Ripple International is a full-service market research agency that operates within the boundaries of the Data Protection Act 1998, and EU General Data Protection Regulation (GDPR).
Ripple International processes personal data (that is, data by which a living individual can be identified) relating to participants (i.e. those that take part in, or who are asked to take part in, research).
This privacy statement applies to the processing of this type of data.
Sources & uses of personal data
Ripple International collects and uses personal data obtained from participants as part of conducting research. The reason we collect this data is usually only for analysis purposes, but all purposes for which data is being collected are always made clear at the time of data collection. This processing is based entirely upon informed consent but participants do have rights relating to this type of processing (including the right to object to the processing of their data in this way- see below for more information).
Ripple International does not carry out any form of automated processing or decision making.
Chief among your rights is your right to object to the processing of your data.
Ripple international will immediately comply with your objection and cease processing, unless there is a legitimate legal reason not to (which would be very rare and would be explained at the time).
Through a process referred to as a Subject Access Request; you have a right to obtain
confirmation that your personal data is being processed
access to your personal data
other supplementary information (largely contained within this document).
You also have the right to the following;
where you have given Ripple International your informed consent to process your personal data, to revoke that consent.
to know where your data originated from, where your personal data came to Ripple International other than from you.
to block future processing of your data.
to apply for the erasure of any personal data being held.
to request any incorrect personal data to be corrected.
to lodge a complaint with the supervisor authority (in most cases the Information Commissioner) if you believe your data is being handled unfairly.
Nb. if you exercise your right to request that your personal data be deleted, Ripple International will have no way of ensuring you are not contacted again. If your objective is to not be contacted again, consider exercising your right to block processing instead – Ripple International would then hold just the absolute minimum data needed to ensure you are not contacted again.
If you would like to enact any of your rights, please email email@example.com
All requests will be processed within 30 days, there is no fee involved in exercising any of these rights.
Data Storage, Deletion, and Sharing
Personal data of which Ripple International is not the controller (e.g. the customer database of the client we are represented) is deleted immediately upon completion of the project.
Personal data of which Ripple International is the controller (e.g. data which you have given consent for us to collect as part of the research we do) is stored in the form in which it was collected for 12 months from project completion.
If your personal data has been used in any associated materials (for example for internal analysis purposes), these forms of data will be deleted within 2 years of project completion unless otherwise specified.
Ripple International may on occasion engage subcontractor processors in the course of conducting the research. These could include (but are not limited to) transcription or filming companies, specialist recruitment or interviewing organisations, or data analysts. All subcontractors are vetted to ensure they comply with all relevant legislation.
On occasion, Ripple International may share your personal data with other organisations (including from time to time the organisation commissioning the research, or its representatives). This will only ever be done with your full and informed consent or where legally required.
Data Protection Officer
Ripple International’s Data Protection Officer is Rosemary Shickle.
All communications regarding personal data (including subject access requests or the execution of any of your other rights, as well as any queries relating to this policy document) should be addressed in writing to firstname.lastname@example.org.