First of all: What exactly is profiling?
According to GDPR (General Data Protection Regulation), profiling is defined as being the automated processing of data to analyze or to make predictions about individuals, meaning that simply "assessing or classifying individuals based on characteristics" could be considered profiling.
If you're not familiar with the GDPR situation, don't forget to check out this blog post: How Thrive Themes Products Will Help You With GDPR Compliance.
What is the Problem with Profiling?
Personalized content and segmentation (especially as a result of automation), can be viewed by the GDPR as discrimination and, the visitor that completes a quiz should give his consent for having his answers and quiz result used to send him personalized offers and newsletters.
In the case of Thrive Quiz Builder, inputs from the results page and the opt-in gate can be automatically linked to the answers and results of the visitor.
Here's an example in which profiling would be needed in Thrive Quiz Builder:
You have a quiz that also uses the "Dynamic Content" element to segment your visitors - either just by the result or, also, by using tagged answers and then sending them to the email service.
Since enabling profiling on each individual form would take too long, because you would have to edit each dynamic content state, enabling profiling should happen at page level, for all variations of that page.
To enable profiling, click on "Manage" on the "Results Page" card, from the Quiz Builder Dashboard:
Then, look for the following option:
According to the GDPR, you are not allowed to create any user profiles, without having the permission of the actual user to do that.
However, if you select the checkbox, you will begin to receive data from your users, based on their results or, if you used tags, based on the answers they have given.
If you enable the option, in order for your website to be GDPR compliant, make sure to ask for your visitor's permission to collect their data, in any place that they have to type in their email address or their phone number.
For example, your visitor has to type in their e-mail address on an opt-in form, to get the full report of the quiz, let's say. You need to let that visitor know that you are collecting data from that form.
When editing the opt-in gate that contains your form, make sure you access the right sidebar options:
Here, click on the "+Add new" option:
Then, from the first drop-down, make sure you select "GDPR Checkbox":
This means that your form will have a GDPR checkbox added to it, that can be ticked off by the users who agree with you collecting their data.
After you select this option, you are able to customize the checkbox further if you want. When done, click on "Apply":
The checkbox will appear in the form. Now you have enabled the option to receive their data, and can send future personalized offers to that visitor, based on his result and answers from the quiz:
In this way, the visitors will know what's going on, and they can decide for themselves if they want to receive personalized offers or not.
What About Old Quizzes?
For older quizzes, as a website administrator, you might find yourself in a situation in which you have collected data without consent.
An easy way for you to be GDPR compliant would be to quickly anonymize the results, from the "Reports" area:
Here, under “Show Report” section, click on the “Quiz Completions” button and choose the “Users” field from the drop-down list:
Now you will be able to see that a new button appeared on the screen, called "Anonymize Results", which you need to click in order to complete the process of anonymizing the results:
By anonymizing the results, you will no longer be able to associate answers and results with a certain name or email address.
Keep in mind that this action applies only to the currently selected quiz.
Hope you found this article useful. However, if you have any further questions, don't hesitate to read more articles available in the knowledge base!