Advised Use of CMNTY Platform

CMNTY Platform is a diverse tool and can, therefore, be used in several ways to achieve different goals. Although you are free to choose and combine various functionalities to meet the purpose of your research, we would like to provide you with a couple of guidelines that will help you determine a combination of functionalities and tools that will allow for the most valid approach to data acquisition.

These guidelines are also compatible with the conditions set by ISO regarding Market, opinion and social research (ISO 20252) and Access panels in market, opinion and social research (ISO 26362).

Organizational considerations
• We highly advise you to entrust the management of your platform to competent staff;
• We also highly advise you to select a uniform moderation style and establish a code of conduct for all moderators to avoid communication that might have adverse impact on users’ participation in your managed activity or information submission;
• CMNTY Platform allows you to freely delete and edit all content and data for the convenience of your research. However, we strongly advise you to carefully consider the effects of editing or deletion of your research results before performing these actions;
• CMNTY Platform enables you to export raw research data in order to provide you with the least affected, most valid form of data. Hence, we strongly advise you to schedule your data exports in advance, keep track of possible changes in the size of your platform, and perform data exports regularly in order to draw the most accurate data from your project.

General platform management
• We advise you to recruit participants for your community from a documented source, and provide sufficient information for initial confirmation of identity: your recruitment import should provide sufficient credentials to identify members of the platform;
• We advise you to establish a system for monitoring and validation of frequency of users’ participation and introduce such system to the participants of your platform. In other words: make sure your users know how often and how much they are expected, allowed or encouraged to participate in certain activities on your platform;
• We advise you to define the size of your platform and be transparent about it to your (end) clients. Your platform should only be defined with participants who were sufficiently active throughout your research which you can achieve by introducing a Community Overview page and using various functionalities in the Admin Section of your platform;
• It is crucial that you acquire explicit consent from your participants to use their personal data for your research. Therefore, it is important that you introduce it through your General Terms and Conditions. We also advise you to have personal data of participants available to them upon request. The data must be corrected or deleted if a user requests such action: you can achieve that by using various functionalities in the Admin Section, such as User Deletion, Data Export and/or User Profile Edition;
• It is also advised to provide means (e.g. helpdesk contact details, a page of FAQ, etc.) by which your participants can obtain assistance or resolution of queries;
• It is crucial that you inform your participants when material changes are made to your privacy or incentive policies. Feel free to use the Newsletter functionality to ensure that your users are duly informed.
• We advise you to make your participants aware if and when third parties (such as your end client) observe the activity on the platform by, e.g., using an Observer account;
• Importantly, you should inform new and forthcoming users about the following when you invite them to participate in your platform:
• A general description of the project purpose;
• An estimated length of project;
• A closing date for completed responses (if applicable);
• A list of types of data that will be collected in the project;
• A clear indication in case the data shall be collected for a period of time other than the length of the project;
• A statement of confidentiality and anonymity;
• An appropriate privacy statement;
• Provide them access to full disclosure of incentive terms and conditions applying to the project;
• An explanation in case the invitation is sent out on behalf of another research service provider;
• An explanation about the opportunity to unsubscribe (see below) or opt out of future research;
• An appropriate privacy policy or statement; You can choose from a variety of means in the platform to provide such information, e.g. Custom Pages, Homepage, General Terms and Conditions, etc.
• CMNTY Platform offers the option to activate a cookie message that needs to be accepted by the participants. This message might be required by law in your country or the county in which the research primarily takes place. In that case, CMNTY advises to activate this message;
• CMNTY Platform enables moderators to pre-test all research content and modules. We advise using the built-in draft functionality (modules) or the preview mode (Questionnaire / Stepboard) to achieve this, before publication of the content.

User profile information
• We advise you to only collect personal data that is necessary for your research and sampling, and take into consideration that certain data may change in time (e.g. phone numbers, addresses, etc.) and should be carefully checked before including it in said research or sampling. All necessary data can be collected by creating relevant User Profile Fields;
• It is highly advised that you remove inactive participants periodically (at least once every 12 months) from the platform, otherwise, the results of your research might be affected. This can be done by either freezing user accounts or removing them completely by means of User Deletion;
• We advise you to retain users’ activity history for a minimum of two years. For a possibility of a continuous project, CMNTY will store such data on our servers for a standard term of 6 months. Regardless of that, we highly advise you to use the Data Export functionality to download such data for internal storage at your company;
• We also advise you to request your participants to update their profile data at least once a year. You can do that by using the Newsletter so that the change gets well documented. Furthermore, users should be able to update their profile information as they wish, thus we advise you to display Profile Fields on Profile Pages;
• Not only do we advise you to use a strong password for your CMNTY account, but we also highly advise you to communicate the same tip to your participants. You can place a message with advice, a guideline or an instruction on the Authorization pages by using the Custom Element functionality;
• CMNTY Platform offers a sign-off functionality to enable participants to leave the platform. A sign-off link will appear on profile pages if you activate this option.

• It’s advised to introduce an incentive system that matches or at least resembles the incentive system already introduced to participants upon recruitment. In other words, if you already have introduced a system of reward or motivation on your corporate website or via other informative means, then we advise you to adopt it also on your platform;
• It’s advised to sufficiently introduce and explain the incentive system to participants both upon recruitment and during the project, and have a documented definition available for them at all times. Use Custom Pages to create an information, FAQ page or a similar source of explanation;
• CMNTY Platform offers a Gamification engine which can be used to reward members with ranks, points and/or badges. It’s optional to link the points system to a webshop, where members can redeem their earned points.

When using this functionality, it’s advised to document the following in the aforementioned source of explanation:
• The type of incentives you are offering;
• A description of the redemption process (if applicable);
• How and when the incentives will be given and redeemed;
• That respondents will be treated fairly and equally;
• Which methods of resolving incentive queries or disputes will be used.

Recommended Privacy & Security Settings
Privacy: In terms of privacy, you can set profile field permissions to hide/show user information based on the viewer’s user role, and manage a user’s ability to do things like update their email, sign off, and opt out of newsletters. Below are some recommended settings:

User Profiles – Admin > Participants > Users > User Management > Settings
• Allow participants to change their email.
• Allow participants to sign off of the platform.
• Allow participants to opt out of the newsletter.

Profile Fields – Admin > Participants > Users > Profile Fields
• Configure profile fields (where to display them and whether or not they are required).
• You can set profile field visibility to “off’ so that only Moderators can see them and participants won’t know they exist.

Profile Field Permissions – Admin > Participants > Users > Profile Fields > Permissions
• Configure which users can see specific profile information based on the viewer’s user role.

Terms & Conditions – Admin > Configure > General > Default Messages
• Moderators can use platform Terms & Conditions to inform participants about security settings and the use of cookies.

User Profiles – Front End > Your Profile > Email Settings
• Participants can opt out of platform emails from their profile

Security: In terms of security, you can enforce authorization security and guard against brute force attacks, create a password policy to ensure secure passwords, and set rules to govern user sessions. Below are some recommended settings.

Authorization Security – Admin > Configure > Security > Authorization Security
• Set the “Login Attempts Allowed” to 3 times (default).
• Set the “Login Lockdown Time” to 15 minutes (default).

Password Policy – Admin > Configure > Security > Password Policy
• Set the “Password Expiration” to 90 days (default).
• Set the “Minimum Password Length” to 10 characters (default, but we would actually recommend a length of
• Set the “Prevent Password Reuse” to 3 times previous iterations (default).
• Require: Uppercase, Lowercase, Number, and Non-Alphanumeric (default).

Session Security – Admin > Configure > Security > Session Security
• Set the “Session Duration” to 2 hours (default). You could improve security by lowering this number, but then you may create a slightly more frustrating user experience by forcing people to continually log in).
• Turn on the “Log Off On Close” feature (This will make ensure that people are logged out when they close their browser. This is especially good for people who are working on shared computers or in public areas.)

General Privacy & Security
• Users can sign off from the platform, but their profile data will remain in the platform should you need it. It is up to the moderator to delete the profile data, the user, or the user and all of their content.

Read more about general platform management.