Does your website use third-party services? Get GDPR compliant in minutes.

Survicate

What does Survicate do?

Survicate is a European customer feedback platform that delivers website surveys, in app surveys, email surveys and NPS programs. It is operated by Survicate sp. z o.o. (Warsaw, Poland) on AWS infrastructure in the European Union, which makes it a popular GDPR friendly alternative to US based survey tools. The website widget uses cookies to identify respondents and avoid showing the same survey twice, which triggers a consent obligation under Article 5(3) ePrivacy.

What is Survicate

Survicate is a customer feedback and survey platform founded in 2013 in Warsaw, Poland. It offers website surveys, in product surveys (web and mobile), email and link surveys, NPS, CSAT and CES programs, and a library of pre built survey templates. As an EU based operator running on AWS Frankfurt and Dublin, Survicate is often selected by European companies looking for a GDPR friendly alternative to US survey tools such as SurveyMonkey, Typeform or Qualtrics.

What data Survicate collects

The Survicate widget collects survey answers, a persistent respondent identifier stored in cookies, the IP address (truncated by default), User Agent, browser language, device type, current page URL, referrer, and optional custom attributes pushed from your application. When email or in app surveys are used, the respondent identifier is linked to a known user id, which can include email and name depending on configuration. Survey answers may contain personal data and free text comments.

GDPR and ePrivacy implications

Two layers apply. First, the website widget sets cookies (sv_uid and related) for respondent identification and frequency capping, which falls under Article 5(3) ePrivacy and requires prior consent before the script loads. Second, survey responses are processed under the GDPR: consent (Art. 6(1)(a)) is the natural basis when the survey is voluntary, while legitimate interest (Art. 6(1)(f)) can apply to authenticated in product feedback flows.

Get GDPR compliant in 10 minutes

Free plan available · No credit card required

Try FlowConsent free

EU hosting and data transfers

Survicate stores its production data on AWS in Frankfurt and Dublin. There is no default transfer to the United States for the core product, which simplifies the Article 44 GDPR analysis. Some sub processors (email delivery, customer support tooling) may operate outside the EEA, and integrations with US tools (HubSpot, Salesforce, Intercom, Mixpanel, Segment) export the data to the United States: those flows must be covered by their own Standard Contractual Clauses and a Transfer Impact Assessment.

How to deploy Survicate compliantly

Compliance checklist: gate the widget behind your consent management platform; configure shortest necessary cookie retention; mask or disable free text answers when surveys are public to avoid Art. 9 GDPR data; sign the Survicate Data Processing Addendum; document the EU hosting in your Record of Processing Activities; treat integrated downstream tools (HubSpot, Salesforce, Mixpanel) as separate processors with their own SCCs; update your privacy notice with the survey purpose, retention period and user rights.

GDPR consent category

Analytics

Websites using Survicate must obtain user consent under GDPR regulations.

Legal basisConsent (Art. 6(1)(a) GDPR) for tracking cookies, legitimate interest (Art. 6(1)(f) GDPR) for survey responses where consent is explicit through the answer

Risk levelmedium

Applicable regulationsGDPR, ePrivacy Directive (Cookie Law), CCPA

DPIA considerations

Survicate collects survey answers, visitor identifiers, IP addresses (truncated by default), User Agent, language and URL context. Key DPIA considerations: (1) the widget sets cookies for respondent identification and frequency capping, so ePrivacy consent is required before the script loads; (2) survey answers can contain personal data, sensitive data or free text that triggers Art. 9 GDPR; (3) data is stored in the European Union on AWS, which avoids most international transfer issues but does not exempt the controller from documenting hosting locations; (4) integrations (HubSpot, Salesforce, Intercom, Mixpanel) may export survey data to the United States and require their own SCCs; (5) when surveys are used for profiling or automated decision making (segmentation, targeting), additional obligations under Art. 22 GDPR and Art. 35 GDPR apply.

Sample consent text

We use Survicate, a European survey platform hosted in the EU, to ask your opinion about our service. The Survicate widget places cookies on your device to identify you as a respondent and avoid showing the same survey twice. Your answers and basic technical data (IP truncated, User Agent, page URL) are processed by Survicate sp. z o.o. (Warsaw, Poland). You can withdraw your consent at any time through our cookie settings.

Technical details

Tracking methodJavaScript widget (in app and website surveys)

Server locationEuropean Union (Survicate sp. z o.o., Warsaw, AWS Frankfurt and Dublin)

Third-party domains contacted

survey.survicate.comrespondent.survicate.comstatic.survicate.comapi.survicate.com

Cookies placed

Name	Type	Duration	Purpose
sv_uid	HTTP first party cookie	12 months	Persistent Survicate respondent identifier used to recognise visitors across visits and avoid showing the same survey twice.
sv_sid	HTTP first party cookie	Session	Short lived Survicate session identifier used by the widget to track survey display state within a single browsing session.
sv_completed_*	Local Storage	Up to 12 months	Stores the IDs of surveys already answered by the visitor in order to enforce frequency caps and prevent duplicate exposure.

Survicate collects user analytics data — you legally need a consent banner. Try FlowConsent free.

Get started free Scan your site

Frequently asked questions

Which cookies does Survicate set?

The Survicate widget sets first party cookies including sv_uid (respondent identifier, up to 12 months) and short lived session cookies for survey display logic and frequency capping. All of them fall under Article 5(3) ePrivacy and require prior consent.

Is user consent required for Survicate?

Yes for the website widget, because the cookies it sets are non essential. In addition, consent is the natural lawful basis for collecting survey answers in most marketing and research contexts.

What is the legal basis for processing?

Consent (Art. 6(1)(a) GDPR) for cookies and for marketing surveys. Legitimate interest (Art. 6(1)(f) GDPR) may apply to authenticated in product feedback flows where the survey is directly related to the service.

Are data transferred to the United States?

Not by default. Survicate hosts production data on AWS Frankfurt and Dublin. International transfers may occur when you connect Survicate to US integrations (HubSpot, Salesforce, Mixpanel) or when sub processors operate outside the EEA: these flows require SCCs and a Transfer Impact Assessment.

Do I need a DPIA?

Not in general for low risk feedback surveys. A DPIA under Art. 35 GDPR is recommended when surveys collect special category data (health, opinions, ethnicity), or when results feed automated profiling or decision making.

How do I implement Survicate compliantly?

Gate the widget behind your CMP, disable or mask free text where appropriate, sign the Survicate DPA, keep retention short, document EU hosting and integrations in your RoPA, and update the privacy policy with the survey purpose and user rights.

What are the alternatives to Survicate?

EU alternatives include Mopinion (Netherlands), Feedier (France), Wynter and Refiner; global alternatives include Hotjar Feedback, Qualtrics, SurveyMonkey, Typeform and Userpilot. EU based vendors simplify the transfer analysis.

How do I update my cookie policy?

Add an entry for Survicate (controller and processor relationship, EU hosting, retention of sv_uid and related cookies, list of integrations exporting data to third parties) and provide a direct opt out via your CMP.

Get compliant — Try FlowConsent free

Free plan · 10-min setup