Open in app

Sign in

Write

Sign in

Are online quizzes still safe to take?

Boris Pfeiffer
7 min readMar 29, 2018

The short answer is “yes” if they are created with a GDPR compliant quiz maker like (cough, cough) Riddle.com.

Quizzes have been the most popular and most shared item on social media for years. But it took the recent Cambridge Analytica scandal to highlight how unscrupulous companies can use a harmless personality test like this one (note: be careful when you take this test — it will track you through Facebook) to gather personal information from your profile.

Any time you take a quiz online, you might want to be a little cautious before answering those questions — even if they are as seemingly innocent as ‘What color matches your style?’.

And hey — if you’re a company using quizzes to engage your site’s audience or to gather leads, you need to be double-sure your quiz maker is playing nice with your visitors’ data.

Okay — first, the back story.

Many quizzes combine your Facebook profile data with Facebook tracking/marketing pixels and your quiz answers to build a more complete profile about you as a user.

You know what? When I take a quiz, that’s completely acceptable, as long as only the website owner is collecting my data.

After all, I only complete forms or answer quiz questions on sites where I trust with my data.

Have you heard about the GDPR?

The EU has been very proactive in online privacy — and they have passed the very strict General Data Protection Regulation (GDPR) — taking effect May 25, 2018.

The goal? Ensure that companies:

  • Collect only as much data as necessary.
  • Do not sell or give your data to others without your express consent.

How much data are you giving up when taking a quiz?

With a quiz from a quiz maker that takes your privacy seriously, you are not giving up any personal identifiable information. The quiz builder will merely collect aggregate statistics about all the answers given by all the quiz takers. If you do not enter your details into a lead capture form or if the quiz creator is not tracking you with a Facebook pixel, your information is very safe.

But brace yourself.

The problems start when a quiz tracks your answers with a Facebook pixel, which many quiz makers do. This allows the quiz creator to use your Facebook profile data in combination with your quiz answers to build a more complete profile for better targeting.

Don’t let the quiz maker steal your data

With that in mind, let’s say you took this quiz on the Marriott.com website.

You’d probably be fine with Marriott collecting your user data from that quiz. After all, you visited their site — and voluntarily took the quiz.

And you wouldn’t bat an eye if the quiz includes a form — asking you to sign up for their newsletter or win a free night’s stay.

After all, Marriott is a trusted brand — and you’d be reasonably sure they would not sell your data or misuse it in any way.

But… would you realize that Marriott’s quiz maker (in this case Qzzr) also runs their own Facebook pixel that collects your data as well?

I’m staggered by this — and I am 99% sure Marriott is not aware of this blatant breach of their data protection policies.

But it gets even worse, I have embedded a Typeform Quiz into a test site and found that Typeform launches 11 trackers that combined place 72 cookies on my visitor's computer. They send data to Facebook and Twitter as most quiz makers do, but they also place an Outbrain Pixel. Outbrain is a very smart ad tech company from Israel and I am fairly certain that they will steal your user's data for retargeting. If they also capture quiz answers and results, they can build an amazing retargeting pool using your quiz data.

Want proof?

Check out the screenshot below. The pixel ID 1707749372840582 in that Marriott quiz? It is the same pixel ID you get when you open Qzzr.com, so it’s fair to assume this is a Qzzr (and not Marriott) pixel at work.

Here’s the pixel from the Marriott.com quiz — showing the data being sent to Qzzr:

And the same pixel on Qzzr.com:

Why do I care?

I’m the founder of Riddle — an online quiz maker company myself. And sure, it might seem a little odd to learn about this issue from someone like myself.

But that’s precisely the reason I’m sharing this with you.

Online quizzes are amazing content for website owners and their audience. Users can’t get enough of them — they both entertain and inform (e.g. “What’s your dream career?”). And websites love how people share their quiz results with their friends — providing their traffic.

However — each quiz maker has an ethical and legal obligation to respect the privacy of the data collected by their customers.

Unfortunately, in this Marriott example, I do not see any legitimate reason why a quiz maker should be tracking its clients’ users. That only leaves me with one unpleasant alternative — they intend to collect and sell that data.

These practices give the entire online quiz industry a bad reputation — again, just look at the headlines from the Cambridge Analytica case.

We designed our quiz maker (www.Riddle.com) to collect only anonymous aggregate information about quiz takers and we only do this to power the statistics dashboard for the quiz creator. Our customers can collect private information only with the specific agreement of each quiz taker -using an in-quiz form to opt-in to give their name, email, and other details.

The key difference?

With a reputable quiz maker, it is the person or company who makes that quiz who collects that data and decides how much collection is acceptable — not the quiz maker.

How to track who is tracking you?

Okay — so your best defense is not to delete Facebook or swear off taking online quizzes forever.

Nope — your best defense is to be proactive.

  • Track who is tracking you — if you see that a site seems to send data off to a third party, let the website owner know about it.
  • The EU’s GDPR means that companies worldwide will have to delete EU users’ info upon request — or face heavy fines.
  • To comply, companies are deploying tools to easily do this for their sites. Even if you’re not from the EU, most companies will just delete your data on request — to be safe.
  • Monitoring the Facebook pixel is super easy. Just install the Facebook Pixel helper — built for Facebook developers to make sure their pixel sends all the right data.
  • But anyone can use it. See more than one pixel ID tracking you? That’s a huge red flag right there.

The pixel helper will show you exactly what kind of data is being sent to Facebook — along with your own Facebook identity.

Avoiding Facebook pixels is close to impossible — almost every major site uses them by now. It’s sending your data to a third party — unknown to you — that is unacceptable.

Qzzr is not the only one doing this by the way.

The massive Israel-based quiz company Playbuzz and the Spanish/US company Typeform do the same. All the answers from their quizzes are sent straight to their Facebook pixel for further targeting — either without your knowledge or consent (or because you did not read the fine print in their terms).

Now, Qzzr does not even mention Facebook pixel tracking anywhere in their privacy policy or their terms of service. Playbuzz is a bit more straightforward, they let you know in the intro of their privacy policy that they will collect personal information from you and use third party services such as social networks to receive such info.

But let’s be honest. When taking a quiz on a random website, you will most likely not read the terms and conditions or the privacy policy of the company who build the quiz maker software. On the other hand, if you’re creating quizzes for your company, you should read these to make sure they’re on the straight and narrow.

Want to use quizzes on your site — safely?

  1. Pick a quiz maker that does NOT add their own tracking — either Google Analytics or Facebook. Riddle.com and Apester are good examples of quiz makers that respect your data and do not add any Facebook or Google tracking.
  2. How to test it? Build a one question quiz, put your quiz maker’s embed code on your site, then use the Facebook Pixel helper and the Google Tag assistant to check who else is trying to track your users. Or even better, create a blank webpage, add the embed code and then open that page with the Brave Browser. Brave is amazing as it will show you all the trackers and will block them by default. You can then enable them and watch the cookies being placed.
  3. Choose a quiz provider that is GDPR-compliant — this is the easiest option. By complying with the GDPR, your quiz provider by default will NOT collect any data from your users for their own behalf. All the data collected is yours and you should be able to set up how much you are okay with collecting.
  4. Check out this infographic highlighting the key questions to ask your quiz provider when it comes to the privacy of your user's data. (I’m biased of course — but Riddle is a fully GDPR compliant quiz maker.)
  5. Be fair — do not gate your quiz results with a mandatory lead capture form.
  6. Do not use a Facebook pixel without your users’ consent.

Okay — I’m getting off my soapbox now.

You can tell how fired up I am about online quizzes. If you have any questions about how to use quizzes responsibly on your site, please drop me a line at boris@riddle.com.

Gdpr
Eu Gdpr
Quiz
Facebook Pixel
Facebook

--

--

Boris Pfeiffer

Written by Boris Pfeiffer

6 Followers

Founder and CEO of Riddle.com — an online quiz maker.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams