Promoter Ninja

How Promoter Ninja complies with GDPR

The General Data Protection Regulation (GDPR) is the European Union’s legal framework for protecting personal data and privacy. At Promoter Ninja, we are fully committed to compliance and to providing you with clarity and support. If GDPR applies to you or your respondents, here’s how we help:

  • Is GDPR relevant to me?
    GDPR applies if you operate within the EU or process the personal data of EU-based individuals. Promoter Ninja ensures our practices uphold applicable GDPR requirements—regardless of your location.

  • What personal data do we collect?
    We collect only the minimal data necessary to deliver our service—such as respondent names, email addresses, responses, and metadata. We do not collect sensitive categories of personal data unless explicitly provided.

  • Data processor role & Data Processing Agreement (DPA)
    Promoter Ninja acts as a data processor; you remain the data controller. Our GDPR-compliant Data Processing Agreement clearly defines our responsibilities when handling personal data on your behalf. You can review it at any time, and we provide a signed copy upon request for your records.

  • Lawful basis for processing
    As data controller, you are responsible for defining the lawful basis for collecting and processing your respondents’ data—whether based on consent, legitimate interest, or another legal ground.

  • Data subject rights
    We support you in meeting data subject requests (access, correction, deletion, portability, restriction, objection), enabling compliance with GDPR’s individual rights.

  • Right to be forgotten
    You can permanently delete individual respondents or entire response sets directly in your Promoter Ninja dashboard. This ensures compliance with the GDPR “right to be forgotten.” For step-by-step instructions, see our guide to deleting respondents.

  • Subprocessors transparency
    We maintain a list of trusted subprocessors. You can review this list and assess the data handling practices of third parties involved.

  • Where is your data stored?
    Your data is securely hosted on AWS data centers located in the European Union—ensuring compliance with GDPR cross-border transfer rules and reducing associated risks.

GDPR is more than a regulation—it reflects principles of transparency, trust, and accountability. At Promoter Ninja, those are values we embody.

Integrations and doubts

Legal

Switch language

©2025 · Promoter Ninja

Net Promoter, NPS are registered service marks, and Net Promoter Score and Net Promoter System are service marks, of Bain & Company, Inc., Satmetrix Systems, Inc. and Fred Reichheld.