Privacy Policy | Gemseek

GemSeek Privacy Policy: May 26th 2020

GemSeek takes your privacy seriously and, as a company, we are committed to protecting and respecting your privacy. This policy contains important information about the personal information it collects about you, how we will use this data, the conditions under which it may be disclosed to other parties and how it is secured. Please read it carefully. Please note that our policy may change over time, so do check this page to ensure you are aware of any policy changes.

We may be required to comply with requests for personal data from regulatory bodies and legislative authorities.

If you have any questions relating to our policy please email privacy@gemseek.com

Or by post: Bulgaria: GemSeek, 18 Shipchenski Prohod Blvd, Office 701, Sofia 1113, Bulgaria

Or by telephone: Bulgaria: +359 2 904 2702

Privacy Policy contents

Our Privacy Policy references five key sections including:

Who we are
Data security
Market research
Marketing communications

Who we are

This website is operated by GemSeek, whose registered office is:

GemSeek, 18 Shipchenski Prohod Blvd, Office 701, Sofia 1113, Bulgaria

The legal basis for using your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Where we have your express consent to do so.
Where we need to perform the contract, we are about to enter into or have entered into with you or to perform other legal obligations.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.

DATA SECURITY: How we keep your personal information secure

We take great care to ensure our business information systems are protected against the potential for malicious intrusion, for both stored and transmitted data. We use professional, reputable systems and suppliers and strong data encryption. We train all our staff to our information security standards. In addition to data protection legislation (for example, the EU General Data Protection Regulation) we work to market research industry professional standards and best practice.

Sending EU citizens’ data outside of the EU

We keep EU citizens’ data within the European Union as standard. If we have a technical or business requirement for EU citizens’ data to transfer beyond the EU, then we obtain the individuals’ permission for this or we will ensure that there is a formal written contract in place approved by the European Commission which gives personal data the same protection as it has in the European Union; in the event that any personal data is transferred to the United States, we shall ensure that the party receiving personal data has signed up to the Privacy Shield which requires them to provide similar protection to that afforded in the European Union. We ensure any data transfer and repository beyond the EU is secure to the standards of EU data protection legislation.

MARKET RESEARCH: Information about our market research activities

GemSeek collects and processes personal information as part of our business activity of conducting market research.

GemSeek complies with data protection legislation as applicable to the rights of citizens in the geographic areas in which our research activities are conducted. In the EU, as from 25th May 2018, this is the General Data Protection Regulation (Regulation (EU) 2016/679), commonly known as GDPR, which replaces the 1995 Data Protection Directive (Directive 95/46/EC). This new GDPR ruling means that there is a single set of data protection rules across all EU member states for the protection of its citizens’ personal data. This includes Rights for Individuals.

GDPR – Summary of Individual Rights

The right to be informed – right to be informed about the collection and use of personal data
The right of access – right to access their personal data and supplementary information
The right to rectification – right for individuals to have inaccurate personal data rectified, or completed if it is incomplete
The right to erasure – right for individuals to have personal data erased in certain situations
The right to data portability – right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services
The right to object – right to restrict processing of their personal data in certain situations, for example the right to object to use of personal data for direct marketing purposes
Rights in relation to automated decision making and profiling – right to be informed about and object to automated processing of data which may which may produce a potentially damaging decision
The right to withdraw consent at any time – this applies where we are relying on consent to process your personal data.

Why we collect and process personal data

The definition of personal data is where an individual can be identified directly or indirectly by that data on its own or together with other data.

As part of our market research activities we may collect and/or process personal data that helps us:

To know who to approach for participation in our research projects. This could be name, email address, telephone number, address. This may be from our clients if we are helping them assess their customers’ views of their products and services, or to conduct research amongst their own employees. It may be from a professional supplier of potential market research participants, where prior informed consent from the individuals will have been obtained by such suppliers. We may collect information from public sources on who to approach for research. In all cases we will obtain informed consent at the point of participation to proceed.
To control the design of the data collection.
For quality control purposes. For example, IP address is often used at this stage prior to anonymizing the data collected from surveys.
To provide information for analysis.

In order to run our business to provide services to our clients and/or to comply with other legal obligations, we also process personal data which includes:

Financial data – receiving and making payments
Transaction data – details of products and services you have purchased from us
Data related to employee administration
Commercial data

We also collect, use and share Aggregated Data as part of the delivery of our service to our clients. Aggregated data may be derived from your personal data but is not considered personal data in law as this does not directly or indirectly reveal your identity. If we combine or connect any aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We may collect Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. This Special Category data is subject to even stricter rules than apply to standard personal data and is only collected with your permission or where we have another specific legal ground to do so.

Collecting information from you

We collect personal information from people who take part in our market research related activities including, surveys (on-line or face to face, telephone), focus group discussions and other market research related activities. We will always explain what we require and obtain consent before it is collected.

We collect information for market research by;

web/internet surveys
telephone surveys
interviews by one of our interviewers either in-home or in a specific location (e.g. in a shopping centre, on a train station, at a venue) – this could be by using equipment such as a tablet or on paper forms
Self-completion surveys printed on paper forms – by post or in a specific location, site or event
focus groups
technology-based solutions (e.g. tracking website usage, behavioral data including eye-tracking data and collecting skin-response data)
Digital social media/interactive web platforms – in accordance with contractual terms and conditions as specified by the provider and relevant legislation
Mobile devices in accordance with contractual terms and conditions as specified by the provider and relevant legislation

Sending personal information outside of GemSeek

We will respond to requests for personal information in accordance with legislative and regulatory requirements.
We may use a research solution that requires personal information in order to proceed. For example, when we run online interactive research sessions, or ask participants to undertake certain tasks using mobile apps. This would be explained at the point of participation to proceed. We undertake stringent scrutiny of such services to check data security. We use solutions that restrict data to the EU as standard. Contrary to this, we would obtain consent.
We may ask you to attend a focus group discussion or go somewhere to test a new product, and it is possible we would need to send your contact details to our organizers for this.
It may be beneficial to pass your answers to the client who has commissioned the research about their product or service. This would all be explained and your permission sought before we would do this.
Your answers may be held on a database that is used by our clients to view and manipulate anonymized and aggregated research data via a website we have built for this purpose. We will gain your consent for any personal data or personally identifiable information that is available to be viewed by our clients.
We may use an approved research supplier to provide specialist services such as data collection, analysis, consultancy, digital production or research tools, specialist techniques such as biometric data collection and analysis.

Keeping your personal information

We only keep personal information for as long as required for the purposes of the research. Our data retention policy states that we will not keep personal information for longer than a year, except where previously agreed with our research participants.

Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis. From focus groups and small-scale research, we mask the identity of participants with labels such as ‘Male, 25-34, London’.

Use of cookies as part of our market research activities

If the use of cookies is required, this will be explained at the time and we will clarify how they will be used.

Access to your personal data and processing restriction

Please contact privacy@gemseek.com to request your data and/or data erasure or processing restriction. We will confirm receipt of your request within 5 working days and take the appropriate steps to consider your request in line with GDPR legislation. Please note, it is likely you will be asked for proof of identification prior to commencing any work in response to your request.

MARKETING COMMUNICATIONS: How we collect information from you

We collect, store and retain information about you in a variety of ways:

Visiting our website
Registering to receive our marketing communications
Registering to download content from our website
Applying for vacancies listed on our websites
When you contact us via our enquiry email

The type of personal information we collect

By personal information we mean any information that you provide via our website that we have collected and may include (but not limited to): Forename, Surname, Postal address, Email address, Telephone number, Job title.

How we use your information

If you are (i) an existing client (ii) interacting with our marketing communications (iii) engaging with us through business development and potential future work (iv) have given express consent to us to use personal information for marketing purposes, Future Thinking may at times use your personal information to provide you with marketing communications related to products, services and information relating to conferences and events.

Sending your personal information outside of Future Thinking Group

We may share information with our third-party service providers for services such as data analysis, website hosting, infrastructure provision, IT services, e-mail delivery services, auditing services, business development and lead generation, marketing services or to comply with legal or regulatory requirements.

Use of cookies on our website

Cookies are commonly used across websites and mobile applications which may be used by GemSeek to provide you with, for example, customized information from our website. The cookie will allow us to recognize you when you visit our website. A cookie is an element of data that a website can send to your browser which may then be stored on your system. It does not contain confidential information such as your home address, telephone number or credit card details.

We do not exchange cookies with any third-party websites or external data suppliers. If you wish, you can usually adjust your browser preferences so that your computer does not accept cookies. Turning off cookies may mean that there is a loss of functionality when using our website.

Use of Google Analytics

We use Google Analytics which is a web analytics service offered by Google to track and report our website traffic. For more information about Google Analytics please visit: https://www.google.com/analytics/#?modal_active=none

Unsubscribing from marketing communications

You have the right to withdraw consent to receiving direct marketing messages making use of your personal data at any point. If at any point you would like to opt out from receiving any marketing communications, simply click on the unsubscribe link at the bottom of any emails you receive.

Links to other websites:

The GemSeek website will contain links to other websites. Please note that this Privacy Policy only applies to GemSeek and our website. If you are taken to another website please read their own privacy policies. We do not control any third-party websites and are not responsible for their privacy policies. When you leave our website, you should read the privacy notice of every website that you visit.

Data Protection complaints

Individuals have the right to lodge complaints about data protection issues with their national supervisory authority of their EU Member State about alleged breaches of GDPR.

Bulgaria – https://www.cpdp.bg/