Last Updated: March 3, 2020
At Hemispheres, we are committed to market research best practices, and are serious about your privacy. Our privacy practices are compliant with applicable Unites States research industry codes and standards as well as all relevant federal and state laws with respect to data protection and privacy including but not limited to, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Child Online Privacy and Protection Act (“COPPA”), the General Data Protection Regulation (“GDPR”) (Regulation (EU) 2017/679 and the recently enacted California Consumer Privacy Act (CCPA).
If you participate in research as a Respondent, unless you give us your express consent, we will not use your information for direct sales or direct marketing purposes, or for any other non-research purpose.
By using the Sites and/or the Services, you consent to the terms of this Policy, which forms a binding agreement between you and Hemispheres. If you do not agree with this Policy, do not use the Sites or the Services. Continued use of the Services and the Sites constitutes your freely given, specific, and informed consent and agreement to the collection and use of your personal information.
Collection of Personal Information
Under a number of laws and regulations, “personal information” includes information such as real names, postal addresses, email addresses, and social security numbers. Under CCPA’s broad definition, “personal information” may also include unique identifiers, IP addresses, biometric information, internet or other network activity (such as browsing history, search history, etc.), geolocation data, audio/visual data, and even inferences which may be drawn from any of the above to create a profile about a consumer.
In the previous 12 months, we’ve collected, used, and shared personal information as described below:
|Info Collected||Sources of Info||Business Purposes||Shared With|
|Respondent names, email addresses, mailing addresses, IP addresses, unique identifiers||Respondents; third-party sample providers; interview recruiters; clients; other collaboration partners||Survey follow-up; communicating with you; announcing research opportunities; validating Respondents’ identities (data quality)||Vendors (e.g., as required for secure database management, recruiting, and honoraria distribution)|
|Demographic data, such as age, sex, race/ethnicity/nativity, parental status, marital status, ZIP code, income and education levels||Collected directly from respondents; third-party sample providers; interview recruiters||Use in research results (e.g., aggregate survey results, survey insights, etc.)||Clients; Data collection partners|
|Log files, browser type, operating system, and other device information||Collected directly from online users; received in aggregate form from third-party service providers||Analyzing web traffic; analyzing survey usage||Third-party service providers; Clients (anonymized or aggregate only)|
|Respondent photos, video, and audio||Collected with permission directly from respondents during the course of research studies||Communicating research insights||Clients; Vendors (e.g., focus group facilities); Contractors (e.g., focus group moderators, videographers)|
|Business partner employee names, addresses, phone numbers, and email addresses||Collected with permission directly from our business partners||Administration of our business relationships with clients and vendors/suppliers||Third-party service providers, under confidentiality agreements|
|Social media information (e.g., handles, basic information available on profiles)||Collected when you interact with us or our Sites using social media platforms||Interacting with Clients and respondents|
|Telephone numbers||Respondents; third-party sample providers; interview recruiters; clients; other collaboration partners||Announcing research opportunities||Third-party service providers|
|Voter history/intent, opinions on candidates||Collected with permission directly from respondents during the course of research studies||Communicating research insights||Clients|
|Products used, shopping locations, purchasing history||Collected with permission directly from respondents during the course of research studies||Communicating research insights||Clients|
|Health status, ailments||Collected with permission directly from respondents during the course of research studies||Communicating research insights||Clients|
Personal Information We Sell and Disclose
CCPA defines the term “sell” broadly. Its meaning includes “renting, releasing, disclosing, disseminating, making available, [and] transferring…for monetary or other valuable consideration.” Under this definition, the CCPA’s broad definition of “personal information,” we may “sell personal information” about you to our clients or other collaboration partners, such as your contact information or certain combinations of anonymized or pseudonymized demographic and other information.
Categories of information we’ve “sold” in the previous 12 months include: Respondent information, such as names, email addresses; demographic data, such as age, sex, race, ethnicity, nativity, parental status, marital status, zip code, income and education levels; respondent photos, video, and audio; business partner employee names, addresses, phone numbers, and email addresses; residential address, zip code; voter history/intent, opinions on candidates; products used, opinions on products; programs participated in, opinions on programs; stores shopped at, opinions on stores; health status, ailments; experience with service providers or health industry companies.
Categories of information we’ve otherwise disclosed for a business or commercial purpose (for example, for confidential use by our service providers) in the previous 12 months include: the above categories of information we’ve “sold,” as well as browser type, operating system, IP addresses, unique identifiers, other device information.
Other Uses of Personal Information
Hemispheres will not disclose personal information other than for the purposes listed above, without the permission of the Respondent or the Client. The following are exceptions:
- Under certain circumstances, Hemispheres may be required or permitted by law, regulatory agencies, or court orders to disclose personal information.
- Personal information may be disclosed when the survey clearly states that the information will be disclosed.
- Personal information may also be disclosed when a Respondent makes a request during the survey that can only be fulfilled by disclosing information from the survey.
- We may use or disclose personal information where necessary to identify, contact or bring legal action against someone who may be violating their agreement with us or may be causing injury to or interference with Hemispheres’ rights or property, other Respondents, or anyone else that could be harmed by such activities.
- In the event of a sale, merger, liquidation, dissolution, financing, or reorganization of Hemispheres, either in whole or in part, Hemispheres may disclose, transfer or assign personal information or other research data to those involved in the negotiation or transfer.
If Hemispheres shares your personal information or allows it to be collected or maintained by anyone other than Hemispheres, the use of your personal information will be governed by appropriate confidentiality and security agreements.
Privacy Rights under CCPA and GDPR.
Transparency and the right to information. Through this policy we explain how we use and share your information. If you have questions or need additional information you can contact us any time.
Your Right to “Know” and to Request Correction, Modification, or Deletion
You have the right to know the categories and specific pieces of personal information we have collected about you. You have the right to know the categories of sources from which the personal information has been collected, the business or commercial purpose for collecting or selling personal information, and the categories of third parties with whom we share personal information. You have the right to request correction, modification or deletion of personal information we’ve collected or maintain. To exercise these rights please connect with us at the address below in “Contact Us”.
Your Right to Withdraw your Consent and to Object at any time.
When we process your personal data based on your consent, you have the right to withdraw it at any time. You have the right to object at any time to receiving marketing or promotional materials from us by either following the opt-out instructions in commercial e-mails or by contacting us, as well as the right to object to any processing of your personal data based on your specific situation. Some non-marketing communications are not subject to a general opt-out, such as communications about transactions and disclosures to comply with legal or ethical requirements.
Your Right to Data Portability.
You have the right to data portability of your own personal data by contacting us.
Your Right Not to be Subject to an Automated Decision, including profiling.
We do not make automated decisions using your personal data that may negatively impact you.
Your Right to Opt-Out
You have the right to opt-out of the sale of your personal information. For more information on how to opt out, please connect with us at the address below in “Contact Us”.
Your Right to Non-Discrimination
You have the right not to receive discriminatory treatment by Hemispheres for the exercise of the privacy rights conferred by the CCPA, including but not limited to by denying you services, charging different prices or rates, or providing you with a different level or quality of services. Please understand, however, that we are in the business of providing research to our clients, and any financial incentives we offer to facilitate that goal may be rewarded only if the applicable survey, research project or study is fully and properly completed by the respondent, in the sole discretion of Hemispheres.
Your Right to Use an Authorized Agent
You have the right to designate an authorized agent to make a request under the CCPA on your behalf. To designate an authorized agent, please contact us as provided below. In order to verify you have authorized an agent we will require a signed, written authorization from you.
Your Right to Lodge a Complaint.
If you consider that the processing of your personal data infringes your privacy rights according the European Privacy regulation, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement.
If you make a request to access or delete your information, or to opt-out of the sale of your personal information, we may ask you for additional information to verify your identity. This information may include: your full name, birth date, phone number, email address, or other basic personal information about you that we already have on file. Please be advised that our ability to answer your request is contingent on our ability to identify what information belongs to you. In any case, we will always use best efforts to identify and delete or disclose all personal information related to you.
Notice of Financial Incentive
Hemispheres may offer opportunities for you to earn money by answering surveys or any other forms of research. Participation in these offerings may require you to provide personal information. For more information about how to opt-in to these offerings, or about how to opt-out once you have opted-in, see the notices and official rules accompanying these incentives.
California’s “Shine the Light” Law
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the disclosure of personal information to third parties for the third parties’ direct marketing purposes. If you are a California resident and wish to obtain information about our compliance with this law, please connect with us at the address below in “Contact Us”. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are not required to respond to requests made by means other than the e-mail address or mailing address provided herein. For the avoidance of doubt, the “Shine the Light” law only applies to the direct marketing activities of Hemispheres.
Information Accuracy & Retention
We make efforts to ensure that personal information we receive or maintain is accurate and complete, but we rely on the accuracy of the information provided directly to us.
To determine the appropriate retention period for information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we process your information and whether we can achieve those purposes through other means, and the applicable legal requirements.
As a general matter, we do not keep data for more than seven (7) years. But we reserve the right to retain personal information for any period required by law, or to comply with our legal obligations, resolve disputes, and enforce our agreements.
Protection of Personal Information
Our Sites and applications housing personal information we collect use industry standard encryption. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place industry standard physical, electronic, and managerial procedures to help safeguard the information we collect.
If we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps, by posting a notice on the Sites and/or sending an email to you at an email address you have previously provided to us.
Information Collected on Behalf of Clients
For certain Services, we collect and process information about individuals at our clients’ direction (“Client Data”). We are not responsible for how our Clients treat the information we collect on their behalf, and we recommend you review their privacy policies.
Do Not Track
A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information about you, similar to a preference file created by a software application. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
- To identify you when you visit our Sites
- To help us analyze the use and performance of our Sites and Services
Your Choices Regarding Cookies
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Please note that blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our Sites.
Individuals in the EU
We will not process any personal information of individuals in the European Union (“EU”) collected by us or received from a third party unless we have a legal basis for doing so as prescribed by the General Data Protection Regulation (“GDPR”).
In most cases, we process personal information because you have given us your consent to do so. We may also process personal information as necessary to comply with our legal obligations, to protect your vital interests or the vital interests of another person, or for the purposes of pursuing our legitimate business interests, except where such interests are overridden by your interests or fundamental rights and freedoms.
When transferring the personal information of EU data subjects out of the EU, we also enter into data protection agreements that comply with EU privacy laws and regulations, as appropriate.
The Sites and the Services are not intended for, and we do not knowingly collect information from, individuals under the age of 16. If we discover that we have unintentionally done so, we will promptly delete such information.
We reserve the right to modify this Policy at any time. If we decide to change our Policy, we will prominently post those changes here and any other place we deem appropriate, so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
Regardless of your location, you have the right to opt out of communications from Hemispheres, to exercise choice in how your information is used, and to access, correct, amend, or request deletion of the personal information we hold about you, except where the burden or expense of providing such access would be disproportionate to the risks to your privacy, or where the rights of third parties would be violated.
To exercise your right to make such choices, please contact us at firstname.lastname@example.org or at the address below:
Attn: Chief Privacy Officer
4703 Ballard Ave NW
Seattle, WA 98119