OpinionSite Privacy Notice 

Last Updated: January 2023 

Universal Survey Center, Inc., d/b/a OpinionSite/OMR Globus ("OpinionSite"), has adopted this Privacy Notice ("Notice") to establish and maintain an adequate level of Personal Data privacy protection. This Notice applies to the processing of Personal Data that OpinionSite obtains from the data subjects that join the OpinionSite Panel of Healthcare Experts 

Please use the following links to select the Privacy Notice sections applicable to you:

Privacy Notice General

1. Controller of the Persona Data:  

Universal Survey Center Inc., d/b/a OpinionSite/OMR 

480 Pleasant Street, Suite B100  

Watertown, MA 02472 

Data Protection Contact & DPO: privacy@opinionsite.com 

2. SCOPE 

This Notice applies to the processing of Personal Data that OpinionSite transfers to and stores in the United States.   

We're committed helping you understand how we manage and protect the information we collect. We take privacy seriously and have taken many steps to help safeguard the information we collect from you.  

3. PERSONAL DATA THAT WE COLLECT  

OpinionSite provides research solutions to its Clients, which are predominantly business customers, and individuals that may purchase products or participate in market research activities.  

  1. General Data: OpinionSite collects Personal Data of healthcare professionals and consumers that register with our community of healthcare professionals.  
  2. Communication Data: OpinionSite may process information contained in or relating to any communication that you send to us or that we send to you. The communication data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. 
  3. Usage data: OpinionSite may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type, version and language, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. We may also collect and process data on the websites you visited before our sites that may be logged automatically if you are redirected to our site from our advertising campaigns. The source of the usage data is our analytics tracking system, marketing automation platform or other marketing technologies. 
  4. Market Research data: OpinionSite might also collect personal data and anonymized and/or pseudonymized data produced by individuals’ participation in market research activities. 
  5. Information collected: The Personal Data that we collect may vary based on your interaction with OpinionSite. As a general matter, OpinionSite collects the following types of Personal Data: 

Data collected from our Community of Healthcare Professionals: 

Category

Examples

Collected

A. Personal data 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, Social Security number, or other similar identifiers, telephone number, employment 

Yes

B. Special categories of personal data  

Age (40 years or older), race, color, national origin, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, biometric data. 

Yes

C. Internet or other similar network activity. 

Browsing history, search history, information on a consumer's interaction with a website. 

Yes

D. Geolocation data. 

Physical location or movements. 

Yes

E. Sensory data. 

Audio, visual, or similar information. 

Yes

F. Professional or employment-related information. 

Occupation, Employer Information. 

Yes

4. PURPOSES OF DATA PROCESSING 

OpinionSite processes Personal Data that it collects directly from individuals registered with our Community and indirectly in its role as a service provider for the following business purposes: 

  1. Operations: maintaining and supporting our products as well as delivering and providing the requested products/services; 
  2. Contractual: complying with contractual obligations related thereto (including managing transactions, reporting, invoices, and other operations related to providing/receiving services to/from clients and individuals). This may include data included in Category A;
  3. Market Research: Allowing individuals to participate in market research surveys and interviews and related activities. We report back to clients the results in an anonymized and aggregated form.   
  4. Publications: In certain occasions and strictly in accordance with your express instructions, we may process your personal data for the purposes of publishing such data on our website and elsewhere through our services.  
  5. Relationships and communications: Processing contact data for the purposes of managing our relationships and communicating with you by email and/or telephone.  
  6. Direct marketing: Processing contact data for the purposes of creating, targeting and sending direct marketing communications by email and making contact by telephone for marketing-related purposes. We do this to improve and facilite your participation in market research activities. 
  7. Research and analysis: Processing usage data for the purposes of researching and analyzing the use of our website, for example monitoring, supporting, improving and securing our website, services and business generally. OPINIONSITE has a legitimate interest in maintaining security conditions on our websites to prevent malware, or other types of attacks. Security is essential to protect the personal data of customers and visitors. 
  8. Record keeping: Processing your personal data for the purposes of creating and maintaining our databases, back-up copies of our databases and our business records in servers located in the United State. We do this to ensure that we have access to all the information we need to run our business properly and efficiently in accordance with this Notice. 
  9. Legal compliance and vital interests: Processing your personal data where such processing is necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or the vital interests of another natural person. 
  10. Required by Law: for other business-related purposes permitted or required under applicable local law and regulation for example satisfying governmental reporting, tax, crime investigation and national security; and (7) as otherwise required by law). This may include data included in Category A 
  11. In general: as requested by you; 

5. LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA 

OpinionSite uses the below legal bases for processing your data in relation with the above identified purposes: 

Legal Basis

Purposes

Your Consent 

Market research,  

Publications,  

Record keeping,  

In general 

Execution of a contract to which you or your company is party or to take preliminary steps at your request prior to entering into a contract 

Operations 

Contractual 

Relationships and communications 

Direct marketing 

Comply with a legal obligation to which the OpinionSite is subject 

Legal compliance and vital interests 

Required by Law 

Legitimate interest 

Operations 

Relationships and communications 

Direct marketing 

Research and analysis 

Record keeping 

6. SPECIAL CATEGORY OF PERSONAL DATA OR SENSITIVE DATA  

OpinionSite might process certain categories of data that can be considered very sensitive. This data may be collected when individuals participate in market research activities carried out by OpinionSite directly or on behalf of their clients. We are committed to handling this data with extreme care and only few authorized people have access to it. Such data might include: information about your health, your ethnic origin, biometric data, trade union membership, etc. Where we process special categories of personal data, “Sensitive Personal Data,” we will always obtain your explicit consent to those activities unless: 

  1. Consent is not required by law;  
  2. To protect your vital interests where you are incapable of giving your consent;  
  3. For the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity;  
  4. Processing is necessary for reasons of public interest in the area of public health as required by the local law.   

Where this is allowed by law, you might have the right to withdraw that consent at any time.  

7. AUTOMATED DECISIONS 

We reserve the right to make automated decisions, including using machine learning algorithms about website visitors in order to optimize and provide better experience when navigating our websites. Only digital data as specified in section 8 are included in this processing. 

We may analyze your participation in our surveys with the purpose to enrich the profiling data we hold about yourself. The profiling data that we have collected might be used for making manual or automated decisions that involve your participation in market research activities. As results of this processing, we will be able to send you market research activities within your sphere of expertise and interest. 

You may contact us if you would like any clarifications about the automated decisions. 

8. DIGITAL DATA

  1. Cookies: OpinionSite may set and use cookies to enhance your user experience on the sites, such as retaining your personal settings and preferences.  You may set your browser to prevent or reject cookies, or you may manually delete any cookies set. If you reject the cookies on the sites, you may still be able to use the sites, but they shall be limited to certain minimal functionality. From time-to-time OpinionSite may use third-party tracking utilities that use session ID cookies that track site usability and assist OpinionSite in improving user experience. This Privacy Notice does not cover the use of cookies by our third-party providers as we do not have access or control over these cookies. We may collect information on our sites or in our emails using web beacons and or tracking pixels (electronic images). We may use beacons to count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon. You may review the cookies used by OpinionSite’s website at the bottom of this page.
  2. Trend Analyses: OpinionSite may use IP addresses to analyze trends, administer the Sites, to track your movement within the Sites, and to gather broad demographic information for aggregate use. 
  3. Links to other sites: our sites include links to other websites whose privacy practices may differ from OpinionSite’s. If you submit personal data to any of those sites, your information is governed by the privacy statements of those third-party sites. 
  4. Managing cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: 
https://support.google.com/chrome/answer/95647 (Chrome);  
https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop (Firefox); 
https://help.opera.com/en/latest/security-and-privacy/ (Opera); 
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies(Internet Explorer); 
https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac (Safari);  
https://support.microsoft.com/en-gb/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge). 

9. CHOICE WITH RESPECT TO USES AND DISCLOSURES OF PERSONAL DATA 

OpinionSite recognizes that individuals have the right to limit the use and disclosure of their Personal Data, and we are committed to respect those rights.  We offer individuals the opportunity to opt out of disclosures of Personal Data to a third party or the use of Personal Data for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual.  We apply a strict policy with respect to disclosures of Sensitive Data including, when applicable, obtaining the explicit consent (i.e., opt in consent) of an individual prior to disclosing Sensitive Data to a third party or using Sensitive Data for purposes other than those for which it was originally collected or subsequently authorized by the individual. 

10.  DISCLOSURE/TRANSFER OF INFORMATION FOR A BUSINESS PURPOSE 

OpinionSite may disclose your Personal Information to a third party for a business purpose. We do this by entering into a contract that describes the purpose and requires the recipient to both keep that Personal Data confidential and not use it for any purpose except performing the contract. Furthermore, third parties must comply with data protection laws and agree to provide adequate protections that are no less protective than those set out in this Notice. 

  1. Disclosure: We may disclose your Personal Information for a business purpose to the following categories of third parties: 
    1. Our affiliates and subsidiaries 
    2. Service Providers and consultants 
    3. Professional services organizations, such as auditors and law firms 
    4. Our business partners 
    5. Internet service providers 
    6. Government entities 
    7. Operating systems and platforms 
    8. Survey hosting providers  
    9. Validation providers  
    10. Rewards fulfillment providers  
    11. SMS and video conference service providers 
    12. Customer and panel support services  
    13. Credit card processor 
    14. Tax authorities 
  2. Purposes of disclosure: OpinionSite may disclose your personal information for the below purposes:  
    1. Survey reporting 
    2. Email services 
    3. Authentication of medical licenses 
    4. Identity verification of the panel members  
    5. Offering and providing customer support  
    6. Internal marketing campaigns for communicating new offers to our clients 
    7. Internal marketing campaigns for improving and facilitating participation of Panel Members in market research activities  
    8. Internal marketing engagement e.g. newsletters   
    9. Honorarium processing and fulfillment 
    10. Auditing purposes and governmental reporting 
    11. Tax reporting 
    12. Allowing participation in market research activities  
    13. For complying with your requests or contract obligation we have with you  
  3. Disclosures due to acquisition or merge: We may share your information in connection with a merger, sale of company assets, financing or acquisition of all or a portion of our business to another company, if any. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy policy.  
  4. Anonymous information: We may also share aggregated or anonymous information that does not directly identify you. OpinionSite may share anonymized aggregated demographic information with OpinionSite partners. 
  5. Other forms of disclosures: OpinionSite also may disclose your personal data for other purposes or to other third parties when you have consented to or requested such disclosure or under the following circumstances:  
    1. We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. 
    2. We believe it is necessary to share information in order to investigate or prevent fraud, or to take action regarding illegal activities, situations involving potential threats to the physical safety of any person, or as otherwise required by law. 
    3. We transfer information about you if OpinionSite is acquired by or merged with another company. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy notice. 
    4. In response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 
    5. Third party compliance: Such third parties must agree to use such Personal Data only for the purposes for which they have been engaged by OpinionSite and they must either:  
    6. Comply with the data protection laws, Privacy Shield principles, or another safe and secure mechanism that provides high level of protection.; or  
    7. Agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Notice.  
  6. Liability: OpinionSite is potentially liable in cases of onward transfers of Personal Data to third parties, such as when third parties that act as agents on our behalf process Personal Data in a manner inconsistent with applicable data protection regulations. 

11. TRANSFER PERSONAL DATA OUTSIDE YOUR COUNTRY OF RESIDENCE  

The third parties as described in section 10 might be based in US or in other countries. In these instances, OpinionSite imposes strict contractual obligations to third parties to maintain a level of protection that is equal to the protection offered by this notice.  In other instances, we may ask your consent to allow us to transfer your personal data into another country. In doing so we will provide you with full information about the transfer. You may contact our DPO if you would like to know more about our international transfer assessment and/or copy of the transfer mechanism that we use for sharing your Personal Data outside your country of residence.   

12. ANTI-SPAM  

OpinionSite maintains a strict “No-Spam” policy, which means that OpinionSite does not intend to sell, rent, or otherwise give your email address to a third-party without your consent. 

13. DATA INTEGRITY, PURPOSE LIMITATION AND RETENTION 

OpinionSite will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you.  To that end, OpinionSite will take reasonable steps to ensure that your Personal Data is reliable for its intended use, accurate, complete, and current.  OpinionSite uses reasonable efforts to maintain the accuracy and integrity of your Personal Data and to update it as appropriate.  

We retain your personal data as follow: 

  1. Contact data will be retained for a minimum period of 2 years following the date of the most recent contact between you and us, or until an updating information request or removal request is made by you; 
  2. Communication data will be retained for a minimum period of 2 years following the date of the communication in question or until a removal request is made by you; 
  3. Usage data will be retained for a minimum period of 2 years or until a removal request is made by you  following the date of collection; 
  4. In general we do not retain your personal data for more than 2 years since your last engagement/interaction with the Company; 

We may retain your information as necessary (including a longer period) to comply with our legal obligations, resolve disputes and enforce our agreements. 

14. PERSONNEL ACCESS OF PERSONAL DATA 

Personnel from OpinionSite may access and use your personal data only if they are authorized to do so and only for the purpose for which they are authorized. 

15. DATA SECURITY  

OpinionSite have implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to OpinionSite 's electronic information systems requires user authentication via password or similar means. OpinionSite also employs access restrictions, such as limiting the scope of employees who have access to Customer Personal Data. Further, OpinionSite uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all the time. 

16. YOUR RIGHTS  

  1. Right of Access You have the right to obtain confirmation about whether your personal data is included in our databases.  Upon request, OpinionSite will provide an individual access to your personal data within the time frame dictated by the applicable data protection regulations. OpinionSite will allow you to know what Personal Data is included in our databases and to ensure that such Personal Data is accurate and relevant for the purposes for which OpinionSite collected the Personal Data. You may also request a copy of your data in a commonly used and machine-readable form.  
  2. Right of Rectification: You may review your own Personal Data stored in the databases and correct, update, modify, or delete any data that is incorrect or incomplete. 
  3. Right of Erasure: You may request to have the personal information that we have about you to be deleted from our servers. OPINIONSITE will take reasonable steps, including technical measures, to comply with your request.  
  4. Data Portability: You may request the Personal Data you provided to us in a commonly used and machine-readable form.  
  5. Right to Withdraw Consent: You have the right to withdraw your consent at any time, without affecting the lawfulness of our processing based on such consent before it was withdrawn, including processing related to existing contracts for our Services. 
  6. Limitations: these rights are subject to certain limitations and exceptions including, but not limited to, when the burden or expense of providing this access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated by the provision of such access.  If we determine that your access should be restricted in a particular instance, we will provide you with an explanation of our determination and respond to any inquiries you may have.  

17. HOW TO EXERCISE YOUR RIGHTS  

You can exercise your rights by filling out the form found at http://preferences.surveyhealthcareglobal.com/privacy.You may also submit a request at shgprivacyrequest@surveyhealthcareglobal.com, reach us on toll free number 1-800-470-8213 or via postal mail at OpinionSite, Attn: Privacy Department, 480 Pleasant Street, Watertown, MA 02472 USA  

18. RESPONSE TIMING AND FORMAT 

We endeavor to respond to a verifiable request within 30 days of its receipt.  If we require more time (up to two extra months), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a verifiable request, if applicable.  We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

Request that we can’t process: We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable request to verify your identity or authority to make the request. 

Request for Personal Data: OpinionSite will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise:  

  1. legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or 
  2. requests received from the Data Subject.  

19. RESPONSIBILITIES AND MANAGEMENT 

OpinionSite has designated the Privacy & Compliance Department to oversee its information security program, including its compliance with the Privacy Shield program and the GDPR and any other applicable Privacy Law. The Privacy & Compliance Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Notice also may be directed to: 

OpinionSite Health:  https://healthcare.opinionsite.com/ 

OpinionSite Consumer:  http://consumer.opinionsite.com/ 

California Residents 

1. Controller of the Persona Data:  

Universal Survey Center, Inc., d/b/a OpinionSite/OMR Globus ("OpinionSite") 

480 Pleasant Street

Watertown, MA 02472

SHG Data Protection Contact & DPO:  privacy@opinionsite.com  

2. SCOPE 

This Notice applies to the processing of Personal Information that OpinionSite transfers to and stores in the United States.   

We're committed to helping you understand how we manage and protect the information we collect. We take privacy seriously and have taken many steps to help safeguard the information we collect from you.  

3. PERSONAL DATA THAT WE COLLECT

OpinionSite provides research solutions to its Clients, which are predominantly business customers, and individuals that may purchase products or participate in market research activities.  

  1. General Data: OpinionSite collects Personal Information of healthcare professionals and consumers that register with our Community.  
  2. Communication Data: We may process information contained in or relating to any communication that you send to us or that we send to you. The communication data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. 
  3. Usage data: We may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type, version and language, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. We may also collect and process data on the websites you visited before our sites that may be logged automatically if you are redirected to our site from our advertising campaigns. The source of the usage data is our analytics tracking system, marketing automation platform or other marketing technologies. 
  4. Market Research data: we might also collect Personal Information and anonymized and/or pseudonymized data produced by individuals’ participation in market research activities. 
  5. Information collected: The Personal Information that we collect may vary based on your interaction with OPINIONSITE. As a general matter, OpinionSite collects the following types of Personal Information: 

Data collected from individuals in accordance with CPRA: 

Category

Examples

Collected

A. Identifiers. 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, Social Security number, or other similar identifiers. 

Yes

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code 1798.80(e)). 

A name, signature, Social Security number, address, telephone number, employment, or medical information., Some personal information included in this category may overlap with other categories. 

Yes

C. Protected classification characteristics under California or federal law. 

Age (40 years or older), race, color, national origin, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation. 

Yes

D. Commercial information 

Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies 

No

E. Biometric information 

Individual’s physiological, biological, or behavioral characteristics, including an individual’s deoxyribonucleic acid (DNA), that can be used, singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. 

 

No

F. Internet or other similar network activity. 

Browsing history, search history, information on a consumer's interaction with a website. 

Yes

G. Geolocation data. 

Physical location or movements. 

Yes

H. Sensory data. 

Audio, visual, or similar information. 

Yes

I. Professional or employment-related information. 

Occupation, Employer Information. 

Yes

J. Education information 

Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99) 

No

K. Profiling 

Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. 

No

L. Sensitive Personal Information 

Personal information that reveals: 

A consumer’s social security, driver’s license, state identification card, or passport number. 

A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account. 

A consumer’s precise geolocation. 

A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership. 

The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication. 

A consumer’s genetic data. 

(A) The processing of biometric information for the purpose of uniquely identifying a consumer. 

(B) Personal information collected and analyzed concerning a consumer’s health. 

(C) Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. 

Yes

4. PURPOSES OF DATA PROCESSING 

SHG processes Personal Information that it collects directly from individuals registered with the Healthcare Community and indirectly in its role as a service provider for the following business purposes:  

  1. Operations: maintaining and supporting our products as well as delivering and providing the requested products/services; 
  2. Contractual: complying with contractual obligations related thereto (including managing transactions, reporting, invoices, and other operations related to providing/receiving services to/from clients and individuals). This may include data included in Category A 
  3. Market Research: Allowing individuals to participate in market research surveys and interviews and related activities. We report back to clients the results in an anonymized and aggregated form.   
  4. Publications: In certain occasions and strictly in accordance with your express instructions, we may process your Personal Information for the purposes of publishing such data on our website and elsewhere through our services.  
  5. Relationships and communications: Processing contact data for the purposes of managing our relationships and communicating with you by email and/or telephone.  
  6. Direct marketing: Processing contact data for the purposes of creating, targeting and sending direct marketing communications by email and making contact by telephone for marketing-related purposes. We do this to improve and facilitate your participation in market research activities. 
  7. Research and analysis: Processing usage data for the purposes of researching and analyzing the use of our website, for example monitoring, supporting, improving, and securing our website, services and business generally. OpinionSite has a legitimate interest in maintaining security conditions on our websites to prevent malware, or other types of attacks. Security is essential to protect the personal data of customers and visitors. 
  8. Record keeping: Processing your Personal Information for the purposes of creating and maintaining our databases, back-up copies of our databases and our business records in servers located in the United States. We do this to ensure that we have access to all the information we need to run our business properly and efficiently in accordance with this Notice. 
  9. Legal:Required by Law: for other business-related purposes permitted or required under applicable local law and regulation for example satisfying governmental reporting, tax, crime investigation and national security; and (7) as otherwise required by law. This may include data included in Category A; 
  10. In general as requested by the clients and individuals; 

5. SENSITIVE PERSONAL INFORMATION  

SHG might process certain categories of data that under the CPRA is considered very sensitive. This data may be collected when individuals participate in market research activities carried out by OpinionSite directly or on behalf of their clients. We are committed to handling this data with extreme care and only a few authorized people have access to it. Such data might include: information about your health, your ethnic origin, biometric data, etc.

Where we process Sensitive Personal Information data, we will always obtain your explicit consent to those activities unless:  

  1. Consent is not required by law;  
  2. To protect your vital interests where you are incapable of giving your consent;  
  3. For the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity;  
  4. Processing is necessary for the interest of public health as required by the local law.   

6. AUTOMATED DECISIONS 

  1. We reserve the right to make automated decisions, including using machine learning algorithms about and website visitors to optimize the products and services offered and/or delivered. You may contact us if you would like any clarifications about the automated decisions.  
  2. We might analyze your participation in our surveys with the purpose of enriching the profiling data we hold about yourself. The profiling data that we have collected might be used for making manual or automated decisions that involve your participation in market research activities. As a result of this processing, we will be able to send you market research activities within your sphere of expertise and interest. 
  3. You have the right to opt-out from automated decisions at any time. However, be advised that if you exercise this right, it may affect our ability to offer you survey opportunities and to maintain your membership in our network. 
  4. You may contact us if you would like any clarifications about the automated decisions. 

7. DIGITAL FINGERPRINT 

  1. Cookies: OpinionSite may set and use cookies to enhance your user experience on the sites, such as retaining your personal settings and preferences.  You may set your browser to prevent or reject cookies, or you may manually delete any cookies set. If you reject the cookies on the sites, you may still be able to use the sites, but they shall be limited to certain minimal functionality. From time-to-time OpinionSite may use third-party tracking utilities that use session ID cookies that track site usability and assist OpinionSite in improving user experience. This Privacy Notice does not cover the use of cookies by our third-party providers as we do not have access or control over these cookies. We may collect information on our sites or in our emails using web beacons and or tracking pixels (electronic images). We may use beacons to count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon. 
  2. SHG uses cookies (see table at bottom of this page) for the following purposes:  
    1. Trend Analyses: OpinionSite may use IP addresses to analyze trends, administer the Sites, track your movement within the Sites, and gather broad demographic information for aggregate use. 
    2. Links to other sites: our sites include links to other websites whose privacy practices may differ from OpinionSite’s. If you submit personal data to any of those sites, your information is governed by the privacy statements of those third-party sites. 
  3. Managing cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: 
https://support.google.com/chrome/answer/95647 (Chrome);  
https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop (Firefox); 
https://help.opera.com/en/latest/security-and-privacy/ (Opera); 
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer); 
https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac    (Safari);  
https://support.microsoft.com/en-gb/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge). 

8. CHOICE WITH RESPECT TO USES AND DISCLOSURES OF PERSONAL INFORMATION 

OpinionSite recognizes that individuals have the right to limit the use and disclosure of their Personal Information, and we are committed to respecting those rights.  We apply a strict policy with respect to disclosures of Sensitive Personal Information including, when applicable, obtaining the explicit consent (i.e., opt in consent) of an individual prior to disclosing Sensitive Personal Information to a third party or using Sensitive Personal Information for purposes other than those for which it was originally collected or subsequently authorized by the individual. 

9. SALE OR SHARE OF INFORMATION FOR A BUSINESS PURPOSE 

OpinionSite has not shared or disclose any categories of Personal Information for a business purpose in the last 12 months. 

10. DISCLOSURE/TRANSFER OF INFORMATION FOR A BUSINESS PURPOSE 

  1. SHG may disclose your Personal Information to a third party for a business purpose. We do this by entering into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except in performing the contract or as required by the law. Furthermore, service providers must comply with any privacy state of federal law and agree to provide adequate protections that are no less protective than those set out in this Notice.   
  2. SHG may have disclosed the following categories of Personal Information for a business purpose in the last 12 months. Please see the table included in section 3 for more information about the categories of personal information: 
    1. Category A: Identifiers 
    2. Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code 1798.80(e)). 
    3. Category C: Protected classification characteristics under California or federal law. 
    4. Category F: Internet or other similar network activity. 
    5. Category G: Geolocation data. 
    6. Category H: Sensory data. 
    7. Category I: Professional or employment-related information. 
  3. Disclosure: We may have disclosed your Personal Information for a business purpose to the following categories of third parties: 
    1. Our affiliates and subsidiaries 
    2. Service Providers and consultants 
    3. Professional services organizations, such as auditors and law firms 
    4. Our business partners 
    5. Internet service providers 
    6. Government entities 
    7. Operating systems and platforms 
    8. Survey hosting providers  
    9. Validation providers  
    10. Rewards fulfillment providers  
    11. SMS and video conference service providers 
    12. Customer and panel support services  
    13. Credit card processor 
    14. Tax authorities 
  4. Purposes of disclosure: We may have disclosed your Personal Information for the below purposes:  
    1. Survey reporting 
    2. Email services 
    3. Authentication of medical licenses 
    4. Identity verification of the panel members  
    5. Offering and providing customer support  
    6. Internal marketing campaigns for communicating new offers to our clients 
    7. Internal marketing campaigns for improving and facilitating participation of Panel Members in market research activities  
    8. Internal marketing engagement e.g. newsletters   
    9. Honorarium processing and fulfillment 
    10. Auditing purposes and governmental reporting 
    11. Tax reporting 
    12. Allowing participation in market research activities  
    13. For complying with your requests or contract obligation we have with you  
  5. Other forms of disclosures: OpinionSite also may disclose your Personal Information for other purposes or to other third parties when you have consented to or requested such disclosure or under the following circumstances:  
    1. We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims; 
    2. We believe it is necessary to share information in order to investigate or prevent fraud, or to take action regarding illegal activities, situations involving potential threats to the physical safety of any person, or as otherwise required by law. 
    3. We transfer information about you if OpinionSite is acquired by or merged with another company. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy notice. 
    4. In response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 
  6. Deidentified information: We may also share aggregated or anonymous information that does not directly identify you. OpinionSite may share anonymized aggregated demographic information with OpinionSite partners. 
  7. Liability: OpinionSite is potentially liable in cases of onward transfers of Personal Information to service providers, that, acting as agents on our behalf, process Personal Information in a manner inconsistent with applicable data protection regulations. 

11. DISCLOSURE/TRANSFER OF PERSONAL INFORMATION OUTSIDE US 

The Service providers as described in paragraph 10 might be based in US or in other countries. In these instances, OpinionSite imposes strict contractual obligations with third parties to maintain a level of protection that is equal to the state or federal law and in line with the terms of this Notice.   

In other instances, we may ask your consent to allow us to transfer your Personal Information into another country. In doing so we will provide you with full information about the transfer. 

You may contact our DPO if you would like to know more about our international transfer assessment and/or copy of the transfer mechanism that we use for sharing your Personal Information outside your country of residence.  

12. ANTI-SPAM  

SHG maintains a strict “No-Spam” policy, which means that OpinionSite does not intend to sell, rent or otherwise give your email address to a third-party without your consent. 

13. DATA INTEGRITY, PURPOSE LIMITATION AND RETENTION 

SHG will not process Personal Information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you.  To that end, OpinionSite will take reasonable steps to ensure that your Personal Information is reliable for its intended use, accurate, complete, and current. OpinionSite uses reasonable efforts to maintain the accuracy and integrity of your Personal Information and to update it as appropriate.  

We retain your Personal Information as follows: 

  1. Contact data will be retained for a minimum period of 2 years following the date of the most recent contact between you and us, or until an updating information request or removal request is made by you; 
  2. Communication data will be retained for a minimum period of 2 years following the date of the communication in question or until a removal request is made by you; 
  3. Usage data will be retained for a minimum period of 2 years or until a removal request is made by you following the date of collection; 
  4. Market research data obtained during your participation in market research activities will be kept up to 5 years. 

We may retain your Personal Information as necessary (including a longer period) to comply with our legal obligations, resolve disputes and enforce our agreements. 

14. PERSONNEL ACCESS OF PERSONAL INFORMATION 

Personnel from OpinionSite may access and use your Personal Information only if they are authorized to do so and only for the purpose for which they are authorized. 

15. DATA SECURITY  

OpinionSite has implemented physical and technical safeguards to protect Personal Information from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, electronically stored Personal Information is stored on a secure network with firewall protection, and access to OpinionSite 's electronic information systems requires user authentication via password or similar means. OpinionSite also employs access restrictions, such as limiting the scope of employees who have access to Customer Personal Information. Further, OpinionSite uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all the time. 

16. YOUR RIGHTS AND CHOICES 

Pursuant to the CPRA and subject to certain exceptions and limitations, California residents may contact us to exercise their rights with respect to certain Personal Information that we hold about them. To the extent these rights may apply to you, they are described below.  

  1. Right to Know and Access your Personal Information Collected or Disclosed. You have the right to request that we provide you with details about the Personal Information we collect, use and disclose. You can submit your request as described in 17, and we reserve the right to conduct the verification described. In connection with this request, you are entitled to receive the following: 
    1. The categories of your Personal Information that we have collected 
    2. The categories of sources from which that Personal Information was collected 
    3. The business/commercial purpose for the collection or selling or sharing personal information  
    4. The categories of third parties to whom we disclose Personal Information 
    5. The specific pieces of Personal Information we have collected about you (subject to some exceptions) 
    6. If we have disclosed, sold, or shared (as those words are defined in the CCPA and CPRA) Personal Information to third parties, you are also entitled to receive: 
    7. The categories of Personal Information that we have collected about you.  
    8. The categories of Personal Information that we have sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of Personal Information for each category of third parties to whom the Personal Information was sold or shared. 
    9. The categories of Personal Information that we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose. 
  2. Right to Delete Personal Information. You have the right to request deletion of the Personal Information we have collected about you (subject to some exceptions). You can submit your request as described in 17, and we reserve the right to conduct the verification described. 
  3. We may deny your deletion request if retaining the information is necessary for us or our service providers to: 
    1. Complete the transaction for which we collected the Personal Information, provide a service that you requested, or take actions reasonably anticipated within the context of our ongoing business relationship with you. 
    2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities. 
    3. Debug products to identify and repair errors that impair existing intended functionality. 
    4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law. 
    5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code 1546 seq.). 
    6. Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent. 
    7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us. 
    8. Comply with a legal obligation. 
  4. Right to Correct Inaccurate Personal Information. You may request the correction of inaccurate Personal Information processed by OpinionSite, and update or modify any Personal Data that is incorrect or incomplete. You may also notify us by using the contacts in section 17 to correct any inaccurate personal information we have about you.  
  5. Right to No Retaliation following the Exercise of a Consumer’s Privacy Rights. We will not discriminate against you for exercising any of your CCPA/CPRA rights.  Unless permitted by the law, we will not: 
    1. Deny you use of our services. 
    2. Provide you a different level or quality of services. 
    3. Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services 
    4. Retaliate against an employee, applicant for employment, or independent contractor for exercising their rights under this title. 
  6. Right to Limit Use and Disclosure of Sensitive Personal Information. You have the right to limit the use and disclosure of your Sensitive Personal Information to that use which is necessary to perform our services. 

17.  HOW TO EXERCISE YOUR RIGHTS AND IDENTITY VERIFICATION 

You can exercise your rights by filling out the form found at http://preferences.surveyhealthcareglobal.com/privacy. You may also submit a request at shgprivacyrequest@surveyhealthcareglobal.com, reach us on toll free number 1-800-470-8213 or via postal mail at OpinionSite, Attn: Privacy Department, 480 Pleasant Street, Watertown, MA 02472 USA. 

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your Personal Information. 

As part of this process, we may ask to verify your identity. Your request must: 

  1. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; 
  2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. 

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable request to verify your identity or authority to make the request. 

18.  RESPONSE TIMING AND FORMAT 

We endeavor to respond to a verifiable request within 45 days of its receipt.  If we require more time up to 45 more days, for a total of 90 days from the receipt, we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.  

Any disclosures we provide will only cover the 12-month period preceding receipt of a verifiable request if your data has been collected before January 1, 2022.  The response we provide will also explain the reasons we cannot comply with a verifiable request, if applicable.  

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

19. RESPONSIBILITIES AND MANAGEMENT 

SHG has designated the Privacy and Compliance Department to oversee its information security program, including its compliance with the Privacy Shield program. The Privacy and Compliance Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Notice also may be directed to privacy@opinionsite.com.   

20. CHANGE TO THIS NOTICE 

This Notice may be amended from time to time, consistent with applicable data protection and privacy laws and principles. We will notify Members if we make changes that materially affect the way we handle Personal Information previously collected, and we will allow them to choose whether their Personal Information may be used in any materially different manner. 

 

Virginia Residents 

1. Controller of the Persona Data:  

Universal Survey Center, Inc., d/b/a OpinionSite/OMR Globus ("OpinionSite") 

480 Pleasant Street, Suite B100  

Watertown, MA 02472 

SHG Data Protection Contact & DPO: privacy@opinionsite.com.   

2. SCOPE 

Pursuant to the Virginia Consumer Data Protection Act (CDPA) OpinionSite has adopted this Privacy Notice.   

We're committed to helping you understand how we manage and protect the information we collect. We take privacy seriously and have taken many steps to help safeguard the information we collect from you.  

3. PERSONAL DATA THAT WE COLLECT  

OpinionSite provides research solutions to its Client, which are predominantly business customers, and individuals that may purchase products or participate in market research activities. 

  1. General Data: OpinionSite collects Personal Data of healthcare professionals and consumers that register with our Community.  
  2. Communication Data: We may process information contained in or relating to any communication that you send to us or that we send to you. The communication data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. 
  3. Usage data: We may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type, version and language, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. We may also collect and process data on the websites you visited before our sites may be logged automatically if you are redirected to our site from our advertising campaigns. The source of the usage data is our analytics tracking system, marketing automation platform or other marketing technologies. 
  4. Market Research data: we might also collect personal data and anonymized and/or pseudonymized data produced by individuals’ participation in market research activities. 
  5. Information collected: The Personal Information that we collect may vary based on your interaction with OpinionSite. As a general matter, OpinionSite collects the following types of Personal Data: 

Data collected from individuals: 

Category

Examples

Collected

A. Personal Data. 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, Social Security number, or any information that is linked or reasonably linkable to an identified or identifiable natural person.  

Yes

B. Sensitive data 

Data that includes race, color, national origin, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, biometric data. 

Geolocation data  

Yes

C. Internet or other similar network activity. 

Browsing history, search history, information on a consumer's interaction with a website. 

Yes

D. Professional or employment-related information. 

Occupation, Employer Information. 

Yes

E. Profiling 

It means any form of automated processing performed on personal data to evaluate, analyze, or predict personal aspects related to an identified or identifiable natural person's economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. 

Yes

4. PURPOSES OF DATA PROCESSING

Opinion Site processes Personal Data that it collects directly from individuals registered with the Community and indirectly in its role as a service provider for the following business purposes: 

  1. Operations: maintaining and supporting our products as well as delivering and providing the requested products/services;
  2. Contractual; complying with contractual obligations related thereto (including managing transactions, reporting, invoices, and other operations related to providing/receiving services to/from clients and individuals). This may include data included in Category A 
  3. Market Research: Allowing individuals to participate in market research surveys and interviews and related activities. We report back to clients the results in an anonymized and aggregated form.   
  4. Publications: In certain occasions and strictly in accordance with your express instructions, we may process your personal data for the purposes of publishing such data on our website and elsewhere through our services.  
  5. Relationships and communications: Processing contact data for the purposes of managing our relationships and communicating with you by email and/or telephone.  
  6. Direct marketing: Processing contact data for the purposes of creating, targeting and sending direct marketing communications by email and making contact by telephone for marketing-related purposes. We do this to improve and facilitate your participation in market research activities. 
  7. Research and analysis: Processing usage data for the purposes of researching and analyzing the use of our website, for example monitoring, supporting, improving and securing our website, services and business generally. OpinionSite has a legitimate interest in maintaining security conditions on our websites to prevent malware, or other types of attacks. Security is essential to protect the personal data of customers and visitors. 
  8. Record keeping: Processing your personal data for the purposes of creating and maintaining our databases, back-up copies of our databases and our business records in servers located in the United States. We do this to ensure that we have access to all the information we need to run our business properly and efficiently in accordance with this Notice. 
  9. Legal:Required by Law: for other business-related purposes permitted or required under applicable local law and regulation for example satisfying governmental reporting, tax, crime investigation and national security; and (7) as otherwise required by law. This may include data included in Category A; 
  10. In general as requested by the clients and individuals; 

5. SENSITIVE PERSONAL INFORMATION  

OpinionSite might process certain categories of data that under the CDPA is considered very sensitive. This data may be collected when individuals participate in market research activities carried out by OpinionSite directly or on behalf of their clients. We are committed to handling this data with extreme care and only few authorized people have access to it. Such data might include: information about your health, your ethnic origin, biometric data, etc. Where we process sensitive personal information data, we will always obtain your explicit consent to those activities unless:  

  1. Consent is not required by law;  
  2. To protect your vital interests where you are incapable of giving your consent;  
  3. For the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity;  

6. AUTOMATED DECISIONS 

We reserve the right to make automated decisions, including using machine learning algorithms about website visitors to optimize the products and services offered and/or delivered. You may contact us if you would like any clarifications about the automated decisions.  

We might analyze your participation in our surveys with the purpose of enriching the profiling data we hold about yourself. The profiling data that we have collected might be used for making manual or automated decisions that involve your participation in market research activities. As a result of this processing, we will be able to send you market research activities within your sphere of expertise and interest. 

You have the right to opt-out from automated decisions at any time. However, be advised that if you exercise this right, it may affect our ability to offer you survey opportunities and to maintain your membership in our network. 

You may contact us if you would like any clarifications about the automated decisions. 

7. DIGITAL FINGERPRINT 

  1. Cookies: OpinionSite may set and use cookies to enhance your user experience on the sites, such as retaining your personal settings and preferences.  You may set your browser to prevent or reject cookies, or you may manually delete any cookies set. If you reject the cookies on the sites, you may still be able to use the sites, but they shall be limited to certain minimal functionality. From time-to-time OpinionSite may use third-party tracking utilities that use session ID cookies that track site usability and assist OpinionSite in improving user experience. This Privacy Notice does not cover the use of cookies by our third-party providers as we do not have access or control over these cookies. We may collect information on our sites or in our emails using web beacons and or tracking pixels (electronic images). We may use beacons to count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon. OpinionSite uses cookies (see table at bottom of this page) for the following purposes: 
    1. Trend Analyses: OpinionSite may use IP addresses to analyze trends, administer the Sites, track Your movement within the Sites, and gather broad demographic information for aggregate use. 
    2. Links to other sites: our sites include links to other websites whose privacy practices may differ from OpinionSite’s. If you submit personal data to any of those sites, your information is governed by the privacy statements of those third-party sites. 
  2. Managing cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: 
https://support.google.com/chrome/answer/95647 (Chrome);  
https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop (Firefox); 
https://help.opera.com/en/latest/security-and-privacy/ (Opera); 
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer); 
https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac    (Safari);  
https://support.microsoft.com/en-gb/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge). 

8. SALE OF INFORMATION FOR A BUSINESS PURPOSE 

OpinionSite does not sell any categories of Personal Information for a business purpose in accordance with CDPA. 

9. TRANSFER OF INFORMATION FOR A BUSINESS PURPOSES 

  1. OpinionSite might transfer personal information for business purposes by entering into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract or as required by the law. Furthermore, service providers must comply with any privacy state of federal law and agree to provide adequate protections that are no less protective than those set out in this Notice. 
  2. SHG may transfer the following categories of Personal Information for a business purpose. Please see the table included in section 3 for more information about the categories of personal information: 
    1. Category A 
    2. Category B  
    3. Category C  
    4. Category D  
    5. Category E  
  3. Transfer: We may transfer your Personal Information for a business purpose to the following categories of third parties: 
    1. Our affiliates and subsidiaries 
    2. Service Providers and consultants 
    3. Professional services organizations, such as auditors and law firms 
    4. Our business partners 
    5. Internet service providers 
    6. Government entities 
    7. Operating systems and platforms 
    8. Survey hosting providers  
    9. Validation providers  
    10. Rewards fulfillment providers  
    11. SMS and video conference service providers 
    12. Customer and panel support services  
    13. Credit card processor 
    14. Tax authorities 
  4. Purposes of disclosure: We may have disclosed your personal information for the below purposes:  
    1. Survey reporting 
    2. Email services 
    3. Authentication of medical licenses 
    4. Identity verification of the panel members  
    5. Offering and providing customer support  
    6. Internal marketing campaigns for communicating new offers to our clients 
    7. Internal marketing campaigns for improving and facilitating participation of Panel Members in market research activities  
    8. Internal marketing engagement e.g. newsletters   
    9. Honorarium processing and fulfillment 
    10. Auditing purposes and governmental reporting 
    11. Tax reporting 
    12. Allowing participation in market research activities  
    13. For complying with your requests or contract obligation we have with you  
  5. Other forms of disclosures: OpinionSite also may disclose your personal data for other purposes or to other third parties when you have consented to or requested such disclosure or under the following circumstances:  
    1. We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims; 
    2. We believe it is necessary to share information to investigate or prevent fraud, or to take action regarding illegal activities, situations involving potential threats to the physical safety of any person, or as otherwise required by law. 
    3. We transfer information about you if OpinionSite is acquired by or merged with another company. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy notice. 
    4. In response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 
  6. Deidentified information: We may also share aggregated or anonymous information that does not directly identify you. OpinionSite may share anonymized aggregated demographic information with OpinionSite partners. 
  7. Liability: OpinionSite is potentially liable in cases of onward transfers of Personal Data to service providers , that, acting as agents on our behalf, process Personal Data in a manner inconsistent with applicable data protection regulations. 

10. DISCLOSURE/TRANSFER OF PERSONAL DATA OUTSIDE US 

The Service providers as described in section 9 might be based in the US or in other countries. In these instances, OpinionSite imposes strict contractual obligations with third parties to maintain a level of protection that is equal to the state or federal law and in line with the terms of this Notice.   

In other instances, we may ask your consent to allow us to transfer your personal data into another country. In doing so we will provide you with full information about the transfer. 

11. ANTI-SPAM  

SHG maintains a strict “No-Spam” policy, which means that OpinionSite does not intend to sell, rent or otherwise give your email address to a third-party without your consent. 

12. DATA INTEGRITY, PURPOSE LIMITATION AND RETENTION 

SHG will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you.  To that end, OpinionSite will take reasonable steps to ensure that your Personal Data is reliable for its intended use, accurate, complete, and current. OpinionSite uses reasonable efforts to maintain the accuracy and integrity of your Personal Data and to update it as appropriate. 

We retain your personal data as follows: 

  1. Contact data will be retained for a minimum period of 2 years following the date of the most recent contact between you and us, or until an updating information request or removal request is made by you. 
  2. Communication data will be retained for a minimum period of 2 years following the date of the communication in question or until a removal request is made by you. 
  3. Usage data will be retained for a minimum period of 2 years or until a removal request is made by you following the date of collection. 
  4. Market research data obtained during your participation in market research activities will be kept for up to 5 years. 
We may retain your information as necessary (including a longer period) to comply with our legal obligations, resolve disputes and enforce our agreements. 

13. PERSONNEL ACCESS OF PERSONAL DATA 

Personnel from OpinionSite may access and use your personal data only if they are authorized to do so and only for the purpose for which they are authorized. 

14. DATA SECURITY  

SHG has implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to OpinionSite 's electronic information systems requires user authentication via password or similar means. OpinionSite also employs access restrictions, such as limiting the scope of employees who have access to Customer Personal Data. Further, OpinionSite uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all of the time. 

15. YOUR RIGHTS AND CHOICES 

Pursuant to the Virginia Consumer Data Protection Act (CDPA) and subject to certain exceptions and limitations, Virginia residents may contact us to exercise their rights with respect to certain Personal Information that we hold about them. To the extent these rights may apply to you, they are described below.  

  1. Right to Know and Access: You have the right to obtain confirmation about whether your Personal Data is being processed by OpinionSite and to access it.    
  2. Right to Correct Inaccuracies: You may correct inaccuracies of your Personal Data, taking into account the nature of the personal data and the purposes of the processing. You may ask us to review your own Personal Data processed by us and correct, update, modify, or delete any data that is incorrect or incomplete. 
  3. Right to Deletion: You may request to have your Personal Data and the Personal Data obtained about you deleted.  
  4. Right to Obtain a Copy: You may request a copy of your Personal Data previously provided to OpinionSite in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the Personal Data to another controller without hindrance, as the processing is carried out by automated means.
  5. Right to Opt-out: You have the right to request to opt-out the processing of your Personal Data from: 
    1. Targeted advertisement 
    2. Sale of personal data 
    3. Profiling in furtherance of decisions that produce legal or similar effects concerning you 
  6. Right to Avoid Discrimination: OpinionSite will not discriminate against you for exercising any of your consumer rights, including denying goods or services, charging different prices or rates for goods or services, or providing a different level of quality of goods and services to you. Even if OpinionSite does not process your personal information for the above purposes, you still have the opportunity to submit a request to opt-out.  

16. IDENTIFICATION OF THE DATA SUBJECT 

We cannot respond to your request or provide you with Personal Information if we cannot authenticate your request using commercially reasonable efforts; we will take the necessary steps to verify your identity and the request. Making a verifiable request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable request to verify your identity or authority to make the request. 

17. HOW TO EXERCISE YOUR RIGHTS  

You can exercise your rights by filling out the form found at https://preferences.surveyhealthcareglobal.com/privacy. You may also submit a request at shgprivacyrequest@surveyhealthcareglobal.com, reach us on toll free number 1-800-470-8213, or via postal mail at OpinionSite, Attn: Compliance Department, 480 Pleasant Street, Suite B100, Watertown, MA 02472 USA  

18.  RESPONSE TIMING AND FORMAT 

We endeavor to respond to a verifiable rights request within 45 days of its receipt.  If we require more time, up to 45 more days, for a total of 90 days from the receipt of your initial request, due to the complexity/number of your requests, we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.  

If we determine that we can’t comply with your request, we will explain the reasons for declining to take actions and instruction for how to appeal our decision.   

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

19. PROCESS TO APPEAL THE CONTROLLER’S DECISIONS 

Within 15 days of the notification of our decision, you have the right to appeal an OpinionSite’s refusal to take action on a request by contacting our Data Protection Officer via email at Privacy@apollointelligence.net or via postal mail at OpinionSite, Attn: DPO, 480 Pleasant Street, Suite B100, Watertown, MA 02472 USA.  Within 60 days of the receipt of your appeal, OpinionSite will inform you about any action taken or not taken and provide written explanation of the reasons for the decision.  

If we reject your appeal, you have the right to contact the Virginia Attorney General: https://www.oag.state.va.us/.      

20. RESPONSIBILITIES AND MANAGEMENT 

SHG has designated the Privacy and Compliance Department to oversee its information security program, including its compliance with the Privacy Shield program. The Privacy and Compliance Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Notice also may be directed to privacy@OpinionSite.com.  

21. CHANGE TO THIS NOTICE 

This Notice may be amended from time to time, consistent with applicable data protection and privacy laws and principles. We will notify Members if we make changes that materially affect the way we handle Personal Information previously collected, and we will allow them to choose whether their Personal Information may be used in any materially different manner. 

Privacy Notice for EEA, UK and Swiss Residents  

1. Controller of the Persona Data:  

Universal Survey Center Inc., d/b/a OpinionSite/OMR 

480 Pleasant Street, Watertown, MA 02472

UK Data Protection Representative: Antonio Tropea, Managing Director - Europe, Survey Healthcare Limited, Citypoint Building, 9th Fl, 1 Ropemaker Street, London EC2Y 9HT, United Kingdom. UKDataProtectionRepresentative@surveyhealthcareglobal.com.   

EU Data Protection Representative: Fabio Musumeci, Privacy and Compliance Director, Survey Healthcare Globus: EUDataProtectionRepresentative@surveyhealthcareglobal.com.  

DPO contact: privacy@opinionsite.com  

2. SCOPE 

This Notice applies to the processing of Personal Data that OpinionSite transfers to and stores in the United States.   

We're committed helping you understand how we manage and protect the information we collect. We take privacy seriously and have taken many steps to help safeguard the information we collect from you. 

3.  PERSONAL DATA THAT WE COLLECT  

OpinionSite provides research solutions to its Clients, which are predominantly business customers, and individuals that may purchase products or participate in market research activities.  

  1. General Data: OpinionSite collects Personal Data of healthcare professionals and consumers that register with our Community. 
  2. Communication Data: We may process information contained in or relating to any communication that you send to us or that we send to you. The communication data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. 
  3. Usage data: OpinionSite may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type, version and language, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. We may also collect and process data on the websites you visited before our sites that may be logged automatically if you are redirected to our site from our advertising campaigns. The source of the usage data is our analytics tracking system, marketing automation platform or other marketing technologies. 
  4. Market Research data: OpinionSite might also collect personal data and anonymized and/or pseudonymized data produced by individuals’ participation in market research activities. 
  5. Information collected: The Personal Data that we collect may vary based on your interaction with OpinionSite. As a general matter, OpinionSite collects the following types of Personal Data: 

Data collected from individuals: 

Category

Examples

Collected

A. Personal data 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, Social Security number, or other similar identifiers, telephone number, employment 

Yes

B. Special categories of personal data ART. 9 GDPR 

Age (40 years or older), race, color, national origin, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, biometric data. 

Yes

C.  Internet or other similar network activity. 

Browsing history, search history, information on a consumer's interaction with a website. 

Yes

D. Geolocation data. 

Physical location or movements. 

Yes

E.  Sensory data. 

Audio, visual, or similar information. 

Yes

F.   Professional or employment-related information. 

Occupation, Employer Information. 

Yes

4. PURPOSES OF DATA PROCESSING 

OpinionSite processes Personal Data that it collects directly from individuals registered with the Community and indirectly in its role as a service provider for the following business purposes: 

  1. Operations: maintaining and supporting our products as well as delivering and providing the requested products/services; 
  2. Contractual; complying with contractual obligations related thereto (including managing transactions, reporting, invoices and other operations related to providing/receiving services to/from clients and individuals). This may include data included in Category A; 
  3. Market Research: Allowing individuals in participate to market research surveys and interviews and related activities. We report back to clients the results in an anonymized and aggregated form.   
  4. Publications: In certain occasions and strictly in accordance with your express instructions, we may process your personal data for the purposes of publishing such data on our website and elsewhere through our services.  
  5. Relationships and communications: Processing contact data for the purposes of managing our relationships and communicating with you (excluding communicating for the purposes of direct marketing) by email and/or telephone.  
  6. Direct marketing: Processing contact data for the purposes of creating, targeting and sending direct marketing communications by email and making contact by telephone for marketing-related purposes. We do this to improve and facilitate your participation in market research activities. 
  7. Research and analysis: Processing usage data for the purposes of researching and analyzing the use of our website, for example monitoring, supporting, improving and securing our website, services and business generally. OpinionSite has a legitimate interest in maintaining security conditions on our websites to prevent malware, or other types of attacks. Security is essential to protect the personal data of customers and visitors. 
  8. Record keeping: Processing your personal data for the purposes of creating and maintaining our databases, back-up copies of our databases and our business records in servers located in the United States. We do this to ensure that we have access to all the information we need to run our business properly and efficiently in accordance with this Notice.  
  9. Legal compliance and vital interests: Processing your personal data where such processing is necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or the vital interests of another natural person. 
  10. Legal: Required by Law: for other business-related purposes permitted or required under applicable local law and regulation for example satisfying governmental reporting, tax, crime investigation and national security; and (7) as otherwise required by law. This may include data included in Category A; 
  11. In general as requested by data subjects; 

5. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA 

OpinionSite uses the below legal bases for processing your data in relation with the above identified purposes: 

Legal Basis 

Purposes 

Your Consent 

Market research,  

Publications,  

Record keeping,  

In general 

Execution of a contract to which you or your company is party or in order to take preliminary steps at your request prior to entering into a contract 

Operations 

Contractual 

Relationships and communications 

Direct marketing 

Comply with a legal obligation to which the OpinionSite is subject 

Legal compliance and vital interests 

Required by Law 

Legitimate interest 

Operations 

Relationships and communications 

Direct marketing 

Research and analysis 

Record keeping 

6. SPECIAL CATEGORY OF PERSONAL DATA OR SENSITIVE DATA  

OpinionSite might process certain categories of data that can be considered very sensitive. This data may be collected when individuals participate in market research activities carried out by OpinionSite directly or on behalf of their clients. We are committed to handling this data with extreme care and only a few authorized people have access to it. Such data might include: information about your health, your ethnic origin, biometric data, trade union membership, etc. Where we process special categories of personal data, “Sensitive Personal Data,” we will always obtain your explicit consent to those activities unless:  

  1. Consent is not required by law;  
  2. To protect your vital interests where you are incapable of giving your consent;  
  3. For the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity;  
  4. Processing is necessary for reasons of public interest in the area of public health as required by the local law.   

Where this is allowed by law, you may have the right to withdraw that consent at any time.  

7. AUTOMATED DECISIONS 

We reserve the right to make automated decisions, including using machine learning algorithms about website visitors in order to optimize and provide better experience when navigating our websites. Only digital data as specified in section VIII are included in this processing. 

We might analyze your participation in our surveys with the purpose of enriching the profiling data we hold about yourself. The profiling data that we have collected might be used for making manual or automated decisions that involve your participation to market research activities. As a result of this processing, we will be able to send you market research activities within your sphere of expertise and interest. 

You may contact us if you would like any clarifications about the automated decisions. 

8.  DIGITAL DATA 

  1. Cookies: OpinionSite may set and use cookies to enhance your user experience on the sites, such as retaining your personal settings and preferences.  You may set your browser to prevent or reject cookies, or you may manually delete any cookies set. If you reject the cookies on the sites, you may still be able to use the sites, but they shall be limited to certain minimal functionality. From time-to-time OpinionSite may use third-party tracking utilities that use session ID cookies that track site usability and assist OpinionSite in improving user experience. This Privacy Notice does not cover the use of cookies by our third-party providers as we do not have access or control over these cookies. We may collect information on our sites or in our emails using web beacons and or tracking pixels (electronic images). We may use beacons to count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon. You can review the cookies used by OpinionSite’s website at the bottom of this page
  2. Configuration Panel: You can configure the Cookie by using the configuration panel pupping up when you visit our website. 
  3. Trend Analyses: OpinionSite may use IP addresses to analyze trends, administer the Sites, track your movement within the Sites, and gather broad demographic information for aggregate use. 
  4. Links to other sites: our sites include links to other websites whose privacy practices may differ from OpinionSite’s. If you submit personal data to any of those sites, your information is governed by the privacy statements of those third-party sites. 
  5. Managing cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: 

https://support.google.com/chrome/answer/95647 (Chrome);  

https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop (Firefox); 

https://help.opera.com/en/latest/security-and-privacy/  (Opera); 

https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer); 

https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac (Safari);  

https://support.microsoft.com/en-gb/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge). 

9.  CHOICE WITH RESPECT TO USES AND DISCLOSURES OF PERSONAL DATA 

OpinionSite recognizes that individuals have the right to limit the use and disclosure of their Personal Data, and we are committed to respecting those rights. We offer individuals the opportunity to opt out of disclosures of Personal Data to a third party or the use of Personal Data for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual.  We will comply with the GDPR with respect to disclosures of Sensitive Data including, when applicable, obtaining the explicit consent (i.e., opt in consent) of an individual prior to disclosing Sensitive Data to a third party or using Sensitive Data for purposes other than those for which it was originally collected or subsequently authorized by the individual. 

10.  DISCLOSURE/TRANSFER OF INFORMATION FOR A BUSINESS PURPOSE 

OpinionSite may disclose your Personal Information to a third party for a business purpose. We do this by entering into a contract that describes the purpose and requires the recipient to both keep that Personal Data confidential and not use it for any purpose except performing the contract. Furthermore, third parties must comply with the GDPR and agree to provide adequate protections that are no less protective than those set out in this Notice. 
  1. Disclosure: We may disclose your Personal Information for a business purpose to the following categories of third parties: 
    1. Our affiliates and subsidiaries 
    2. Service Providers and consultants 
    3. Professional services organizations, such as auditors and law firms 
    4. Our business partners 
    5. Internet service providers 
    6. Government entities 
    7. Operating systems and platforms 
    8. Survey hosting providers  
    9. Validation providers  
    10. Rewards fulfillment providers 
    11. SMS and video conference service providers 
    12. Customer and panel support services  
    13. Credit card processor 
    14. Tax authorities 
  2. Purposes of disclosure: OpinionSite may disclose your personal information for the below purposes:  
    1. Survey reporting 
    2. Email services 
    3. Authentication of medical licenses 
    4. Identity verification of the panel members  
    5. Offering and providing customer support  
    6. Internal marketing campaigns for communicating new offers to our clients 
    7. Internal marketing campaigns for improving and facilitating participation of Panel Members in market research activities  
    8. Internal marketing engagement e.g. newsletters   
    9. Honorarium processing and fulfillment 
    10. Auditing purposes and governmental reporting 
    11. Tax reporting 
    12. Allowing participation in market research activities  
    13. For complying with your requests or contract obligation we have with you 
  3. Disclosures due to acquisition or merge: We may share your information in connection with a merger, sale of company assets, financing or acquisition of all or a portion of our business to another company, if any. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy policy.  
  4. Anonymous information: We may also share aggregated or anonymous information that does not directly identify you. OpinionSite may share anonymized aggregated demographic information with OpinionSite partners. 
  5. Other forms of disclosures: OpinionSite also may discloses your personal data for other purposes or to other third parties when you have consented to or requested such disclosure or under the following circumstances:  
    1. We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims; 
    2. We believe it is necessary to share information to investigate or prevent fraud, or to take action regarding illegal activities, situations involving potential threats to the physical safety of any person, or as otherwise required by law. 
    3. We transfer information about you if OpinionSite is acquired by or merged with another company. In this event, OpinionSite will notify you before information about you is transferred and becomes subject to a different privacy notice. 
    4. In response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 
  6. Third party compliance: Such third parties must agree to use such Personal Data only for the purposes for which they have been engaged by OpinionSite and they must either:  
    1. comply with the GDPR, the Privacy Shield principles, or another mechanism permitted by the applicable European data protection law(s) for transfers and processing of Personal Data; or  
    2. agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Notice. 
  7. Liability: OpinionSite is potentially liable in cases of onward transfers of Personal Data to third parties, such as when third parties that act as agents on our behalf process Personal Data in a manner inconsistent with applicable data protection regulations. 

11. TRANSFER PERSONAL DATA OUTSIDE THE EEA, UK AND SWITZERLAND 

The third parties as described in paragraph 10.7 might be based in US or in countries other than EEA, UK and Switzerland. In these instances, OpinionSite imposes strict contractual obligations and executes Standard Contractual Clauses with third parties to maintain a level of protection that is equal to the GDPR requirements. 

In other instances, we may ask your consent to allow us to transfer your personal data into another country. In doing so we will provide you with full information about the transfer. 

You may contact our DPO if you would like to know more about our international transfer assessment and/or copy of the transfer mechanism that we use for sharing your Personal Data outside your country of residence.    

12. ANTI-SPAM  

OpinionSite maintains a strict “No-Spam” policy, which means that OpinionSite does not intend to sell, rent or otherwise give your email address to a third-party without your consent. 

13. DATA INTEGRITY, PURPOSE LIMITATION AND RETENTION 

OpinionSite will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you.  To that end, OpinionSite will take reasonable steps to ensure that your Personal Data is reliable for its intended use, accurate, complete, and current.  OpinionSite uses reasonable efforts to maintain the accuracy and integrity of your Personal Data and to update it as appropriate. 

We retain your personal data as follow: 

  1. Contact data will be retained for a minimum period of 2 years following the date of the most recent contact between you and us, or until an updating information request or removal request is made by you; 
  2. Communication data will be retained for a minimum period of 2 years following the date of the communication in question or until a removal request is made by you; 
  3. Usage data will be retained for a minimum period of 2 years or until a removal request is made by you  following the date of collection; 
  4. In general we do not retain your personal data for more than 2 years since your last engagement/interaction with the Company; 

We may retain your information as necessary (including a longer period) to comply with our legal obligations, resolve disputes and enforce our agreements. 

14. PERSONNEL ACCESS OF PERSONAL DATA 

Personnel from OpinionSite may access and use your personal data only if they are authorized to do so and only for the purpose for which they are authorized. 

15. DATA SECURITY  

OpinionSite has implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, electronically stored Personal Data is stored on a secure network with firewall protection, and access to OpinionSite’s electronic information systems requires user authentication via password or similar means. OpinionSite also employs access restrictions, such as limiting the scope of employees who have access to Customer Personal Data. Further, OpinionSite uses secure encryption technology to protect certain categories of personal data. 

Despite these precautions, no data security safeguards guarantee 100% security all the time. 

16. YOUR RIGHTS  

  1. Right of Access You have the right to obtain confirmation about whether your personal data is included in our databases.  Upon request, OpinionSite will provide an individual access to your personal data within the time frame dictated by the applicable data protection regulations. OpinionSite will allow you to know what Personal Data is included in our databases and to ensure that such Personal Data is accurate and relevant for the purposes for which OpinionSite collected the Personal Data. You may also request a copy of your data in a commonly used and machine-readable form.  
  2. Right of Rectification: You may review your own Personal Data stored in the databases and correct, update, modify, or delete any data that is incorrect or incomplete. 
  3. Right of Erasure: You may request to have the personal information that we have about you to be deleted from our servers. OpinionSite will take reasonable steps, including technical measures, to comply with your request. In some circumstances your request might be rejected if it falls under one of the categories included in ART. 17.3: 
    1. exercising the right of freedom of expression and information 
    2. for compliance with a legal obligation 
    3. for reasons of public interest in the area of public health 
    4. archiving purposes in the public interest, scientific or historical research purposes or statistical purposes 
    5. establishment, exercise or defense of legal claims   
  4. Objection: You may object, at any time, to your Personal Data being processed for a specific purpose.  
  5. Restriction of Processing: You may restrict processing of your Personal Data for certain reasons, such as, for example if you consider your Personal Data collected by us to be inaccurate or you have objected to the processing and the existence of legitimate grounds for processing is still under consideration. 
  6. Data Portability: You may request the Personal Data you provided to us in a commonly used and machine-readable form.  
  7. Right to Withdraw Consent: You have the right to withdraw your consent at any time, without affecting the lawfulness of our processing based on such consent before it was withdrawn, including processing related to existing contracts for our Services. 
  8. Right to complain to a supervisory authority: you might lodge a complaint about our processing of your personal data with your local Data Protection Authority; OpinionSite will collaborate with the authority to resolve it. 
  9. Limitations: these rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en and https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.  

17. HOW TO EXERCISE YOUR RIGHTS 

You can exercise your rights by filling out the form found at https:// preferences.surveyhealthcareglobal.com/privacy. You may also submit a request at shgprivacyrequest@surveyhealthcareglobal.com,via postal mail at OpinionSite, Attn: Privacy Department, 480 Pleasant Street, Watertown, MA 02472 USA  

18.  RESPONSE TIMING AND FORMAT 

We endeavor to respond to a verifiable request within 30 days of its receipt. If we require more time (up to two extra months), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a verifiable request, if applicable.  

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

Request that we can’t process: We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable request to verify your identity or authority to make the request. 

OpinionSite will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise:  

  1. legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or 
  2. requests received from the Data Subject.  

19. NOTIFICATION 

OpinionSite notifies Clients and individuals about its adherence to GDPR and other applicable data protection regulations, as well as the Privacy Shield principles, through its publicly posted website privacy notice, available in the below webpages: https://www.opinionsite.com/.  

20. RESPONSIBILITIES AND MANAGEMENT 

OpinionSite has designated the Privacy Department to oversee its information security program, including its compliance with the Privacy Shield program. The Privacy Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Notice also may be directed to: privacy@opinionsite.com 

21. ENFORCEMENT AND DISPUTE RESOLUTION 

We commit to resolving individuals’ complaints related to our privacy practices or our collection, or use, or disclosure of Personal Data.  An individual may file a privacy complaint by contacting our DPO at privacy@opinionsite.com. Further, individuals with questions or concerns about the use or disclosure of their Personal Data should contact us as outlined in Section 17. 

If an individual’s complaint cannot be satisfied through our internal complaint process, the individual may bring a complaint before the INSIGHTS ASSOCIATION PRIVACY SHIELD PROGRAM, a non-profit alternative dispute resolution provider located in the United States and operated by the Insights Association. The INSIGHTS ASSOCIATION PRIVACY SHIELD PROGRAM is designed to handle eligible complaints brought by Swiss and EU citizens about Privacy Shield Principles.  If you have any complaints regarding our compliance with the Privacy Shield Framework you should first contact us (as provided above).

If contacting us does not resolve your complaint or you do not receive timely acknowledgement of your complaint, please visit the INSIGHTS ASSOCIATION PRIVACY SHIELD PROGRAM website at https://www.insightsassociation.org/Resources/Privacy-Shield/Information-for-EU-Swiss-Citizens-to-file-a-complaint for more information and to file a complaint.  We will cooperate with the independent dispute resolution mechanism to resolve any complaint that is not resolved through our internal processes.

If a complaint regarding Privacy Shield compliance is not resolved by any of the above dispute resolution mechanisms, an individual has the possibility, under certain conditions, to invoke binding arbitration. Additional information about binding arbitration can be found here: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

The above does not preclude your right to contact your local Data Protection Authority. We will collaborate with the DPA to find a solution to resolve the complaint. 

22. CHANGES TO THIS NOTICE 

OpinionSite will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the Personal Data that it collects. OpinionSite personnel will receive training, as applicable, to effectively implement this Notice. Please refer to Section 8 for a discussion of the steps that OpinionSite has undertaken to protect Personal Data. 

This Notice may be amended from time to time, consistent with the Privacy Shield Principles and applicable data protection and privacy laws and principles. We will notify Customers if we make changes that materially affect the way we handle Personal Data previously collected, and we will allow them to choose whether their Personal Data may be used in any materially different manner. 

 

23. DEFINITIONS  

Capitalized terms in this Privacy Notice have the following meanings: 

  1. "Customer" means a prospective, current, or former partner, vendor, supplier, customer, or client of OpinionSite. The term also shall include any individual agent, employee, representative, customer, or client of an OpinionSite Customer where OpinionSite has obtained his or her Personal Data from such Customer as part of its business relationship with the Customer. 
  2. "Data Subject" means an identified or identifiable natural living person in the European Union. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural, or social characteristics. 
  3. "Employee" means an employee (whether temporary, permanent, part-time, or contract), former employee, independent contractor, or job applicant of OpinionSite. 
  4. "Europe" or "European" refers to a country in the European Economic Area. 
  5. "Personal Data" as defined under Regulation (EU) 2016/679, the General Data Protection Regulation means all data (regardless of format) that (i) identifies or can be used to identify, contact, or locate a natural person, or (ii) pertains in any way to an identified natural person. Personal Data includes obvious identifiers (such as names, addresses, email addresses, phone numbers and identification numbers) as well as biometric data, “personal data” (as defined in the GDPR), and any and all information about an individual’s computer or mobile device or technology usage, including (for example and without limitation) IP address, MAC address, unique device identifiers, unique identifiers set in cookies, and any information passively captured about a person’s online activities, browsing, application or hotspot usage or device location.  
  6. “Sensitive Data” is a subset of Personal Data which due to its nature has been classified by law as deserving additional privacy and security protections. Sensitive Personal Data consists of: (i) all government-issued identification numbers, (ii) all financial account numbers (including payment card information and health insurance numbers), (iii) individual medical records, genetic and biometric information, (iv) user account credentials, such as usernames, passwords, security questions/answers and other password recovery data, (v) data elements that constitute Special Categories of Data under the GDPR, namely EEA Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation, and (vi) any other Personal Data designated by OpinionSite as Sensitive Personal Data. 

 

 

Privacy Shield Notice

1. PRIVACY SHIELD FRAMEWORK 

OpinionSite remains certified with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce. Our Privacy Shield certification is available here

OpinionSite complies with the General Data Protection Regulation (GDPR), the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the US Department of Commerce when processing personal data of European Union and Swiss Citizens. 

As part of the decision of the European Court of Justice (C-311/18 Schrems II) OpinionSite transfers personal data to US via other compliance mechanisms in accordance with Chapter V of the GDPR including the Standard Contractual Clauses issued by the European Commission on the 4th of June 2021.   

If there is any conflict between the terms in this privacy notice and the GDPR or the Privacy Shield Privacy Principles, the GDPR and the Privacy Shield Privacy Principles shall govern. OpinionSite acknowledges that as a participant in the Privacy Shield Framework we are under the enforcement authority of the Federal Trade Commission. 

Individual resident in the European union and Switzerland may resolve their controversy as describe in paragraph 21 of the Privacy Notice for EEA, UK and Swiss residents.  

If you would like to learn more why OpinionSite remains Privacy Shield certified, please visit the Insights Association webpage about Privacy Shield Program: https://www.insightsassociation.org/Resources/Privacy-Shield.  

You can also learn more about the Privacy Shield program, by visiting  https://www.privacyshield.gov/.   

2. RENEWAL  

OpinionSite will renew its Privacy Shield certification annually, unless it subsequently determines that it no longer needs such certification or if it employs a different adequacy mechanism. 

Prior to the re-certification, OpinionSite will conduct an in-house verification to ensure that its attestations and assertions regarding its treatment of Personal Data are accurate and that the company has appropriately implemented these practices. Specifically, as part of the verification process, OpinionSite will undertake the following: 

  1. Review this Notice to ensure that it accurately describe the practices regarding the collection of Customer Personal Data. 
  2. Ensure that this Notice informs about OpinionSite’s participation in the Privacy Shield program and where to obtain a copy of additional information (e.g., a copy of this Notice).  
  3. Ensure that this Notice continues to comply with the Privacy Shield principles and GDPR. 
  4. Confirm that data subjects are made aware of the process for addressing complaints and any independent dispute resolution process (OpinionSite may do so through its publicly posted website, its Privacy Notice and/or its Terms of Use).  
  5. Review its processes and procedures for training Employees about OpinionSite’s participation in the Privacy Shield program and the appropriate handling of Customer Personal Data.  

OpinionSite will prepare an internal verification statement on an annual basis. 

Cookies used on this Site

Cookie  _ga  
Duration2 years  
Domain  .opinionsite.com   
Category  Analytics  
Description  It calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.  
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  _gid  
Duration1 day  
Domain  .opinionsite.com   
Category  Analytics  
Description  _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.  
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  _gat_gtag_UA 
Duration1 minute  
Domain  .opinionsite.com   
Category  Analytics  
Description  Set to distinguish users  
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  _gat 
Duration1 minute  
Domain  .opinionsite.com 
Category  Performance 
Description  This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites. 
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  NID  
Duration6 months  
Domain  .google.com   
Category  Advertisement  
Description  NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads  
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  CONSENT  
Duration16 years  
Domain  .google.com   
Category  Analytics  
Description  YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.  
Apollo or third parties  Google Analytics  
Privacy Policy  https://policies.google.com/privacy?hl=en-US  
  
Cookie  _gat  
Duration1 minute  
Domain  .opinionsite.com   
Category  Performance  
Description  This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.  
Apollo or third parties  Google  
Privacy Policy  https://policies.google.com/privacy?hl=en-US