Kantar Public

Office for National Statistics

SURVEY PRIVACY POLICY FOR THE CRIME SURVEY FOR ENGLAND AND WALES

Last updated: 4th June 2018

This policy applies to data submitted by respondents who have completed or are about to complete the Crime Survey for England and Wales. For the privacy policy relating to individuals visiting http://www.crimesurvey.co.uk who wish to find out more about the Crime Survey for England and Wales, please follow this link.

Introduction

This research is conducted by Kantar UK Limited trading as Kantar Public, the Data Processor, on behalf of The Office for National Statistics (ONS), the Data Controller. By participating in our survey, you agree to this use of your personal information explained below. We ask you to read this privacy policy carefully. For the purpose of this Policy, the definition of ‘personal data’ is information which relates to and can identify a living individual.

Lawful collection and use

This Policy explains how we collect, store and use the personal information you provide when taking part in a face to face social research survey for us.

For the purpose of this Policy, the definition of ‘personal information’ is information which relates to and can identify a living individual.

When we conduct research, our interviewers/invitations and questionnaires clearly identify us and explain the purpose of our contact and If applicable, the purpose for our collecting your personal data.

When we contact you, generally in person, by telephone, by email or by post, we do so for one of the following purposes:

Case Purpose Data collected / processed Legal Basis
Surveys To understand your views about certain products and services or to understand your behaviour in different situations. To validate answers you gave in a recent survey we conducted. Administer prize draws and incentives. Recontact participants e.g. for ongoing and follow-up surveys. Unique identifier, contact details, email address, voice, image, opinion Voluntary participation a survey whereby we ask for your consent to use of your personal data
Data Matching and Enrichment We enrich the data we hold on file about you by matching your personal data with other data sources and third parties who specialise in data management. Unique identifier, contact details, email address, social login, cookie, mobile device ID Voluntary participation in a survey whereby we ask for your consent to use of your personal data

When you participate in our research, we may ask you for a range of information, including, for example, your personal opinions, and demographic information, such as your age and household composition. You may decline to answer any questions or withdraw from participation in a study at any time.

We will never misrepresent ourselves or what we are doing. If you receive an email that concerns you, purporting to be from us, please let us know as shown below in ‘How to contact us’.

We have contacted you to participate in research by face to face interview by randomly selecting your address through Royal Mail’s publicly accessible Postcode Address File (PAF).

Third parties and data transfer across borders:

You can be assured that we will protect your privacy. We will not make your personal information available to anyone without your agreement unless it is for research purposes only or if required by law. This includes your name and e-mail address.

Your personal data may be collected, stored, transferred or processed by our sister companies within the WPP group, or 3rd party service providers for research-related purposes, such as data processing, and fulfilment of prize draws or other incentives. They are all contractually bound to keep any information they collect and disclose to us or, we collect and disclose to them, confidential and must protect it with security standards and practices that are equivalent to our own.

Where these transfers are across borders or outside the EEA we shall put safeguards in place to ensure the transfer is made by a legitimate method for the purposes of EU data protection law and secure.

Confidentiality and industry requirements:

We take appropriate technological and organisational measures to protect the personal information submitted to us, both during transmission and once we receive it. Our security procedures are consistent with generally accepted commercial standards used to protect personal information.

Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, we will take reasonable steps to ensure our systems are secure.

All our employees are contractually obliged to follow our policies and procedures regarding confidentiality, security and privacy.

We adhere to the following industry requirements:

    • Kantar Public hold Market Research Society (MRS) Company Partner Accreditation
    • We follow the MRS and ESOMAR professional Codes of Conduct
    • The Data Protection Act 1998 and any subsequent legislation, which may be amended from time to time

We combine your survey responses in a given survey with the responses of all others who participate and report those combined responses to the client that commissioned the study, unless one or more of the following criteria are met.

The only exceptions when we may disclose your personal information or survey responses to third parties are as follows

  • You request or consent to sharing your identifying information and/or individual responses with a third party for a specified purpose;
  • When we provide your responses to a third-party processor who is contractually bound to keep the information disclosed confidential and use it only for research or statistical purposes;
Accuracy:

We take all reasonable steps to keep personal information in our possession or control, which is used on an on-going basis, accurate, complete, current and relevant, based on the most recent information available to us by you and/or by our client.

We rely on you to help us keep your personal information accurate, complete and current by answering our questions honestly and you are responsible for ensuring that the data controller (which may be us or – more often – our client) is notified of any changes to your personal data.

Children’s data collection:

We never knowingly invite children under the age of 16 years to participate in research studies without consent. If it is necessary and appropriate to a particular project to directly involve children under the age of 16 years, we take measures to ensure we have been given permission by the responsible adult.

Rights of individuals:

To request access to personal information that we hold about you, you should submit your request in writing to the e-mail address or postal address shown below in ‘How to contact us’.

You have the following rights in relation to your personal data:

  • Right to change your mind and to withdraw your consent
  • Right to access your personal data
  • Right to rectify your personal data
  • Right to erase your personal data from our systems, unless we have legitimate interest reasons for continuing to process the information
  • Right to port your personal data (portability right)
  • Right to restrict processing of your personal data
  • Right to object to the processing of your personal data

We shall also notify third parties to whom we have transferred your personal data of any changes that we make on your request. Note that while we communicate to these third parties, we are not responsible for the actions taken by these third parties to answer your request. You may be able to access your personal data held by these third parties and correct, amend or delete it where it is inaccurate.

Data storage and retention:

Personal information will be retained only for such period as is appropriate for its intended and lawful use, in this case we shall retain data for no longer than 12 months, unless otherwise required to do so by law or in the following cases, where we will retain the data for up to 2 years.

  • Where you have agreed to be recontacted by Kantar Public about taking part in future research
  • Where you have agreed that your name and contact details and information from this survey can be passed on to another research agency so that they could contact you regarding follow up research.
    • In these cases we need to retain your data for up to 2 years as this enables us to collect an adequate number of people who have agreed to be recontacted for further research about certain topics. For example, only around 20% of participants are victims of crime and therefore we would require more than 12 months to re-contact participants so that we can collect enough cases for the research to be of the standard required of national and official statistics.

Or where you have agreed:

    • To be recontacted about any questions we may have in relation to this survey.It takes a year to complete all the interviews for the survey. Analysis and data validation could take place up to a year after data collection. If an issue was discovered at this point, we may need to recontact participants from the previous year to validate responses.

Personal information that is no longer required will be disposed of in ways that ensure their confidential nature is not compromised.

As part of the Company Business Continuity plan and as required in certain instances by law, our electronic systems are backed up and archived. These archives are retained for a defined period of time in a strictly controlled environment. Once expired, the data is deleted and the physical media destroyed to ensure the data is erased completely.

Notification of material changes:

We keep our privacy policy under regular review and it may be amended from time to time. We will always have the most up-to-date policy on this web page. We will record when the policy was last revised.

Date created: 13/06/11
Last revised: 04/06/2018

Automated decision making / profiling:

In certain circumstances we shall carry out automated decision making or profiling about you. However, in the majority of cases this will not result in any legally significant decisions being made about you. You have the right to appeal if any automated decision made about you is legally significant. If you have any questions about this please contact us.

How to contact us:

Questions regarding this policy or complaints about our practices should be directed to the Quality and Information Security Team via email at QIS@kantar.com or in writing to Quality and Information Security, 6 More London Place, London, SE1 2QY.

We will investigate all complaints and attempt to resolve those that we find are justified. If necessary, we will amend our policies and procedures to ensure that other individuals do not experience the same problem.

If you have any questions or comments you may contact Kantar’s Data Protection Officer, Gillie Abbotts-Jones, please email GDPR@kantar.com or the Office for National Statistics Data Protection Officer:

Data Protection Officer,
Office for National Statistics,
Segensworth Road, Titchfield,
Fareham,
Hampshire.
PO15 5RR
Telephone: 0845 601 3034

Complaints and country specific disclosures:

If you are not satisfied with how we handle and protect personal information, you have the right to complain to the Data Protection Authority.

In the UK, this is the ICO and their contact details are

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate)

Email: casework@ico.org.uk

We are a Kantar Group Company. Our registered name and address is

    • Kantar UK Ltd, TNS House, Westgate, London W5 1UA
    • UK Companies House number 3073845