Privacy policy for survey respondents

This policy is currently pending Board approval, and may be updated prior to Aug 1, 2025.

Quick summary

  • LogicalOutcomes collects survey data for two primary reasons:

    • As part of program evaluation projects

    • On behalf of academic research projects

  • The surveys that we offer are anonymous.

  • Data are stored in Canada and not transferred internationally.

  • We comply with PIPEDA and other Canadian privacy laws.

  • Our survey platform uses cookies for essential survey functions.

  • Respondents are invited to contact our Information Security Officer with privacy concerns, at support@logicaloutcomes.net.

Detailed policy

This privacy policy explains how LogicalOutcomes handles information collected through its survey platform. We act as a data processor on behalf of client organizations (e.g., nonprofits, researchers), and may also act as a data controller when designing surveys for our own evaluation projects.

Compliance with Canadian privacy law

LogicalOutcomes is committed to complying with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable Canadian privacy laws. All data collected through our survey platform are stored on Canadian servers and are not transferred outside of Canada.

Information we collect

We collect survey data to support evaluation and research projects. These data may include:

  • Demographic details, opinions, and outcomes data provided by respondents.

  • Technical identifiers like IP addresses or cookies to manage survey access and security.

  • Contact details (e.g., names, emails), only when necessary to send or follow up on survey links. Contact details are always stored separately from survey responses.

Consent process

Before participating in any survey, respondents must provide informed consent. Our consent forms explain:

  • The purpose of the survey

  • Estimated completion time

  • Anonymity status

  • Confidentiality measures

  • Organizations with data access

  • Voluntary nature of participation

  • Incentives (if applicable)

A link to this privacy policy is always provided. Survey access is disabled until consent is given.

How respondent anonymity affects data use

Almost all of the surveys we offer are anonymous, meaning:

  • Responses are not linked to respondent identity in final reports.

  • LogicalOutcomes uses measures like small-cell suppression (hiding groups of fewer than five responses) to protect anonymity in analysis.

  • Respondents cannot access or request deletion of their individual data, as LogicalOutcomes analysts cannot tell who provided each survey response.

In the rare case that a survey is configured to target named respondents, details about data access rights will be outlined in the survey consent form.

Why we collect information

LogicalOutcomes processes data based on:

  • Client instructions: When we act as a processor for surveys commissioned by partner organizations.

  • Our own evaluation objectives (i.e., facilitating participant feedback): When we design surveys for our own evaluation work.

Data are used solely for:

  • Generating insight into nonprofit program performance or other evaluation/research topics.

  • Preparing anonymized reports to be shared with nonprofit organizations, research collaboratives, funders or the public.

Data minimization

We aim to minimize the data burden of data collection for respondents. Our practices include:

  • Encouraging minimal questions in survey design

  • Limiting demographic questions in our own surveys

  • Using short, strengths-based outcomes measures

  • Regularly reviewing data collection practices to ensure only necessary information is gathered

Data sharing, security, and storage

Sharing

Anonymized results are typically shared with the commissioning organization. Respondent contact details are not shared unless explicitly stated in the survey consent form.

Security

Measures include:

  • Encryption of data at rest and in transit.

  • Multi-factor authentication (MFA) for admin access.

  • Role-based permissions to limit access to authorized personnel.

  • Daily backups to Canadian data centers (retained for 30 days).

We implement strict role-based access controls in the environments we use to process data:

  • LimeSurvey and Azure SQL: Access is limited to a small number of staff/consultants on an as-needed basis

  • Power BI: Role-based permissions ensure organizations only access data relevant to them

Storage

All data reside on Canadian servers.

How long we keep survey data

  • For client-led surveys, data are retained for 12 months after project completion unless clients request earlier deletion.

  • For surveys conducted for our own research purposes, we retain data for 12 months after project completion.

  • For anonymous datasets, we may retain aggregated results in anonymized form for research synthesis or benchmarking (as specified in the survey consent form).

Data access and accuracy

While most of our surveys are anonymous, some closed surveys use tokens for participant identification. In these cases:

  • Participant information are stored separately from survey responses

  • We can theoretically link responses to individuals but avoid doing so in practice

  • We are developing a formal process for handling data access requests in these instances

Individual rights for non-anonymous surveys

For non-anonymous surveys, in accordance with PIPEDA, individuals have the right to:

  • Access their personal information

  • Request corrections to their information

  • Request the deletion of their information, subject to legal or contractual restrictions

To exercise these rights, please contact our Information Security Officer using the contact information provided at the end of this policy.

Cookie usage

LimeSurvey, our survey platform, uses cookies for essential functions:

  • Session management: To identify and track user activity throughout a survey, allowing navigation between pages without losing progress.

  • Survey completion tracking: To prevent duplicate submissions.

  • Security: For Cross-Site Request Forgery (CSRF) protection.

  • Personalization: To remember language preferences or other settings.

These cookies are necessary for the proper functioning of the survey platform. By using our surveys, users consent to the use of these cookies.

Privacy and security audits

We conduct privacy impact assessments at the start of each project and follow appropriate procedures. Additionally, we perform annual security audits to ensure ongoing compliance and data protection.

Privacy compliance

LogicalOutcomes has appointed an Information Security Officer responsible for internal privacy compliance. We also engage an external Data Privacy Officer for consultations and audits.

Legal disclosure

While we prioritize anonymity and avoid collecting sensitive information, there may be rare circumstances where we are legally required to disclose information to Canadian authorities. In such cases, we would comply with the law while striving to protect participant privacy to the fullest extent possible.

Incident response

  • In the event of a data breach, we follow a formal incident response plan:

  • The breach is immediately reported to our Information Security Officer

  • Affected clients are promptly notified

  • We implement our response strategy to mitigate impact and prevent future occurrences

  • We comply with all legal reporting requirements

Changes to this policy

We update this policy occasionally to reflect legal changes or platform updates. Amendments are posted on this page with a new effective date.

Questions or concerns

For queries about how survey data are handled:

  • Contact the organization commissioning the survey (via details in the survey consent form).

  • Reach out to our Information Security Officer directly at support@logicaloutcomes.net.

Why this policy matters

This document ensures transparency about how personal information is managed during survey participation. As a technical intermediary, we prioritize data protection while empowering clients to define ethical use of their data. Anonymization safeguards and strict retention timelines further reduce privacy risks.