At Quipper Research we observe the Professional Codes of Conduct in accordance with ESOMAR and MRSI guidelines and assure fundamental GDPR compliance to secure sensitive personal data of respondents participating in our research studies.
Quipper Team members all complete the GDPR Compliance: Essential Training Course (National Association of State Boards of Accountancy(NASBA) | Registry ID: #140940) and adhere to storage, encryption and deletion requests and requirements deemed necessary in individual research project.
Core Principles of Quipper’s Professional Codes of Conduct:
- We obtain informed consent from market research respondents, willingly given,to collect and use their data, ensuring they clearly understand why
we’re collecting the data and how it will be used.
- We observe the rights of respondents, including confidentiality,anonymity where and when needed, and the right to withdraw at any stage
- We keep Research separate from any form of promotion. We never use Market Research as a vehicle for disguised promotion.
Additional Principles of our Professional Codes of Conduct:
- We must treat respondents with respect.
- We must behave ethically at all times
- We ensure data collection is adequate, relevant and not excessive.
- We assure that respondents are never harmed or disadvantaged in any way bytheir participation in our research studies.
- We must ensure that data is processed fairly and legitimately – and only used for the specific, original purpose.
- We assure that respondents are never harmed or disadvantaged in any way by their participation in our research studies.
- Recordings of interview are auto deleted after 30 days of storage.
- We mustn’t undermine or damage the reputation of Market Research.
- We must conduct our Market Research accurately and transparently.
Data Protection and Security Policy
The General Data Protection Regulation (GDPR) is European wide data protection legislation that requires organisations working with individuals based in the European Economic Area to meet certain requirements regarding the collection, processing, security and destruction of personal information.
Despite Quipper being located in India and typically dealing with personal data of Indian citizen, we collaborate with European research partners and hence follow and apply GDPR compliance across our studies.
As we undertake research that collects personal information about living people who can be identified from the information they have provided, we aim to ensure compliance with the General Data Protection Regulation.
The information we gather about an individual will be collected in a way where they are informed how we intend to use that information, for what purposes and how we will share it.
General Data Protection Regulation
The General Data Protection Regulation (GDPR) governs the processing (i.e. obtaining, holding, organising, recording, retrieval, use, disclosure, transmission, combination and destruction) of personal and sensitive data (i.e. information relating to a living individual – the data subject) and sets out the rights of individuals whose information is processed in manual or electronic form or held in a structured filing system. There are six principles that describe the legal obligations of organisations that handle personal information about individuals. These Principles are:
1. Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the individual.
2. Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
3. Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
4. Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods in so far as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals. Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technicalor organisational measures.
Quipper Research Pvt Ltd make sure that personal information is held securely and does not become inadvertently become available to unintended organisations or individuals. The General Data Protection Regulation advocate these specific rights of individuals, which
Quipper Research adhere to:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling