ROTATOR SURVEY: Technical Aspects Related to Security, Privacy and Availability of Information
secure and confidential survey system

LOCAL DATA STORAGE IN WINDOWS

RotatorSurvey is a Windows-based desktop application designed to operate across multiple architectural configurations. These include: A simple shared-folder scheme over a local area network (LAN), Deployment on Windows Server environments with remote access, Integration within application virtualization systems. Given this flexibility, the security of Rotator applications is largely determined by the parameters defined by users—whether at the level of the Windows operating system, local network infrastructure, or, where applicable, the virtualization environment in use. Beyond these user-defined layers, RotatorSurvey incorporates its own proprietary security mechanisms, which are detailed throughout this document. Critically, RotatorSurvey does not rely on any commercial, open-source, or conventional relational database management systems (RDBMS). Instead, it utilizes a proprietary data management engine known as ROTATOR. This engine is built upon a hyper-cube architecture specifically designed to store and retrieve spatially structured survey data. Our multidimensional database diverges significantly from traditional OLAP models such as MOLAP and ROLAP. Rotator introduces a novel paradigm we call FOLAP (Formula-Based OLAP), which enables the generation of dynamic Boolean formulas to access hyper-cubic data structures. This approach not only supports complex tabulations and cross-variable analyses but also enhances the overall security of the system by abstracting the data access logic. Importantly, Rotator files can only be read through Rotator’s native applications. The platform offers two secure export pathways for data extraction: SPSS (.sav) format; Microsoft Excel (.xlsx) format. These controlled export options ensure that data remains protected while enabling interoperability with widely used analytical tools.

DATA STORAGE ON THE INTERNET

Since Rotator supports multiple data capture modalities, an Internet-based cloud environment is required to host questionnaires that utilize the Web as a data collection platform. These include self-administered surveys, mobile device surveys, online CATI telephone interviews, and web-based data transcription forms. In such scenarios, Rotator does not store data in open-access databases, nor in proprietary commercial or open-source database systems. Instead, all cloud-resident data is encoded into structured text files. If these files were to be intercepted by unauthorized parties, the contents would be extremely difficult to interpret. For example, if a respondent indicates endorsement of "ANDREW CUOMO," the corresponding data file might simply contain a line such as V78=1. The equivalence table (or codebook) required to decode these values is not stored online. It resides exclusively on the local workstation where the Rotator Modeler is installed, and only that station is capable of interpreting the encoded data. For the purpose of generating charts and reports for online display, Rotator employs an encrypted version of the codebook. This additional layer of encryption ensures that even if both the data file and codebook were extracted from the server, deciphering the information would remain highly impractical.

THE USE OF INTERNET SERVERS OUTSIDE THE LOCAL AREA

As part of our infrastructure policy to ensure uninterrupted business operations for our clients and users, our company maintains server deployments across the United States, Europe, and Canada. Although our headquarters and operational base are located in Venezuela, this distributed architecture guarantees that local disruptions—such as power outages or telecommunications failures—do not compromise global access to our products and services. To further enhance capacity, performance, and data availability in highly confidential or mission-critical studies, we offer two advanced hosting options: PRIVATE SERVER (Off-Premises): Hosted externally with dedicated resources. OWN SERVER (On-Premises): Installed within the client’s infrastructure. Both configurations are designed to significantly strengthen data security, ensure high availability, and uphold strict confidentiality standards.

Our hosting partners have been rigorously vetted by our systems engineering team against stringent technical and quality benchmarks. These providers deliver robust fault tolerance and guarantee a minimum service uptime of 99.9%, operating 24 hours a day, 7 days a week.


ROTATOR NETWORK ARCHITECTURE

Rotator Survey is a desktop application that operates with the same familiarity and responsiveness as Microsoft Word, Excel, or PowerPoint. Unlike traditional office software, however, Rotator leverages the Internet to publish questionnaires and store collected data in secure online repositories. To enable the deployment of CAWI (Computer-Assisted Web Interviewing) and CAPI (Computer-Assisted Personal Interviewing) instruments, Rotator requires access to one or more servers recognized by the system. By default, the application connects to a backend infrastructure known as The Rotator Cloud — a distributed pool of Linux-based servers strategically located across Canada, the United States, Asia, and Europe. These servers are provisioned through global hosting providers but are fully managed and administered by our company. They operate as shared environments where users can publish and manage their survey instruments with high availability, geographic redundancy, and editorial safety.

rotator survey software architecture

CLOUD SERVERS - CONTROLLED BY ROTATOR SOFTWARE

A "cloud server" is a shared server where different clients can store their surveys. Rotator's cloud servers are medium-sized virtual servers (4 GB RAM, 2 CPUs and SSD disks), which allows running about 10 mid-sized surveys in parallel. As our company grows in clients and surveys, we will be adding new servers to the cloud. To differentiate the cloud servers we have named them after Greek gods, e.g. ARES, ARTEMIS, ADONIS, HERMES, EROS, POSEIDON, HADES, CHRONOS, ZEUS, AFRODITA, APOLLO, etc. All of them operating under the domain "ROTATORSERVER.COM", for example: "HTPS://ZEUS.ROTATORSERVER.COM". When a user publishes a questionnaire in our cloud, the system checks which server is the most available and publishes the questionnaire there. The disadvantage of using the Rotator cloud is its performance, especially for users who need to publish many questionnaires concurrently, or when questionnaires to be published are very large, either in terms of questions, participant base, cases or number of concurrent respondents. In these cases, we recommend opting by a "PRIVATE" server or by your "OWN" server.


"PRIVATE" SERVER - CONTROLLED BY ROTATOR SOFTWARE

A PRIVATE server is a server managed by Rotator Software, but is intended exclusively for a particular user, when hiring a private server an average configuration is offered (2 GB RAM, 2 CPU and SSD disks), which can be scaled to the extent of the customer's requirements. The advantage of a private server is that it is guaranteed that there are no other concurent surveys posted by other users, and that its use is exclusive to the contracting company. Although the "private" server is used solely and exclusively by the client, its administration is the responsibility of Rotator Software, and, likewise, although Rotator Software constantly monitors private servers to guarantee their availability, it is up to our suppliers to act and take responsibility when any hardware or software failures occur.


"OWN" SERVER - CONTROLLED BY THE END USER

As the name implies, an "OWN" server is a physical, virtual machine or hosting contracted to a third party by our users. In this case, ROTATOR SOFTWARE has no technical or administrative responsabilities and all administration, configuration, monitoring and backup tasks are in the hand of the end user. By adding your own server to the Study Modeler software, the communication is done unidirectionally MODELER <-> SERVER and at no time data or questionnaires are sent to servers owned by Rotator Software. Thus, the benefit of installing your own server is the total centralized control and confidentiality of your data. In addition to these benefits, the user can use their own hardware and scale it according to their needs, as well as apply corporate policies for usage, security and server backups.


USER AND PASSWORD MANAGEMENT

Like any multi-user system, Rotator allows you to define users with different roles or functions. Each user must have a login and a password that allows access to certain screens of the system, both locally and on the Internet. Rotator passwords are encrypted using methods such as MD5, both in the local sub-system and in the Online sub-system. As these techniques prove to be violable, or at the request of our users, our programmers may include new techniques for password encryption in the future. On the Web, when a password is posted on the initial screens, it passes through the SSL layer of our servers, which provides a second level of protection against hackers.


HANDLING OF PRIVATE PERSONAL DATA (PII)

In alignment with international data protection frameworks such as PII (Personally Identifiable Information, USA) and GDPR (General Data Protection Regulation, Europe), Rotator enables users to identify and classify sensitive personal data within their surveys according to the requirements of their local legislation. Any data flagged as PII within Rotator is automatically masked and cannot be exported, displayed, or analyzed unless explicitly authorized by the user under a more flexible data handling policy. By default, the system detects and classifies the following as PII: telephone numbers, residential and office addresses, full names, national ID or social security numbers, IP addresses, geolocation coordinates, income levels, facial photographs, and other identifiers deemed sensitive. PII data stored within the Rotator database is subject to strict handling protocols. Only system administrators are permitted to define the rules governing its treatment, deployment, and export. If desired, such data can be fully restricted, rendering it inaccessible to all other users of the platform.


THE HUMAN COMPONENT OF SECURITY

Given the sensitive nature of our business, Rotator Software C.A. places the highest priority on the security, privacy, and confidentiality of information. Our teams are deeply committed to safeguarding statistical secrecy and upholding the intellectual property rights of our users over their instruments, methodologies, and datasets. We recognize that the integrity of our platform is directly tied to the trust placed in us by our clients. As long as the studies conducted with Rotator remain accurate, reliable, and confidential, our company will continue to sustain a robust business flow and maintain its relevance in the global market. The Rotator platform is widely adopted by international clients for high-stakes, confidential research initiatives — including political polling, product launches, advertising effectiveness studies, concept testing, and other projects requiring maximum data protection and discretion. Beyond the technical safeguards embedded in our infrastructure, all Rotator personnel are bound by strict confidentiality and information security agreements. These agreements extend not only to user data, but also to proprietary techniques, methodologies, and domain-specific know-how employed in client studies. Importantly, Rotator Software C.A. is not a virtual entity. We are a legally registered company with physical operations, formally recognized by the SENIAT of Venezuela under registration number J-306-76774-6, and internationally listed in Dun & Bradstreet under D-U-N-S number 855064937.