Privacy Policy
Overview
This policy describes the types of data we collect as a market research company and how we use it and, where we do share that information, the parties we share it with.
About Rigour Research
We are an independent market research company registered in the United Kingdom – Company Registration Number:10074768, who act on behalf of third parties in the collection and analysis of data for the purposes of market research. You are likely to be reading this Privacy Notice because you have either taken part in one of our market research surveys or are considering taking part. This Privacy Notice explains what personal data we will collect from you in relation to the survey and what we will do with it.
Please read this Notice in order to ensure that you are happy with how its contents affect you. Participation in our market research surveys is entirely voluntary, and if you have conducted a survey we will take it to mean that you agree with the terms of this Notice. However, if you are not happy with the terms of this Notice you should not participate in the survey, or if you have already participated, you are still entitled to ask that part or all of your interview and/or personal details be destroyed or deleted and we will carry out such a request. We tell you below how to contact us.
Contact details for questions about this policy
In addition to the information stated in this Privacy Notice, Rigour Research Ltd is bound by the Market Research Society Code of Conduct (found by clicking here) and we are wholly committed to meeting the requirements of the General Data Protection Regulation on data privacy. The Data Protection Officer for Rigour Research Ltd is Cornelius Barry, who can be contacted via email by clicking on this link
How we obtained your contact information
We have been provided with your contact information by our client. You may already have been told the name of the client and the nature of the information they have provided us with, if not and you would like to know more about the client’s identity and the information we have been given, then please reply to the email you received and we will be happy to let you know these details as outlined under your rights in the GDPR legislation
Information and data collected
The majority of information we collect is opinion based and cannot be used to identify you individually. Generally this data is in answer to questions we pose around the topic we are researching. In certain exercises however we may ask you to share personally identifiable information with us that we will use to complete the research project. This can include, but is not limited to, the following data
- Your name
- Your address
- Your email address
- Your telephone number
- An audio or video recording of yourself
- When this type of data is collected we will inform you prior to its collection and obtain your consent for its collection and intended use
Processing of the data we collect
The majority of the data we collect is aggregated into data tables and no personal information that can identify you as a participant of the research can be extracted and used. On the occasions that we request personally indefinable data, such as a short video, this may be shared with the commissioning client for presentation of the results or shared within their company and possibly with their business partners. You will be fully informed of this prior to the collection taking place.
Method of data collection
For the majority of our surveys we will have sent you an email inviting you to provide information via a web interface, usually a browser on your phone, tablet or computer. When video and audio data are required, we will instruct you on the interface needed, usually your phone camera or web camera.
Automatic tracking information and cookies
In the course of a standard online research project, we do not use any tracking files or cookies to collect information. When this type of technology is beneficial for the research respondent then we will inform you of its use and allow you to decide if you would like to use it. For example when an invitation is made to an ongoing project where a cookie may be used to hold your log on information to help easier access to the site or resource.
Children and Vulnerable Respondents
We will never gather information from children (aged 16 years and under) or vulnerable respondents without the explicit consent and prior permission of their parents and/or legal guardians and/or carers. We comply fully with the MRS guidelines, found by following the link below, when conducting any activity amongst these respondent groups.
https://www.mrs.org.uk/standards/guidance
Your rights as an individual
The GDPR legislation provides you with the following rights, you can act on one or more of these rights by emailing the Data Protection Officer by clicking on the following link click here
Your rights are :
- The right to be informed: Being transparent on the use of your data, including e.g. providing fair processing information through our privacy notice
- The right of access: Confirmation that we are processing your personal data, allowing you access to the data we process about you and providing you with additional relevant information you may ask us for in relation to such processing.
- The right to rectification: Having your personal data rectified if it is inaccurate or incomplete, and third-party processors should also be made to rectify your data if inaccurate or incomplete.
- The right to erasure: Delete or remove your personal data where there is no compelling reason for its continued processing.
- The right to restrict processing: In certain circumstances, blocking or suppressing the processing of your personal data if requested and where so restricted, storing minimal personal data, and ceasing to otherwise process your personal data.
- The right to data portability: Moving, copying or transferring your personal data easily from one IT environment to another in a safe and secure way and in an easily readable format.
- The right to object: If you object to processing your data for certain purposes (including for scientific or historical research and statistics) on grounds relating to your particular situation, ceasing to process your data unless there are legitimate grounds for the continued processing.
- Rights in relation to automated decision-making and profiling: you should not have decisions made about you if such decision-making was based on automated processing; and such decision has legal or other serious consequences for yourself.
Data retention
We will not keep any data collected from you or information stored about you for a period of longer than 2 years unless agreed upon at the time of collection.
Data security
All data collected and stored by Rigour Research Ltd is held on servers within the United Kingdom. This data is encrypted and stored in a controlled environment and is never shared with a third party or outside of the E.U. without your explicit consent and the purpose of the sharing explained to you at the time of collection.
Roles and responsibilities when it comes to your information
Rigour Research Ltd generally acts in the “Data Processor” role when dealing with personal information shared with us from our clients. This means we follow the rules and processes that should have been communicated to you when the information was collected by the client. In the case of Rigour Research Ltd collecting your personal data then we will act in the role of “Data Controller” and follow internal processes put in place to keep your data safe as per the GDPR legislation.
Other times data may be shared
There are occasions when we are bound to share personal information with our clients. An example of this is when we conduct research for pharmaceutical companies that have an explicit “adverse event reporting requirement”. When an agreement such as this is in place for a project then we will inform you at the outset and ask for your consent to provide this type of feedback to the client.
Changes to this online privacy policy
Rigour Research Ltd reserves the right to make changes to this policy. When a change is made to this policy or to the privacy practices we follow, we will update this policy. The date of the last revision will be shown.