All Collections
Security, Legal & Tech
Security and confidentiality
GDPR compliance
GDPR compliance
Emilie Roze avatar
Written by Emilie Roze
Updated over a week ago

Like any organization dealing with personal data, Supermood is subject to the recommendations and rules published by the CNIL through the General Data Protection Regulation. Here is how we meet the 2 objectives identified by the CNIL for companies. 👇

Reinforce the rights of individuals

Not being a data controller, Supermood uses data provided by companies to survey their employees and analyze survey results.

  • Each employee data collected by the company must be motivated by a need for analysis.

  • Unused data will not be collected, or will be deleted if it is no longer needed.

  • An employee may request access or deletion of all of their data and answers, by sending a request to [email protected].

    💡 To facilitate the access or deletion request, consider adding your Data Protection Officer to this exchange - we will need their approval.

Holding data processors accountable

We take data security and privacy issues on our platform very seriously.

  • All of the data we use is stored in Europe, on ISO-certified servers.

  • This data is only accessible to a limited number of people within Supermood - always on a need-to-know basis (technical intervention, support, creation of analysis reports, etc.) - and each access request is logged and motivated.

  • The only people who have constant access to all of your company's account data are: your Account Manager (functional management) and our CTO (technical management).

If you have any questions, feel free to reach out to us at [email protected] - we'll be happy to answer them. 💁‍♀️

Related Articles
Supermood and my data: the importance of privacy
Step 1 - Prepare for deployment
A guide for Campaign owners
How to import your list of coworkers
Setting up Single Sign-on (SSO)
Did this answer your question?