Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Technical questions about cookies and the "resume later" function for GDPR

  • nolten
  • nolten's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 6 months ago - 5 years 6 months ago #173697 by nolten
Hello together,

we're conducting surveys with LimeSurvey as part of our current research project. To comply with the GDPR, I'm currently writing a privacy policy.
For this, I got a few technical questions about cookies and the "resume later" function our server admin could not answer me. I hope, this is the correct subforum for such questions?

Cookies:
1. How long are session cookies valid, so how much time do participants have to take breaks/finish a long page of questions without loading a new page (assuming the cookie refreshes when loading a new page)?

2. Does LS use other cookies than session cookies? If yes, which and how long are they stored/valid?


"Resume later":
3. As using the "resume later" function counts as "registration" of an "account", we need to include this option in the policy. It is also required to give the participants the chance to "change their account data". But, how does this work, where to find and how to change it?

4. How long are those "accounts" stored? Until first used? Until participant finishes the survey? What happens with the account if the participant does not resume the survey until it is closed - is it deleted or saved until the survey itself is deleted?


Only thing I found using the search function was for "resume later" , and the manual does not include technical information like this.

Thanks in advance!
Last edit: 5 years 6 months ago by nolten.
The topic has been locked.
More
5 years 6 months ago #173699 by jelo
Some answers depending on the setup of your LimeSurvey server.
Where is LimeSurvey hosted?
And what version of LimeSurvey is used?

The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
  • nolten
  • nolten's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 6 months ago - 5 years 6 months ago #173702 by nolten
LimeSurvey is hosted on a server of our university's IT center.

I'm sadly not quite sure about the currently used version on the productive server. I've asked our admin, but haven't got an answer yet (because of data privacy later I do not have access to the productive server myself).
On a test server that is not in active use yet we run Version 3.12.1+180616, but from what I remember the interface on the productive server looked a little different, so it could be a slightly older version.
I'll update as soon as I got a reply from our admin, but maybe that already helps a little?
Last edit: 5 years 6 months ago by nolten.
The topic has been locked.
  • Joffm
  • Joffm's Avatar
  • Away
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173724 by Joffm
Hi,
only some remarks to your points 3 & 4.
There is no 'account' or 'registration'.
The participant just enters a password. This is absolutely free, like '123456' or '4€&aFgse&€3@&7'.
Only if he is afraid of suffering from Alzheimer disease he may enter an email address to get his password sent by email.
And this is according to the GDPR, because it is only used for this communication.

Now 4.
I am on a business trip, but I'll try. IMO this information should be deleted when the survey is deactivated.
But I am not really sure.
Joffm

Volunteers are not paid.
Not because they are worthless, but because they are priceless
The following user(s) said Thank You: nolten
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173726 by DenisChenu
Except if you check "Set cookie to prevent repeated participation" : all cookies are session cookies. Then close your browser : nothing leave.
And more : it's internal cookies (just for technical usage) .

About resume later : else : all information are deleted when submit survey.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The following user(s) said Thank You: tpartner, nolten
The topic has been locked.
  • nolten
  • nolten's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 6 months ago - 5 years 6 months ago #173758 by nolten

Joffm wrote: Hi,
only some remarks to your points 3 & 4.
There is no 'account' or 'registration'.
The participant just enters a password. This is absolutely free, like '123456' or '4€&aFgse&€3@&7'.
Only if he is afraid of suffering from Alzheimer disease he may enter an email address to get his password sent by email.
And this is according to the GDPR, because it is only used for this communication.

This is VERY interesting - we thought that by giving a (fictional) name and password, you automatically create an "account" (and therefore, are subject to the respective regulation), even if it does not include any data on the person itself.
If that's not the case, we could delete this whole section in our privacy policy, saving me lots of headaches... Question 4 would then become irrelevant, as this information would not count as personal data anymore and therefore needs no information on how long it is saved etc.

Are you sure about that? I would then just add a sentence in the section telling what data we collect about this function and probably be done with it.

DenisChenu wrote: Except if you check "Set cookie to prevent repeated participation" : all cookies are session cookies. Then close your browser : nothing leave.
And more : it's internal cookies (just for technical usage) .

We do not have this function activated, so it's session cookies only. Great, that makes my life quite a bit easier!


Thank you both very much for your help!
Last edit: 5 years 6 months ago by nolten.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173762 by DenisChenu
The major exception with LimeSurvey and GDPR/RGPD is
1: token … this is personnal information (email at minima)
2: set 'Save IP adress' : this one is awfull (i really dislike it), but more save complete IP adress : no way to save partial IP adress (like matomo ( matomo.org/gdpr/ ) ). And this don't show a warning to admin user …
3: Save "enter url" : this can be out of GDPR issue
4: and of course : personnal information inside surveys

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • holch
  • holch's Avatar
  • Away
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173779 by holch

2: set 'Save IP adress' : this one is awfull (i really dislike it), but more save complete IP adress : no way to save partial IP adress (like matomo ( matomo.org/gdpr/ ) ). And this don't show a warning to admin user …


This can make sense, so I don't think it is a good idea to exclude it. I agree that it would be great to have the additional option to just save the IP particially. But if you inform your respondents at the beginning of the survey that you will store the IP and for how long, this should be OK as well.

I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.

The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173802 by DenisChenu

holch wrote:

2: set 'Save IP adress' : this one is awfull (i really dislike it), but more save complete IP adress : no way to save partial IP adress (like matomo ( matomo.org/gdpr/ ) ). And this don't show a warning to admin user …


This can make sense, so I don't think it is a good idea to exclude it. I agree that it would be great to have the additional option to just save the IP particially. But if you inform your respondents at the beginning of the survey that you will store the IP and for how long, this should be OK as well.

Yes, but if a survey is set «not anonymous» : there are specific action done by LimeSurvey code (show the privacy.twig from template) , we don't have such systme for IP.
Then the information must be updated survey by survey
Maybe just add an empty twig saveipadress.twig file only addes if ip adress is saved in 1st page

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • nolten
  • nolten's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
5 years 6 months ago #173827 by nolten

holch wrote:

2: set 'Save IP adress' : this one is awfull (i really dislike it), but more save complete IP adress : no way to save partial IP adress (like matomo ( matomo.org/gdpr/ ) ). And this don't show a warning to admin user …

This can make sense, so I don't think it is a good idea to exclude it. I agree that it would be great to have the additional option to just save the IP particially. But if you inform your respondents at the beginning of the survey that you will store the IP and for how long, this should be OK as well.

As far as I know, the IP is only stored via logfiles (for 4 weeks), which we state in the policy - all other options should be deactivated. So this should probably be ok?


And does anyone else know something about the "resume later" function being some kind of registration or not, just to be sure?
The topic has been locked.
  • holch
  • holch's Avatar
  • Away
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173835 by holch

And does anyone else know something about the "resume later" function being some kind of registration or not, just to be sure?


I guess, this pretty much depends on the eye of the beholder. When is putting an email* and a password a registration, when not? *I know that the email is not necessary, but still. It is there and people can put it.

To be on the save side I would consider it a temporary registration, deleted after a certain time. But as I said, this depends very much on how the GDPR defines "registration".

If the survey is not extremely long, I would just not offer this option. I think this only really makes sense when the survey is pretty long.

I answer at the LimeSurvey forum in my spare time, I'm not a LimeSurvey GmbH employee.
No support via private message.

The following user(s) said Thank You: nolten
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
5 years 6 months ago #173839 by DenisChenu

nolten wrote: As far as I know, the IP is only stored via logfiles (for 4 weeks), which we state in the policy - all other options should be deactivated. So this should probably be ok?

I spoke for LimeSurvey settings : manual.limesurvey.org/Notifications_%26_data

4 weeks, in France : we have this law : www.legifrance.gouv.fr/affichCode.do?cid...LEGITEXT000006070987 . We must keep log one year … but not more else we are out of this law : www.legifrance.gouv.fr/affichTexteArticl...LEGIARTI000006528131
:silly:

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The following user(s) said Thank You: nolten
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose