Privacy Policy contents
Our Privacy Policy references five key sections including:
- Introduction
- Data collection
- Marketing communication
- Cross-border transfer
- Contact us
1. INTRODUCTION
Clouddo Consulting Ltd. recognizes and respects your right to privacy. This Privacy Policy provides information about the collection and use of your personal data, the conditions under which we may disclose the data to other parties, and the security measures we implemented to protect your data.
We encourage you to read this Privacy Policy carefully to understand how we handle your Personal Information.
Please note that the policy may change over time. In order to ensure you are aware of any changes, please check this page regularly.
2. MARKET RESEARCH
Information about our market research activities
We conduct market research on behalf of clients, and as a part of our business operations, we collect and process personal information. By participating in our survey(s), you agree to this policy and the use of your personal data. The definition of “personal data” as per GDPR is “any information that relates to an identified or identifiable living individual. We comply with data protection legislation as applicable to the rights of citizens in the geographic areas in which our research activities are conducted.
Personal data provided by clients
It is common for our clients to provide us with a sample of existing clients, customers, suppliers and/or employees. In such case, we act as the Data Processor, and our client is the Data Controller. In such cases, our clients are responsible to assure all consents, laws and regulations that are applicable are strictly followed. Any processing of transmitted Personal Data happens in accordance with the instructions by our client, covered by the provisions of our customer and partner contractual agreements. These instructions may include restrictions on the use of sub-processors and the transfer of your Personal Data to third parties or countries. Clouddo complies with all restrictions and instructions of our clients. Irrespective of any client requirements, any Personal Data may be processed:
- Only for the purpose, it was provided
- Kept no longer than required
- Subject to the same security requirements applicable to Clouddo’s own Personal Data
How we keep your personal information secure
We take great care and have implemented appropriate technological and organizational measures to protect the personal data submitted to us during transmission, processing and storage. We use professional, reputable systems and suppliers, and strong data encryption. We train all our staff to our information security standards. In addition to data protection legislation (for example, the EU General Data Protection Regulation), we work to market research industry professional standards and best practices. All third-party contractors and employees are contractually obliged to follow our security, confidentiality and privacy policies and procedures.
What type of personal data do we process?
In order to run our business and provide services to our clients and/or/to comply with other legal obligations we may process the following type of personal information:
- Personal identification data e.g., name, title, position, etc.
- Contact information e.g., email, phone, address
- Traffic data and other related data e.g., location data, IP address, cookies
- Financial data
- Transaction data
- Employee data
Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis. From focus groups and small-scale research, we mask the identity of participants with labels such as ‘Male, 25-34, London’.
Duration of processing and data storage
Unless otherwise agreed with our clients, your Personal Data will be retained only for the purpose of the services provided and for no longer than 6 months, unless otherwise required to do so by law or where we have previously agreed with our research participants. Personal Data that is no longer required will be either anonymized, deleted and/or disposed of in such a way as to ensure the confidentiality nature is not compromised.
3. DATA WE COLLECT
What type of personal data do we collect?
We collect personal information from individuals who take part in our market research-related activities including, but not limited to:
- Personal identification data e.g., name, title, position, etc.
- Contact information e.g., email, phone, address
- Traffic data and other related data e.g., location data, IP address, cookies
In such cases, we are the Data Controller. We obtain consent and provide an explanation of the purpose of collection, usage and retention.
How do we collect the data?
- Interviews by our interviewers either in-home or in a specific location (e.g., shopping center) via tablet or paper forms
- Social media/interactive web platforms – in accordance with contractual terms and conditions as specified by the provider and relevant legislation
- Mobile devices as specified by the provider and relevant legislation
- Website Contact Form
Conducting surveys with third-party suppliers
When we conduct surveys using third-party suppliers via their interviews /invitations/ platforms and questionnaires, a contractual agreement of data processing on behalf of Clouddo is executed, adding the appropriate provisions governing the relationship with the provider/supplier. With respect to the processing of Personal Data on behalf of Clouddo, the provider/supplier may only process Personal Data as per the written instructions from Clouddo.
All providers/suppliers are chosen carefully, based on their ability to cover the required technical and organizational protective measures and in line with Clouddo’s supplier approval process.
Duration of Personal Data
We only keep personal information for as long as required for the purposes of the research. Our data retention policy states that we will not keep personal information for longer than a year, except where previously agreed with our research participants. Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis.
Access to your personal data and processing restriction
Please contact privacy@clouddo.com to request your data and/or data erasure or processing restriction. We will confirm receipt of your request within five working days and take the appropriate steps to consider your request in line with GDPR legislation. Please note, it is likely you will be asked for proof of identification prior to commencing any work in response to your request.
4. MARKETING COMMUNICATION
How we collect information from you?
We collect, store and retain personal information about you in a variety of ways:
- Visiting our website
- Registering to receive our marketing communications
- Registering to download content from our website
- Applying for vacancies listed on our websites
- When you contact us via our inquiry email
The type of personal information we collect
By personal information we mean any information that you provide via our website that we have collected and may include (but not limited to):
- Forename
- Surname,
- Postal address
- Email address
- Telephone
- number
- Job title
How we use your information
If you are (i) an existing client (ii) interacting with our marketing communications (iii) engaging with us through business development and potential future work (iv) have given express consent to us to use personal information for marketing purposes, Clouddo may at times use your personal information to provide you with marketing communications related to products, services and information relating to conferences and events.
Sending your personal information outside of Clouddo
We may share information with our third-party service providers for services such as data analysis, website hosting, infrastructure provision, IT services, e-mail delivery services, auditing services, business development and lead generation, marketing services or to comply with legal or regulatory requirements.
Use of cookies on our website
Cookies are commonly used across websites and mobile applications which may be used by Clouddo to provide you with, for example, customised information from our website. The cookie will allow us to recognise you when you visit our website. A cookie is an element of data that a website can send to your browser which may then be stored on your system. It does not contain confidential information such as your home address, telephone number or credit card details.
We do not exchange cookies with any third-party websites or external data suppliers. If you wish, you can usually adjust your browser preferences so that your computer does not accept cookies. Turning off cookies may mean that there is a loss of functionality when using our website.
Use of Google Analytics
We use Google Analytics which is a web analytics service offered by Google to track and report our website traffic. For more information about Google Analytics please visit: https://www.google.com/analytics/#?modal_active=none
Links to other websites
Clouddo’s website will contain links to other websites. Please note that this Privacy Policy only applies to Clouddo and our website. If you are taken to another website please read their own privacy policies. We do not control any third-party websites and are not responsible for their privacy policies. When you leave our website, you should read the privacy notice of every website that you visit.
5. CROSS-BORDER TRANSFERS
Sending EU citizens’ data outside of the EU
We keep EU citizens’ data within the European Union as a standard. If we have a technical or business requirement for EU citizens’ data to transfer beyond the EU, then we obtain the individuals’ permission for this or we will ensure that there is a formal written contract in place approved by the European Commission which gives personal data the same protection as it has in the European Union. In the event that any personal data is transferred to the United States, we shall ensure that the party receiving personal data has signed up for the Privacy Shield which requires them to provide similar protection to that afforded in the European Union. We ensure any data transfer and repository beyond the EU is secure to the standards of EU data protection legislation.
6. HOW TO CONTACT US
If you have any questions or comments about Clouddo’s Privacy Policy or the practices of this site, if you would like to issue a complaint, or if you have an unresolved privacy and data use concern, we would like to hear from you at: privacy@clouddo.eu or by mail at the following address:
Clouddo Ltd.
Otets Paisiy str. 42,
Varna 9000, Bulgaria