GDPR

Respondent Privacy Notice of QmnifyIQ, QmnifyIQ is a brand name of Veten Solutions Srl, in this notice, “we”, “our”, or “us” refer to QmnifyIQ as a brand of Veten Solutions Srl.

Company Number: 44576600 Registered in Romania

Our registered address is: Str, Armeana, Nr. 1, Bl. L1, Sc. 3, Et. 4, Ap. 2, Iasi, Romania

If you are reading this notice you have either already been contacted and have taken part in a market research survey or you have been invited to take part, and before you participate you would like to know more about us, your privacy rights under the General Data Protection Regulation (The GDPR) the security of any information we hold about you and how we use your information.

Collection Methods

We collect research data using any of the below methods;

• Email

• Online Web Page

• Panel or focus group

• SMS – Text Message

• IVR – Interactive Voice Response (self-service telephone call)**

• Face to face

• Telephone

**We will present different CLIs (Caller Line Identification) for different projects – a number will always be made available, we will never withhold the CLI.

Who We Are

OmnifyIQ is a brand name of Veten Solutions Srl, an independent market research agency based in Iasi, Romania.

Telephone Preference Service/Ex-Directory

If your telephone number is ex-directory and/or you’re registered with the Telephone Preference Service (TPS) you may think that we should not have called you;

When contact lists are provided by our clients, sometimes customers registered with the Telephone Preference Service (TPS) or listed as ex-directory still get called. Legally, we are allowed to do this, there is currently no legal requirement to screen research samples against preferences services (such as the Telephone Preference Service) when conducting market research. The TPS is designed to prevent unsolicited sales calls, a market research survey is not a sales call.

Ex-directory status means that a named customer cannot be traced through telephone directories. In itself it is not a reason to not contact a customer for research purposes. If companies did not contact ex-directory customers for feedback then any market research they commissioned would not be truly representative of their customers. This is why customers who are ex-directory are sometimes included in the contact lists we are provided.

Re-contact

As part of our quality control processes and for adherence to codes of conduct, we may need to re-contact respondents for verification purposes by either telephone or e-mail , to check that the survey was conducted in a compliant manner and to ensure integrity of the survey results. This is normally with respondents from focus groups and takes place within a week of the initial participation, it would be carried out by a member of our quality team. Once we have completed this quality control check, your personal details will be securely deleted.

Selling

If you take part in a survey we will never attempt to sell you anything, nor would we ever pass on your details to a third party.

How did we get your contact details?

As a Data Processor working under instruction from our clients (known as the data controller) they would have passed us your details and this is normally because you would have used a product or service of theirs. These details are shared using encrypted methods to ensure safe transit, you can ask us to remove these details at any time under your rights explained in the ‘Your rights’ section below. You can also contact the client who provided these directly.

We also conduct research using respondent panels where members have purposely agreed to take part in surveys or groups.

Legal Basis

GDPR lays out the lawful basis for which processing personal data can be legally carried out. Our legal basis for processing personal information is agreed with our clients beforehand which enables Calico/Watermelon to carry out market research, this is normally either legitimate interest of our client (the data controller) or by the use of consent. In certain cases, another basis would be used where we may undertake research for a public authority, the lawful basis would be public interest. In all cases this would be clearly defined, and you would be informed of which basis is applicable, you can also find out more from the Information Commissioner’s Office website.

Confidentiality

We will treat all responses that you give with the utmost confidentiality, in some situations we may ask you if you would like your responses to be attributed to you specifically (this is normally to help the client respond or address any of responses where necessary) where this might be the case we will only do this with your consent, you also have the right to refuse this option.

At no point will any of the information that you have provided be utilized for any other purpose other than that of research.

You should not incur any charges for taking part in a survey and all responses are gathered in adherence with the Market Research Society – Code of Conduct https://www.mrs.org.uk/standards/code_of_conduct

Children

We will always gain prior parental consent before conducting any surveys with children below the age of 13 (as amended by the Data Protection Act 2018)

Your rights

Under the EU and UK General Data Protection Regulation you have the following rights:

• The right to be informed

• The right of access

• The right to rectification

• The right to erasure

• The right to restrict processing

• The right to data portability

• The right to object

• Rights in relation to automated decision making and profiling

Where you ask us to restrict processing – to not participate in the survey and not be contacted again, we would need to retain your email address to ensure that you are never contacted again. No other identifying information is ever stored within this suppression list.

If you would like to exercise any of these rights, you can do so by replying from the survey invitation email or by contacting our Chief Information Officer via the following;

Email: gdpr@omnifyiq.com

Post: The Chief Information Officer,

Veten Solutions

Str, Armeana, Nr. 1, Bl. L1, Sc. 3, Et. 4, Ap. 2, Iasi, Romania

Transfer of data

We will never transfer your data to a third-party without informing you or gaining your consent to do so. We will not transfer your information outside of the UK or the EU.

Security of Information

We have taken appropriate technical and organizational measures to ensure the security of our systems, services, protecting the integrity and accuracy of information processed or stored within those systems.

We only allow authorized employees to access specific data and always operate a least privilege policy. We use the strongest encryption methodologies to further protect information and reduce any risks with handling, thus ensuring that sufficient safeguards are in place.

Cyber Essentials

The survey platforms are also independently audited on an annual basis, the underlying code is also tested at the same time with both receiving A grade security ratings.

Where we use electronic systems to collect survey response, these systems undergo annual independent security testing to ensure maximum security safeguards are present and maintained.

Survey Collection and Storage

Depending on the type of study and the method of collection, the time that it takes to complete a survey can vary and be anywhere from 5 – 60 minutes, this time period could also fluctuate based on the length of any responses you provide. In all cases we will give you an estimate of the time it will take to complete the process.

All data collection is carried out using systems that are based within the United Kingdom. Only selected and authorized employees can access the data for analysis and quality purposes, the end client would normally have access to the finalized survey data sets.

We will not keep your data for any longer than is necessary, the normal retention period is six months from project completion. We will never use your data to send unsolicited mail, nor would we pass on your email address for the same.

Cookies & IP Tracking Information

Calico uses technology known as Software as a Service (SaaS) to host the research surveys that we send out to respondents. These surveys are constructed specifically to ask all the questions that we would need to have answered by any participants for each study. This ensures that we are gathering only the agreed and minimum information needed on behalf of the Data Controller (Client) and due to this method of collection we do not need, use, or rely on any cookie information or respondent IP addresses to carry out this work.

Any survey session cookies are dropped, and no information relay occurs, no data analysis is carried out using cookies, nor can anyone be identified from cookie data.

We do not track, trace, or store any IP address information for any respondents that agree to complete surveys and connect to the SaaS platform.

Respondents have the right to refuse to complete a survey at any time along with their other rights under the GDPR.

Incentives

Some types of survey could have an incentive offered (such as a shopping voucher or small payment) to participate, in most circumstance these incentives will be handled by us. In the case where the client will handle these incentives, we will fully inform you first.

You can find more information from the Market Research Society website: www.mrs.org.uk

You have the right to make a complaint to the Information Commissioner: www.ico.org.uk

This notice was updated on the 1st February 2024, and will also be updated from time to time as required.