Académique Documents
Professionnel Documents
Culture Documents
To prove our trustworthiness, Gallup annually undergoes ISO 27001 compliance reviews of its
information security management system to ensure that all protections are in place and functioning
as described. In addition, Gallup also undergoes annual SOC 2 audits to ensure its set of security
controls are effectively protecting client data.
Since Gallup is a global company, we are 100% committed to adhering to global laws and
regulations that seek to protect the rights of clients and individuals alike. Gallup currently complies
with both EU-U.S. Privacy Shield and EU Model Clauses and has done its due diligence to become
GDPR compliant.
The GDPR went into effect May 25, 2018. These protections provide a modernized and consistent
framework to privacy laws that protect individuals in EEA member countries. The major focus of
the GDPR revolves around greater protection and rights for individuals. Over the past 12+ months,
teams at Gallup have collectively been working to define what GDPR should look like for our EEA
clients and end users of our services. We have assigned Gallup associates with privacy-related
responsibilities, refined our processes, drafted documentation and ensured that as the deadline for
GDPR compliance approached, we were properly prepared to meet the responsibilities.
The following is an overview of what Gallup has set in place to ensure privacy for clients and
individuals in EEA countries.
• Data Protection
Gallup protects its online survey and reporting platforms with industry standard grade
encryption and storage. All of Gallup’s survey and reporting platforms and websites are
protected with HTTPS encryption and support TLS 1.1 and greater. Data at rest are also
encrypted using AES-256 grade encryption to ensure that data privacy and protection are
always retained.
• Individual Privacy
To ensure complete transparency for Gallup’s clients and individual users, Gallup has enhanced
its privacy and consent statements on its websites and surveys to keeps its users better
informed about their rights. Gallup will provide individuals with information about the data we
collect, how we use it and their individual rights to access, rectification, erasure, portability
and restriction.
1
Copyright © 2018 Gallup, Inc. All rights reserved.
GDPR Compliance: an Overview | Security and Privacy at Gallup
2
Copyright © 2018 Gallup, Inc. All rights reserved.