This Privacy Notice informs you about the different personal and sensitive data types that fall under the General Data Protection Regulation (GDPR). The GDPR is a regulation designed to protect the processing of personal data and uphold the fundamental rights and freedoms of individuals in the European Union (EU) and the European Economic Area (EEA).
Personal Data (Article 4):
According to the GDPR, personal data refers to any information that relates to a natural person who can be identified directly or indirectly. This individual is a “data subject.” It can be distinguished by different criteria, including their name, identification number, location data, online identifier, or particular qualities related to their physical, physiological, genetic, mental, economic, cultural, or social identity.
“Genetic Data” refers to personal data about a person’s inherited or acquired genetic characteristics. This type of data provides unique insights into the physiology or health of the individual and results from analyzing biological samples taken from the person.
“Biometric Data” refers to personal data resulting from specific technical processes that relate to a natural person’s physical, physiological, or behavioral characteristics. These characteristics enable or confirm the unique identification of the individual, such as facial images or dactyloscopy (fingerprint) data.
“Data Concerning Health” encompasses personal data connected to a person’s physical or mental health. It includes information about health status and the provision of healthcare services that reveal insights into an individual’s health condition.
Special Categories of Personal Data (Article 9):
The GDPR recognizes special categories of personal data, previously referred to as sensitive personal data. These categories include data that reveal:
Key Considerations:
Data Controllers and Data Processors play distinct roles in processing personal data as defined by the General Data Protection Regulation (GDPR). Their responsibilities are outlined as follows:
Data Controllers:
Data Controllers have the authority to determine the purpose and methods of data processing. For instance, if you influence work design or maintain a list of potential respondents, you are considered a Data Controller.
Responsibilities of Data Controllers include:
Data Processors:
Data Processors handle data processing activities on behalf of Data Controllers. If you solely act according to the instructions of others, such as a market research or fieldwork agency, you are classified as a Data Processor.
Obligations of Data Processors include:
Shared Responsibilities:
Both Data Controllers and Data Processors are required to:
The ICO stands for the Information Commissioner’s Office. It serves as the supervisory authority and regulator for data protection in the United Kingdom. Operating as an autonomous entity, the ICO is tasked with safeguarding information rights within the UK.
GDPR requirements for processing secondary data in data analytics align closely with primary data in market research. ARP suggests the following steps for those handling secondary data in data analytics:
Contracts under GDPR should encompass the following:
Data processors require written consent from sub-processors (e.g., freelancers), adhering to GDPR. The inclusion of processor clauses in contracts is shared between controllers and processors as per GDPR, ensuring clarity.
Following GDPR, individuals possess a novel entitlement known as the right to erasure or be forgotten. This empowers individuals to request the deletion or elimination of their personal data when no compelling reason justifies its ongoing processing.
Furthermore, individuals have the right to restrict the processing of their personal data. When processing is restricted, you can store the data but refrain from further processing. Minimal data retention is permissible to ensure compliance with the restriction in the future.
If an individual opts not to be contacted for market research, they exercise their right to restrict processing, distinct from the right to erasure. It is crucial to differentiate between these two different rights. Honoring a request not to be contacted for market research necessitates retaining some personal data for operational compliance.
In a general context, the impact of GDPR on personal data processing for individuals is comparable to its effect on organizations. Although variations might exist in record-keeping and risk assessment (relevant notes below), the overall requirements remain consistent regardless of the organization’s size.
ARP offers guidance to individual members to:
Begin by understanding or reviewing your current position to identify necessary GDPR adjustments.
Formulate a GDPR action plan to become compliant, considering risk-based prioritization.
Potential changes may involve:
Please note that the information provided above is for informational purposes only. The responses are not intended to be taken as regulatory or legal advice and should not be construed as such.
Data security is a significant factor for us at Asia Research Partners LLP (ARP), a company engaged in market and opinion research. As we receive information about both private and business people, a large part of the data exchanged with us is strictly confidential (‘personal data’). In the context of privacy, we comply with the standards of the relevant Data Protection Act and as a member of ESOMAR, we also comply with the directives and regulations of the market research professionals’ association.
The operator of this website takes your personal data very seriously. In accordance with the law on data protection and our Privacy Policy, we treat your personal data confidentially.
Typically, the use of our website is possible without the disclosure of personal details. All personal information, such as name, address, or e-mail address, is obtained on our site on voluntarily as far as possible. These data will not be forwarded to third parties without your express permission.
It should be noted that data transmission on the Internet such as when communicating via e-mail, could have security gaps. Comprehensive data security from third parties is not feasible.
This website uses cookies.
Cookies do not affect your device nor contain any malware. They are simple text files stored on your computer by your browser and are used to make our site more user-friendly, responsive, and safe.
Most of the cookies that we use are called “session cookies”, which are deleted automatically at the end of your session on our website. Other cookies will remain on your terminal until you delete them. These cookies help us to recognize your browser during your next visit to our website.
You can set up your browser so that you are notified about the location of cookies and allow cookies on a case-by-case basis. You can accept cookies in certain situations or rule out and automatically delete them when you close your browser.
Please note that the functionality of this website can be limited when cookies are disabled.
This site provider automatically gathers and stores information, that your browser automatically transmits to us, in the server log.
Information stored by the server log include:
These data cannot be delegated to any individuals. These data are not combined with data from other data sources. Subsequently, we reserve the right to review these data if we become aware of any concrete allegations of unauthorized use.
If you send us your enquiries via the contact form, your details including the contact information you have provided will be stored for to process the enquiry and in the event of any subsequent queries. We will not forward this data without your permission.
This website uses functions from the web analysis service Google Analytics. The provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called cookies. These are text files that are stored on your computer that enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually sent to a Google server in the USA and stored there.
If IP anonymisation is activated on this website, your IP address will be shortened in advance by Google within member states of the European Union or in other contracting states to the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptions. Google will use this information on behalf of the user of this website to evaluate your use of the website, compile reports about website activities, and provide further services associated with website use and internet use to the website provider. The IP address transmitted within the scope of Google Analytics from your browser will not be brought together with other data by Google.
You can prevent the storage of cookies by setting your browser software accordingly; however, we must point out that in this case, you may not be able to use all the functions of this website in full. Furthermore, you can prevent the recording of the data generated by the cookie relating to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available on the following link: http://tools.google.com/dlpage/gaoptout?hl=de
Plugins from the social network Facebook, provider Facebook Inc. 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our site. You will recognise Facebook-Plugins from the Facebook logo or the “Like button” on our site. You will find an overview of Facebook-Plugins here: http://developers.facebook.com/docs/plugins/
When you visit our site, a direct connection will be made between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address in this way. When you click on the Facebook “Like button” while you are logged on to your Facebook account, you can link the contents of our site to your Facebook profile. As a result, Facebook will allocate the visit to our site to your user account. We must point out that as the provider of the site we have no knowledge of the contents of the data transmitted nor of its use by Facebook. You will find further information on this in the Facebook Privacy Policy on: http://de-de.facebook.com/policy.php
If you do not want Facebook to be able to allocate our site to your Facebook user account, please log out from your Facebook user account.
You have the right at any time to free of charge information about the personal data stored about you, its origin, and recipients and the purpose of data processing as well as the right to correct, block or delete this data.
We hereby object to the use of the contact details published within the scope of the obligation to publish an imprint to send advertising and information material not explicitly requested by us. The operator of this site reserves the right to take legal steps in the event of the unsolicited sending of advertising information, such as through spam emails.
If you have any further questions or require further information about data protection, please contact our Data Protection Officer.
Anubhav Raj
B-1/I-1, 2nd Floor, Mohan Co-operative Industrial Area
Delhi-110044, India