Voting with votebox: Technical information and data protection

1. votebox voting software

The voting software is a desktop application in which eligible voters, voting items and voting results are managed and stored. Depending on the customer’s preference, the voting software is controlled either by the customer (installed on a customer PC) or by a votebox team member (installed on a PC operated by QuizzBox Solutions GmbH).

The voting software includes a database in which all data relating to the meeting is stored in real time. After a meeting, reports can be created which contain the stored voting data in either anonymized or identifiable form.

Every eligible voter is uniquely identified in the voting software and only one vote (or weighted vote) per ballot per voter is taken into account. If a voter changes their mind or votes twice, possibly on different browsers or devices, while a vote is open, only the last submitted vote is taken into account.

Eligible voters vote by means of handsets and/or via a web app.

2. votebox handsets (in-person meetings)

If handsets are used at a meeting, the allocation of handsets to eligible voters is recorded in the voting software. The handsets are then distributed in person to the corresponding voters. The software and handsets communicate wirelessly via a USB receiver. No Internet is required, and the voting computer can simply be taken offline.

3. votebox web app (online, in-person and hybrid meetings)

At online and hybrid meetings in particular, eligible voters vote via a web app. The web app can be opened from any web browser on a smartphone, tablet or PC, without requiring any installation.

Ahead of a meeting, the names of the eligible voters are entered in the voting software together with a unique PIN. This authentication information is automatically synchronized with the web app server. Shortly before the meeting, the voters receive an email containing the meeting-specific URL to the web app and their unique PIN with which they authenticate themselves in the web app.

4. Open vote/election

In an open vote or election, the votes cast are stored together with the voter’s name. The audience can be shown who voted for what. Anonymized results can also be displayed. Reports containing the names of the eligible voters and which way they voted can be produced subsequently. Anonymized reports can also be produced.

5. Secret vote/election

In a secret vote or election, the results are stored anonymously after the vote. The audience cannot be shown who voted for what. The reports contain no names of the eligible voters (other than attendance lists). No link can be made in the database and the program logs between voters and votes cast.

6. Proxies/transfers of votes

The voting software allows eligible voters to appoint a proxy, in which case they are then not permitted to vote themselves.

If the vote is carried out via handsets, eligible voters appointed as proxies are also given the handsets of the corresponding voters.

If the vote is carried out via the web app, eligible voters can vote both on their own behalf and on behalf of the voters for whom they have been appointed proxy. They do not have to vote the same way in each case.

7. Security of the voting software

If the voting software is installed and controlled by the customer, then the customer is responsible for deleting the data.

If the voting software is installed and controlled by QuizzBox Solutions, then all data (especially personal data associated with a meeting) is deleted one week after the voting reports have been created, unless otherwise specified by the customer.

8. Security of the web app

The web app server is hosted at a secure location by the company OVHcloud (the European leader in cloud computing) in the EU (France). We have signed a data processing agreement with this company in accordance with the GDPR. Access is granted only in accordance with a defined security procedure. The web app server can be accessed only in line with the defined authorization concept. Access to the network is restricted to specific administrator accounts, with complex and regularly expiring passwords.

Only the authentication data (voter’s name and PIN) is stored on the web app server as personal data, not the voter’s voting record. This authentication data is deleted automatically every night.

Access to the web app is exclusively via HTTPS and encrypted WebSocket connection.

The meeting is identified by means of a unique 6-letter code.

Unique PINs are used to authenticate eligible voters. The customer can choose the level of complexity of the PINs. We recommend 8-digit PINs containing a mixture of numbers, upper- and lower-case letters and special characters.

During votes or secret elections, the results are stored anonymously after the vote. It is not possible to show the public who voted for what. The reports do not contain the names of voters (except in attendance lists). No link can be established in the database and software log files between the voters and the votes cast.

9. Processing of personal data/GDPR

All personal data that is processed in the voting software and in the web app is treated confidentially and with the utmost care, in accordance with the applicable legislation on the protection of personal data (GDPR and national data protection legislation).

If the voting software is installed and controlled by the customer and handsets are used for voting, then no data processing is carried out by QuizzBox Solutions.

In all other cases we will sign a data processing agreement with the customer in accordance with the GDPR.