|
Privacy Policy
In accordance with the Personal Information and Electronics
Documents Act (PIPEDA) , Dufferin Research has posted the
following privacy policy. Many of these policies have been in
effect since the company's inception, but now are formalized in
this statement.
A complete version of the Privacy Act & other related documents are available at the federal Privacy Commissioner’s Web site, www.privcom.gc.ca.
The Act has 10 privacy principles set out.
These are:
The privacy officer for Dufferin Research is Rick Frank. If you have any
questions about this privacy statement, you can contact the privacy
officer by sending an email to
or by mail to Privacy Officer, Dufferin Research, 2255 St. Laurent
Blvd #115, Ottawa, K1G 4K3.
Most data collection conducted at Dufferin Research is online.
Typically Dufferin Research sends out email invitations to respondents to
participate in a survey. In other cases, a "pop-up" invitation
is launched from a relevant website. In either the invitation
or within survey introduction, there is an advisory passage mentioning
that responses are used strictly for research purposes.
Email invitations clearly identify Dufferin Research and/or another Survey
Research partner on whose behalf we are conducting the online
survey research. A reply to the sending address always goes to
the individual responsible for the survey who can further clarify
the purpose of that particular study.
Dufferin Research provides aggregate data from all surveys to clients who
sponsor that study. Non-aggregated personal information is only
released to other Research partners for research purposes, such
as verification of authenticity or follow-up studies where permission
has been obtained.
Personal information is never released for non-research purposes to any client
or research partner.
A respondent's participation in online research is by nature voluntary because
it is a self-completed survey. By clicking the link or proceeding
past the first page of a popup survey, implicit consent has been
given to conduct the survey.
Non-response categories are usually available for most questions (e.g. refused/don't
know/not applicable/rather not say). Where questions are deemed
critical to a successful completion of a survey and such options
are not available, a respondent can discontinue participation,
thus withdrawing consent, should they not wish to answer.
Most online surveys conducted at Dufferin Research have temporary "session"
cookies placed on the users computer to maintain connectivity
to the webserver. These cookies automatically expire as soon as
the user closes their browser session. No personal information
is collected by the session cookies.
The webserver does collect information about the user's "http environment
variables". This is necessary and is done by all webservers. This
contains only relevant hardware and software information needed
by the webserver to do its job. No personal information is collected
in this fashion.
The amount and type of personal information collected is limited to that which
is deemed necessary for the purpose of the study. In almost all
cases, personal information is collected for the purpose of grouping
aggregate data, not for identifying individuals.
In rare cases where the purpose is for re-contact, such purposes will be made
clear to the respondent prior to answering the question and consent
to do so will be explicitly obtained.
Dufferin Research makes use of or discloses personal information only for
the reason(s) it was collected and for which we have obtained
consent. Since the survey is typically completed online, the consent
given by the respondent was obtained at the time of the survey
, and this is adhered to.
The only exception to this stated policy would be if Dufferin Research were
required to disclose information for legal reasons, for example
if issued a subpoena or other court or government orders.
Dufferin Research keeps personal information only as long as deemed necessary
by the sponsor of the survey and it is kept only for the identified
purposes. If not provided with a clear instructions on how long
to keep personal information, we adhere to the standards of The
Canadian Association of Marketing Research Organizations (CAMRO)
which requires its members to retain completed hardcopy questionnaires
for 12 months and electronic records for 24 months.
Once personal information is no longer needed for its identified purposes
or for legal requirements, it is destroyed. Paper records are
shredded. Electronic records are erased.
Dufferin Research updates personal information only if it is necessary for
the purposes for which it was collected. Due to the nature of
the online research conducted, most contacts are on a one-time
basis only, and as such are never modified while stored at Dufferin
Research.
Should Dufferin Research be required to keep personal information that is
to be used on an ongoing basis (which is not the normal practice
of Dufferin Research), every reasonable effort will be made to
ensure the accuracy of this data.
Several security measures are in place to safeguard personal information.
The entire office, including the data storage area, has 24-hour electronic
security monitoring, to limit unauthorized physical access to
the data.
Electronic security is ensured by multi-level firewalls and a secure password
policy to prevent unauthorized access to personal information
stored on the network.
Dufferin Research informs all persons granted network access or physical access
to areas containing personal information about its policies and
procedures regarding confidentiality, security and privacy. The
expectation of compliance with these policies is made clear.
Confidentiality agreements are routinely signed with third parties engaged
in the survey collection process (even if not privy to personal
information).
Dufferin Research shreds paper documentation containing personal information
in order to prevent unauthorized access at the time of disposal.
Old, unused or defective computer hard drives containing personal
information are destroyed prior to disposal to prevent data recovery.
Dufferin Research is open about the procedures used to safeguard & manage
personal information. Access to information about these procedures
is available through this Privacy Policy. Further clarifications
can be obtained by contacting the Privacy Officer.
Upon request, an individual will be informed of the existence, use and disclosure
of any personal information about them that is currently in the
possession or control of Dufferin Research.
Individuals can have access to personal information about themselves after
providing proof of identity (to ensure personal information is
never released to the wrong person inadvertently) and a written
request to the Privacy Officer.
We will also honour requests to identify the source of an individual's email
address, in the case of online surveys, so that the respondent
can take steps to ensure their removal from that list should this
be desired.
If for any reason access to personal information is denied, if for example
the information was collected for the purposes of a legal investigation,
a written reply stating the reasons for refusal will be provided.
The individual may then challenge Dufferin Research’s decision.
Dufferin Research’s compliance with this Privacy Policy can
be challenged by directing any complaints or questions in writing
to the Privacy Officer.
Dufferin Research will investigate all complaints and attempt to resolve those
that it finds are justified and, if necessary, will amend its
policies and procedures to reflect these findings.
If anyone is unsatisfied with Dufferin Research's response to their complaint,
they can contact the Federal Privacy Commissioner.
|
