At Tally, we are committed to protecting the privacy of our customers and form respondents. We've taken the necessary actions to be GDPR compliant and we've bundled frequently asked questions about Tally & GDPR here. Make sure to take a look and get informed on your rights and duties as a form creator.
Know that this page does not serve as legal advice. Always make sure to determine together with your legal advisor how GDPR applies to your business.
There's several to consider when collecting personal information (name, email, phone, etc.) with your form.
Collecting consent from your respondents is a critical requirement for GDPR compliance. The consent you obtain must be freely given, specific, informed, and unambiguous. You also must make it very clear why you are collecting personal information, how you will use it and if you will be sharing it with third parties. Respondents can not be forced into consent and always need to be aware that they are providing permission to use their data.
Add a checkbox field to your form to collect opt-in consent from your respondent. The checkbox can not be pre-checked. Make sure to add multiple checkboxes (with explanation), if you're planning to use the personal data for multiple actions.
Respondents have the right to access their personal data or to request it to be removed. Inform them. Provide them with a way to do so, this can be as simple as sharing an email address that respondents can send their request to.
You can delete or export every single individual survey response from your account if a respondent asks you to do so. We honour all deletions from an account, and all account data which has been deleted by you is permanently deleted from our back-ups within 90 days.