top of page

ISG Privacy Policy

~
Your information, your rights

As a market research firm, data collection is an integral part of our business, and critical to helping our clients’ businesses grow. We take privacy, and our obligations and your rights under privacy laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), very seriously at ISG. While some of our work does not involve collecting or handling personal information at all, and the vast majority of market research is conducted on an anonymous or confidential basis, we do, in some circumstances, collect personal information for market research and analytics purposes. As an organization, we are wholly committed to performing our work according to the highest ethical and legal standards.  Leveraging guidance from reputable industry associations, we have established the following privacy policy. 

Privacy Policy

Information Specialists Group, Inc. (ISG) is committed to protecting your privacy and adheres to the EU-U.S. Privacy Shield Principle of Accountability for Onward Transfer, which includes: Notice, Choice, Accountability, Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. This Statement of Privacy applies to all of ISG collection and usage of data. By participating in a market research project where the data collection and/or recruiting for further participation in a market research study, you consent to the data practices described in this statement. We do not solicit from nor knowingly gather information about anyone under the age of 18 without the express permission of a parent or guardian.

The purpose of ISG information collection is to create more accurate research results for our clients which leads to better products and services for businesses and consumers.

Types of Information We Collect

The information we collect may change from time to time based on the requirements of the research project. If you are an ISG client, vendor or potential client or vendor, ISG collects personal data for the purpose of marketing its services.

Here are some examples of information we will collect in order to determine if you may qualify for a research project:

  • Personally Identifiable Information (PII)

We collect PII as defined by the laws or regulations of the applicable country following best practices described by the Insights Association (IA) and European Society for Opinion and Marketing Research (ESOMAR). For example, PII may be collected should a consumer contact ISG on his/her own initiative or opt-in to register or to participate in a survey.

  • Non-PII

The Non-PII we collect may include browser types, IP address, domain names, operating systems, language preferences, platform types, access dates and times, referring website addresses, browsing, search activity and online transactions.

  • Appended Information

We may receive information from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to our clients and consumers. Examples of the types of personal information that may be obtained from public sources or purchased from third parties and combined with information we already have. 

Recruiting for Third-Parties

ISG will not sell, distribute, or otherwise release personally identifiable information it collects to anyone other than the study’s sponsor.

Third-party Services

In order to provide and market our services, we share personal data with the following trusted partners: Citrix ShareFile is our primary partner for data transfer. ShareFile is a cloud-based Software-as-a-Service (SaaS) solution that enables ISG to exchange confidential business files easily, securely and professionally. ShareFile safeguards our files with industry-accepted encryption protocols and algorithms in transit and at rest.

Compliance with Law Enforcement

If it becomes necessary by law or legal process for ISG to disclose your personal information, we may do so upon determination that such disclosure is legally necessary.

Access to Personal Information

Upon request, ISG will provide you with your personal information that ISG has stored. Individuals whose personal data is processed by ISG has a right under Privacy Shield to access, correct, or delete their personal data. Such access does not include de-identified survey data. Requests can be made to privacy@isgmn.com

Data Retention

ISG retains data it uses for research purposes for periods determined by our clients, after which the information is removed and discarded.  If you wish to have your information deleted or request that we no longer use your information to provide you services, please email us at privacy@isgmn.com.

Subcontractors

From time to time, ISG may engage an independent third-party contractor to assist in the analysis or collection of research data. ISG will not engage a subcontractor unless they agree to abide by this privacy policy. 
 

Use of Cookies

Our website may use a technology called a cookie. A cookie is a piece of information that our webserver sends to your computer when you access a website. Then, when you visit our site again, our server will detect whether you have one of our cookies on your computer. Cookies help provide additional functionality to the site and help us analyze site usage more accurately.

Security of Your Personal Information

ISG secures your personal information from unauthorized access, use or disclosure. ISG secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When personal information is transmitted to other websites, it is protected through the use of encryption, such as the Transport Layer Security (TLS) protocol and through our secure data transfer service (ShareFile).

Privacy of Children

We are committed to protecting the privacy of children. Neither the ISG website nor ISG online activities with clients are intended or designed to knowingly attract children under the age of 18.

Sale of Assets, Merger Acquisition and Bankruptcy

Information collected by ISG may be transferred to a third party as a result of a sale, acquisition merger or bankruptcy.

Rights to Know

At or before the time personal information is collected, consumers have the right to be informed about the categories of information that may be collected and the business purpose for which it will be used.

Rights to Your Data

You have the right to ask us not to process your personal data.  By law, as well as for your own protection, we are required to take certain steps to verify your identity in connection with any data-related request. If we are unable to verify your identity, we may not be able to respond to your request. Therefore, please provide as much information as possible (i.e. the time frame it was given, who it was for and/or what it was about). We will only use this information for verification purposes and will thereafter delete it.  You can unsubscribe from marketing related communication via the unsubscribe links on those communications. For all other requests regarding your data including GDPR requests, please email us at privacy@isgmn.com.  

 


General Data Protection Regulation (GDPR) Compliance

With regard to persons residing within the European Union as well as to personal data collected within the European Union, we provide the following information in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation or GDPR):

“Personal data” means any information relating to an identified or identifiable natural person (“Data Subject”).

An “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The identity and the contact details of ISG’s Data Privacy/Protection Officer:

Jay Rutherford
Information Specialists Group, Inc.
2626 E. 82nd St. Ste #220
Bloomington, MN 55425 USA
952-941-1600 / 800-279-5314
E-mail: privacy@isgmn.com

The purposes and legal basis for ISG gathering and processing personal data is to perform market research for our various clients comprised of public and private retailers of consumer and business products and/or services located within and outside the European Union.

The recipients or categories of recipients of the personal data collected by ISG involve clients under contract with ISG who are public and private retailers of consumer and business products and/or services sold within and outside of the European Union.

ISG intends to transfer all personal data collected from within the European Union to ISG client for whom the personal data was collected, and which client often will be operating from a third country located outside the European Union. Any such client to whom personal data is transferred by ISG outside the European Union will be done so only subject and pursuant to a legally binding contract between ISG and said client that preserves the confidentiality of the collected personal data with appropriate or suitable safeguards as required under the GDPR, including restricting access to such personal data only to the client for whom the data was collected, and prohibiting any further dissemination or disclosure of said personal data by the client.

ISG shall remain liable under the EU-U.S. Privacy Shield Principle of Accountability for Onward Transfer if its sub-processors process your Personal Information in a manner inconsistent with the Privacy Shield Principles, unless we prove we are not responsible for the event giving rise to the damage.

Any and all personal data collected by ISG within the European Union and/or transferred outside the European Union is and shall be solely pursuant to the prior explicit consent obtained by ISG from the Data Subject, which consent may be withdrawn at any time.

All personal data collected and/or transferred by ISG will be stored by ISG for only that period of time determined by our contract with our client, after which ISG will discard and destroy such personal data.

Each Data Subject shall have the right to request from ISG’s Controller access to and rectification or erasure of said Data Subject’s personal data or restriction of processing concerning the Data Subject or to object to processing as well as the right to data portability.

Each Data Subject has the right to lodge a complaint with a supervisory authority regarding ISG and/or ISG practices or conduct in collecting and/or storing said Data Subject’s personal data.

ISG is under the enforcement of the Federal Trade Commission. The Insights Association Privacy Shield Program is our independent dispute resolution mechanism. Complaints can be filed here http://www.insightsassociation.org/get-support/privacy-shield-program/privacy-shield-eu-swiss-citizens-file-complaint. There is a possibility, under certain limited conditions, for individuals to invoke binding arbitration before the Privacy Shield Arbitration Panel. 

Any Data Subject’s participation and/or consent granted to ISG collection of personal data is and shall be entirely on a voluntary basis, and not pursuant to any legal duty or obligation.

Changes to This Statement

ISG will occasionally update this Statement of Privacy to reflect company and customer feedback. ISG encourages you to periodically review this Statement to be informed of how ISG is protecting your information.

Contact Information

ISG welcomes your comments regarding this Statement of Privacy. If you believe that ISG has not adhered to this Statement, or would like to access, correct or request deletion of your PII please contact our Data Privacy Officer (DPO):

Jay Rutherford
Information Specialists Group, Inc.
2626 E. 82nd St. Ste #220
Bloomington, MN 55425 USA
952-941-1600 / 800-279-5314
E-mail: privacy@isgmn.com

We will use commercially reasonable efforts to promptly determine and remedy any problems brought to our attention.

 

California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) Compliance

Under CCPA, as amended by the CPRA and it's implementing regulations, “sell” is defined broadly to include any sharing or disclosure of personal information for any type of consideration, including non-monetary consideration. Under CCPA, as amended by the CPRA and it's implementing regulations, you have the right to opt out of the “sale” of your personal information altogether.

Your additional various rights under the CCPA, as amended by the CPRA and it's implementing regulations, as to any personal information we may have about you, and limitations on the exercise of those rights, are described in our more extensive privacy policy. You can exercise any of those rights by contacting our privacy officer:

Jay Rutherford
Information Specialists Group, Inc.
2626 E. 82nd St. Ste #220
Bloomington, MN 55425 USA
952.941.1600 / 800.279.5314
E-mail: privacy@isgmn.com

By law, as well as for your own protection, we are required to take certain steps to verify your identity in connection with any data-related request. If we are unable to verify your identity, we may not be able to respond to your request. Therefore, please provide as much information as possible (i.e. the time frame it was given, who it was for and/or what it was about). We will only use this information for verification purposes and will thereafter delete it.

bottom of page