LimeSurvey
VERIFIEDGerman GPL-licensed open-source survey platform (LimeSurvey GmbH Hamburg, project since 2003), self-host first.
Why this score?
LimeSurvey GmbH (Hamburg, Germany; founded August 2015, but the open-source LimeSurvey project itself dates to 2003 by Carsten Schmitz who remains Founder + CTO) is one of the longest-running open-source survey platforms in Europe, GPL-2.0+ licensed with source on GitHub, deployable on customer infrastructure (PHP + MySQL/PostgreSQL/SQLite/MSSQL) for full sovereignty; also offered as managed LimeSurvey Cloud — rated 4/5: a strong EU-owned open-source profile with no CLOUD Act exposure, but the DPA is not publicly accessible — it is reachable only inside a customer account; the rubric reserves 5/5 for a publicly accessible DPA.
- SCORE
- 4.0/5
- CLOUD ACT
- CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
-
None This listing EU operator, no US parent, no US sub-processors of note.
-
Minor A transient US sub-processor (CDN, maps); data at rest stays in the EU.
-
Material US parent, or a core sub-processor is a US-owned hyperscaler.
-
Direct The operator itself is US-incorporated.
-
- OWNERSHIP
- OWNERSHIP
Where ultimate control over the operating company sits.
-
EU-owned This listing EU-incorporated and EU-controlled; no significant US ownership.
-
EU HQ, US-funded EU-headquartered but US venture- or PE-controlled.
-
US-owned US-headquartered, or has a US parent company.
-
Other Swiss, UK or another non-EU jurisdiction.
-
- SUB-PROCS
- — not disclosed
JUMP TO
About LimeSurvey
Sub-processor map · not disclosed
Frameworks & certifications · none listed
Capability matrix
Pricing & tiers
Public documents
-
missingData Processing Addendum (DPA)— missing
-
missingSub-processors list— missing
Alternatives in this category
Dutch enterprise forms platform (Innovero Software Solutions B.V., Wassenaar, 20+ years), NL-only hosting.
- EU / adequacy operator
- EU / adequacy hosting
- No US CLOUD Act exposure
- Third-party certification
- Open-source clients
- Public DPA
- Sub-processors disclosed
How exposed customer data is to US authorities under the CLOUD Act.
-
None This listing EU operator, no US parent, no US sub-processors of note.
-
Minor A transient US sub-processor (CDN, maps); data at rest stays in the EU.
-
Material US parent, or a core sub-processor is a US-owned hyperscaler.
-
Direct The operator itself is US-incorporated.
Belgian bootstrapped form builder (Tally BV, Ghent) with free unlimited forms, EU-only hosting claim, and 500k+ teams using it.
- EU / adequacy operator
- EU / adequacy hosting
- No US CLOUD Act exposure
- Third-party certification
- Open-source clients
- Public DPA
- Sub-processors disclosed
How exposed customer data is to US authorities under the CLOUD Act.
-
None EU operator, no US parent, no US sub-processors of note.
-
Minor This listing A transient US sub-processor (CDN, maps); data at rest stays in the EU.
-
Material US parent, or a core sub-processor is a US-owned hyperscaler.
-
Direct The operator itself is US-incorporated.
Swiss research-focused online survey tool operated by Fabian Keller since 2009; used by University of Zurich researchers.
- EU / adequacy operator
- EU / adequacy hosting
- No US CLOUD Act exposure
- Third-party certification
- Open-source clients
- Public DPA
- Sub-processors disclosed
How exposed customer data is to US authorities under the CLOUD Act.
-
None EU operator, no US parent, no US sub-processors of note.
-
Minor This listing A transient US sub-processor (CDN, maps); data at rest stays in the EU.
-
Material US parent, or a core sub-processor is a US-owned hyperscaler.
-
Direct The operator itself is US-incorporated.