Question 1

1) Does ValueScope collect personally identifiable data (PII) about community members?

Accepted Answer

By design, no.
Standard surveys do not ask for names, ID numbers, phone numbers, email addresses, or exact addresses. Responses are tagged to stakeholder group, site, and selected demographic categories (for analysis), not to an individual.
The only PII held in ValueScope relates to platform users (your staff, reviewers, and account managers) so they can sign in, collaborate, and appear in the review/approval trail.

Question 2

2) What is our lawful basis for using data in ValueScope?

Accepted Answer

Most project data in ValueScope is anonymous or effectively anonymised monitoring data. Your organisation remains the data controller and chooses the lawful basis under applicable law (e.g., UK GDPR). In practice, teams typically rely on:
 • Legitimate interests (monitoring social value, safeguarding, “do no harm”), and/or
 • Contractual obligations (requirements in grants, standards, or procurement).
If you elect to collect any information that could reasonably identify a person, you must reflect that in your privacy notices and safeguards. ConnectGo acts as data processor, providing the platform under contract.

Question 3

3) How is consent handled at the survey stage?

Accepted Answer

Consent is collected at the point of data collection. Before answering, participants are told:
 • Who is collecting the data and why
 • What topics are covered and how long it takes
 • That participation is voluntary; they may skip questions or stop at any time
 • How responses will be used (e.g., combined and reported as anonymous statistics) and who will see them
For children and other vulnerable groups, participation follows your existing safeguarding and consent/assent procedures, even though ValueScope does not store direct identifiers.

Question 4

4) Are survey responses anonymous? How is anonymity protected?

Accepted Answer

Yes. ValueScope is designed so responses are anonymous upon entry. Protections include:
 • Instruments that do not ask for names, IDs, or contact details
 • Storage under group, site, and demographic codes, not personal identifiers
 • Aggregated dashboards (e.g., “Women in Site A”), not individual records
 • Optional suppression rules (minimum group sizes) and category aggregation for small or sensitive groups
If you keep any contact links for follow-up, manage those outside ValueScope under your own procedures.

Question 5

5) Who owns the data and who can see what?

Accepted Answer

You own your data. Your organisation is the data controller; ConnectGo is the data processor. Access is controlled by:
 • Roles and permissions in your tenant (e.g., Manager, Project Creator, Reviewer, Field Agent, Viewer)
 • Need-to-know access for your named Account Manager to support onboarding, review, and sense-making
No data is sold. No third party receives your project data for their own purposes without your explicit agreement.

Question 6

6) Does ValueScope use anonymised or aggregated insights across projects?

Accepted Answer

Yes, carefully and only in fully anonymised and aggregated form, to:
 • Improve question banks and indicators (e.g., which items perform well)
 • Identify common themes, risks, and outcomes
 • Produce non-identifying learning notes and guidance
We do not publish project-specific insights that could harm your organisation or communities without your explicit consent. Cross-project learning uses are described in our contracts and data processing documents.

Question 7

7) How does ValueScope support ethical, safe, and participatory practice?

Accepted Answer

ValueScope provides the digital backbone for good practice and nudges safer behaviour:
 • Stakeholders are named as groups, not “the community” in general
 • Risks identified during mapping feed directly into a Risk Register with owners and mitigations
 • The Theory of Change centres “what changes for whom,” including possible harms
 • Account Managers support teams and challenge weak stakeholder or risk work
Your organisation remains responsible for field ethics, safeguarding, and feedback/grievance mechanisms.

Question 8

8) Where is data hosted and how is it protected?

Accepted Answer

ValueScope uses reputable cloud infrastructure with:
 • Encryption in transit and at rest
 • Role-based access control and audit trails
 • Regular backups and environment hardening
Regional hosting options can be agreed contractually where required by procurement or regulation.

Question 9

9) How long is data retained? Can we delete it?

Accepted Answer

Retention is led by your policy. ValueScope supports:
 • Project-level retention settings and archival
 • Export of datasets and reports
 • Deletion requests for tenant content, subject to contractual and legal obligations
We encourage archiving over deletion where appropriate, so longitudinal learning is preserved without exposing personal data.

Question 10

10) Do you transfer data across borders?

Accepted Answer

If cross-border processing is required (e.g., UK ↔ East Africa), it is handled under appropriate transfer safeguards (such as Standard Contractual Clauses or equivalent mechanisms). Details are set out in our data processing terms.

Question 11

11) How does AI/“Chat with your data” handle privacy?

Accepted Answer

AI features operate on anonymised, permission-scoped data within your tenant. The system respects role permissions and never reveals suppressed small-group outputs. Model prompts and outputs are not used to train external models.

Question 12

12) What happens if there is a security incident?

Accepted Answer

We operate an incident response process covering detection, containment, assessment, notification, and remediation. If an incident materially affects your data, we will notify you without undue delay and cooperate to meet any regulatory duties.

Question 13

13) How do we export our data if we stop using the platform?

Accepted Answer

You remain the owner of your project data at all times. If you decide to stop using the platform (for example, at the end of an early adopter period), you can take your data with you.

1. What data can we export?
From within the Reporting area you can export the underlying data that sits behind your reports. This can include, depending on what you have used:
 • Project and site configuration
 • Stakeholder mapping
 • Theory of Change entries
 • Risk Register entries
 • Survey structures and survey responses
 • Any other modules that are surfaced in the reporting portal
The export reflects what is visible in your reports, including any filters you have applied, rather than a raw dump of the entire internal knowledge base.

2. In what formats is data exported?
You will be able to export your data in standard, machine-readable formats:
 • CSV (tabular format, easy to open in Excel or import into many tools)
 • JSON (structured format that most databases and data platforms can ingest directly)
Because some survey and indicator data are nested, JSON is often the most faithful representation, but CSV is available where helpful.

3. What about dashboards and visualisations?
From the reporting module you can also export static versions of your reports (for example as PDFs).
This means you can keep:
 • Snapshot views of charts and tables
 • Executive summaries and risk overviews
 • Any filters or views you have selected at the time of export
You receive the analysed data and static outputs, not the underlying analysis code or internal configuration scripts.

4. Who initiates the export?
Exports are triggered from within the reporting interface for each relevant module.
If you need a more tailored export (for example, a specific combination of modules, or support choosing between CSV and JSON), your Account Manager can help you decide what is most useful and guide you through the process.

5. What happens to our data after we leave?
Details of data retention and deletion are set out in your contract and End User Licence Agreement (EULA) between the commercial partner (for example, Level) and your organisation.
These documents specify:
 • How long project data is retained
 • Under what conditions it is archived or deleted
 • How and when you may request a final export
If you are unsure of your specific retention terms, your Account Manager can point you to the relevant clause in your agreement.

6. Is exported data still anonymised?
Yes. The platform is designed so that community-level data is non-identifiable:
 • No names, ID numbers, personal contact details or free-text personal identifiers are stored for community respondents.
 • Survey responses are tagged by stakeholder group, site, and demographic categories, not by individual identity.
Your exports keep this structure. You retain rich, disaggregated data for analysis without accessing personally identifiable information about community members.

Data Protection

QUICK LINKS

LEGAL INFO

FOLLOW US ON: