VOR Market Research | Data Protection Policy
1. Introduction to VOR Market Research | Data Protection Policy
VOR Market Research | Data Protection Policy: The Data Protection Policy of VOR Market Research is to protect personal data and project data of those various stakeholders connected to the organization, and is created in accordance to the European Union’s General Data Protection Regulation (GDPR).
In its everyday business operations VOR Market Research makes use of a variety of data about identifiable individuals, including data about:
- research participants
- website visitors
- other relevant stakeholders
Categories of data that include personal information, could include but might not be limited to: first name; last name; email address; address; phone number; gender; date of birth; IP address; marital status; race; ethnic origin; politics; religion; trade union membership; ownership possessions; consumption habits; genetics; biometrics (where used for ID purposes); health; sex life; sexual orientation.
3. GDPR Principles
All personal data and project data under our control is processed in accordance with the following data protection principles:
- processed in a lawful, fair and transparent manner
- collected only for specific, explicit and limited purposes
- adequate, relevant and not excessive
- accurate and kept up-to-date where necessary
- kept for no longer than necessary
- handled with appropriate security and confidentiality
4. Lawful Processing
- All data processed by VOR Market Research must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.
- The most appropriate lawful basis will be noted in the Data Processing Register.
- Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
- Where communications are sent to individuals based on their consent, the recipient should have the option to opt-out in each communication sent, and this choice should be recognized and adhered to by us.
5. Data Breach Notification Procedures
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, VOR Market Research shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO.
6. Data Subject Rights
Under data protection laws, data subjects have certain rights:
- right to be informed
- right of access
- right to data portability
- right to be forgotten
- right to rectification
- right to object
- right to purpose limitation
- rights related to automated decision-making and profiling
All personal data and project data is kept for no longer than necessary. VOR Market Research ensures that the handled data is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
7. Security and Record Keeping
All data handled by VOR Market Research is secured against unauthorized or unlawful access and against accidental loss, destruction or damage, using appropriate technical and organizational measures.
- The company ensures that personal data and project data are stored securely using modern software that is kept-up-to-date.
- Access to personal data and project data are limited to personnel who need access and appropriate security is in place to avoid unauthorized sharing of information.
- When personal data and project data are deleted this is done safely such that the data is irrecoverable.
- Appropriate back-up and disaster recovery solutions are in place.
8. Transferring Data Across International Borders
Personal data and project data may, at the discretion of VOR Market Research, be transferred to one or more of VOR’s affiliates or to the client sponsoring the study on the basis of Data Protection Laws pursuant to the client’s permission of this policy, in which case VOR Market Research shall cooperate with the client to seek an adequate basis for the cross-border transfer of data. At client’s request, VOR Market Research shall inform the client of the applicable basis for the cross-transfer of data.
The client warrants that any cross-border transfer of data from VOR Market Research to a sub processor or to the client itself shall be allowed by implementing additional safeguards pursuant to Data Protection Laws or as otherwise permitted by Data Protection Laws.
9. Relevant Contact Information
If you have any questions in relation to this policy, please contact:
Legal Affairs Department – VOR Market Research – Rua Senador Dantas, 71 – Rio de Janeiro, RJ – Brazil 20031-202
This Data Protection Policy may change over time or be updated for what we recommend and we strongly encourage you to continually revisit this page to ensure that you agree to such changes.