globe
    UK
    vrn_logo
    back Back
    Expertise

    We combine expertise across evidence and public policy advisory to deliver enhanced value to our clients

    We operate at the intersection of data, technology and citizen insight and our expertise extends across the entire public policy development cycle.

    back Back
    Insights

    We are restlessly innovative in our thinking, our development of new technologies and our determination to continually improve outcomes for our clients and the communities they serve.  

    back Back
    About us

    Verian is a world leading, purpose-led and independent research, evidence, evaluation, and communications agency, providing services to government and the public realm. 

    We work with our clients to help solve the next generation of public policy challenges.

    UK PRIVACY & COOKIE POLICY FOR SURVEYS (“Policy”)

    October 2024
    Pentagram_DarkBackground (002)

    Introduction 
    Verian, conduct market research on behalf of clients and more often than not, the client is the data controller, and we act as the data processor.

    We ask you to read this privacy policy carefully. 

    For the purpose of this Policy, the definition of ‘personal data’ is information which relates to and can identify a living individual and/or a specific household, if you are located in California.

    Lawful collection and use:
    This Policy explains how we collect, store and use the personal data you provide when taking part in an online, face to face, postal or telephone survey for us. 
    When we conduct surveys, our interviewers/invitations/platforms and questionnaires clearly identify us and explain the purpose(s) of our contact and if applicable, the purpose for our collecting your personal data. You may decline to answer any questions or withdraw from participation in a survey at any time. 

    When we contact you, generally in person, by telephone, by email or by post, we do so for any of the following purposes:

    Case

    Purpose

    Data collected/ processed

    Legal Basis
    Inviting you to participate in our surveys To provide the opportunity for a representative sample of individuals to participate in our surveys. Dialled phone number (randomly dialled), postal address, email address Legitimate interest or consent (as applicable).

    We have a legitimate interest to contact a representative sample of individuals to invite them to participate in our surveys. 

    Verian or its client have your consent to contact you to invite you to participate in a survey. 
    Surveys

    To understand your views about certain products and services or to understand your behaviour in different situations.

    To administer participation e.g. prize draws, incentives, pre-tasks etc.

    To re-contact participants e.g. for ongoing and follow-up surveys.

    		 Unique identifier, contact details, email address, voice, image, opinion

    Voluntary participation in a survey whereby we ask for your consent to use your personal data.
    Quality control To validate answers you gave in a recent survey we conducted. Unique identifier, contact details, email address We have a legitimate interest to contact a sample of individuals who participated in our surveys to validate their answers.

    Fraud Protection

    Protection of our business interests against fraudulent behaviour.

    		 IP addresses, browser specifications, device specifications, postal addresses, email addresses Legitimate interests – we have a legitimate interest in protecting our business against fraud or other prohibited behaviour.
    Survey Participation Uniqueness Prevention of multiple entries in surveys by the same individuals. IP address, browser specifications, device specifications Legitimate interests – we have a legitimate interest in preventing multiple entries by the same individual.

    Data Matching and Enrichment

    		 We enrich the data we hold on file about you by matching your personal data with other data sources and third parties who specialise in data management. Unique identifier, contact details, email address, social login, cookie, mobile device ID

    Voluntary participation in a survey whereby we ask for your consent to use your personal data.
    Managing telephone survey opt-outs When an individual has requested not to be telephoned again, we hold their details to enable this. Name and telephone number

    Legitimate interests – we have a legitimate interest to retain the information to fulfil the individual’s request.

     

    We will never misrepresent ourselves or what we are doing. If you receive an email that concerns you, purporting to be from us, please let us know as shown below in ‘How to contact us.’

    We have contacted you to take part in a survey by telephone, post, face to face or online by 
    • Randomly selecting your address through Royal Mail’s publicly accessible Postcode Address File (PAF) or via Data Ireland Geo Directory
    • Randomly knocking on your door
    • Randomly ringing your number using a Random Digit Dialler (RDD)
    • Receiving your contact details from the client we are conducting the survey for, with whom you may either be registered, received products or services from or generally dealt with
    • Buying sample from a sample provider
    • Sourcing your information from publicly available resources
    • Receiving your contact information from a recruiter that has been in contact with you
    Or 
    • You have previously agreed to be re-contacted to possibly participate in further surveys
    • You have proactively clicked on a link you have seen online or on social media to participate in one of our surveys

    Third parties and data transfer across borders:
    We collect and process personal data for the purposes described above, but we do not share or sell your personal data to any third parties, unless it is required by law, or you have agreed otherwise.
    Your personal data may be collected, stored, transferred or processed by companies or 3rd party service providers for survey-related purposes, such as data processing, and fulfilment of prize draws or other incentives both within and outside the UK and the EEA. All parties are contractually bound to keep any information they collect and disclose to us or, we collect and disclose to them, confidential and must protect it with security standards and practices that are equivalent to our own. If your personal data has been transferred to, stored, or otherwise processed to a territory outside the UK or EEA (as applicable) and that territory has not been recognised as providing an adequate level of protection of personal data, we will put in place an appropriate legal safeguard. For example, standard contractual clauses approved by the European Commission and other relevant authorities, working with parties that have implemented binding corporate rules or other intra-group processes, obtaining your consent to transfer personal data, where the transfer is necessary for the performance of a contract between us or where a contract was entered into on your behalf, or where the transfer is necessary to establish, exercise or defend legal claims.

    Confidentiality, security and industry requirements:
    We have appropriate technological and organisational measures in place to protect your personal data and take all reasonable steps to ensure your personal data is processed securely. All information you provide us is stored in secure servers and environments. Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, we will take reasonable steps to ensure our systems are secure.
    All our third-party contractors, site service providers and employees are contractually obliged to follow our policies and procedures regarding confidentiality, security and privacy.

    We adhere to the following industry requirements:

    • The UK GDPR, UK Data Protection Act 2018, the EU GDPR, and any subsequent legislation, which may be amended from time to time
    • We follow the MRS and ESOMAR professional Codes of Conduct
    • We hold Market Research Society (MRS) Company Partner Accreditation

    We combine your survey responses in a given survey with the responses of all others who participate and report those combined responses to the client that commissioned the study, unless one or more of the following criteria are met.

    The only exceptions when we may disclose your personal data or survey responses to third parties are as follows:

    • You request or consent to sharing your identifying information and/or individual responses with a third party for a specified purpose;
    • When we provide your responses to a third-party processor who is contractually bound to keep the information disclosed confidential and use it only for research or statistical purposes;
    • Where such disclosure is required by law or under exceptional circumstances such as for safeguarding reasons.

    Cookie disclosures (only for online survey participants):
    Cookies are small text files stored on your computer or device by a website that assigns a numerical user ID and stores certain information about your online browsing. They are used by web developers to help users navigate their websites efficiently and perform certain functions. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website's server.

    We do not use cookies on standard online in-house surveys. Where cookies are required by a partner’s platform, this is notified by the platform privacy notice/policy.

    For behavioural tracking surveys, we use optional cookies / software applications, but only if you have given your explicit consent to such cookies / applications.

    As is true of most online surveys, we gather certain information automatically and store it in survey data files. This information may include things like Internet Protocol address (IP address), browser type, Internet Service Provider (ISP); referring/exit pages, operating system, and date/time stamp.

    We use this automatically collected information to analyse trends such as browser usage and to administer the site, e.g., to optimise the survey experience depending on your browser type. We may also use your IP address to check whether there have been multiple participations in the survey from this IP address.

    Accuracy:
    We take all reasonable steps to keep your personal data accurate, complete, current and relevant, based on the most recent information provided to us. If you would like to update your personal data, please contact us using the details provided below. 
    We rely on you to help us keep your personal information accurate, complete and current by answering our questions honestly and you are responsible for ensuring that the data controller (which may be us or - more often - our client) is notified of any updates or changes to your personal data.

    Children’s data collection:
    We never knowingly invite children under the age of 16 years to participate in surveys without consent. If it is necessary and appropriate to a particular project to directly involve children under the age of 16 years, we take measures to ensure we have been given permission by the responsible adult. We do not sell children’s personal data.

    Sensitive data collection:
    In our survey we may request to collect personal data that is classified as ‘special categories’ of personal data. This includes racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. You will always be able to choose whether or not to provide this data to us to be used as described.

    Rights of individuals:
    To request access to personal data that we hold about you, you should submit your request in writing to the e-mail address or postal address shown below in “How to Contact Us.” When you make a request, you should indicate your panellist ID or other survey identifier. 

    If you contact us using an email address or contact details for which we do not hold a record of, you will also need to provide a copy of a valid government issued or official identification (such as drivers licence or passport).

    You have the following rights in relation to your personal data:

    • Right to change your mind and to withdraw your consent
    • Right to access your personal data
    • Right to rectify your personal data
    • Right to erase your personal data from our systems, unless we have legitimate interest reasons for continuing to process the information
    • Right to port your personal data (portability right)
    • Right to restrict processing of your personal data
    • Right to object to the processing of your personal data
    • Right to not be discriminated against for exercising any of the rights available to you under applicable data protection laws

    If necessary, we will notify any other parties such as our suppliers or service providers to whom we have transferred your personal data of any changes that we make when you make a request. Note that while we communicate to these third parties, we are not responsible for the actions taken by these third parties to answer your request. You may be able to access your personal data held by these third parties and correct, amend or delete it where it is inaccurate.

    Data storage and retention:
    We keep your personal data only for as long as is necessary for the purposes for which we are using it. The period for which we keep your personal data will be determined by a number of criteria, including the purposes for which we are using the information, the amount and sensitivity of the information, the potential risk from any unauthorised use or disclosure of the information, and our legal and regulatory obligations. Personal data that is no longer required will be disposed of in ways that ensure their confidential nature is not compromised.
    As part of the Company Business Continuity plan and as required by ISO27001, ISO9001, ISO20252 certifications where held, and in certain instances the law, our electronic systems are backed up and archived. These archives are retained for a defined period of time in a strictly controlled environment. Once expired, the data is deleted, and the physical media destroyed to ensure the data is erased completely.

    Notification of material changes:
    We keep our privacy policy under regular review, and it may be amended from time to time. We will always have the most up-to-date policy on this web page. We will record when the policy was last revised.

    Date created: 13/06/2011
    Last revised:   29/10/2024

    Automated decision making / profiling:
    In certain circumstances we shall carry out automated decision making or profiling about you. However, in the majority of cases this will not result in any legally significant decisions being made about you. You have the right to appeal if any automated decision made about you is legally significant. If you have any questions about this, please contact us.

    How to contact us:
    If you are not happy with the way we have processed your personal data, we would like a chance to put that right.

    Please contact us at UK-Compliance@veriangroup.com or in writing to Compliance Officer, Verian, 4 Millbank, Westminster, London, SW1P 3JA, and we will have somebody contact you.

    We will investigate all complaints and attempt to resolve those that we find are justified. If necessary, we will amend our policies and procedures to ensure that other individuals do not experience the same problem.

    If you have any questions or comments, you may contact Verian’s Data Protection Officer, please email compliance@veriangroup.com

    Complaints and country specific disclosures:
    If you are not satisfied with how we handle and protect personal data, you have the right to complain to a supervisory authority such as the Information Commissioner's Office in the UK whose details can be found at www.ico.org.uk 

    We are Verian. Our registered name and address are: 

    • Verian Group UK Limited
      4 Millbank,
      Westminster,
      London
      SW1P 3JA
    • UK Companies House number 13663077