RED C collect certain information about you in the course of operating our business. This notice sets out details of the information that we collect, how we process it and who we share it with. It also explains your rights under data protection law in relation to our processing of your data.
If you have any queries in relation to this Privacy Information Notice, would like to exercise your data subject’s rights or have any questions concerning our data protection procedures please contact our Data Protection Officer using the details outlined at the end of this Privacy Information Notice.
This notice applies to all parties whose personal data we process. This includes but is not limited to research participants, members of the public, job applicants, employees, clients, sub-contractors and suppliers. Anyone under the age of 16 years should not disclose any personal data to us without first obtaining consent from a parent or legal guardian.
RED C Research & Marketing Ltd was incorporated in 2003 and is an independently Irish owned company. RED C Group, with offices in Dublin, Dundalk and London is one of Ireland and the UK’s premier providers of research-based consultancy services. We have a responsibility to everyone who interacts with us and participates in research with us to ensure that we process their personal data with due care. RED C places data protection and privacy at the centre of our business and uphold this by having mandatory staff training and data protection, privacy and IT security policies in place to ensure that the business operates within all relevant legislative frameworks.
Throughout this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to RED C Group. We share your information within the RED C Group where required in order to provide and improve our services and to comply with regulatory and legal requirements.
Personal data is the information that identifies you, such as your name, email or postal address. RED C collect and process personal data as part of the services we provide. This incorporates both online and physical data that allows a person to be identified. We limit the personal data that we process to what is required to undertake a particular function or service offering.
The following is the types of personal data we collect and the reasons why:
Most of the personal data that we collect will be provided by you through you voluntary contacting us or participating in, for example, a survey/focus group/depth interview with us. RED C only accept personal data from our clients about their customers/stakeholders or from third party organisations on the condition that sharing this data with us does not infringe data protection law and the information is provided to RED C for the purposes of providing market research services. Personal data is collected if you have voluntarily subscribed or asked us to subscribe you to our marketing communication or event lists or requested that we add you to our blacklist.
We will obtain your consent in order to process certain personal data about you that you have provided to us in a survey or focus group/depth/online community. You can withdraw your consent at any time during your participation in a survey or focus group/depth/online community. RED C will always provide an unsubscribe option at the bottom of any online survey invite or SMS that we send. If we process any special category data we will only do so if you have provided explicit consent.
In order to operate our business effectively, provide services and improve on current offerings we may process personal data on the legal basis of legitimate interest (as long as that processing does not unduly impact your rights). We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Where necessary for the performance of a contract to which you are a party. If you have entered into a service with us and the processing is necessary to perform the service.
The processing is required in order to comply with a legal obligation such as retaining financial records for Revenue, meet requirements under employment, social security or social protection law and for the establishment, exercise or defence of legal claims.
We will only use your personal data for the purpose for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose and as long as that processing does not unduly impact your rights.
We share your personal data with the following third parties:
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please email email@example.com. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We do not seek to actively transfer personal data outside of the EEA. If we transfer your personal data outside of the EEA we will ensure that appropriate measures are in place to protect your personal data and to comply with our obligations under applicable data protection law. This may mean that we enter into contracts in the form approved by the European Commission (EC), transfer to countries deemed by the EC to provide an adequate level of protection for processing personal data or putting additional measures and safeguards in place if we transfer data outside of the EEA to a country with no adequacy decision by the EC. If you would like further details about the measures we have taken in relation to the transfer of your personal data, please contact our Data Protection Officer – firstname.lastname@example.org.
Your personal data is treated confidentially at all times and we have taken the appropriate technical and organisational security measures against accidental loss, unauthorised use, access, alteration, disclosure or unlawful processing of this data. To this purpose we use several security techniques including secure servers, firewalls and encryption, as well as physical safeguard of the locations where data is stored. We limit access to personal data to employees, sub-contractors and third parties that are required to have access to perform necessary tasks within their functions of the business and they are subject to a duty of confidentiality. RED C have a Data Breach and Incident Reporting policy in place which sets out procedures for dealing with any suspected personal data breach and the requirements for notification of data subjects and where applicable the office of the Data Protection Commissioner.
There may be links provided to other websites, plug-ins and applications on RED C’s website. By clicking on these links or enabling a connection may allow third parties to collect or share information about you. We do not have any control over these third party websites and are not responsible for their privacy notices. We advise you to read the privacy notice of any website that you visit. Please note that this Privacy Information Notice only covers our own organisation and website.
The length of time we retain personal data for varies depending on the type of data and its use and is outlined in RED C’s Data Retention Schedule. RED C in establishing an appropriate retention period consider the volume of personal data held, the sensitivity of that data and potential risk of harm from unauthorised use or disclosure. RED C will retain your personal data for as long as reasonably necessary for the purpose for which we collected it, as communicated to you as part of the consent, or as long as the law prescribes. If you have any queries in relation to this please contact our Data Protection Officer – email@example.com.
You have various rights under data protection law, subject to certain exemptions, in connection with our processing of your personal data:
In order to exercise any of the above rights, please contact RED C’s Data Protection Officer using the contact details set out below. Exercising these rights are subject to the conditions and limits established by the GDPR and if we believe your request to be ineligible we shall inform you of this and our reasoning. You will not be required to pay a fee to exercise your rights. We may need to request specific information from you to help us confirm your identity as a security measure to ensure your data is not disclosed to anyone who does not have a right to access it.
RED C reserves the right to change any of the terms of this Privacy Information Notice at any time and without notice. RED C therefore recommends that you review this Privacy Information Notice regularly and before participating in a research project with us.
It is important that the personal data that we hold about you is accurate and up to date therefore please let us know if your personal data changes during your relationship with us.
If you have any queries or requests in connection with our processing of your personal data, you can get in touch with us using the following contact details. Please note our preferred method of contact is email.
Name: Janna Howard
Tel: (01) 818 6316
Address: RED C Research & Marketing Ltd, Ground Floor, Block G, East Point Business Park, Alfie Byrne Road, Dublin 3, Ireland, D03 H2N1
If you are not happy with regards how we are processing your personal data please note that members of the public have the right to lodge a complaint with the office of the Data Protection Commissioner and guidelines on how to do this can be found on their website. https://www.dataprotection.ie/