Slide 1

Privacy Policy

Clarient Research's privacy policy and a summary of our security measures are outlined below.

Please get in touch if you require any further information. The Privacy Policy is likely to be updated in the future.

Legal basis for processing data

Contract – We will process your personal data to deliver our service or fulfil an order in order to execute our contractual obligations. If you are a respondent to one of our market research surveys, we will only collect personal data that you will have provided to us or that our client will have sent to us on your behalf.

Legitimate Interest – We will hold personal data to pursue our legitimate interests as part of running our business where this does not interfere with your rights e.g. emailing our clients or occasionally phoning them to tell them about our service.

Legal Compliance – If we are legally obliged to, we may collect and process your data e.g. supplying personal details to law enforcement officers.

When do we collect personal data and what sort of data is collected?

If you are a customer, a past customer or a business that we have provided a quote for, or engaged with, we store your contact details such as email and mobile numbers, job title and past preferences for our services.

If you are a respondent to a market research survey our clients will provide your contact details for us to engage with you such as email address and phone numbers. Your responses to our surveys are separated from your contact details at the earliest possible stage in the research. Your contact records are destroyed at the end of a project.

The website collects no personally identifiable data from you, unless you use the email facility to contact us.

How and why do we collect your personal data?

For market research respondents we use your contact details, to engage with you. These are generally customer contact lists provided to us by our clients.

For clients we keep contact records for activities such as project management and billing.

For potential clients, who have expressed an interest in our service in the past, we use your contact information to update you with our service offerings.

You are free to opt out of hearing from us by any of these channels at any time. You have the right to have all contact information about you deleted once a contract with you has been fulfilled.

How is your personal data protected?

Online personal data will be protected with a complex password accessible via an encrypted RDP link. This is supplied by our hosted desktop provider, Linten Technologies, a professional IT organisation who uses Symantec software to protect the files from Malware, Ransomware and virus attacks. A summary of their systems and storage processes are listed via the following link - Linten Technologies

Any paper copies of contact details and notes are shredded after the requested service has been provided.

Website

We do not use cookies to collect any personal data about our website visitors and have disabled Google Analytics. The only way in which we can collect personal data via the website is if you use our contact page.

Market research respondents

Your identifiable contact details (such as name, email address, telephone details) are separated from the any demographic or attitudinal responses at the earliest opportunity in the research process. Your personal data is erased at the end of the project. For longitudinal (repeat contact projects) we may store your contact details but only for projects where your contact details are publicly available e.g. NHS pharmacy research. Any identifiable personal data we hold on our research respondents are only stored for the legal basis of contacting them for market research purposes. If you are a client we will use your personal data for activities such as billing.

We may disclose your contact details and other client held information such as age, title, length of relationship with client organisation to our subcontractors who will be undertaking the fieldwork for market research purposes only. These fieldwork agencies will be agreed with the client and we will ensure they abide with GDPR regulations.

The legal purpose for processing your personal data is to provide clients with information to provide a more effective service, generally by finding out the needs and opinions of their customers.

In addition to the specific disclosures of personal data set out, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain your personal data as follows:

(a) When acting as data processor (client supplies contact details) personal data will be separated from our research findings within two weeks of completing any fieldwork and any identifiable personal data destroyed.

(b) When acting as data controller, for tracker market research projects and for business contacts we will seek permission to hold contact details and remove these from our databases if permission is declined.

Clients/ potential clients we engage with

We hold information about clients/ potential clients as it is necessary for us to conduct our business activities.

If you are a client, a past client or a business that we have provide a quote for, we store your contact details, job title and past preferences for our services. With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, web, telephone about relevant products and services.

We will remain in contact by phone or email for a reasonable amount of time after you have remained active as a client or a potential client that has asked for a quote from us. This is to provide updates on our products and services. We believe that three years is a reasonable amount of time and after this your data will be deleted or anonymised unless you have asked us to retain your data and keep in touch.

Your personal data will not be passed on to anyone other than authorised employees of Clarient Research.

For clients, the legal basis that we process your data is 'contract'. When you are no longer an active client the legal basis is 'legitimate interest' because we would like you to work with us again.

Personal data will not be transferred outside of the European Economic Area.

Data Subject Rights

Your principal rights under data protection law are:


(a) the right to ask for information we hold about you. The 'Subject Access Request' which will be provided free of charge. This can be presented in a spreadsheet format.

(b) the right to rectification i.e. your data we hold will be corrected when we are notified of errors

(c) the right to erasure, i.e. your data to be deleted from our systems;

(d) the right to restrict processing e.g. specify that we cannot phone you;

(e) the right to object to processing;

(f) the right to data portability i.e. passing your data to a third party, if requested;

(g) the right to complain to a supervisory authority; and

(h) the right to withdraw consent you may previously have given e.g. to contact you.

We will comply to requests to stop processing your data unless we believe there is a legitimate overriding reason to continue processing such as your details are required to fulfil a contract or for legal reasons.

You may exercise any of your rights in relation to your personal data by writing, emailing or phoning us using the contact details below.

Contact details

Our principal place of business is at Basepoint Business Centre, Aviation Business Park West, Enterprise Close, Christchurch BH23 6NX. The person who is responsible for GDPR obligations is Chris Emery.

You can contact us:

(a) by post, to the postal address given above;

(b) using our website contact form;

(c) by telephone, on the contact number published on our website; or

(d) by email, using the email address published on our website.

Clarient Research is a trading division of Clarient Research Ltd. Registered in England No. 4540440.

Registered Office: 17 Bean Leach Avenue, Offerton, Stockport, SK2 5JA

We are registered with the Information Commissioners Office as a data controller with registration number Z6755672. This is the UK regulator and can be contact at https://ico.org.uk

This document was created using a template from SEQ Legal (https://seqlegal.com).

Linten Technologies – our hosted desktop provider

1. Linten Technologies provide Clarient Research with a 'hosted desktop' solution.

2. The solution is hosted within IOMART UK datacenters all of which are located within the UK.

3. Standard features of the network include CCTV system covering all entrances/exits and main areas, 24-hour video recording, full perimeter alarm, PAC security card access system, visual verification of all persons entering the data floor.

4. Login attempts to our server are monitoring 24/7/365 with all failed attempts recorded, on the third fail the originating IP address is immediately blocked.

5. All operating system security updates are automatically installed as per Microsoft guidelines.

6. Symantec Endpoint is installed along with ransomware protection technology that actively protects all the data on our systems, including documents, media files, programs and our backup files

7. Any obsolete PCs will have their hard drives certified as deleted.

8. The additional features of the system include:

a. UPS at the end of each rack and two diesel generators

b. Gas based fire suppression

c. Redundant HVAC controlled environment

d. Security Breach Alarms

e. Secured Server Cages

f. Backups are encrypted, files are monitored for crypto-activity in real time and can be restored in real time.