Last updated: 4th January, 2019
Introduction and General Terms
In this policy “We”, “Us” and “Our” means QRS Market Research Limited (QRS) incorporated and registered in England and Wales with company number 02827951 and whose registered office is at 29 Broadwater Road, Welwyn Garden City, AL7 3BQ. QRS also trades under the names Kaboodle Market Research and Kaboodle MR.
We operate a number of websites and are active on social media platforms including: qrs-research.co.uk , qrs-research.info, qrs-research.net, qrs-research.com, kaboodle-mr.com, kaboodle-mr.co.uk, Twitter, Facebook and Linkedin.
This policy applies to our use of any personal information we collect from you via any of our services including; online, by phone, email, SMS, letters, in person or other correspondence.
Our commitment to your privacy
QRS takes your privacy very seriously and we are committed to protecting your personal information. This Privacy and Cookies Policy explains how we collect and use the information you give us. Please read this policy carefully. If you have any questions please contact email@example.com
As a company that has signed up to the Market Research Society’s Fair Data accreditation, you can trust that we will manage and treat your personal data with respect. We will collect, store and manage it in an unbiased and secure way. We will only use your data for purposes that we have informed you about. We will always be transparent about the personal data we collect and how we use it.
We will ensure that all personal information supplied is held securely and in accordance with all applicable Data Protection legislation.
Who are we?
QRS is a data collection and fieldwork agency in the market research industry. We provide services to a wide range of organisations including; social and opinion research, business intelligence, market analysis, customer insight and consultancy. We are committed to providing best data collection practices in the research industry by maintaining the industry standards of the Market Research Society demonstrated by being an MRS Company Partner and having; Fair Data Accreditation, ISO 9001, ISO 20252 and Cyber Essentials Plus certification.
QRS is registered with the ICO, registration number Z4975915.
What information will we collect from you?
The personal information that we collect from you will vary depending on the context of your interactions with us. It may include, but is not limited to, the following information about you:
- Demographic data such as your date of birth, gender, age, ethnicity, educational background; job title;
- Contact data such as email address; home and/or work postal address, postcode; home and/or work phone number;
- Image and/or voice captured through photography, filming, videotaping and/or audio recording;
- Profile and segmentation information normally through postcode analysis such as Mosaic, Experian FSS, Acorn.
- Information from queries and/or complaints registered with us;
- Information about the way you use our website, so that we can improve the effectiveness of our business;
- Any other information which may be collected in the course of our interactions with you.
Please note that sometimes we will require you to provide additional personal information, and sometimes sensitive personal information, such as disability and health requirements if this is the scope of a project where we are interacting with you or we are provided with this information in the course of our business.
How do we collect information about you?
We collect information about you:
- In the course of our normal business activities such as completing a survey or taking part in a research project;
- Signing up to our online panel;
- Participating in our marketing activities which may include promotions or competitions;
- Providing us with your personal information from your usage of our website and any other information you post on our website, e-mail or otherwise send to us;
- Providing us with information in the course of our interactions with you.
Persons under 16 should not disclose to us any personal information without first getting the permission of a parent or a guardian.
How do we use this information?
For those undertaking a research project or signing up to a research panel, we use your personal information:
- To allow our clients to measure their service levels, develop future good and services that meet the needs of their current and future customers;
- To profile and segment different population groups;
- To detect fraudulent activity if there has been a financial transaction as a result of taking part in a research project; and
- To determine future research projects that may be relevant for you to take part in, if you have given your permission for us to re-contact in a specified time period.
For current, past and prospective clients we use your personal information to:
- Enable us to supply you with the goods and services and information which you have requested;
- To analyse the information we collect so that we can administer, support and improve and develop our business and services we offer;
- To predict what you might be interested in;
- To provide you with access to certain parts of our website or file sharing;
- For all other purposes consistent with the proper performance of our operations and business; and
- To contact you for your views on our products and services.
We may also email you or send you postal communications about information or activities that we think you might be interested in. If you do not want us to send you updates like this, please contact us at QRS Market Research, 29 Broadwater Road, WGC, AL7 3BQ or by email at firstname.lastname@example.org
What are the legal bases we use for processing your information?
The GDPR requires us to rely on one or more lawful base to use your personal information. We consider the bases listed below to be relevant:
Where you have provided your consent for us to use your personal information in a certain way (for example, to take part in research project, and we may ask for your explicit consent to collect special categories of your personal information).
Where necessary so that we can comply with a legal obligation to which we are subject (for example, where we are obliged to share your personal information with regulatory bodies which govern our work and services).
Where there is a legitimate interest in us doing so if it is reasonably necessary to achieve our or others’ legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).
“Legitimate Interests” mean our interests in conducting and managing our business as a bona fide market research agency conducting research, insight and analytics.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection legislation. Our legitimate interests do not automatically override your interests - we will not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
If you have any concerns about our processing, you have the right to object to processing that is based on our legitimate interests. For more information on your rights, please see “Your Rights” below.
Will we ever share your information?
If you undertake a research study where our client is the Data Controller and QRS is the Data Processor we may share your information. In such instances where we are not the Data Controller you will be told who the Data Controller is before you agree to take part in a research activity. Personal information will only be shared with the Data Controller where they are members of the Market Research Society or you have given your express permission in instances where you have been notified of the name of the Data Controller and given explicit consent to waive your right to anonymity.
We may use selected agents to process your information on our behalf, such as market research statisticians, software providers and the management of our online panel. Such third parties will be authorised to see and use your information but only to fulfil their contractual obligations to us and will not be permitted to use it for any other purpose. We retain full responsibility for how your personal information may be used by such agents. Any agent that receives personal information is obliged to follow all of the same privacy protection regulations as QRS.
In exceptional circumstances we may share your information when we are legally required to do so.
How do we protect your personal information?
We place great importance on the security of your personal information and we always try to take appropriate precautions to protect it. We use a variety of security technologies, procedures and staff training to help us protect your personal data from unauthorised access including encryption of personal data when at rest and in transit. QRS has certification for Cyber Essentials Plus.
If you have undertaken a research project for us we will endeavour to pseudonymous or anonymise your personal contact information (name, address, telephone number, email address) when this information is no longer required for the purpose for which it was obtained.
How long do we keep your personal information for?
The length of time we hold your personal information varies depending upon the type of information and its use. If you have undertaken a research project your personal information will be kept for up to 12 months unless you have been explicitly told otherwise at the time you participated in the study.
Client information will be held on our systems only for as long as necessary to provide the services and/or products that you have requested, complying with our legal obligations, resolving disputes, and enforcing our agreements, staying in contact for a period of time that we would deem fair and reasonable .
Information on our staff will be held on our systems to meet our legal obligations, investigating disciplinary matters, resolving disputes, and enforcing our agreements.
If you require further information on our data retention policy please email email@example.com
Where do we store and process your information?
We generally store and process your information within the European Economic Area (EEA).
Where we need to transfer your information outside of the European Economic Area, we only do so to countries which have been determined by the European Commission to have an adequate level of data protection/or where we transfer personal information to countries that have not been determined to have an adequate level of protection, we do so using a variety of legal mechanisms, including contracts, to help ensure your rights and protections.
What are your rights?
You have specific rights connected to the provision of your personal information to us. These include your rights to request that we:
- Confirm to you what personal information we may hold about you, if any, and for what purposes.
- Change the consent which you have provided to us in relation to your personal information.
- Correct any inaccurate or incomplete personal information which we may hold about you.
- Provide you with a complete copy of your personal data for you to move elsewhere.
- Provide you with a complete copy of your personal information for you to move elsewhere where you have provided this information by consent or by a contract with us.
- Stop the processing of your personal information, whilst an objection from you is being resolved.
- Permanently erase all your personal information promptly, and confirm to you that this has been done (there may be reasons why we may be unable to do this).
You also have the right to:
- Withdraw consent that you have provided to us to process your personal information, at any time.
- Object to profiling or to any decisions being taken by us by automated means.
If you have a concern about the way we are collecting or using your personal data, if we do not address your request, or fail to provide you with a valid reason why we have been unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website www.ico.org.uk/concerns/ or by telephone 0303 123 1113.
How can you access your information and contact us?
You have the right to access any personal information that we have on you. To make such a request please either email our DPO on firstname.lastname@example.org or write to use at: 4th Floor, 29 Broadwater Road, Welwyn Garden City, Herts, AL7 3BQ. Be sure to include your name and clear instructions on what you require us to do.
If you require us to supply you with details of the personal information that we hold about you, then we will provide this information to you within 30 days of your request unless the request is complex or you have made numerous requests. If this is the case we will inform you within 30 days of your request about the reason for the extension of time. If your request is manifestly unfounded or excessive we will either charge a reasonable fee or provide an explanation for our refusal to respond.
Changes to your details or this policy
If your personal details change, please help us to keep your information up to date by notifying us by email: email@example.com or write to us at: 4th Floor, 29 Broadwater Road, Welwyn Garden City, Herts, AL7 3BQ.
We may revise or update this policy from time to time to reflect changes in our activities or for other purposes. If we do so, we will post notice of the change on our website. Please revisit this policy each time you consider giving personal information.
About cookies and similar technologies
We may also collect information that your browser sends whenever you visit our Service or take part in an online survey ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this type of information in order to increase our Service's functionality. These third party service providers have their own privacy policies addressing how they use such information.
What is a Cookie?
Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit. Cookies can also help online surveys to run as they are intended to be.
- Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.
- Identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.
- Store information about your preferences. The website can then present you with information you will find more relevant and interesting.
- To recognise when you return to our website. We may show you relevant content, or provide functionality you used previously.
- To recognise if the PC you are using has already been used to submit responses on an online survey.
To allow the functionality that some online surveys require.
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you and you may not be able to complete some online surveys.
Jurisdiction & Contact Us
This Policy shall be governed and construed in accordance with the laws of England and Wales, without regard to its conflict of law provisions.
4th Floor, 29 Broadwater Road
Welwyn Garden City