Last revised: 28th of February 2018
Ipsos commitment to Privacy and Data Protection
The General Data Protection Regulation issued by the European Union (“GDPR”) and effective 25 May, 2018, is a further evolutionary step in the protection of the privacy rights of individuals (for example, tighter restrictions around consent, the right to be forgotten, the type and amount of personal data that can be utilized, data access and security, etc.) beyond those protections that have already been in place for some time in the European Union and in many other countries around the world.
As such, the protection of personal data is, and always has been, a top priority for Ipsos as a leader in the Market Research industry and producer of information about people. Ipsos is compliant with the guidance and requirements of the professional code of conduct applicable to all registered market research companies (ICC/ESOMAR International Code on Market, Opinion and Social Research and Data Analytics) and all current existing local regulations, especially as far as the protection of respondents’ data is concerned.
In addition, for many years, Ipsos has adopted the 4Ss approach in its business. The 4Ss stand for Security, Simplicity, Speed and Substance, with IT Security and Information Management policies being an integral part of Ipsos’ policies for many years.
Ipsos took a proactive approach to ensure the safeguarding and protection of the personal data of its customers, respondents and employees. To that end, last year, Ipsos launched a global privacy programme led by a multi-disciplinary team (i.e., its CPO, IT, Legal, Quality, HR and Marketing & Communication departments) to work on achieving GDPR compliance by 25 May 2018, focusing first on the European Economic Area (EEA) countries. Moreover, by the end of 2018, Ipsos intends to also implement the GDPR requirements in all 89 countries where it operates.
Ipsos has already taken many actions to comply with the GDPR; with some of the main actions including but not limited to the following:
- The nomination of a global Chief Privacy Officer (CPO) and local Data Privacy Officers (DPOs)
On 1st March, 2017, Ipsos appointed a global Chief Privacy Officer, Mr. Rupert van Hüllen.
The role of the CPO is to guide and coordinate Ipsos’ global compliance efforts on data protection and privacy and to manage the local Data Protection Officers who have been appointed for each country in which Ipsos operates. Their mandate is to ensure that personal data are appropriately treated and protected.
- Anonymised data and access security
– For respondents
Ipsos uses anonymization techniques to protect respondents’ personal data as part of its data collection operations so that access is restricted to its fieldwork teams in its operations units solely on a need to know basis. Ipsos applies the same policy and care for customer provided samples and for Ipsos online panellists and off-line respondents.
– For our employees
The access to employees’ personal data is strictly limited to the relevant staff in charge of human resources management.
- Employee training
Ipsos will launch an extensive employee training program in March-April 2018to ensure a high level of data protection awareness and data protection adherence across the Ipsos group. Our customers expect that Ipsos employees are compliant with GDPR and other applicable data protection legislation. Ipsos is implementing a worldwide training program concerning data protection (including GDPR requirements) for relevant staff.
Ipsos implemented various encryption solutions, notably on all employees’ laptops.Regarding its (software) applications, Ipsos is taking measures to encrypt certain panel applications as well as databases containing special (sensitive) categories of personal data such as data concerning health, political opinions, etc.Lastly, when it comes to its employees, Ipsos’ main human capital management system, called “iTalent,” is fully encrypted.
Ipsos enforces procedures in order to select suppliers processing personal data based on their capacity to comply with Ipsos’s data protection requirements. This means that all suppliers must sign an agreement with Ipsos including data protection clauses at least as strict as the ones Ipsos signs with its customers, and that no supplier can transfer any personal data outside the EEA unless they agree to appropriate safeguards and obtain customer consent. Additionally, our suppliers cannot subcontract part of the personal data processing services to sub-processors without Ipsos prior approval.
- Data transfers
Ipsos put in place some contractual measures for cross border data transfers within Ipsos and with its suppliers. When a data transfer is required in a country recognized as not having an adequate level of data protection, Ipsos ensures that EU Standard Contractual Clauses are in place, implementing appropriate technical and organisational measures for the protection of the personal data.
Ipsos remains committed to protecting the personal data of its customers, respondents and employees. If you have any questions or require any further clarification, please contact our Chief Privacy Officer, Rupert van Hullen, at Rupert.firstname.lastname@example.org who will direct your question to the appropriate person.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer, if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our Site.
- Preferences cookies. These cookies are used to recognise you when you return to our Site. This enables us to personalise our content for you, greet you by name and remember your preferences.
- Statistics cookies. These cookies allow us to recognise and count the number of visitors to our Site and see how visitors use our Sitee. This cookie helps us to improve the way our website works.
- Marketing cookies. These cookies record your visit to our Site, the pages you have visited and the links you have followed. We will use this information to make our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Your current state:
Changing your consent | Withdraw consent