Data protection & participant privacy
Last reviewed: July 13, 2026
ThisStudy is a survey platform for academic research. This page describes, in plain terms, what happens to the data participants provide — so researchers can describe it accurately in consent forms, and participants can check it for themselves. It is a factual description of how the platform works, not a legal document.
What is collected automatically
When someone takes a survey, the platform records:
- Their answers, with timestamps and per-page timing (used for data-quality checks, such as detecting inattentive responding).
- Coarse device information: device type (desktop / mobile / tablet), browser family, and operating system family. These are derived from the browser's user-agent string, which is itself discarded, never stored.
- A one-way code derived from the IP address. The IP address itself is never stored or written to logs. Before anything is saved, the address is put through a salted cryptographic hash (SHA-256) and truncated. The resulting code is used only to detect duplicate or automated responding, and cannot be converted back into the IP address.
The platform does not collect names, email addresses, location, or anything else from participants' devices. Participants never create accounts. Survey pages contain no analytics, advertising, or third-party tracking scripts.
Cookies
Survey pages set one cookie: a session cookie containing only a random identifier, used to keep a participant's place in the survey and to protect against request forgery. It is HTTPS-only, inaccessible to page scripts, and expires after one hour of inactivity. There are no third-party cookies.
Where data lives and how it moves
All traffic between participants and the platform is encrypted in transit (HTTPS, with HSTS enforced). Responses are stored in a PostgreSQL database hosted by Render, a cloud provider that encrypts data at rest and is SOC 2 Type II certified; Render's own security practices are documented on its Security and Trust page. Within that encrypted database, responses are stored in readable form — the platform does not add a second layer of application-level encryption. In practical terms: data is protected from interception and from unauthorized access, but someone with legitimate database access (see below) can read responses, as on virtually every survey platform.
Who can see responses
Only the researcher who created the study, and any collaborators that researcher has explicitly shared it with. Platform administrators can gain access to a study only through a time-limited grant that is recorded in an audit log, used for support and moderation. Data is never sold, shared with third parties, or used for any purpose other than running the study.
Deletion
Deletion is real and immediate. A researcher can permanently delete a single participant's data, all participants' data, or an entire study; the deletion removes all associated answers and timing data from the database at once — there is no soft-delete or retention copy kept by the platform. Render retains short-term database backups for disaster recovery for 3–7 days, after which deleted data is gone from backups as well.
If a study asks for identifying information
Researchers may choose to ask participants for identifying information (a name, an email address, a participant ID from a recruitment platform). The platform treats those answers like any other response: encrypted in transit, stored in the provider-encrypted database, visible only to the study's researchers, and permanently deletable. But no internet-based system can guarantee absolute security, and this page makes no such guarantee. If your study collects identifying information, describe the data as confidential, not anonymous.
For researchers: consent-form language
Sentences you can adapt, consistent with how the platform actually works:
For studies collecting no identifying information:
"Responses are collected anonymously through ThisStudy, a survey platform that does not record names, email addresses, or IP addresses (IP addresses are irreversibly hashed for duplicate detection only)."
For studies collecting identifying information:
"Your responses will be kept confidential. Data are transmitted over an encrypted connection and stored in an encrypted, access-controlled database, accessible only to the research team. As with any internet-based data collection, absolute security cannot be guaranteed."
Platform details: thisstudy.com/privacy