COGNISENSE GDPR POLICY
The General Data Protection Regulation (GDPR) came into effect on the 25th May 2018.
Cognisense Ltd holds Personal Data about our research and survey subjects, staff, clients and suppliers for a variety of business purposes. Our policy sets out how we seek to protect Personal data and ensure that staff understand the rules governing their use of Personal Data to which they have access during their work. This policy applies to all Cognisense staff, who must be familiar with this policy and comply with its terms at all times.
In doing so, we ensure that:
– All systems, services, software and equipment meet acceptable security standards
– Review all data protection and policies on a regular basis
– Arrange data protection training for all staff members and those included in this policy
– Respond to individuals such as respondents, clients and employees who wish to know which data is being held on them.
WHAT WE DO?
Cognisense collects a vast array of information from the general public and businesses, evaluating opinions on a wide range of topics that helps drive decisions in commerce, industry, public policy and societal change. In all cases, consent will be sought from the respondent before data is collected. We collect information via a range of different methodological approaches namely;
– Face to face interviewing
– Telephone interviewing
– On-line panel research
– Focus Groups
– One to one depth interviews
In doing so we also collect personal and demographic information, however this detail is used for analysis purposes only, and unless otherwise stated, all data is collected and treated in the strictest confidence with respondent anonymity guaranteed at all times.
Furthermore, when data is being analysed and reported, all data in consolidated and aggregated so that a respondent, their details nor their individual responses cannot be identified.
CONFIDENTIALITY, SECURITY AND INDUSTRY REQUIREMENTS
We take appropriate technological and organisational measures to protect the personal information submitted to us, both during data collection/transmission and once we receive it. Our security procedures are consistent with generally accepted commercial standards used to protect personal information.
All our employees are contractually obliged to follow our policies and procedures regarding confidentiality, security and privacy.
We take all reasonable steps to keep personal information in our possession or control, which is used on an on-going basis, accurate, complete, current and relevant, based on the most recent information made available to us by you and/or by our client.
CHILDREN DATA COLLECTION
We never knowingly invite children under the age of 16 years to participate in research studies without consent. If it is necessary and appropriate to a particular project to directly involve children under the age of 16 years, we take measures to ensure we have been given permission by the responsible adult.
When we collect children’s data (all persons aged below 16 years of age at time of collection), we require consent from their parent or legal guardian. This must be verified with ID from that individual and they must confirm that no further consent from any other parent or guardian is required.
RIGHTS OF INDIVIDUALS
To request access to personal data that we hold about an individual, they should submit their request in writing to the e-mail address or postal address shown below in “How to Contact Us”. .
Under GDPR legislation individuals have the following rights in relation to their personal data:
- Right to change their mind and to withdraw your consent
- Right to access their personal data
- Right to rectify their personal data
- Right to erase their personal data from our systems, unless we have legitimate interest reasons for continuing to process the information
- Right to port their personal data (portability right)
- Right to restrict processing of their personal data
- Right to object to the processing of their personal data
If an individual requests that one or more of these rights is exercised, we will review and respond to this request within 30 days
DATA STORAGE AND RETENTION.
Personal information will be retained only for such period as is appropriate for its intended and lawful use. In all cases we shall retain data for no longer than 12 months, unless otherwise required to do so by law. If a client has a specific timetable for destruction of data within the 12 month period, this will be honoured by Cognisense. Personal information that is no longer required will be disposed of in ways that ensure their confidential nature is not compromised.
As part of the Company Business Continuity plan our electronic systems are backed up and archived. These archives are retained for a defined period of time (12 months) in a strictly controlled environment. Once expired, the data is deleted, and the physical media destroyed to ensure the data is erased completely.
NOTIFICATION OF MATERIAL CHANGES
Date created: 10/09/2018
Last revised: 10/09/2018
Cookies are small text files stored on your computer by a website that assigns a numerical user ID and stores certain information about your online browsing. They are used by web developers to help users navigate their websites efficiently and perform certain functions. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website’s server.
For information on how to restrict or block cookies on the browser of your mobile phone you will need to refer to your handset manual.
Alternatively, you will also find details on how to restrict or delete cookies on a wide variety of browsers, as well as more general information about cookies, on the About Cookies website through the following link.
HOW TO CONTACT US
Please contact firstname.lastname@example.org or call 028 9038 7057
1 Falcon Road