title)
  • Payment information (processed securely through third-party payment processors)
  • Survey content, questions, and responses
  • Report configurations and branding preferences
  • Support communications and feedback

2.2 Information Collected Automatically

When you use our platform, we automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Log data (access times, error logs, performance metrics)
  • Cookies and similar tracking technologies

2.3 Survey Response Data

As a data processor, we collect and process survey responses on behalf of our clients. This may include:

  • Responses to survey questions
  • Respondent identifiers (email addresses, employee IDs, or anonymous identifiers)
  • 360° feedback assessments and multi-rater data
  • Demographic and organizational information

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our survey platform and services
  • Process survey responses and generate reports
  • Authenticate users and manage accounts
  • Process payments and manage subscriptions
  • Send service-related communications and updates
  • Respond to support requests and inquiries
  • Analyze usage patterns to improve user experience
  • Comply with legal obligations and enforce our terms
  • Detect and prevent fraud, abuse, and security threats

4. Data Processing and Legal Basis (GDPR)

For users in the EEA, we process personal data based on the following legal bases:

  • Contractual necessity: To fulfill our service agreements
  • Legitimate interests: To improve our services and ensure platform security
  • Consent: Where you have provided explicit consent
  • Legal obligation: To comply with applicable laws

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

5.1 Service Providers

We engage third-party service providers to assist with:

  • Cloud hosting and infrastructure (data centers located in Australia and other regions)
  • Payment processing
  • Email delivery and communication services
  • Analytics and performance monitoring

All service providers are contractually bound to protect your information and use it only for specified purposes.

5.2 Enterprise Clients

For enterprise clients, survey response data is accessible only to authorized users within your organization as configured in your account settings. We act as a data processor and do not use your survey data for our own purposes without explicit consent.

5.3 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS/SSL) and at rest
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Employee training on data protection
  • Incident response procedures
  • Regular backups and disaster recovery plans

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and fulfill contractual obligations
  • Comply with legal and regulatory requirements
  • Resolve disputes and enforce agreements

Survey response data is retained according to your account settings and subscription plan. You may request deletion of your data at any time, subject to legal retention requirements.

8. Your Rights

8.1 Australian Privacy Principles Rights

Under the Privacy Act 1988 (Cth), you have the right to:

  • Access your personal information
  • Request correction of inaccurate information
  • Make a complaint to the Office of the Australian Information Commissioner (OAIC)

8.2 GDPR Rights (EEA Users)

If you are located in the EEA, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limitation of processing
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@surveya.co. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) for GDPR compliance
  • Data processing agreements with service providers
  • Compliance with applicable data protection laws

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Authenticate users and maintain session state
  • Remember preferences and settings
  • Analyze platform usage and performance
  • Improve user experience

You can control cookies through your browser settings. However, disabling cookies may affect platform functionality.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Enterprise Data Processing Agreements

For enterprise clients, we offer Data Processing Agreements (DPAs) that include:

  • Detailed data processing specifications
  • Security measures and breach notification procedures
  • Sub-processor lists and approval processes
  • Data retention and deletion policies
  • Audit rights and compliance certifications
  • International transfer safeguards

Enterprise clients should contact their account manager or sales@surveya.co to execute a DPA.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our platform

Continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or wish to exercise your privacy rights, please contact us:

Privacy Officer
Surveya Pty Ltd
10-20 Gwynne St
Cremorne VIC 3121
Australia

Email: privacy@surveya.co

Phone: [Phone Number]

For complaints under Australian privacy law, you may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.