Overview: Roles and Permissions

Introduction

The SurveyOptic platform is built on “privacy by design” principles, ensuring robust data governance through a combination of user roles, data marking, and granular permissions. Access to platform features and the data held within the platform are controlled at a fine-grained level, ensuring security, privacy and compliance with data protection regulations. Roles and permissions apply to all modules within SurveyOptic. This overview is focused on permissions for administrative users and guest users accessing the admin portal.

How it works

Roles

Each user of the SurveyOptic admin app is assigned a role. These roles define:

  • Which areas of the admin app the user can access.
  • What functionality they can use within those areas.

Roles are the first layer of access control, governing the overall platform feature access.

Permissions

Permissions in SurveyOptic provide granular control over data access within the platform, including:

  • Surveys
  • Dashboards
  • Templates
  • Hubs
  • Audiences

For surveys, permissions determine the level of data access a user has. For example:

  • Summary Data Permission: Allows users to view aggregated reports without access to individual responses.
  • Response Level Permission: Grants access to individual respondent answers as well as summary reports.

Permissions can be applied to both individual users and to groups of users, offering flexible access management that can work with large numbers of users and surveys. On creation, custom permissions for surveys can be set or pre-configured permissions can be copied from the survey template, further simplifying permission management.

Data marking

Questions within surveys can be individually marked to enhance data protection:

  • PII Marking: Questions can be marked as Personally Identifiable Information.
  • Sensitive Category Marking: Questions containing sensitive data can marked.

Marking data controls how SurveyOptic manages the data. Access to PII data is governed by specific granular permissions, this way users who require access to PII can be granted suitable permissions whilst others are restricted from accessing the data.

Sensitive category data can be assigned different reporting thresholds than unmarked data. This allows reporting of sensitive category data to be set at a higher threshold, masking reporting of this data where filters cause a report to fall under this threshold. Redaction and reporting thresholds are applied in addition to user permissions.

Guest users

In addition to admin app users, SurveyOptic also supports guest users. These users access the platform through a dedicated portal and have access to a subset of the features and data. Most commonly, guest accounts are created for survey stakeholders, analyst teams or managers responsible for teams within their organisation.

Guest accounts can be created for temporary users who need to have access to reports for a limited time period. Guest accounts are limited to accessing only non-pii data. Guests do not have a permanent password but access the Results Portal via a secure, one-time link, sent to them via email.

In use cases where reporting is required at different organisational levels, such as a staff survey or service user feedback, guest access has additional restrictions, with preset filters applied to all data access, based on the organisational hierarchy. This provides access to only the data which is relevant to the user’s department or area. This access control also has the flexibility to manage data access for users who may be responsible for several areas of an organisation, by allowing switching between filters.

Related documents

Last updated: February 5, 2025
Errors, omissions, or comments? Let us know!