Earn money by answering our surveys

Register now!
Marketing, customer satisfaction and loyalty
Satisfied customers will follow you everywhere

GDPR: is it still possible to externalize a customer satisfaction survey?

Customer satisfaction surveys are one of our specialties. After market research this satisfaction surveys are the 2nd most asked projects at IntoTheMinds.
In the last few months a new type of question has emerged among our customers: with GDPR in place, can customer satisfaction surveys still be externalized?
We try to answer this question in today’s article and suggest also practical solutions that are GDPR-compliant.

What kind of customer satisfaction survey are we talking about ?

There are of course many different ways to conduct a customer satisfaction survey :

  1. face-to-face customer satisfaction surveys are conducted in situ, for instance in the streets, in stores, in supermarkets after clients have paid.
  2. digital customer satisfaction surveys can be conducted in auto-administration mode in a variety of situations : stores, airports, train stations (see here for an example)
  3. paper-and-pencil customer satisfaction surveys are still quite frequent were the user is captive (for instance in public transportation)
  4. online surveys have now become the most frequent way to administrate measure customer satisfaction. Some online surveys are targeted to anonymous users, for instance on websites where the feedback of users is asked randomly
  5. Online satisfaction surveys can also be administrated to existing customers by way of email for instance (customers receive an email prompting them to answer an online survey).

A GDPR concern: did you collect customer consent ?

Whatever type of administration method you chose, measuring customer satisfaction always require customer consent. In cases 1, 2, 3 and 4 above the consent is however automatic from the moment the person answers the satisfaction survey.
The 5th situation requires more attention since you’ll be using an unsollicited way of contacting people. You must therefore ensure that you have collected their consent prior to contacting them. If you haven’t there is still a possibility called “legitimate interest”.
Under certain circomstances you may indeed have a legitimate interest to ask your clients their opinion and to contact them without explicit consent. Here are a few examples of situations where legitimate interest may apply :

  • This may be the case if a user has requested an offer from you and if you want to follow up on that offer
  • it is certaily the case if you have sold a product or a service and need to contact the customer for matters that are related to that purchase
  • in our opinion this is definitely the case if you have sold a product or a service and want to follow up on whether the customer is satisfied or not, whether he / she needs assistance or not. This is in the interest of the customer and is strictly related to his / her purchase.

Our analysis of “legitimate interest” is very different from the approach direct marketing companies have taken when GDPR came into force. We saw indeed some position papers claiming that direct marketing firms had a legitimate interest to contact customers without their prior consent. In our recent research one data broker clearly took this position when it argued that it was not its responsability to verify that a user’s consent had really been given.

A GDPR-compliant solution to measure customer satisfaction

In light of the situations above we have proposed our customers one more step to ensure that they are perfectly GDPR-compliant when measuring customer satisfaction. We ask them to purchase a license for a software to administrate the customer satisfaction survey and to grant us limited access for the time of the survey. That way the personal data of their customes remains in their environment, they can control what we are doing and we have only access to aggregated results which we can analyse.


In short the approach we are taking to measure customer satisfaction is

  • GDPR-compliant in the approach because a company has a legitimate interest to ask its customers whether the product / service that was sold is satisfactory or not
  • GDPR-compliant in the design because we, as market research company, are using a software to administrate the customer satisfaction survey whose license is owned by our customer which avoids that the customers personal data leave the company’s environment.

Pierre-Nicolas est Docteur en Marketing et dirige l'agence d'études de marché IntoTheMinds. Ses domaines de prédilection sont le BigData l'e-commerce, le commerce de proximité, l'HoReCa et la logistique. Il est également chercheur en marketing à l'Université Libre de Bruxelles et sert de coach et formateur à plusieurs organisations et institutions publiques. Il peut être contacté par email, Linkedin ou par téléphone (+32 486 42 79 42)

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *