Welcome, Guest
Username: Password: Remember me

TOPIC: Privacy issues in LimeSurvey

Privacy issues in LimeSurvey 3 years 4 months ago #60410

  • pgs
  • pgs's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 1
  • Karma: 0
Hello there,

I've got a few questions regarding LimeSurvey and privacy. In Germany, privacy is relatively restrictive by law. As I'm currently setting up a LimeSurvey server, my supervisory authority (and therefore me) have some questions which I can not answer by consulting the docs.
So I hope that this is the right place to ask for some advice.

When activating the option for participants to buffer answers to continue survey at a later time in a non-anonymous survey, the documentation says that token data and answer data are stored in two seperate tables, lime_tokens_12345 and lime_survey_12345. Now since the survey is not anonymous, the token is carried over in the answer data table.

My question: After a participant has completed a survey, is the token data in both tables being automatically deleted?

Thanks in advance and kind regards, pgs
The administrator has disabled public write access.

Re: Privacy issues in LimeSurvey 3 years 4 months ago #60412

  • holch
  • holch's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 2715
  • Thank you received: 331
  • Karma: 121
I think you go too far. As far as I know, the data protection laws in Germany require to have personal data and survey data separated as soon as possible. Because sometimes you just can't separate them because of the survey design or because you have to send incentives, etc.

I don't think the tokens are automatically deleted, because this would be counter productive for some of the above sceneries.

Data protection is not just a tool or a function in a tool, but a process in your organization. Even if there is the possibility to analyze the data together with personal data you wouldn't, if you are wanting to comply with data protection.

Once you are sure that you don't need the personal data anymore, you will delete them. Additionally, in a survey you usually obtain the personal data because the participant has given them to you.

I am not a data protection expert, but with this procedure you should be fine. What I am usually doing (though not in Germany) is to avoid personal data as much as possible. In case personal data is necessary, then we try to collect only the necessary and inform participants for what we need it. Once we don't need the connection of personal data and results anymore (e.g. for additional surveys, a prize draw, incentives, etc.) we disconnect the information and delete it, if possible.

However, this is just my opinion and the hardcore dataprotectors would have a different opinion. Often for yourself you don't find it so problematic, because you know how you treat the data and that you wouldn't do anything wrong with it, even having the possibility, but of course others don't know you and would think differently.

Would be nice if we could get some discussion going here.
Have a look at the manual! It is a really valuable source for information. Here some helpful links:
Manual (EN) | Question Types | Question Attributes | Workarounds

If you found this answer helpful and it saved you some time please consider a donation to the project to keep Limesurvey going!
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.103 seconds
Donation Image