Privacy Information Notice

What Is The Purpose Of This Privacy Notice?

RED C collect certain information about you in the course of operating our business. This notice sets out details of the information that we collect, how we process it and who we share it with. It also explains your rights under data protection law in relation to our processing of your data.

If you have any queries in relation to this Privacy Information Notice, would like to exercise your data subject’s rights or have any questions concerning our data protection procedures please contact our data protection officer using the details outlined at the end of this Privacy Notice.

Who does this Privacy Notice apply to?

This notice applies to all parties whose personal data we process. This includes but is not limited to research participants, members of the public, job applicants, employees, clients, sub-contractors and suppliers. Anyone under the age of 16 years should not disclose any personal data to us without first obtaining consent from a parent or legal guardian.

Who are we?

RED C Research & Marketing Ltd was incorporated in 2003 and is an independently Irish owned company. RED C Group, with offices in Dublin, Dundalk and London is one of Ireland and the UK’s premier providers of research-based consultancy services. We have a responsibility to everyone who interacts with us and participates in research with us to ensure that we process their personal data with due care. RED C places data protection and privacy at the centre of our business and uphold this by having mandatory staff training and data protection, privacy and IT security policies in place to ensure that the business operates within all relevant legislative frameworks.

Throughout this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to RED C Group. We share your information within the RED C Group where required in order to provide and improve our services and to comply with regulatory and legal requirements.

What Personal Data Does RED C Collect And Why? 

Personal data is the information that identifies you, such as your name, email or postal address. RED C collect and process personal data as part of the services we provide. This incorporates both online and physical data that allows a person to be identified. We make every effort to minimise the personal data we process and limit it to what is required to undertake a particular function or service offering.

The following is the types of personal data we collect and the reasons why:

  • Personal data that you willingly submit as a response within a survey, depth interview, focus group, Vox Pop, online focus group/community or immersion sessions with our clients.
  • To Conduct Quality Control Checks:
    Conducting quality control is a necessary business activity for RED C as we are members of the Market Research Society (MRS) UK and European Society for Opinion and Market Research (ESOMAR) and we are therefore required to adhere to a set of benchmark research industry standards. These cover the recruitment, training and appraisal of fieldwork staff and the implementation of various administrative and validation procedures to maintain the quality and accuracy of data collected. In order to ensure we meet the required standards we contact people who have participated in our research projects to ask them some questions. In order to conduct a quality control check we require personal details such as your name, address, email and contact number so that a member of our quality control team can conduct this check. Please note that telephone calls and records of emails may be kept for quality control purposes.
  • Blacklisting:
    We retain an individual’s telephone number if they inform us that they do not wish to take part in any further telephone surveys – it is only the telephone number that we retain and no other details. We also securely retain a list of email addresses of individuals who have instructed us not to contact them again in relation to any email surveys.
  • If You Participate In Prize Draws to Administer Your Participation:
    If you choose to participate in a prize draw we need your personal data to announce that you are the winner and to distribute the prize to you. For this process we will require your name, address, email address and contact number.
  • Employee and Job Applicants:
    In order to fulfil our contractual obligations with employee and job applicants, RED C may process full name, date of birth, contact number, email address, home address, health information, PPS number, bank details, CV and referees. Further information regarding how we process employee personal data can be found in the employee handbook.
  •  Interactions with Us:
    If you contact us we may record the details of this contact (i.e. phone calls, log of phone calls, email correspondence and hard copy correspondence) so that we can deal with your query.
  • Marketing Communication, Events and Live-Streaming:
    RED C regularly sends e-mail marketing about our services, news and other content that is relevant to professionals and organisations working in the marketing, market research and advertising industries. For this purpose we must process a full name, job title, email and organisation. We provide the option to unsubscribe on every email that we send. In order to improve the content of our emails and make them more relevant we track the performance of them. If we ever contact you via email, phone, post or text asking you to provide feedback or complete a survey on ways to improve our services we will always provide an option for you to unsubscribe or opt-out. To be removed from our direct mail marketing list at any time or to update your communication preferences please contact info@redcresearch.ie.
    RED C host seminars, workshops and networking events on an ad-hoc basis. In order to attend an event we require those interested to register with us so that we can provide the practical details about the event. For this purpose we must process a full name, job title, email, contact number and organisation.  In order to improve our events and make them more relevant we track the performance of them.
    As part of a service or event RED C may offer the option to live stream. In order to register for the live streaming we will process your full name, job title, email address, contact number, IP address and organisation to ensure the service is delivered. In order to improve our live streaming service we track the performance of them.
  • From information publicly available about you (i.e. trade directories, websites and social media) where it is appropriate for us to use it, for example, to improve our service offerings. RED C will always provide an option for you to unsubscribe or opt out from receiving further emails/communication.

 

Where Does RED C Collect Personal Data From? 

Most of the personal data that we collect will be provided by you through your voluntary participation in, for example, a survey/focus group/depth interview with us. RED C have certain responsibilities in relation to the information we keep on computer or standard manual file about individuals. RED C can only accept personal data from our clients about their customers or from third party leads providers on the condition that the data protection rules as outlined in all applicable legislative frameworks are met.

 

The Eight Data Protection Rules (Source: Data Protection Commissioners Website)

  1. Obtain and process the information fairly
  2. Keep it only for one or more specified and lawful purposes
  3. Process it only in ways compatible with the purposes for which it was given to you initially
  4. Keep it safe and secure
  5. Keep it accurate and up to date
  6. Ensure that it is adequate, relevant and not excessive
  7. Retain it no longer than is necessary for the specified purpose or purposes
  8. Give a copy of his/her personal data to any individual, on request

 

The Legal Grounds for processing your personal data

Consent:

We will obtain your consent in order to process certain personal data about you that you have provided to us in a survey or focus group/depth/online community. You can withdraw your consent at any time during your participation in a survey or focus group/depth/online community. RED C will always provide an unsubscribe option at the bottom of any online survey invite or SMS that we send. RED C will ensure that the minimum conditions for informed consent are always met. If we process any special category data we will only do so if you have provided explicit consent.

Legitimate Interest:

In order to operate our business effectively, provide services and improve on current offerings we may process personal data on the legal basis of legitimate interest (as long as that processing does not unduly impact your rights).

Contract:

Where necessary for the performance of a contract to which you are a party. If you have entered into a service with us and the processing is necessary to perform the service.

Compliance:

The processing is required in order to comply with a legal obligation such as retaining financial records for Revenue, meet requirements under employment, social security or social protection law and for the establishment, exercise or defence of legal claims.

We will only use your personal data for the purpose for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose and as long as that processing does not unduly impact your rights.

Who Do We Share Your Personal Data With?

We share your personal data with the following third parties:

  • Clients – RED C can only provide personal data captured in a survey or discussion to our clients if the participant has provided consent for us to do this.
  • Service Providers – we rely on trusted third parties to help us run our business and to provide us with specialised services. These can include companies that provide IT services (e.g. software providers), document storage and destruction companies, legal advisors, accountants and consultants. Where our service providers have access to your personal data, we ensure they are subject to appropriate safeguards and that they only use the data as per our strict instructions.
  • Sub-contractors – we ensure that any sub-contractors that we use are subject to appropriate safeguards and that they only use the data as per our strict instructions.
  • Regulators – in certain circumstances RED C is obliged to provide information to a regulator (e.g. in the investigation of complaints).
  • Other third parties – RED C may share your information externally with other partners where you have provided your consent. We may be required to disclose personal information at the request of governmental or law enforcement agencies. We will only share this information when we have your valid consent or in the event that we are legally obliged to do so. RED C may need to share personal data in order to establish, exercise or defend our legal rights.

 

 Transfers Outside Of the European Economic Area (EEA)

If we transfer your personal data outside of the EEA we will ensure that appropriate measures are in place to protect your personal data and to comply with our obligations under applicable data protection law. This may mean that we enter into contracts in the form approved by the European Commission (EC), or we ensure that the company to which we transfer your personal data has agreed to abide by an approved transfer mechanism, such as the EU-US Privacy Shield framework or are based in countries deemed by the EC to have an adequate level of protection in place for processing personal data. If you would like further details about the measures we have taken in relation to the transfer of your personal data, please contact our Data Protection Officer on the contact details provided below.

 How Do We Secure The Data?

Your personal data is treated strictly confidential and we have taken the appropriate technical and organisational security measures against accidental loss, unauthorised use, access, alteration, disclosure or unlawful processing of this data. To this purpose we use several security techniques including secure servers, firewalls and encryption, as well as physical safeguard of the locations where data is stored. We limit access to personal data to employees, sub-contractors and third parties that are required to have access to perform necessary tasks within their functions of the business and they are subject to a duty of confidentiality. RED C have a Data Breach and Incident Reporting policy in place which sets out procedures for dealing with any suspected personal data breach and the requirements for notification of data subjects and where applicable the office of the Data Protection Commissioner.

 Links to Third Party Sites

There may be links provided to other websites, plug-ins and applications on RED C’s website. By clicking on these links or enabling a connection may allow third parties to collect or share information about you. We do not have any control over these third party websites and are not responsible for their privacy notices. We advise you to read the privacy notice of any website that you visit. Please note that this Privacy Information Notice only covers our own organisation and website.

 Retention of Personal Data

The length of time we retain personal data for varies depending on the type of data and its use. RED C in establishing an appropriate retention period consider the volume of personal data held, the sensitivity of that data and potential risk of harm from unauthorised use or disclosure. RED C will retain your personal data for as long as reasonably necessary for the purpose for which we collected it, as communicated to you as part of the consent, or as long as the law prescribes. If you have any queries in relation to this please contact our Data Protection Officer on the contact details provided below.

Your Rights

You have various rights under data protection law, subject to certain exemptions, in connection with our processing of your personal data:

  • Right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
  • Right to rectification – you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
  • Right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
  • Right to restriction of processing or to object to processing – you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
  • Right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine readable format.

 

In order to exercise any of the above rights, please contact RED C’s Data protection Officer using the contact details set out below. Exercising these rights are subject to the conditions and limits established by the GDPR and if we believe your request to be ineligible we shall inform you of this and our reasoning. You will not be required to pay a fee to exercise your rights. We may need to request specific information from you to help us confirm your identity as a security measure to ensure your data is not disclosed to anyone who does not have a right to access it.

 Amendments

RED C reserves the right to change any of the terms of this privacy policy at any time and without notice. RED C therefore recommends that you review this privacy information notice regularly and before participating in a research project with us.

Who to Contact In Relation To the Processing Of Your Data?

If you have any queries or requests in connection with our processing of your personal data, you can get in touch with us using the following contact details. Please note our preferred method of contact is email.

Data Protection Officer Contact Details

Name: Janna Howard Janna Howard

Tel: (01) 818 6316

Email: janna.howard@redcresearch.ie

Address: RED C Research & Marketing Ltd, Ground Floor, Block G, East Point Business Park, Alfie Byrne Road, Dublin 3, Ireland, D03 H2N1

If you are not happy with regards how we are processing your personal data please note that members of the public have the right to lodge a complaint with the office of the Data Protection Commissioner and guidelines on how to do this can be found on their website. https://www.dataprotection.ie/

Last Updated July 2019

Top