With USP your (personal) data is in safe hands

As a Fair Data research company, USP puts the utmost importance in correct and safe handling of your (personal) data. We will never use the data for any other purpose than the project agreed with our client. Our staff is trained and informed to work according the data privacy guidelines and our IT Department ensures a secure environment. Given the strategic importance of the data processed, USP has assigned a Data Protection Officer to monitor that USP and her sub processors work in line with the GDPR regulations. With these measures we minimize the risk for any incident, but in case there is a data breach, the Data Protection Officer will initiate the data breach protocol asap in close communication with you.

An important point regarding the data privacy regulations is the fact that market research (statistical research) is possible without prior notice and consent as long as the reporting is anonymous/ not linked to an individual respondent. This enables you to share your relation list for a research project without explicit consent. However, we do advice to always pre-inform your relations on an upcoming research to minimize any risk on complaint, unclarities and improve the commitment to participants.

What will you notice of the USP GDPR compliance?

  • For each project involving client data we will ask to have a signed processing agreement (defining the personal data, the processing activities and timing when USP will remove the personal data from the system).
  • We will advise to minimize the amount of data shared to only the strictly relevant.
  • We will advise which secure channel to use for sharing your data with us.
  • We will securely store your data and will only share this with a subcontractor after written approval from your side and signed agreement with the subprocessor.
  • We will only share identifiable data with you after explicit approval from the respondent.
  • After the end of the project we will remove your client data from all our files at the agreed date (default 6 months). We will inform you on these actions in advance.

If you have any questions or need more information on how GDPR impacts your organisation, feel free to contact me.

 

Gerwin Sjollema

Data Protection Officer