Saros Research Privacy Notice
Saros Research Ltd is a UK-based online market research recruitment agency. If you want to contact us regarding your data please use either of the following:
Data Controller: Fiona Jack, Managing Director; email@example.com; Tel: 020 8481 7160
Data Protection Officer: Kate Baker; firstname.lastname@example.org; Tel: 020 8481 7164
We work with professional market researchers and by extension their clients and also organisations who are carrying out their own market research. We comply fully with the Market Research Society's Code of Conduct to ensure transparent and ethical standards are maintained. We also comply with all current data protection legislation, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 effective from 25 May 2018.
HOW YOUR INFORMATION IS USED:
The information you provide as a member will be only be used by us for the purposes of inviting you to apply for genuine market research projects. We will not share your data with parties other than researchers or organisations carrying out their own research. When you apply for a market research project via one of our online forms, we will provide you with the information you will need to decide if you wish to take part i.e. the subject of the research, what you will be expected to do, the incentive offered, timing and location plus any additional relevant information. We will not pass on any personally identifying information unless we tell you in advance and obtain your express permission e.g. if your full name is required for building access. We will only ask you for sufficient information for the purposes of assessing if you meet the more specific criteria set out for the project. You do not have to provide all the information requested, however, this may mean we are unable to include you in the research should the missing details be key to the criteria set by the client.
The legal basis upon which we process your data is your consent, which you may withdraw at any time as explained in the following sections. The special categories of personal data we may collect are limited to projects where it forms an essential part of the research and only where fully informed consent is obtained:
- Ethnic origin
- Political opinions
- Religious beliefs
- Philosophical beliefs
- Trade union membership
- Health data
Saros Research Limited will only pass on your personal data to third parties for the purposes of the research for which consent has been given as part of the processing activities.
ACCESS TO YOUR INFORMATION AND CORRECTION OF ANY ERRORS:
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access - you have the right to request a copy of the information that we hold about you.
- Right of rectification - you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten - you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing where certain conditions apply to have a right to restrict the processing.
- Right of portability - you have the right to have the data we hold about you transferred to another organisation.
- Right to object - you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling.
- Right to judicial review: in the event that Saros Research Limited refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the final section of this Notice.
You may access and amend your membership details via our Registration portal on our website : https://www.sarosresearch.com/participate/profile/login.html
You may also contact us by email to email@example.com to request any further details of information we may hold about you and for help with exercising the other rights listed above. We will call you to confirm your identity as the person entitled to receive the data before we will release any information.
HOW TO UNSUBSCRIBE AND STOP RECEIVING ANY FURTHER INVITATIONS:
If you no longer wish to remain a member of Saros for any reason, please either click on the UNSUBSCRIBE link on one of our invitation emails or email firstname.lastname@example.org. We ask you to allow up to 14 days for invitations to stop arriving as it is possible there may be some already in the pipeline. In the meantime, please just delete them.
Please note, if you ask for questionnaires responses to be be deleted via our Question Pro survey portal as mentioned above, we will contact you to check if you wish to unsubscribe to be sure if that is your intention.
PROJECT DATA: This information relates to the projects you have taken part in only. We retain project data for a period of 3 years in our accessible files and a further back-up period of 6 months during which we do not have full access.
INCENTIVE PAYMENTS: If we (Saros Research) have paid you your incentive electronically, we retain the records of the payment for a period of 7 years to comply with HMRC (tax) legal requirements.
YOUR ONLINE SCREENER QUESTIONNAIRE RESPONSES: These remain on our survey supplier's server until the project has taken place, at which time they are deleted. The server for Alchemer (previously known as Survey Gizmo) are EEA-based and data is encrypted whilst being stored and in transit.
The screener responses are also stored on our secure database and retained for a further 6 months after the project has taken place. We often have projects arising on the same or a similar subject for which you may also be a fit and if so, we will contact you to see if you are interested. The Project Booker retain a sorted Master List of responses for a period of 3 months after completion of the project for the same reason and all Project Booker laptops are encrypted and protected by a centrally managed service. We also often have projects for the same clients on the same subject that are ongoing over a period of time and, where we are aware of this, we will say so on the questionnaire. We do not retain the information for any other purposes.
All systems are scanned regularly for security vulnerabilities and penetration testing carried out according to a fixed schedule buy outside cybersecurity specialists.
N.B. TEMPORARY PROCESS - We are currently in the testing phase of our new database. For the next 3 months (as from July 2020), we will be transferring some responses to projects to both our current and the new database for the purposes of checking that everything is transferring correctly so that we don't risk losing anyone's completed response when the final changeover happens. We have set appropriate technical and security measures in place and the new database has been designed with the input of our cybersecurity specialists and included in our monthly security scans since earlier this year. This change is simply a move from one system provider to another that will better serve the purpose for which we collect your data. This Privacy Notice will be altered when the final changeover has been successfully completed.
TRANSFER OF DATA TO THIRD COUNTRIES (OUTSIDE OF THE EUROPEAN ECONOMIC AREA):
We transfer data to and from our processors in the USA, which is covered by Privacy Shield - pending further guidance from ICO, Binding Corporate Rules or Standard Contractual Clauses, by technical and security measures together with encryption of data. We also transfer data to Egypt, which is covered by approved contractual clauses, policies and agreed security measures together with encryption of data.
RIGHT TO LODGE A COMPLAINT WITH THE INFORMATION COMMISSIONER'S OFFICE (ICO):
We take the protection of your data very seriously and we want to know if you have any concerns or complaints about how we handle it. Please let us know of any issues you may have so that we can deal with them for you. If you are not happy with how we have handled your enquiry, you have the right to make a complaint to the Information Commissioner's Office (ICO). You will find their guidance on this here: https://ico.org.uk/make-a-complaint/.
Latest version October 2020