MARU/EDR LIMITED (“we”, “our”, and “us”) is committed to protecting and respecting your privacy. We are part of the MARU Group and are a UK based research agency.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, or that we have received from a third party source will be processed by us.
Please read the following policy carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting this webpage (“our site”) and continuing to participate in the survey, you are accepting and consenting to the practices described in this policy.
Our site may, from time to time, contain links to and from partners’, advertisers’, affiliates’ and social network sites. If you follow a link to any of these websites, please note that these sites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check their privacy policies before you submit any personal data to those websites as they may not be on the same terms as ours.
In accordance with the Market Research Society Code of Conduct for Internet Surveys, in order to take part in any survey or questionnaire from our website, you must be over 16 years of age.
References in this policy to “data protection law” mean (as applicable) the Data Protection Act 1998, the General Data Protection Regulation (Regulation (EU) 2016/679) and all related data protection legislation having effect in the United Kingdom from time to time.
References in this policy to “data” or “information” include “sensitive personal data” and “special categories of data” (as defined under data protection law) where applicable.
1.1 For the purposes of our business we are the data controller.
1.2 In respect of processing that we undertake on behalf of our clients we are the data processor and our client is the data controller who determines the purpose and means of the processing of personal data which they provide us with. There may be instances where we are a joint data controller with our client.
1.3 Our data protection officer can be reached at email@example.com
2.1 The following sections set out why we are processing your information, what information we collect, the legal basis for and duration of our processing of your information and (if applicable) who your information will be shared with and where those recipients are based.
Which information do we process and for what purpose?
2.2 We process the following information from you:
2.2.1 Information you give us. This is information about you that you give us by filling in forms on our site. It includes information you provide when you register to use our site, request marketing information, use our online chat feature, enter a competition, promotion or survey and when you report a problem with our site. The information you give us may include your name, address, email address, phone number, date of birth and gender.
2.2.2 Surveys and Panels. Where information is volunteered and subsequently collected that can identify you this is used to provide insights and information that allow our clients to create more efficient and effective products and services for their customers. You will not be contacted by us unless you have specifically consented to us doing so.
2.2.3 Competitions and Draws. Where your information is required to identify whether you are the winner of a competition or draw this may be revealed to the appropriate client. Please refer to the individual competition rules which will refer to the requirements for publicity of winners’ names.
2.2.4 Information we collect about you. Like most other website operators, we collect non-personally identifying information of the sort that web browsers and servers typically make available. This includes technical information and information about your visit, such as records of how you navigate the pages on our site and how you interact with the pages.
2.2.5 We process information you give us and that we collect about you for the following purposes:
22.214.171.124 to fulfil our obligations under the contracts between us and our clients;
126.96.36.199 to improve our services;
188.8.131.52 to ensure that content from our site is presented in the most effective manner for you and for your computer; and
2.2.6 Information obtained from or provided by third parties. We obtain or are provided witHh information, such as your name, address, email address, phone number, date of birth and gender which we have been supplied by third parties from whom you have recently purchased or used goods or services (“our clients”). We will also receive information about you if you use any of the other websites we operate, which include eMysteryShopper.com, eCustomerOpinions.com, eGlobalPanel.com, eDigitalCommunities.com, eDigitalForums.com, ePanelManager.com and eProductRating.com.
2.2.7 We process information we obtain from or are provided by third parties in order to fulfil the contractual obligation between us and our clients the purpose of which is to understand and improve the service provided by our clients.
What are the grounds for processing your information?
2.3 We are processing your data on the following ground(s):
2.3.1 you have previously given your consent to our client to the processing for the purposes stated in section 2.2, above; and/or
2.3.2 the processing is necessary for achieving our clients’ legitimate interest of receiving your feedback in respect of the goods or services you have used or purchased from them. In accordance with data protection law, we have carefully weighed your interests and fundamental rights and freedoms against our clients’ interest to process your information and are satisfied that we are justified in processing your information for this purpose
Duration and further processing
2.4 We will regularly review the personal data which we are holding about you, and will delete it as appropriate. We will store your personal data for no longer than is necessary for us to fulfil the purpose for which it was obtained, provided that we have a reasonable commercial case for doing so, and in any event for no longer than 2 years after the project has completed. If we need to keep your information for a longer period then we will notify you of the reason and grounds for doing so.
2.5 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We maintain a data processing register for each project we undertake.
Who is your information shared with?
2.6 In order to achieve the purpose(s) set out in section 2.2 above, we will share your data only with the following people or group of people:
2.6.1 our clients to whom your personal data is relevant;
2.6.2 if necessary for the specific project in question, other companies within the Maru Group; and
2.6.3 in the case of telephone interviews undertaken on our behalf, to The Telemarketing Company Ltd (“TTMC”), a company incorporated in England and Wales with company registration number 2475469. TTMC conduct telephone interviews on our behalf for the purpose of gathering your feedback in relation to goods or services you have purchased from our clients,
2.6.4 in the case of SMS surveys undertaken on our behalf, to Dynmark International Limited trading as Comapi (“Comapi”), a company incorporated in England and Wales with company registration number 4343332. Comapi sends SMS messages on our behalf for the purpose of gathering your feedback in relation to goods or services you have purchased from our clients, in accordance with our obligations under the contract between us and our clients.
2.8 We share aggregated demographic information with our partners and clients; this is not linked to any personal information that can identify any individual person or organisation.
2.9 We will disclose your personal information to third parties:
2.9.1 in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets; or
2.9.2 if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect our rights, property, or safety, or that of our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
2.10 The data that we collect from you will not be transferred to or stored at a destination outside the European Economic Area (“EEA”) without your prior consent.
Automated decision making
2.11 We do not make automated decisions about you based on your information.
2.12 Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmission to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
3.1. Under data protection law you have the following rights:
3.1.1 the right to be informed as to what we do with your information. This includes but is not limited to the right to know what information we gather, process and store, what we do with it, who we share it with and how long we keep it for;
3.1.2 if we are processing your data on the basis of your consent then you have the right to withdraw that consent at any time. Consent can be withdrawn by and notifying us using the details set out in section 8 below. The lawfulness of our historic processing based on your consent will not be retrospectively affected by your withdrawal of consent;
3.1.3 the right to access a copy of your information which we hold. This is called a ‘subject access request’. Additional details on how to exercise this right are set out in section 5, below;
3.1.4 the right to object to processing of your information where it is likely to cause or is causing damage or distress. You can notify us of your objection to us processing your personal data using the contact details set out in section 8;
3.1.5 the right to prevent us processing your information for direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us using the details set out in section 8, below;
3.1.6 the right to object to decisions being made about you by automated means. We will inform you if your information is subject to automated processing;
3.1.7 the right, in certain circumstances, to have your information rectified, blocked, erased or destroyed if it is inaccurate;
3.1.8 the right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law;
3.1.9 enhanced rights to request that we erase, rectify, cease processing and/or delete your information; and
3.1.10in certain circumstances, the right to request the information we hold on you in a machine readable format so that you can transfer it to other services. This right is called ‘data portability’. Additional details on how to exercise this right are set out in section 5, below.
3.2 For further information on your rights under data protection law and how to exercise them, you can contact Citizens Advice Bureau (www.citizensadvice.org.uk) or the Information Commissioner’s Office (www.ico.org.uk).
4.2 We use “cookies” to gather statistical information that helps us understand what users find interesting and useful on both our own and our clients’ websites. Users can decline the cookies by adjusting the “accept cookies” setting on their browser, however, this may affect the functionality of our surveys on client web sites. We may also embed a piece of code into pages of certain client sites. This gives us statistical site usage information about how the site is used. We aggregate this information to provide our clients with a closer understanding of how visitors use their site. We do not use this code to collect any personally identifiable information.
5.1 You have the right to access information held about you by making a written request to us. You must send us proof of your identity, or proof of authority if making the request on behalf of someone else, before we can supply the information to you. Requests should be sent to firstname.lastname@example.org. In certain circumstances, you will be entitled to receive the information in a structured, commonly used and machine readable form.
5.2 We will be allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you, if your request is clearly unfounded or excessive.
7.1 You have the general right to complain to us (in the first instance) and to the Information Commissioner’s Office (if you are not satisfied by our response) if you have any concerns about how we hold and process your information. Our contact details are set out in section 8, below. The Information Commissioner’s Office website is www.ico.org.uk.
This site may set one or more cookies when you visit. All the possible cookies that may be set are listed below, but please note that not all cookies will be present - which ones exist depend on which features/functionality are enabled on the site at any given time, and which you have used in this session.
Our application sets a cookie called 'server' whenever you access anything that might require you to be directed to the same server in our cluster for all the pages in your visit. It contains only the name of our server, and no tracking or other IDs. E.g. it might contain "www32" indicating you are on our server called www32 for your session.
This cookie contains no tracking information, is not used by our research or other software in any way other than to check that you are correctly staying on the same server during your session, and is deleted automatically at the end of your session.
This cookie is set when you log in to one of our sites, and maintains your login session with us.
This cookie does not do any tracking on its own - but it contains a reference to the user account you have on the site you logged in to. Your activities on the site (when logged in) may be logged or analysed in accordance with the terms & conditions of that site. Only the web site you logged in to can 'see' this cookie - and it cannot be used to log you in or track your activity on any other web site.
The cookie will be deleted either at the end of your session or, if you ticked a "remember me" box, then at a point a few months after you log in.
This cookie is created by our site infrastructure in order to maintain information across your session.
If you log in, additional information from your account may be linked to this cookie, and used in accordance with the terms and conditions you agreed to when you registered. This cookie is automatically deleted at the end of your session.
Our polling/voting feature (ePollingStation) uses a separate cookie to keep track of which polls you have participated in, and when.
This uses a permanent cookie called 'eps' which is created when you answer a poll. It stores only the ID of each poll you have answered, and the date+time you answered it. It does not store what answer you gave to the poll, or any other information about you or your browsing history.
This cookie exists only to ensure you aren't offered the same poll too often on a site, and to show you the results for polls you have already answered. A cookie is used because our platform - for speed/efficiency reasons - queues the answer you gave before inserting it into our analysis databases. Before your answer has been imported the cookie is the only way the system knows to show you the answers instead of displaying the same question again.