Survey Respondents Data Protection
As of the 25th of May 2018, the EU General Data Protection Regulation (GDPR) strengthens the privacy rights of individuals regarding their personal data and seeks to unify local data protection laws across Europe. GDPR requires new or additional obligations on organizations in the EU processing personal data and organizations outside the EU processing personal data of EU residents. Moreover, GDPR compliance refers to principles such as lawfulness, fairness and transparency, accuracy, purpose limitation, data minimisation, storage limitation, integrity and confidentiality. They also relate to fulfilling individuals’ rights with respect to their personal data.
Pulse Market Research is committed to protecting data we collect from you against the risks of loss or unauthorized use or access. As a measure for compliance with the (“GDPR”), Pulse has implemented reasonable and appropriate technical, physical, and administrative controls to protect such information. Our company provides heightened security to protect sensitive data, given the risks associated with the loss of such information. The personal data is retained for as long as it is reasonably required for business or legal processes.
In addition, Pulse has enforced proactive measures to ensure the safeguarding and protection of the personal data of its clients, respondents and employees. These include staff awareness, confidentiality agreements for data usage, “GDPR” compliant contracts with clients’ organizations as well as major infrastructure and security improvements.
- DPO nomination
The DPO’s primary role is to ensure that personal data are appropriately treated and protected.
- Pseudonymization / Anonymization of Data
Pseudonymization refers to the process of partitioning the data in such a way that if kept separately subject to specific organizational measures only, it can no longer be attributed to an identifiable natural person.
Further the data is anonymized, meaning that it consists of no personal data but only statistical. Pulse utilizes anonymization techniques to protect respondents’ personal data as part of its data collection process so that access is restricted to its fieldwork teams on a need to know basis.
- Employee awareness
PMR launched an employee awareness program, ensured awareness by providing its employees a “Personnel Data Privacy Notice” as well as attendance to DPO based training.
- Major security infrastructure (technical) upgrades
PMR has upgraded its infrastructure, both hardware and software wise, in order to improve its network security, reduce the risks of unauthorized attacks attempts, protect against malware and viruses as well as implementing strategies such as data backup, disaster recovery and data breach incident response.
PMR has implemented its encryption solutions, both locally on personnel computers as well as for transfers of data, to ensure DLP (Data leakage Prevention).
PMR has reviewed its suppliers’ actions regarding “GDPR” compliance and has ensured they follow the “GDPR” guidelines for compliance. Our collaboration with third-party organizations is based on contractual agreements and are in compliance with “GDPR”.