Interviewing Service of America, an affiliate of Lieberman Research Worldwide and doing business as SoapBoxSample and Q-Insights (collectively, “ISA”), is committed to protecting the privacy of all information we collect from our clients, research participants and visitors to our corporate and survey websites (the “Websites”). This policy applies to all client and personal data that we collect or use in the course of conducting our business, and covers all client information and research participant data housed at any ISA facility or stored on the ISA network. The SoapBox trademark is owned by Calign, Inc. and is used under license. This policy does not apply to activities involving MySoapBox or our other research panels; the policy relating to those activities can be found here. This policy also does not apply to information which we might collect from our employees, job applicants, or independent contractors.
Information We Collect From or About You
We are in the market research business. We generally collect information about you (a subset of which may be “personal data” or “personally identifiable information” as defined under applicable law) either in connection with the services we are performing for you or your employer or in connection with our research activities.
If you are a client or work for a client, we likely have collected various contact, business, and in some cases financial information about you in the course of administering our relationship with you or your employer. In those cases, our legal basis for use of the information is our legitimate interest to perform our obligations under our contract with you or the company for which you work.
As to our research activities, we might collect information, a subset of which may be “personal data” or “personally identifiable information” as defined under applicable law, (i) in our SoapBoxSample business, as part of our purchase of survey panel from sample exchanges and others and the resale thereof to research companies, (ii) in our Q-Insights business, as part of our development and maintenance of our proprietary research participant database, or (iii) in all of our businesses, as part of data collection activity (interviews, surveys, focus groups, etc.) we undertake for research companies.
With respect to the portion of our business involving the purchase of survey panel from sample exchanges and others and the resale thereof to research companies, we might collect personal data and demographic data of the nature described above from the sample exchanges or panel suppliers in order to be able to fulfill the panelist criteria required by our research company customers. In those cases, our legal basis for the processing of the information is our legitimate interest to perform our obligations under our contract with the research company client requesting the panel composition in question.
With respect to the portion of our business involving the development and maintenance of our proprietary research participant database, we collect certain identifying information, as well as various demographic and preference-related information (a subset of which may be “personal data” or “personally identifiable information” as defined under applicable law), which you may voluntarily provide to us though the “Become a Respondent” page on the Q-Insights website. We maintain this information in our research participant database and use it as further described below. Our legal basis for collection and processing of this personal data from you is consent; we do not collect personal data without your affirmative consent, and consent can be withdrawn at any time, including, without limitation, by your requesting to be removed from our research participant database.
As to the information we collect about you (only a small subset of which may be “personal data” or “personally identifiable information” as defined under applicable law) in connection with data collection activity we undertake for research company clients, some of that data is collected directly by us from you, and is information you voluntarily disclose to us in connection with our survey and similar activity. Research participation is voluntary and participants always have the opportunity to decline involvement or to “opt out” of the research after agreeing to participate, as clearly identified in each survey. If the survey involves an incentive or a contest, we may ask for your name and telephone number or email address to notify you if you are a winner. There is never an obligation to provide this information to participate in the survey but if you don’t provide it, you may not be able to participate in the incentive program. Our legal basis for collection and processing of respondent-supplied personal data is consent; we do not collect personal data without the affirmative consent of the research participant, and consent can be withdrawn at any time.
If you choose to use social media (for example, Facebook or LinkedIn) in order to contact us or find out about our services, we may collect your public-facing profile data, data relating to your interactions with us, and any data you post on message boards which are relevant to our business.
From time to time, we engage the services of technology infrastructure vendors, such as “chat” service providers, in connection with our Websites to improve our customer experience, and these vendors might collect limited systems and related information from Website visitors for the limited purposes for which we have engaged them. In addition, our servers may automatically collect certain non-personal, log-file information about your use of our Websites whenever you access our websites. Information collected may include, but is not limited to, your Internet browser, operating system, internet source such as PC, tablet, or mobile, the domain name of your ISP, your click areas on the Website, time and date visited, length of time on the Website, and the third-party web sites or advertisements linked to or from the website that you visited. When you use or visit the Websites, our servers log your IP address. Currently, our systems do not respond to browser do-not-track signals, and do not treat such do-not-track signals as “do not sell” signals under CCPA (as defined below).
What We Do With Information We Collect
Depending on how we obtain your personal data (as described above), we may either be considered a “controller” or a “processor” under applicable law as to that data. If we are the processor, we will process the data in accordance with the instructions provided to us by the controller of that data.
Regarding data collected as part of our research activities, we collect data in, and in connection with, our studies for research purposes only, and our use of that information is limited to that purpose. Research participant information and answers are not used by any entity as an aid for sales. In many cases, this information is shared with the client commissioning the study pursuant to our contract with that client. In some cases we may need to share personal data with third parties for ancillary services in support of a research project. In these cases, we require the third party to follow all of the same privacy protection regulations as followed by ISA.
With respect to data collected in connection with the development and maintenance of our proprietary research participant database, as to any research study, based on whether the demographic information you have supplied meets the required criteria of the particular study, we may use it to either (i) offer you the opportunity to participate in the research-related data collection activity we ourselves are undertaking for our research company client (e.g., interviews, surveys, focus groups, etc.), or (ii) provide your contact information to our research company client for it to directly contact you and offer you the opportunity to participate in its research project.
As to client data we collect, we do not use the information for any purpose other than to fulfill our obligations to clients. We keep client information secure at all times, and prevent the use and disclosure of it by our employees or any third parties.
We do not sell personal data in the traditional sense, do not rent, sell or give personal data to any third party for the purpose of directly marketing any products or services, and have not done so in the preceding 12 months. However, you should be aware that certain laws to which we are subject, for example the California Consumer Privacy Act (the “CCPA”), define the terms “sell” and “sale” very broadly, such that some of our research-related activities—for example, the inclusion of a study participant’s photo or video in a market research deliverable for our client—might fall within the definition of “sale” under certain circumstances.
Under certain circumstances, we may be required to release personal data in response to a legal request from public authorities including to meet national security or law enforcement requirements, or in response to a subpoena or other legal process.
We do not discriminate financially between those who elect to supply their personal data to us and those who elect to not do so, provided, however, that to the extent a survey or other research study—the completion of which would result in the payment of a financial incentive or entry in a sweepstakes—involves the collection of data and you decline to consent to such collection, you would not be able to proceed to participate in the study, and (depending on the specific study) to the extent you are required to supply your contact information at the conclusion of a survey in order for us to fulfill the participation incentive and you decline to provide your contact information, you would not receive the participation incentive.
In all cases, ISA will take reasonable steps to ensure the personal data is accurate, complete, current and relevant and being used only for the intended purposes. We will not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.
|Category of consumer personal information collected (non-HR)||Source from which collected||Purposes for which collected||Categories of third parties with whom shared|
|Name and contact information – research participants||Study participant; sometimes, client commissioning study||Inviting participation in study; administering studies; fulfilling participation incentive||Study-related vendors; technology infrastructure vendors|
|Name, contact information, and limited demographic details – panel exchange operations||Panel exchange platform||Determination of suitability of respondent for applicable study||Client seeking sample for research study; technology infrastructure vendors|
|Name, contact information, and demographics details – Q-Insights Panel||Supplied by person himself/herself||To be included in research panel and be offered participation opportunities||Client seeking sample for research study; technology infrastructure vendors|
|Name and contact information – website visitor||Supplied by person himself/herself||Marketing of ISA’s own services||Technology infrastructure vendors|
|Name and contact information – client officer||Supplied by person himself/herself||Administration of business||Technology infrastructure vendors|
|Photo, video, or audio of research participant||Supplied by person himself/herself||Conducting research study||Client commissioning study; technology infrastructure vendors|
|Demographic details, when coupled with some identifying info||Supplied by person himself/herself; sometimes, third party vendor||Conducting research study||Client commissioning study; technology infrastructure vendors|
|Systems details – visitors to Websites (IP/device ID, browser settings, similar)||The computer or device of the person himself/herself||Internal analytics; improvement of Website experience||Technology infrastructure vendors|
All information may also be shared among our affiliated group of companies solely for administrative and operations purposes.
Retention of Personal Data
We keep personal data for no longer than necessary for the purposes for which the personal data is collected or processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
We maintain physical, electronic and procedural security measures to help safeguard client and personal data which are consistent with industry standards and practice and in compliance with applicable law. Third parties that provide us with support or services and that may also receive client or personal data are required by us to maintain security measures similar to ours with respect to such information. We will take reasonable precaution, consistent with industry standards and practice, to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.
Your Rights As to Your Personal Data
If you would like further information about these rights or would like to exercise any of them, including to opt out of the “sale” of your information as defined in the CCPA, please leave us a voice message by calling (888) 914-9661 (PIN: 892698), or submit your question or request at http://isacorp.com/your-data-your-rights/.
By law, as well as for your protection, if you request that we take certain actions as to personal data we have about you, we are required to take certain steps to verify your identity. If we are not able to verify your identity, we may not be able to respond to your request. To verify your identity, we request, at point of submission of your request, that you supply your basic contact information, as well as certain other non-personally identifiable information (e.g., information relating to your last interaction with us, such as subject matter and type of study), and we endeavor to match at least two pieces of this information with information in our possession. In addition, as to those rights permitted by law to be exercisable by an authorized agent on your behalf, in addition to verifying your identity as described above, we require the agent to also supply written authorization from you to act on your behalf, except where restricted by law.
We operate in compliance with the Children’s Online Privacy Protection Act (“COPPA”), governed by the US Federal Trade Commission (“FTC”). We do not collect, use or disclose information from children under the age of 13 online without a statement of permission from a parent or guardian in the manner required by law. We also do not “sell” (as defined in CCPA) personal information of persons under 16 without affirmative authorization. For more information on COPPA, please visit http://www.ftc.gov/ogc/coppa1.htm.
Compliance and Enforcement
ISA has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
Under limited circumstances, if your complaint is not resolved through these channels, a binding arbitration option may be available before a Privacy Shield Panel.
Finally, if required or permitted by law, you may also make a complaint to the data protection authority in the EU country where we may have operations or where we process personal data that relates to offering goods or service to you in the EU.