Sawtooth Software Discover

Sawtooth provides a web-based survey Software as a Service (SaaS) platform under the name Discover (“Discover”). It uses a multitenancy model with strong security in place to ensure that customer data are kept private and secure from all other users. Users of the platform can create surveys and collect respondent data on-demand. There is no human interaction required to provision new surveys, to analyze results, or to download respondent data. Both survey creation (by the survey author) and survey completion (by the respondent) have been designed to work well with common web browsers running on com-puters, mobile phones, and tablets. Discover has a large customer base with many survey authors and many respondents taking surveys all the time from locations all around the world. Due to this large cus-tomer base, there are no large spikes in traffic that would require rap-id elasticity. Sawtooth does constantly monitor the service and its supporting infrastructure to make sure that there are no problems with load. However, the metrics monitored are not currently made visible to the users of the service. Sawtooth uses a license checker in-corporated into the Services to monitor and ensure compliance of the agreement. Currently, Sawtooth application does not have any Service Level Agreements (SLA) in place. The uptime for Discover survey authoring and data collection is above 99.99%. Discover does have authentica-tion (for survey authors), monitoring (by Sawtooth but not availa-ble/visible to survey authors or respondents), incident response, and perimeter security (both at Sawtooth’s offices and at the third-party data centers contracted by Sawtooth which include Rackspace Tech-nologies, Amazon AWS, and Microsoft Azure). Currently, all infra-structure and data for Discover are stored in the United States. If sur-veys are going to be administered in a location where data regulations exist (such as GDPR and other similar regulations) or survey authors intend to collect personally identifiable information from interna-tional data subjects, customer (as the controller) shall notify Sawtooth (as the processor), and parties shall enter into a DPA and SCC. 
On Sawtooth Software Discover's Privacy Page you can request and collect all the privacy and GDPR related information that Sawtooth Software Discover is providing.