YOUR PRIVACY Matters
Who Are We?
Face Facts Fieldwork Ltd (trading as Face Facts Research) carries out market research with the general public on behalf of our clients.
We are registered with the ICO (Information Commissioners Office) for the purpose of processing personal data. Their website www.ico.org.uk/for-the-public/ has information for consumers. Our company registration number is ZA467635.
All data collected and processed is only done so after explicit participant consent is obtained (free and informed) and such consent can be withdrawn at any point in the process.
We process your personal data for our legitimate business interest in conducting market research studies and in accordance with Data Protection laws. We have suitable physical, electronic and managerial procedures in place to safeguard your data.
What information do we collect from you?
Market Research gives consumers like yourself the opportunity to provide your opinions and feedback about services, products or concepts covering many different topics. The insights that are generated are vital in the manufacturing, service or marketing process and can shape the way you see a product designed, advertised or the customer service you receive. It’s our job as Market Researchers to be curious about people’s opinions and ask questions. Alongside collecting your opinions/ feedback we also sometimes ask for you to give us some personal information to help with the analysis or other areas of the research, this is explained below.
How do we use this information and what are the legal basis for our processing?
Face Facts Research processes your personal data for our market research projects.
The legal basis for any initial contact with you is based upon a legitimate interest, whereby we are contacting you on behalf of our client who has a legitimate business for processing the data. After which participant consent and agreement to take part in market research studies or any further recontact forms the legal basis for us processing the data.
To ensure we gain your explicit consent, we will always ensure that you are fully informed regarding the research project with clear information so that you can openly decide whether you wish to take part or not. Equally you have the right to withdraw your consent at any point.
We are not trying to sell anything. The answers you give us are completely confidential and are used for market research purposes only and never for direct marketing purposes.
We don’t pass on your individual information to third parties. However, should any personal data be shared with any third parties such as regulators, law enforcement or others who have a legitimate legal request you would be notified at the onset before this is passed on.
Sensitive Data Collection And Processing
On some projects you may be asked to share some sensitive personal information. Again you would be thoroughly informed about the market research project and how the data you are supplying will be used so you can make your decision whether you wish to consent to take part. Sensitive information can be:-
• racial or ethnic origin
• political opinions
• religious or philosophical beliefs
• trade union membership
• the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person
• an individual’s health
• a natural person's sex life or sexual orientation
We have suitable physical, electronic and managerial procedures in place to safeguard all your data.
Who Do We Share This Information With?
We never use or share the personally identifiable information provided to us in any way without also providing you an opportunity to opt-out or otherwise prohibit such uses.
No data collected will be transferred cross-border.
How Long Do We Keep Your Data?
Face Facts only retain PII data (Personal Identifying Information) for the duration of the market research project and it is then deleted after 3 months. If a client project dictates otherwise, Face Facts would ensure that all participants are informed at the start of the project and that their explicit consent is granted and they are fully aware of how long the data will be used.
What Are Your Rights?
As a consumer/member of the public you have individual rights (with any company) to access any data they may hold about you.
The 8 GDPR (General Data Protection Regulation) key rights are:
2) The right of access - you may request information on any data we hold on you and any supplementary information. You can request details of any personal data we have about you by submitting a subject access request to firstname.lastname@example.org
3) The right to rectification – if any personal data held or stored is incorrect or incomplete you have the right to ask us to amend/change/adapt.
4) The right to erasure – you have the right to request that your data be deleted if the processing of such data has no legal basis or if the legal basis no longer applies.
5) The right to restrict processing - at any point you have the right to ask for us to stop contacting you and processing your data further
6) The right to data portability – have the right to request for any personal data provided to be made available to yourself in an easily reasonable format.
7) The right to object (including marketing) – you have the right to object to take part in any research project you have been approached about.
8) Right in relation to automated decision making and profiling – you have a right to know if decisions are being made about you, or you are being evaluated using automated means or profiling information.
How Can You Contact Us
Should you have any questions or concerns about this policy, please email us at:
If you have a complaint, we have appointed an external Data Protection Officer, The Privacy Partnership. If you have any Data Protection related queries or concerns you can email email@example.com.
Our Commitment To Data Security
To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We are ISO:27001 certified. The ISMS (Information Security Management System) demonstrates good security practices and ensures adequate and proportionate security controls are in place that protect information in line with rigid regulatory requirements.
We are subject to regular reviews and internal audits that establish the controls are working as intended.