About NIPO

NIPO survey: How researchers tackle GDPR

15 March 2018

We asked market research professionals if their organizations are ready for the rapidly approaching validation of GDPR, and what their thoughts are about this topic. This article, which presents the most interesting questions from the survey, is certainly worth your attention because the answers provide an interesting insight into the GDPR readiness of market research organizations. Where does your organization stand? How would you respond?

Question 1: How familiar are you with GDPR?

Response: 75% of market researchers is aware of GDPR.

NOTE! Nobody chose the “This is the first time I hear about GDPR” option, which shows how seriously market researchers take the new data security legislation.

Question 2: How well prepared is your organization for GDPR compliance?

Response: Some of you are GDPR-ready, but many still have enough to do.

NIPO! Our ISO 27001:2013 certification and strong data security measures show how seriously we take it. We’ve always made sure that everything in our organization and survey software solutions has been built from the start following the highest security standards. This has already placed NIPO at the top of the GDPR compliance scale as our systems have been proven to be GDPR-ready even before this new legislation began to worry the whole market research industry. Our team is currently working on strengthening instruments that will help our customers comply with GDPR without troubling their survey projects operations. We will inform our customers in detail about these developments soon.

Question 3: What challenges prevent your organization from accomplishing GDPR compliance?

Response: Understanding is the most difficult part.

NOTE!  GDPR was approved by the EU Parliament in April 2016, giving organizations a two-year transition period for making changes within their activities and processes to become compliant before the new standards come into effect in May 2018. We surmise that the robustness of the legislation, the risk of wrong interpretation, and the higher costs related to the changes deterred many organizations from starting the adoption on time.

Question 4: How strongly do you agree with the following GDPR benefits?

Response: GDPR benefit: a stronger company reputation.

Question 5: Do you think that GDPR will affect the number of people giving the consent for your market research activities?

Response: Problems with the acquisition of consent are expected.

TIP! Now more than ever it’s important to have an up-to-date contact database and establish an honest, mutually-rewarding relationship with respondents. Clean your contact list with or any other tool, and be honest with you respondents, telling them why their opinions matter.

Question 6: Do you have any concerns about the security of data within your organization?

Response: Researchers are confident about the security of data within own organization.

NOTE! What’s interesting about this result is that the respondents are equally confident about the security of on-premise solutions as well as cloud solutions. In the past many organizations did not always trust cloud solutions. The investments in security and compliance of cloud providers seem to have changed organizations’ views.

Question 7: Thinking of the current platform you use to collect data from respondents, do you think that the platform is GDPR compliant?

Response: Trust in the compliance of the survey platform in use is higher than the factual knowledge about it.

Why all this matters?

GDPR, which refers to the General Data Protection Regulation, aims to protect and strengthen the privacy rights of EU citizens, that have been clearly affected by the intrusive developments of the digital age. It comes into effect on May 25, 2018, and non-compliant organizations risk hefty fines up to 4% of global turnover or €20 million, and huge damage to their business reputation.

Among other things, it says that market researchers are required to have consent of every EU citizen to collect, use and share his/her personal data. Each consent has to define what personal data, for which purpose, and for how long the market research organization is allowed to hold it. Learn more about the important aspects of GDPR in our articles:

Do you have more thoughts about GDPR? Suggestions? Or questions? Contact our team at, we would be happy to hear from you.

Thank you for participating in our survey.

Get a first impression, scheduled soon.

Get a first impression, scheduled soon.

Request a demo to see how NIPO can help you meet your requirements with our smart survey solutions.