Guide · Data residency
Survey data in Europe: why it matters and how to verify it
When you choose a platform for your surveys, one question decides much of your compliance: where is the data stored and processed? For many widespread solutions the answer is “in the United States”, and that has concrete consequences.
Why the location of data is a problem
Transferring personal data outside the European Union is possible, but it requires specific safeguards and must be clearly disclosed to respondents. It’s not unusual to find privacy notices that explicitly state responses are transferred to a US provider — wording that puts the data controller in the position of having to explain and justify that transfer. Keeping data in Europe avoids the whole problem.
“Servers in Europe” isn’t enough
Some providers advertise European servers but remain subject to non-EU legislation, or move copies and backups elsewhere. To be truly safe it’s worth checking three things: where the primary database resides, where the backups are, and who has jurisdiction over the provider.
What to ask the platform
Before adopting a tool, ask explicitly: is data stored solely in the EU? Is there a standard data processing agreement (DPA)? Can you get contractual guarantees on data residency? The answers to these questions separate a prudent choice from one that exposes you.
The advantage for healthcare and research
In healthcare, academic and institutional settings, questionnaires often touch sensitive data. Being able to tell participants — and to demonstrate — that responses never leave Europe is a matter of trust and, in public tenders, often a requirement.
How Sunset helps
Sunset stores data entirely within the European Union, in Frankfurt, with data residency available contractually. The respondent runtime is cookieless and the platform is designed for GDPR compliance from the ground up. No non-EU transfer to explain in your notice: the data stays where you collect it.