Skip to main content

Data protection and privacy

Prolific's privacy notice and cookies policy

Prolific's privacy notice and cookies policy document can be found and downloaded from here📎

Prolific empowers great research. 🚀 We enable fast, reliable, and high quality data collection by connecting diverse people around the world. Our mission is to make trustworthy data more accessible in order to help improve human knowledge and decision-making.

Prolific is committed to safeguarding the privacy of our website visitors, service users, and other individuals with whom we deal. As part of this commitment, we've ensured that our privacy policy meets the high standards of the European data protect law, known as the General Data Protection Regulation (GDPR).

By continuing to use our sites and apps, you are agreeing to these terms. Please feel free to contact us using the button at the bottom of this page if you have any questions.

Below we will summarise the key points about how Prolific treats your data.

All users of Prolific

The GDPR provides certain rights for individuals in relation to their personal data, and you can exercise those rights by contacting us. 

You can read guidance from the Information Commissioner’s Office at for a fuller explanation of your rights. 

When you use the Site, it will store data on your device by two methods: Web storage and cookies. 

We may process the account data ("account data") you provide to us, which may include your name, email address, phone, and address, and we may also any correspondence between you and us and associated contact details (“correspondence data”). The account data and correspondence data may be processed for the purposes of operating our website and business, providing our services, ensuring the security of our website and services, and communicating with you. 

In some cases we use other companies and products as processors to handle your data, and some of the third parties to whom we may transfer your personal data, discussed above, may be located outside the EEA. If so, then we will ensure that transfers by our appointed data processors will only be made lawfully.

We won’t keep your data for longer than necessary.

We will not contact you for marketing purposes unless you have explicitly opted in to receive such communication. We may, however, contact you for other purposes for our legitimate interests as outlined in our Privacy Policy.

We are registered as a data controller with the UK Information Commissioner's Office. Our data protection registration number is ZA317731. Our data Protection Officer's contact details are:


We may process information relating to transactions that you enter into with us through our website or by other means.

If you are a Researcher, then it is your responsibility to ensure that you have performed your legal obligations as data controller in relation to any personal data you may receive, and in particular, to ensure that you have provided all information required by law prior to the collection of any such personal data and ensured that any transfer of such personal data outside the EEA is lawful.

Further information about information you may not request in your study can be found here: Can I ask participants for their personal information / identifiers?


We may process your information included by you in your personal profile on our website ("profile data"). The profile data may include your gender, date of birth, relationship status, interests and hobbies, educational details, employment details, and other categories. 

The profile data which we process may also include special categories of data. This data may include data about race, ethnic origin, politics, religion, health, sex life or sexual orientation. We process profile data for the purposes of demographic screening.

If you choose to enter any special category data in response to our screening questions, then you consent to our processing that data in accordance with our Privacy Notice. You can withdraw that consent and remove that data by deleting the relevant screening questions at any time.

We will not disclose personal data between Participants and Researchers, although Researchers will see anonymized demographic data relating to Participants for screening purposes. If you are a Participant and you agree to participate in any study posted by a Researcher, then any personal data you disclose to the Researcher (whether through Prolific or otherwise) will be used by that Researcher as a data controller in its own right, and we are not responsible for any such use.

We may process information relating to payments we make to you ("payments data"), which may include your contact details, your payment account details, and the transaction details. We process this for the purposes of paying rewards to you.

Prolific's security systems

Prolific's security systems protect participant data and confidentiality in the following ways:

  • Prolific uses encrypted HTTPS connections, secured by Transport Layer Security (TLS).
  • Participants are fully anonymized. They are assigned a unique participant ID (24 character alphanumeric).
  • Prolific provides an anonymized internal messaging service, which allows participants to message researchers (and vice versa) with any concerns.
  • Researchers cannot access participants’ identifiable information. Clear guidance is provided on what information researchers cannot request. See Can I ask participants for their person information / identifiers? for further guidance.
  • User data is stored in a secure cloud container environment.
  • Passwords are hashed using industry approved technologies. They are stored securely and can not be viewed by Prolific.
  • We do not store any data provided within studies. These are carried out on external survey software/platforms.
  • Participants are free to opt-out at any time, and we are fully GDPR compliant.
  • Please see Prolific’s Privacy Policy for more information.

I want to know more

 Click here to contact us

Was this article helpful?
powered by Typeform