What you need to know about data security in LimeSurvey

Data security in LimeSurvey

LimeSurvey is a German-based online survey software company with its headquarters in Hamburg. We are very conscious of data security and privacy regulations of our users with a view to the existing strict data protection laws in Germany.

You can read up on our privacy policy and data protection statement here.

We want our users and our community to feel safe and protected when working on and with our online survey software which is why we will expound the essentials you need to know in terms of laws, measures and security associated with data gathered by LimeSurvey.

In short, there are different legislative levels involved in the bigger picture of data security that LimeSurvey is subject to.

Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG)

Starting at the organisational level on which LimeSurvey receives data input from any potential user, data security and privacy has to be ensured by orders of the superior federal state level, i.e. the respective legislation of any of the 16 federal states in Germany. However, these multiple federal state data protection laws have to coexist with regulations on the country level, the so-called Federal Data Protection Act which was first initialised back in 1978.

You can read up on the details of the Federal Data Protection Act here. To sum up, any data security concerns of a German organisation such as LimeSurvey have to live up to regulations dictated by the Federal Data Protection Act and the federal state laws.

The Federal Data Protection Act is furthermore connected to European regulations.

European Data Protection Directive 95/46/EC

The Data Protection Directive 95/46/EC was adopted by the European Union in 1995 in order to regulate data processing and laws within its member states. It serves to specify and dictate minimal data security requirements that each member state is to incorporate into internal law. In fact, by 1998 all member states had created their own data protection laws according to the European Data Protection Directive including Germany.

You can find out more about the European Data Protection Directive 95/46/EC here.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation is a new data protection regulation drafted by the European Union and will replace the previously existing European Data Protection Directive as well as the German Federal Data Protection Act and will therefore directly impact German laws on data security, including measures undertaken by LimeSurvey to keep users' data safe.

The GDPR will be implemented on 25 May 2018 and aims at strengthening data protection throughout the EU by unifying regulations incorporated into national law of all member states. Thus, data security policies will assimilate in future across countries in the European Union.

The goal is to increase data security by standardising regulations within an established and dynamically cooperating inner-European market.

The reason for this radical shift of EU regulations is founded in increasing data abuse possibilities due to expanding cloud computing and big data efforts prevalent among organisations in all areas nowadays.

You can find out more about the European General Data Protection Regulation here.


In safe hands with LimeSurvey

Any data collected and processed by LimeSurvey is strictly done within the legal requirements. We are an Open Source organisation that thrives on our great community without forcing or restricting anybody to use our online survey software. Said community can only keep growing safely if data protection is ensured at all times which is the most valuable user right in the eyes of the LimeSurvey company.

LimeSurvey neither discloses any user data publicly, nor transfers any user data to any third party without an explicit consent. It has always been this way and will always remain this way.