GDPR
Respondent Privacy Notice of Watermelon Research Ltd, in this notice, “we”, “our”, or “us” refer to Watermelon Research Ltd
Company Number: 07917715 Registered in England and Wales
Our registered address is: PO BOX 70693, 10a Greencoat Place, London, SW1P 9ZP
If you are reading this notice you have either already been contacted and have taken part in a market research survey or you have been invited to take part, and before you participate you would like to know more about us, your privacy rights under the Data Protection Act 2018 (The UK GDPR) the security of any information we hold about you and how we use your information.
Collection Methods
We collect research data using any of the below methods;
Email
Online Web Page
Panel or focus group
SMS – Text Message
IVR – Interactive Voice Response (self-service telephone call)**
Face to face
Telephone
**We will present different CLIs (Caller Line Identification) for different projects – a number will always be made available, we will never withhold the CLI.
Who We Are
Watermelon Research Ltd is an independent market research agency based in London, England. Watermelon is part of the VCCP Partnership owned by Chime Communications Limited.
Verification
You can verify that we are a genuine market research agency by calling the MRS (Market Research Society) on Freephone 0800 975 9596
Telephone Preference Service/Ex-Directory
If your telephone number is ex-directory and/or you’re registered with the Telephone Preference Service (TPS) you may think that we should not have called you;
When contact lists are provided by our clients, sometimes customers registered with the Telephone Preference Service (TPS) or listed as ex-directory still get called. Legally, we are allowed to do this, there is currently no legal requirement to screen research samples against preferences services (such as the Telephone Preference Service) when conducting market research. The TPS is designed to prevent unsolicited sales calls, a market research survey is not a sales call.
Ex-directory status means that a named customer cannot be traced through telephone directories. In itself it is not a reason to not contact a customer for research purposes. If companies did not contact ex-directory customers for feedback then any market research they commissioned would not be truly representative of their customers. This is why customers who are ex-directory are sometimes included in the contact lists we are provided.
Re-contact
As part of our quality control processes and for adherence to codes of conduct, we may need to re-contact respondents for verification purposes by either telephone or e-mail , to check that the survey was conducted in a compliant manner and to ensure integrity of the survey results. This is normally with respondents from focus groups and takes place within a week of the initial participation, it would be carried out by a member of our quality team. Once we have completed this quality control check, your personal details will be securely deleted.
Selling
If you take part in a survey we will never attempt to sell you anything, nor would we ever pass on your details to a third party.
How did we get your contact details?
As a Data Processor working under instruction from our clients (known as the data controller) they would have passed us your details and this is normally because you would have used a product or service of theirs. These details are shared using encrypted methods to ensure safe transit, you can ask us to remove these details at any time under your rights explained in the ‘Your rights’ section below. You can also contact the client who provided these directly.
We also conduct research using respondent panels where members have purposely agreed to take part in surveys or groups.
Legal Basis
The Data Protection Act lays out the lawful basis for which processing personal data can be legally carried out. Our legal basis for processing personal information is agreed with our clients beforehand which enables Watermelon to carry out market research, this is normally either under the legitimate interest of our client (the data controller) or by the use of consent. In certain cases, another basis would be used where we may undertake research for a public authority, the lawful basis would be public interest. In all cases this would be clearly defined, and you would be informed of which basis is applicable, you can also find out more from the Information Commissioner’s Office website.
Confidentiality
We will treat all responses that you give with the utmost confidentiality, in some situations we may ask you if you would like your responses to be attributed to you specifically (this is normally to help the client respond or address any of responses where necessary) where this might be the case we will only do this with your consent, you also have the right to refuse this option.
At no point will any of the information that you have provided be utilised for any other purpose other than that of research.
You should not incur any charges for taking part in a survey and all responses are gathered in adherence with the Market Research Society – Code of Conduct https://www.mrs.org.uk/standards/code_of_conduct
Children
We will always gain prior parental consent before conducting any surveys with children below the age of 13 (as amended by the Data Protection Act 2018)
Your rights
Under the UK General Data Protection Regulation (The UK GDPR) you have the following rights;
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling
Where you ask us to restrict processing – to not participate in the survey and not be contacted again, we would need to retain your email address to ensure that you are never contacted again. No other identifying information is ever stored within this suppression list.
If you would like to exercise any of these rights, you can do so by replying from the survey invitation email or by contacting our Chief Information Officer via the following;
Email: CIO@watermelonresearch.com
Post: The Chief Information Officer,
Watermelon Research
2nd Floor, Greencoat House,
Francis Street,
London,
SW1P 1DH
Transfer of data
We will never transfer your data to a third-party without informing you or gaining your consent to do so
We will not transfer your information outside of the UK
Security of Information
We have taken appropriate technical and organisational measures to ensure the security of our systems, services, protecting the integrity and accuracy of information processed or stored within those systems.
We only allow authorised employees to access specific data and always operate a least privilege policy. We use the strongest encryption methodologies to further protect information and reduce any risks with handling, thus ensuring that sufficient safeguards are in place.
To further ensure that our security management systems are fit for purpose, we have been independently audited and hold the following security certifications;
ISO27001:2013 – Information Security Management
Cyber Essentials
The survey platforms are also independently audited on an annual basis, the underlying code is also tested at the same time with both receiving A grade security ratings.
We are also members of the Market Research Society Fair Data Scheme: https://www.fairdata.org.uk/
Where we use electronic systems to collect survey response, these systems undergo annual independent security testing to ensure maximum security safeguards are present and maintained.
Survey Collection and Storage
Depending on the type of study and the method of collection, the time that it takes to complete a survey can vary and be anywhere from 5 – 60 minutes, this time period could also fluctuate based on the length of any responses you provide. In all cases we will give you an estimate of the time it will take to complete the process.
All data collection is carried out using systems that are based within the United Kingdom. Only selected and authorised employees can access the data for analysis and quality purposes, the end client would normally have access to the finalised survey data sets.
We will not keep your data for any longer than is absolutely necessary, the normal retention period is six months from project completion. We will never use your data to send unsolicited mail, nor would we pass on your email address for the same.
Cookies & IP Tracking Information
Watermelon uses technology known as Software as a Service (SaaS) to host the research surveys that we send out to respondents. These surveys are constructed specifically to ask all the questions that we would need to have answered by any participants for each study. This ensures that we are gathering only the agreed and minimum information needed on behalf of the Data Controller (Client) and due to this method of collection we do not need, use, or rely on any cookie information or respondent IP addresses to carry out this work.
Any survey session cookies are dropped, and no information relay occurs, no data analysis is carried out using cookies, nor can anyone be identified from cookie data.
We do not track, trace, or store any IP address information for any respondents that agree to complete surveys and connect to the SaaS platform.
Respondents have the right to refuse to complete a survey at any time along with their other rights under the GDPR.
Incentives
Some types of survey could have an incentive offered (such as a shopping voucher or small payment) to participate, in most circumstance these incentives will be handled by us. In the case where the client will handle these incentives we will fully inform you first.
Further Information
We have been in the market research industry for many years, winning various awards and working with some of the UK’s leading brands within that time. We hope that you have found this notice useful and we will happily respond to any requests or issues that you have.
You can find more information from the Market Research Society website: www.mrs.org.uk
You have the right to make a complaint to the Information Commissioner: www.ico.org.uk
This notice was last updated in September 2024, it will be updated from time to time as required.