The Public Reach Inc. Privacy Policy
Public Reach Inc.is full service market research and consulting firm completing work across North America, Europe and the South Pacific. PUBLIC REACH INC. has a strong history of protecting the privacy of its clients, employees, and respondents in all of our business operations.
The PUBLIC REACH INC. Privacy Code is a formal statement of the principles and guidelines concerning the protection of personal information provided to PUBLIC REACH INC., by its clients, respondents and employees. The objective of the PUBLIC REACH INC. Privacy Code is to promote responsible and transparent practices in the management of personal data in accordance with the Personal Information Protection and Electronics Documents Act (PIPEDA). PUBLIC REACH INC. wants to ensure its clients, employees and respondents, that is will constantly review all of its practices concerning the protection of personal information, and remain current with all legislation and technology, to meet both today's and tomorrow needs of its client's, employees, and respondents.
The following is an outline of the Principals of the Personal Information Protection and Electronics Documents Act (PIPEDA), and how PUBLIC REACH INC. is acting upon them to ensure the protection of personal information both today and in the future.
Respondent Personal Confidentiality
PUBLIC REACH INC. is a market research company that is in the business of collecting respondent's information for client's products and related marketing activities for those products. PUBLIC REACH INC. delivers the aggregate results of all respondent's answers to its clients. Therefore any information related to a respondent's personal information including name, phone number, email address, or any other identifying information is never revealed to anyone including the client. The data collected is used only for the purposes of the study for which it was collected and is not used for any other purpose.
Accountability
The Data Protection Officers at PUBLIC REACH INC. are responsible for personal information under its control and are responsible for PUBLIC REACH INC.'s compliance with the following principles:
- Ensuring compliance with the provisions of the PUBLIC REACH INC. Privacy Code rests with Data protection Officers and senior management of PUBLIC REACH INC., which will designate one or more people to be accountable for compliance with the code.
- PUBLIC REACH INC. shall upon request make available the title of the Data Protection Officers that are designated to oversee the PUBLIC REACH INC. Privacy Code
- PUBLIC REACH INC. is responsible for personal information in its possession or control, and shall use all appropriate means to ensure a comparable level of protection while any personal information is being used by a third party.
- PUBLIC REACH INC. will implement policies and procedures to allow the Privacy Code to take effect, including
- Implementing procedures to protect personal information and to oversee PUBLIC REACH INC.'s compliance with the PUBLIC REACH INC. Privacy Code
- Establishing procedures to respond to any inquires or complaints made - through any means of communication - i.e. phone, internet, face-to-face.
- Training and communicating to all staff at PUBLIC REACH INC. about the Privacy Code, and its policies and practices
- Allowing public access to PUBLIC REACH INC.' Privacy Code
Identifying Purposes for Collection of Personal Information
PUBLIC REACH INC. shall identify the purposes for which personal information is collected at the request of the respondent at the end of interview.
PUBLIC REACH INC. may also handle personal information that is shared with us form a client where they have already received consent to do so.
PUBLIC REACH INC. collects personal information to understand respondent needs, attitudes, purchase intent, and preferences for client's products, services, and related marketing activity.
Obtaining Consent for Collection, Use or Disclosure of Personal Information
The knowledge and consent of a respondent or an employee is required for the collection, use or disclosure of personal information. PUBLIC REACH INC. may also use or disclose personal information without the knowledge or consent in the case of an emergency where the life, health or security of an individual is threatened.
- In obtaining consent, PUBLIC REACH INC. shall use reasonable efforts to ensure that a respondent or employee is advised of the identified purposes for which the personal information will be used or disclosed. Purposes shall be stated in a manner that can be reasonably understood by the respondent or the employee.
- Generally, PUBLIC REACH INC. will seek consent to use and disclose personal information at the same time it collects the information; however, PUBLIC REACH INC. may seek consent to use and disclose personal information after it has been collected, but before it is used or disclosed for a new purpose
- PUBLIC REACH INC. will require respondents to consent to the collection, use or disclosure of personal information, and require that all third parties have documented proof of collection of consent.
- In determining the appropriate form of consent, PUBLIC REACH INC. will take in to consideration the sensitivity of the personal information and the reasonable expectations of it respondents and employees.
Limiting Collection of Personal Information
PUBLIC REACH INC. shall limit the collection of personal information to only that which is necessary for the purposes identified by PUBLIC REACH INC. PUBLIC REACH INC. shall only collect personal information by fair and lawful means.
- PUBLIC REACH INC. collects personal information mainly from respondents and employees
- The personal information collected is limited to email address, full name, and mailing address (when necessary for processing rewards). Additional personal information is only collected on a per study need and will be made clear to the individual(s).
Limiting Use, Disclosure and Retention of Personal Information
PUBLIC REACH INC. will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual. PUBLIC REACH INC. will only retain personal information for as long as necessary for fulfillment of those purposes.
PUBLIC REACH INC. may disclose personal information about its employees for the following reasons
- For normal personnel and benefits administration
- In the context of providing references regarding current or former employees in response to requests from prospective employers
- Where the employee consents to such disclosure or disclosure is required by law
Only PUBLIC REACH INC. employees with a business need to know, or whose duties reasonably so require, are granted access to personal information about respondents and employees.
PUBLIC REACH INC. will keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law.
PUBLIC REACH INC. will maintain reasonable and systematic controls, schedules, and practices for information and records retention and destruction which applies to personal information that is no longer necessary or relevant for the identified purposes or required by law. Such information will be destroyed, erased, or made anonymous
Accuracy of Personal Information
Personal information shall be as accurate, complete and up to date as is necessary for the purposes for which it is to be used.
- PUBLIC REACH INC. will update personal information about employees as and when necessary to fulfill the identified purposes or upon notification by the individual.
Security Safeguards
PUBLIC REACH INC. shall protect personal information by security safeguards appropriate to the sensitivity of the information
- PUBLIC REACH INC. will protect all personal information against such risks as loss or theft, unauthorized access, disclosure, copying, use, modification or destruction through appropriate security measures. PUBLIC REACH INC. will protect all data, regardless of the form in which it is held.
- PUBLIC REACH INC. will protect personal information with third parties through contractual agreements, stipulating the confidentiality of the information and outlining the purposes for which it can be used.
- All PUBLIC REACH INC. employees with access to personal information will be required to respect the confidentiality of that information.
- In the event any "Personal Data" is compromised PUBLIC REACH INC. will implement the "Escalation Process for Security Incidents" within 72 hours of detection.
Openness Concerning PUBLIC REACH INC. Privacy Policies and Practices
PUBLIC REACH INC. shall make available to its respondents, and employees, specific information about its policies and practices relating to the management of personal information.
PUBLIC REACH INC. will make information about its privacy policies and practices easy to understand, including:
- The title and address of the person(s) accountable for PUBLIC REACH INC.'s compliance with the PUBLIC REACH INC. Privacy Code, and to whom all inquires and complaints can be forwarded to.
- The means of gaining access to all personal information held by PUBLIC REACH INC.
- A description of all the personal information held by PUBLIC REACH INC., including a general account of its use
Customer and Employee Access to Personal Information
PUBLIC REACH INC. shall inform a respondent or employee of the existence, use and disclosure of his or her personal information upon request and shall give the individual access to that information. A respondent or employee shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
- Upon request PUBLIC REACH INC. shall afford respondents and employees a reasonable opportunity to review personal information in the individuals file. All personal information should be provided in an understandable form within a reasonable time and at a minimal or no cost to the individual.
- Upon request PUBLIC REACH INC. will provide an account of the use and disclosure of the personal information, and where reasonably possible, shall state the source of the information. In providing the information PUBLIC REACH INC. will provide a list of all of the corporations that it may have disclosed the information too.
- In order to protect personal information, a respondent or employee may be required to provide sufficient identification information to permit PUBLIC REACH INC. to account for the existence, use and disclosure of personal information and to authorize access to the individuals file. Any such information will only be used for this purpose.
- PUBLIC REACH INC. shall promptly correct or complete any personal information found to be inaccurate or incomplete. Any unresolved differences as to accuracy shall be noted in that individuals file.
- Respondents can seek access to their personal information by contacting a designated PUBLIC REACH INC. representative.
- Employees can seek access to their information by contacting their immediate supervisor.
Challenging Compliance
A respondent or employee shall be able to address a challenge concerning compliance with the above principles to the designated person(s) from PUBLIC REACH INC.'s compliance with the PUBLIC REACH INC. Privacy Code
- PUBLIC REACH INC. shall maintain procedures for addressing and responding to all inquiries or complaints from its respondents and employees about PUBLIC REACH INC.'s handling of personal information.
- PUBLIC REACH INC. shall inform its employees and respondents about the existence of these procedures as well as the availability of complaint procedures
- The person(s) accountable for compliance with PUBLIC REACH INC.'s Privacy Code may seek external advice where appropriate before providing a final response to the individual
- PUBLIC REACH INC. will investigate all complaints concerning compliance with the PUBLIC REACH INC. Privacy Code. If a complaint is found to be valid, PUBLIC REACH INC. shall take appropriate measures to resolve the complaint including, if necessary, amending its policies and procedures.
- A respondent or employee shall always be informed of the outcome of the investigation regarding their complaint.
- A respondent or employee may seek advice from the Office of the Privacy Commissioner of Canada at 1-800-282-1376 or inf@privcom.gc.ca and if appropriate, file a complaint with that office. However, respondents and employees are encouraged to use the PUBLIC REACH INC. internal information and complaint procedure first.
Audits and Training
- Quarterly audits of the Personal Data Handling Policy are conducted by the Data Protection Officers
- Audit programs and training programs are updated as required
- All employees receive data handling/data protection training;
- New employees receive training prior to handling any "Personal Data"
- Current employees receive annual refresher training
For additional questions please contact dataprotection@publicreach.com.