Version 1 – Issued May 2018
Riteangle is a market research agency fieldwork agency that operates within the boundaries of the Data Protection Act 1998, and EU General Data Protection Regulation (GDPR). Riteangle is registered with the Information Commissioner’s Office (registration number Z 6977670).
In processing your data we will comply with the General Data Protection Regulations (EU) 2016/679 (from 25 May 2018), as well as the Data Protection Act 1998 (and any amendment of or replacement for that Act) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (and any amendment of or replacement for those Regulations), as well as any other data protection laws that apply from time to time (together the "Data Protection Laws"). Riteangle processes personal data (that is, data by which a living individual can be identified) relating to participants (i.e. those that take part in research).
This privacy statement applies to the processing of this type of data.
How do we collect personal data?
Riteangle uses client supplied databases and data obtained by other means, to locate participants with whom to conduct research. This is in the legitimate interest of Accent and its clients, but participants do have rights relating to this type of processing (including the right to object to the processing of their data in this way- see below for more information).
Riteangle also collects and uses personal data obtained from participants as part of conducting research. The reason we collect this data is usually only for analysis purposes and to determine that we have sourced the right people for our clients, but all purposes for which data is being collected are always made clear at the time of data collection. This processing is based entirely upon informed consent – which again brings with it legal rights (again including the right to object to the processing of your data in this way).
Riteangle does not carry out any form of automated processing or decision making.
What information do we collect?
Riteangle collects the following data for the legitimate interest of the work we carry out. We collect this data with consent when we screen for suitable participants.
- Always - Participant name, phone number, age, gender, your full responses to the interview that you took part in, interview validation responses gained through for our quality control procedures and any comments provided during the validation (these are performed at pre or post phone checks to ensure we are doing our job properly)
- Sometimes – Marital status/family status/life stage, any previous market research attendance (including when, how many and subjects), some special categories of data
Why do we collect this information?
We collect your data in order to enable us to carry out our job as per the instructions of our clients, but also to comply with our legal / contractual obligations and for legitimate interests.
Data Storage, Deletion, and Sharing
Personal data of which Riteangle is not the controller (e.g. the customer database of the client we are representing to locate potential participants) is deleted immediately upon completion of the project.
Personal data of which Riteangle and our clients are joint controllers (e.g. data which you have given consent for us to collect as part of the research we do) is stored in the form in which it was collected for 12 months from project completion.
We’re committed to protecting your personal information. We adopt robust and appropriate technologies and policies to protect it from unauthorised access and improper use. In addition we do not transfer your personal data out of the EEA.
Where is your information?
All personal data with Riteangle is safely stored within the UK.
Is your information shared with any third party?
We never use data for the purposes of anything other than those uses related to research. We do not sell on personal details and you will not be contacted for any type of sales or promotions. We only use the details we collect for genuine market research projects.
How to exercise your rights:
You may exercise your rights above by contacting us at email@example.com and we will comply with your requests unless we have a lawful/contractual reason not to do so which we will inform you of.
Chief among your rights is your right to object to the processing of your data. Riteangle will immediately comply with your objection and cease processing, unless there is a legitimate legal reason not to (which would be very rare and would be explained at the time).
Through a process referred to as a Subject Access Request; you have a right to obtain
- confirmation that your personal data is being processed
- access to your personal data
- other supplementary information (largely contained within this document).
You also have the right to the following;
- where you have given Riteangle your informed consent to process your personal data, to revoke that consent.
- to know where your data originated from, where your personal data came to Riteangle other than from you.
- to block future processing of your data.
- to apply for the erasure of any personal data being held.
- to request any incorrect personal data be corrected.
- to lodge a complaint with the supervisor authority (in most cases the Information Commissioner) if you believe your data is being handled unfairly.
- if you exercise your right to request that your personal data be deleted, Riteangle will have no way of ensuring you are not contacted again. If your objective is to not be contacted again, consider exercising your right to block processing instead – Riteangle would then hold just the absolute minimum data needed to ensure you are not contacted again.
All requests will be processed within 30 days, there is no fee involved in exercising any of these rights.
All communications regarding personal data (including subject access requests or the execution of any of your other rights, as well as any queries relating to this policy document) should be addressed in writing to firstname.lastname@example.org