Who are we?
MIG Global Limited. Registered in Scotland. Company No.: SC281352. Registered Office: Biteda Limited, 111 Bell Street, Glasgow, G4 0TQ and all its trading names (Circle Research, Charterhouse Research, Morar HPI, VIGA).
At MIG we are committed to protecting the privacy of our clients and, as a market research group, the privacy of research respondents. We want to provide a safe and secure service where we deal with your personal information. This means information that identifies you personally such as your name, photo, contact details, or data that can be linked with such information in order to identify you.
Quick Guide to Contents
- What personal information do we collect about you?
- How do we use your personal information?
- How long do we keep your personal information for?
- Who do we share your personal information with?
- What happens if you do not provide us with the information we request?
- Do we make automated decisions concerning you?
- Do we transfer your personal information outside the EEA?
- What are your rights?
- How do we contact you?
- How do you contact us?
What personal information do we collect about you?
We collect and process your information in the following ways:
Information you give us
If you’re filling in the contact forms on our website
We will always ask for your consent when adding you to lists and you should know what you’re signing up for – be it, marketing mail or receiving content relevant to you from us
If you’re completing a survey or engaging in a questionnaire
We collect information for market research purposes only.
The information you provide will normally be used to help a client better understand how well they’re doing in the marketplace, or to help them improve a service or similar. Data is presented back to our client in an aggregated, anonymised, format, unless you consent to us providing them your data with any contact information appended e.g. email address, phone number and so on. This would be freely given and not a requirement of conducting market research, unless the research required it for a specific lawful reason e.g. to pay you your incentive after completing the survey, or to conduct face-to-face research which you would opt-in to and so on.
Information we collect automatically
If you’re accessing one of our websites
We collect IP addresses of users of our websites and we may also store your browser’s environment variables (this is freely available when you browse the web and contains information like your operating system, the device you are on, the browser version and so on). This information is kept for security reasons to allow us to block fraudulent members of the public, but also to help improve your user experience when you visit our sites, for example serving up different web pages if you’re on a mobile vs. a tablet vs. a laptop
Information we receive from third parties
There will be occasions where our clients request that we contact individuals on their databases. This information may contain behaviour which our client may have collected on you e.g. number of store visits, a loyalty band / tier, or an internal value pertaining to the segment you are in. Upon completion of a survey we may append some of this information on to the answers you have provided to help our client better understand their customer database, and to help us analyse the data more efficiently. Data is generally presented to our client in an anonymised, aggregated, format and, unless the reward for completing a survey requires it, or you opted in to do so, your participation in the research will never be shared.
There may also be instances where we have lawfully received your data from a sample supplier that has lawfully collected your details and has the right to sell this on. In these instances we would be contacting you as an unknown third party, but the basis for processing is as per the above, only we would be provided with far less information on you, for example just a name and email address.
How do we use your personal information?
To provide a requested service or carry out a contract with you.
for example, where you have entered a competition with us and we are processing your personal data to deliver your prize.
Where we have your consent
If you have signed up with us for marketing, or to receive market research surveys or services
Where we have a legitimate interest
If we have legally received your data from a third party for the purpose of market research
Where we have a legal obligation
We may also store or use personal information where we have a legal obligation to do so
How long do we keep your personal information for?
We keep your information for the following periods:
We have our own retention policy for all types of personal data used throughout MIG. We will only keep data for as long as reasonably necessary.
For example, we hold our client order information for 90 days following the end of a contract unless a contract with our client specifies we must hold it for longer.
Who do we share your personal information with?
We share your personal information with trusted third parties where we have retained them to provide services that you or our clients have requested, such as recruitment for qualitative work, face-to-face interviews, or other services we are unable to provide in-house. While MIG strive to carry out all functions internally, there are instances where this simply isn’t feasible.
We share your personal information with third parties who perform functions on our behalf and who also provide services to us, such as professional advisors, IT consultants carrying out testing and development work on our business technology systems, research and mailing houses and function co-ordinators.
We share your personal information with our other Group companies for internal reasons, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us your personal information will be disclosed to such entity. Also, if any bankruptcy or reorganisation proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.
What happens if you do not provide us with the information we request or ask that we stop processing your information?
If you do not provide the personal information necessary, or withdraw your consent for the processing of your personal information, where this information is necessary for us to provide services to you, we will not be able to provide these services to you.
Do we make automated decisions concerning you?
We don’t perform any automated decision making concerning clients, survey respondents or website users.
Do we transfer your personal information outside the EEA?
All the data you provide us sits on our secure servers in the EEA. However, as a global company with offices in the USA your data may be transferred outside of the EEA. In a scenario where your processing would be done outside of the EEA, we will ensure that the transfer is lawful and that there are appropriate security arrangements in place.
What are your rights?
By law, you have a number of rights when it comes to your personal information. Further information and advice about your rights can be obtained from the data protection regulator in your country.
What does this mean?
1. The right to object to processing
You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
2. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
3. The right of access
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
4. The right to rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
5. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
6. The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
7. The right to data portability
You have rights to obtain and reuse your personal information for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal information for marketing purposes.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
How will we contact you?
We may contact you by phone, email or social media. If you prefer a particular contact means over another, please just let us know.
How can you contact us?
If you have any enquires you can contact us at: firstname.lastname@example.org or by writing to us at:
Attn. Data Protection Team
54 Bermondsey Street