Saros Research Privacy Notice

Saros Research Ltd is a UK-based online market research recruitment agency. If you want to contact us regarding your data please use either of the following:

Contact details: 

Data Controller: Fiona Jack, Managing Director; [email protected]; Tel: 020 8481 7160

Data Protection Officer: Jacqueline Gazey at [email protected]

We work with professional market researchers and by extension their clients and also organisations who are carrying out their own market research. We comply fully with the Market Research Society's Code of Conduct to ensure transparent and ethical standards are maintained. We also comply with all current data protection legislation, including the General Data Protection Regulation (GDPR) until 31 December 2020 and up until and from thereon the Data Protection Act 2018 effective from 25 May 2018.

HOW YOUR INFORMATION IS USED:

The information you provide as a member will be only be used by us for the purposes of inviting you to apply for genuine market research projects. We will not share your data with parties other than researchers or organisations carrying out their own research. When you apply for a market research project via one of our online forms, we will provide you with the information you will need to decide if you wish to take part i.e. the subject of the research, what you will be expected to do, the incentive offered, timing and location plus any additional relevant  information. We will not pass on any personally identifying  information unless we tell you in advance and obtain your express permission e.g. if your full name is required for building access. We will only ask you for sufficient information for the purposes of assessing if you meet the more specific criteria set out for the project. You do not have to provide all the information requested, however, this may mean we are unable to include you in the research should the missing details be key to the criteria set by the client.

The legal basis upon which we process your data is your consent, which you may withdraw at any time as explained in the following sections. The special categories of personal data we may collect are limited to projects where it forms an essential part of the research and only where fully informed consent is obtained:

  • Racial
  • Ethnic origin
  • Political opinions
  • Religious beliefs
  • Philosophical beliefs
  • Trade union membership
  • Health data

Disclosure

Saros Research Limited will only pass on your personal data to third parties for the purposes of the research for which consent has been given as part of the processing activities.

Third country (non-EEA) /international organisation & geographic location

Safeguards in place to protect your personal data

Slack - USA

(Privacy  Shield - pending further guidance from ICO), Standard Contractual Clauses via DPA in place, encryption of data and by technical and security measures

Alchemer (previously known as Survey Gizmo) - EEA
Encryption and by technical and security measures
Microsoft - USA
(Privacy  Shield - pending further guidance from ICO), Standard Contractual Clauses via DPA in place, encryption of data and by technical and security measures
Workplace by Datto via Infinity Group - EEA
Encryption and by technical and security measures

AWS - EEA

Encryption and by technical and security measures

SignNow - EEA

Encryption and by technical and security measures

Virtualgo2 ltd - Egypt

Authorised Contractual Clauses and by policy, encryption, technical and security measures

WeTransfer - EEA

Encryption and by technical and security measures

PayPal - EEA & USA
(Privacy Shield - pending further guidance from ICO), Binding Corporate Rules (EU), encryption of data and by technical and security measures
Sage
(privacy Shield - pending further guidance from ICO), Binding Corporate Rules, encryption of data and y technical and secuirty measures




ACCESS TO YOUR INFORMATION AND CORRECTION OF ANY ERRORS:

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access - you have the right to request a copy of the information that we hold about you.
  • Right of rectification  - you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten - you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing  where certain conditions apply to have a right to restrict the processing.
  • Right of portability - you have the right to have the data we hold about you transferred to another organisation.
  • Right to object - you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling.
  • Right to judicial review: in the event that Saros Research Limited refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the final section of this Notice.

You may access and amend your membership details via our Registration portal on our website : https://www.sarosresearch.com/participate/profile/login.html

You may also contact us by email to [email protected] to request any further details of information we may hold about you and for help with exercising the other rights listed above. We will call you to confirm your identity  as the person entitled to receive the data before we will release any information.

HOW TO UNSUBSCRIBE AND STOP RECEIVING ANY FURTHER INVITATIONS:

If you no longer wish to remain a member of Saros for any reason, please either click on the UNSUBSCRIBE link on one of our invitation emails or email [email protected]. We ask you to allow up to 14 days for invitations to stop arriving as it is possible there may be some already in the pipeline. In the meantime, please just delete them.

Please note, if you ask for questionnaires responses to be be deleted via our Question Pro survey portal as mentioned above, we will contact you to check if you wish to unsubscribe to be sure if that is your intention.

DATA STORAGE:

PROJECT DATA: This information relates to the projects you have taken part in only. We retain project data for a period of 3 years in our accessible files and a further technical back-up period of 6 months during which we do not have full access.

If you are booked onto any of our projects and you are not a Saros member we will keep a record of your email address and details of the project you took part in for future reference. We will not contact you about any other projects unless you register as a member.

INCENTIVE PAYMENTS: If we (Saros Research) have paid you your incentive electronically, we retain the records of the payment for a period of 7 years to comply with HMRC (tax) legal requirements.

YOUR ONLINE SCREENER QUESTIONNAIRE RESPONSES: These remain on our survey supplier's server for a maximum period of 6 months, at which time they are automatically deleted. The previous manual deletion system has been replaced by this automatic process to ensure all responses are included. The server for Alchemer (previously known as Survey Gizmo) is EEA-based and data is encrypted whilst being stored and in transit.

The screener responses are also stored on our secure database and retained for a period of 6 months after the project has taken place and are then automatically deleted. We often have projects arising on the same or a similar subject for which you may also be a fit and if so, we will contact you to see if you are interested. The Project Booker retain a sorted Master List of responses for a period of 3 months after completion of the project for the same reason and all Project Booker laptops are encrypted and protected by a centrally managed service. We also often have projects for the same clients on the same subject that are ongoing over a period of time and, where we are aware of this, we will say so on the questionnaire. We do not retain the information for any other purposes.

We capture device information such as IP address and other device data which could identify  responders and which could be used to protect our systems from cyber attacks.

All systems are scanned regularly for security vulnerabilities and penetration testing carried out according to a fixed schedule by outside cybersecurity specialists.

TRANSFER OF DATA TO THIRD COUNTRIES (OUTSIDE OF THE EUROPEAN ECONOMIC AREA):

We transfer data to and from our processors in the USA, which is covered by Privacy  Shield - pending further guidance from ICO, Binding Corporate Rules or Standard Contractual Clauses, by technical and security measures together with encryption of data. We also transfer data to Egypt, which is covered by approved contractual clauses, policies and agreed security measures together with encryption of data.

RIGHT TO LODGE A COMPLAINT WITH THE INFORMATION COMMISSIONER'S OFFICE (ICO):

We take the protection of your data very seriously and we want to know if you have any concerns or complaints about how we handle it. Please let us know of any issues you may have so that we can deal with them for you. If you are not happy with how we have handled your enquiry, you have the right to make a complaint to the Information Commissioner's Office (ICO). You will find their guidance on this here: https://ico.org.uk/make-a-complaint/.

Latest version January 2021