Employee Survey Privacy Policy


Published: November 24, 2020

YMCA WorkWell has partnered with your organization to collect employee feedback and help your leaders take clear steps towards building a healthy workplace committed to employee well-being.

Our team is part of the YMCA of Three Rivers with nearly a decade of experience in workplace well-being – collecting data, generating insights, and helping organizations translate those insights into action.

Integrity is a core part of who we are at YMCA WorkWell and it is imperative to us that you feel comfortable with the survey process, your privacy, and how your responses will be used. This policy describes how we will do this and how we protect your anonymity.

Our promise to you, the employee

We take privacy seriously. We firmly believe that the entire Insights process falls apart if you do not trust the process and how your insights will be used. Your privacy is paramount and our first priority in any survey we will ever run. 

We follow the latest privacy policies and protocols. All of our data practices meet federal Tri-Council Policy standards - a joint policy of Canada’s three federal research agencies for the ethical conduct of collecting data about people. If those standards ever change, our practices do too. 

We handle your data with care. All of our data is stored in Canada, encrypted in transit, and meets ISO 27001 standards for data security. 

We are always here to help. You can email us at workwell@ytr.ymca.ca at any time. Any requests to correct or delete your responses will be addressed as quickly as possible and will be kept completely confidential from your employer. 


How we use your data and protect your anonymity 

We take a number of steps to protect your anonymity. Maintaining employee privacy and anonymity is at the foundation of our beliefs to ensure that we are a trusted partner of both the organizations that we work with and their employees.

YMCA WorkWell maintains ownership of all raw and aggregate data we collect from survey responses. Our clients (your employer) will never receive raw data in any form, only reports on data that has been fully aggregated and anonymized.

If your employer has provided us with a list of e-mail addresses for survey distribution, the e-mail file is stored separately from the survey responses. In our process to aggregate and anonymize the data, our algorithm automatically merges the two files and immediately strips the e-mail addresses from the merged dataset. Our researchers then receive an output file completely cleaned of any personal identifiable information.

Anonymous Reporting
The reports your organization will receive only ever report on anonymous, group-level trends. What this means is that we will never report on groups with less than five survey responses.

For example, if you work in a Finance team of four people, your responses will be included in the organization’s total scores, but your organization will not receive scores linked directly to your Finance team. Ever. And this threshold is based on the number of responses, not the number of members in your team. So even if you work in a Finance team of eight people, but only four people respond to the survey, we will not report on the scores of your team.

Your organization may choose to purchase Team-level reports that provide insight into a specific department or team. In order to receive a team-level report, our minimum reporting threshold is doubled to ten responses to enhance and maintain employee anonymity.

As an additional layer of privacy, we also do not combine group trends. For example, we might report on scores of managers in the organization and all employees in the Human Resources team, assuming there are five or more responses for both groups, but we do not report specifically on managers on the Human Resources team. Protecting this anonymity is integral to this process and we have made your organization aware of these policies and why they are important.

The data will never be used for marketing purposes or sold on to third parties. 


Information we collect about you: 

1.Collected via the survey (applicable if your employer sends you a survey link) 
Our most common method for running a survey is to provide your organization with a single, anonymous survey link that can be shared internally. We may ask you to provide some demographic data via the survey itself.  For example, you may be asked for you role, department, work location, and length of service. We will only report on one of the categories at a time to protect your anonymity, and we will only report on groups of five or more responses.

2.Provided by your organization (only applicable if we are distributing the survey through e-mail) 
If your organization has chosen us to invite you to participate in a survey through email, your organization has provided us with your email address. Your employer may have provided standard HR data that may include your role, department, work location, and length of service. This allows us to aggregate your response into different reporting groups based on the data. We will only report on one of the categories at a time to protect your anonymity, and we will only report on groups with five or more responses.

3.Your Survey Responses 
The survey will collect your responses by asking you to respond to a variety of statements and questions via a mix of sliding scales, tick boxes and open text boxes for comments. 

4. IP Address

Web servers automatically collect certain information about a visit to a website, including the visitor's Internet Protocol (IP) address. The IP address is automatically stored when individual visits the online survey. The IP address, on its own, may not identify an individual. However, in certain legal circumstances, it could be used to identify an individual. 

5.We do not collect data from other sources 
In conducting a survey we do not collect information from any source other than your organization and yourself. 

Data Security 
Survey data will be collected using Qualtrics Advanced Core XM. All data will be stored on Canadian servers and no survey data will ever be transferred outside of Canada. Qualtrics uses extensive data security protocols and complies with ISO 27001 and FedRAMP certifications. Stored Qualtrics data uses AES 256-bit encryption and data in transit is encrypted using HTTP Strict Transport Security (HSTS).

We reserve the right to make changes to our Privacy Policy. Changes will be posted on this website 30 days prior to such changes becoming effective.