Privacy Policy

GemSeek Privacy Policy: Last Reviewed and Updated March 20, 2022

Privacy Policy contents

Our Privacy Policy references six key sections including:

  • Introduction
  • Market research
  • Data collection
  • Marketing communication
  • Cross-border transfer
  • Contact us

1. INTRODUCTION 

GemSeek Consulting Ltd. recognizes and respects your right to privacy. This Privacy Policy provides information about the collection and use of your personal data, the conditions under which we may disclose the data to other parties, and the security measures we implemented to protect your data.

We encourage you to read this Privacy Policy carefully to understand how we handle your Personal Information.

Please note, that the policy may change over time. In order to ensure you are aware of any changes, please check this page regularly.

2. MARKET RESEARCH

Information about our market research activities

We conduct market research on behalf of clients, and as a part of our business operations, we collect and process personal information. By participating in our survey(s), you agree to this policy and the use of your personal data. The definition of “personal data” as per GDPR is “any information that relates to an identified or identifiable living individual. We comply with data protection legislation as applicable to the rights of citizens in the geographic areas in which our research activities are conducted.

Personal data provided by clients

It is common for our clients to provide us with a sample of existing clients, customers, suppliers and/or employees. In such case, we act as the Data Processor, and our client is the Data Controller. In such cases, our clients are responsible to assure all consents, laws and regulations that are applicable are strictly followed.

Any processing of transmitted Personal Data happens in accordance with the instructions by our client, covered by the provisions of our customer and partner contractual agreements. These instructions may include restrictions on the use of sub-processors and the transfer of your Personal Data to third parties or countries. GemSeek complies with all restrictions and instructions of our clients. Irrespective of any client requirements, any Personal Data may be processed:

  • Only for the purpose, it was provided
  • Kept no longer than required
  • Subject to the same security requirements applicable to GemSeek’s own Personal Data

How we keep your personal information secure

We take great care and have implemented appropriate technological and organisational measures to protect the personal data submitted to us during transmission, processing and storage. We use professional, reputable systems and suppliers, and strong data encryption. We train all our staff to our information security standards. In addition to data protection legislation (for example, the EU General Data Protection Regulation), we work to market research industry professional standards and best practices. All third-party contractors and employees are contractually obliged to follow our security, confidentiality and privacy policies and procedures.

What type of personal data do we process?

In order to run our business and provide services to our clients and/or/to comply with other legal obligations we may process the following type of personal information:

  • Personal identification data e.g., name, title, position, etc.
  • Contact information e.g., email, phone, address
  • Traffic data and other related data e.g., location data, IP address, cookies
  • Financial data
  • Transaction data
  • Employee data
  • On rare occasions, special category data – includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. This type of personal data is subject to even stricter rules than those applied to standard personal data and is only processed with your permission or where we have specific legal grounds to do so.

Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis. From focus groups and small-scale research, we mask the identity of participants with labels such as ‘Male, 25-34, London’.

Duration of processing and data storage

Unless otherwise agreed with our clients, your Personal Data will be retained only for the purpose of the services provided and for no longer than 12 months, unless otherwise required to do so by law or where we have previously agreed with our research participants. Personal Data that is no longer required will be either anonymized, deleted and/or disposed of in such a way as to ensure the confidentiality nature is not compromised.

3. DATA WE COLLECT 

What type of personal data do we collect?

We collect personal information from individuals who take part in our market research-related activities including, but not limited to:

  • Personal identification data e.g., name, title, position, etc.
  • Contact information e.g., email, phone, address
  • Traffic data and other related data e.g., location data, IP address, cookies

In such cases, we are the Data Controller. We obtain consent and provide an explanation of the purpose of collection, usage and retention.

How do we collect the data?

  • Web surveys
  • Telephone surveys
  • Interviews by our interviewers either in-home or in a specific location (e.g., shopping centre) via tablet or paper forms
  • Focus groups
  • Social media/interactive web platforms – in accordance with contractual terms and conditions as specified by the provider and relevant legislation
  • Mobile devices as specified by the provider and relevant legislation

Conducting surveys with third-party suppliers

When we conduct surveys using third-party suppliers via their interviews /invitations/ platforms and questionnaires contractual agreement of data processing on behalf of GemSeek is executed, adding the appropriate provisions governing the relationship with the provider/supplier. With respect to the processing of Personal Data on behalf of GemSeek, the provider/supplier may only process Personal Data as per the written instructions from GemSeek.

All providers/suppliers are chosen carefully, based on their ability to cover the required technical and organizational protective measures and in line with GemSeek’s supplier approval process.

Duration of Personal Data

We only keep personal information for as long as required for the purposes of the research. Our data retention policy states that we will not keep personal information for longer than a year, except where previously agreed with our research participants.

Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis.

Access to your personal data and processing restriction

Please contact privacy@gemseek.com to request your data and/or data erasure or processing restriction. We will confirm receipt of your request within five working days and take the appropriate steps to consider your request in line with GDPR legislation. Please note, it is likely you will be asked for proof of identification prior to commencing any work in response to your request.

4. MARKETING COMMUNICATION 

How we collect information from you

We collect, store and retain personal information about you in a variety of ways:

  • Visiting our website
  • Registering to receive our marketing communications
  • Registering to download content from our website
  • Applying for vacancies listed on our websites
  • When you contact us via our enquiry email

The type of personal information we collect

By personal information we mean any information that you provide via our website that we have collected and may include (but not limited to):

  • Forename, Surname
  • Postal address
  • Email address,
  • Telephone number
  • Job title

How we use your information

If you are (i) an existing client (ii) interacting with our marketing communications (iii) engaging with us through business development and potential future work (iv) have given express consent to us to use personal information for marketing purposes, GemSeek may at times use your personal information to provide you with marketing communications related to products, services and information relating to conferences and events.

Sending your personal information outside of GemSeek

We may share information with our third-party service providers for services such as data analysis, website hosting, infrastructure provision, IT services, e-mail delivery services, auditing services, business development and lead generation, marketing services or to comply with legal or regulatory requirements.

Use of cookies on our website

Cookies are commonly used across websites and mobile applications which may be used by GemSeek to provide you with, for example, customised information from our website. The cookie will allow us to recognise you when you visit our website. A cookie is an element of data that a website can send to your browser which may then be stored on your system. It does not contain confidential information such as your home address, telephone number or credit card details.

We do not exchange cookies with any third-party websites or external data suppliers. If you wish, you can usually adjust your browser preferences so that your computer does not accept cookies. Turning off cookies may mean that there is a loss of functionality when using our website.

Use of Google Analytics

We use Google Analytics which is a web analytics service offered by Google to track and report our website traffic. For more information about Google Analytics please visit: https://www.google.com/analytics/#?modal_active=none

Unsubscribing from marketing communications

You have the right to withdraw consent to receiving direct marketing messages making use of your personal data at any point. If at any point you would like to opt-out from receiving any marketing communications, simply click on the unsubscribe link at the bottom of any emails you receive.

Links to other websites

GemSeek’s website will contain links to other websites. Please note that this Privacy Policy only applies to GemSeek and our website. If you are taken to another website please read their own privacy policies. We do not control any third-party websites and are not responsible for their privacy policies. When you leave our website, you should read the privacy notice of every website that you visit.

 5. CROSS-BORDER TRANSFERS 

Sending EU citizens’ data outside of the EU

We keep EU citizens’ data within the European Union as a standard. If we have a technical or business requirement for EU citizens’ data to transfer beyond the EU, then we obtain the individuals’ permission for this or we will ensure that there is a formal written contract in place approved by the European Commission which gives personal data the same protection as it has in the European Union. In the event that any personal data is transferred to the United States, we shall ensure that the party receiving personal data has signed up for the Privacy Shield which requires them to provide similar protection to that afforded in the European Union. We ensure any data transfer and repository beyond the EU is secure to the standards of EU data protection legislation.

 6. HOW TO CONTACT US

If you have any questions or comments about GemSeek’s Privacy Policy or the practices of this site, if you would like to issue a complaint, or if you have an unresolved privacy and data use concern, we would like to hear from you at: privacy@gemseek.com or by phone: +359 2 904 2702 or by mail at the following address:

GemSeek Consulting Ltd.

18 Shipchenski Prohod Blvd, Office 701

Sofia 1113, Bulgaria

Attn: Data Protection Officer