Privacy Policy
Last Updated: October 4, 2023.
In General
Respondent, Inc. ("we" or "us") values our users and respects their privacy. This privacy policy ("Privacy Policy") governs our collection and use of data in connection with our website (the "Site"), our applications, and any services we offer (collectively, the "Services"). Terms capitalized but not defined in this Privacy Policy shall have the meaning ascribed to them in our Terms of Use. This Privacy Policy sets forth the nature, purpose, use and sharing of any information that identifies or can be used to identify you, the visitors to the Site, and users of our Services ("Personal Information"). This Privacy Policy does not govern privacy practices associated with offline activities, websites other than ours, or practices of third parties that we do not own or control, such as our partners, third party service providers featured on the Site or in the Services or advertisers. If you have objections to the Privacy Policy, you should immediately discontinue use of the Services and follow the procedure described in the section entitled "Opting-Out or Updating Your Personal Information and Privacy Preferences." We do not knowingly collect any Personal Information from anyone under 16 years of age. If you are under age 16, please do not provide any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 16, we will delete that information as quickly as possible. If you believe that we might have any Personal Information from a child under the age of 16, please contact us immediately.
Changes in Privacy Policy
Any Personal Information that we collect and maintain will be subject to this Privacy Policy, as amended from time to time. We may change the Privacy Policy at our sole discretion. However, if at any time we make material changes to the Privacy Policy, we will notify you of those changes on the Services and through the publishing of an updated Privacy Policy. We will highlight any material changes to the Privacy Policy (the information we collect, how we use it or why) at the top of the Privacy Policy. If as the result of such changes you want to alter the ways in which we are allowed to use your Personal Information, you can do so by following the procedure described in the section entitled "Opting-Out or Updating Your Personal Information and Privacy Preferences."
CCPA and GDPR
As of January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) is in full effect. The CCPA, together with the EU’s General Data Protection Regulation (“GDPR”) governs the collection and processing of Personal Information belonging to our customers. This Privacy Policy details how we comply with the CCPA, and your acceptance of this Policy by continued use of the Site and Services shall constitute your agreement to comply with the CCPA in all respects as well. Generally, this means that we will only collect and process your Personal Information in ways that you agree with (as we set out in this Policy), and if we transmit your information to any other third party, we shall ensure that they process your information for the sole purpose for which it was transmitted to them and that you are aware of such needs. We do not sell your information. You agree that you will only use the Site and Services if you agree with this Privacy Policy (and the Terms of Use), and you agree that if you would like to exercise your rights under the appropriate data protection rules, you will follow the procedures outlined in the CCPA, the GDPR, or as indicated in this Policy. We take data protection and security very seriously, and shall keep you updated as to significant shifts in our collection or processing, or the legal framework under which we operate.
Collection of Information
- We collect the Personal Information you give us when you register with the Site or use the Services, including name, address, credit card or bank information, and other Personal Information requested as part of your use of the Site or the Services, or the information you choose to give us when you use the Services.
- We collect Personal Information through your LinkedIn or Facebook account when you register with such account on our Site. This includes information on your professional background and experience.
- We collect and process special categories of Personal Information with your explicit consent. When you register, we will ask you to provide data regarding, age, race and ethnicity. You are not obliged to provide this information and you will still be able to use the Services if you do not provide this information.
- We automatically collect certain kinds of information from you when you use the Site or the Services, including device, browser type, operating system, CPU speed, referring or exit webpages, click patterns, Session ID, and your computer’s IP address. We use cookies or similar techniques to collect this information.
- We may supplement or correct the Personal Information you submit to us with information in our other databases or information from third-party sources in order to reduce errors in our database, authenticate our users, prevent fraud and prevent abuse of our Site, as well as to provide more consistent, relevant experiences to our users.
- We may collect general information about use of the Site and the Services, such as what pages visitors access, the number of visits, average time spent on the Site and other similar factors. We use cookies or similar techniques to collect this information. This information is generally collected in aggregate form, without identifying any user individually, although IP addresses and Session ID in relation to downloads may be tracked as part of our fraud prevention efforts.
Location-Based Services
Some Services may contain functionality that can enable us to access your location and tailor your experience based on your location ("Location-based Services"). We only process location data with your prior consent. To use Location-based Services, you must enable certain features of your mobile device (e.g., GPS, WiFi, or Bluetooth) to allow us to identify your location. To the extent your location is collected through Wi-Fi or Bluetooth sensors, such sensors, and the associated data services, may be provided by a third party that may access such information for the purpose of providing such data services to us. You may enable or disable such Location-based Services at any time on your device. If you choose to disable any Location-based Services on your device and/or opt out of any Location-based Services through the menu, you will not be able to utilize certain features of the Services. By enabling Location-based Services on your device, you agree and acknowledge that (i) device data we collect from you is directly relevant to your use of the Services, (ii) we may provide Location-based Services related to and based on your then-current location, and (iii) we may use any such information collected in connection with the provision of Location-based Services in providing the Services. PLEASE NOTE THAT LOCATION DATA MAY NOT ALWAYS BE ACCURATE, AND WE DISCLAIM ANY AND ALL WARRANTIES RELATED TO LOCATION-BASED SERVICES.
Subject to your separate consent, we may use your location to provide you with advertisements, offers, and other promotional content as part of the Services.
How Your Information is Used
Except as provided herein, we collect and use your personal and non-personal information for internal purposes only or for gathering aggregate and anonymized data. We may use your information in the following ways:
- To provide the Services, including sharing your personal data with our customers (legal basis: the processing is necessary for the performance of the contract between you and us). Our matching algorithm matches respondents with suitable research studies based on the personal information we process from you.
- To share data regarding race and ethnicity with our customers for the purposes of ensuring (i) you receive suitable requests for research studies and (ii) our customers reach the right target audience. We will only share data regarding race and ethnicity with your explicit consent, which we will ask when we first collect this information from you.
- To conduct routine business operations such as billing, identification, authentication, contact purposes and general research. As part of our routine business operations, we may transfer your Personal Information to certain third parties with whom we contract for the limited purpose of providing services such as web hosting, email, and credit card processing. These service providers qualify as processors within the meaning of the CCPA and the EU General Data Protection Regulation (GDPR) and are obligated to protect your information, and they do not use your Personal Information for their own commercial purposes. We have entered into written processor agreements with these services providers (legal basis: the processing is necessary for (i) the performance of the contract between you and us; and (ii) the purposes of our legitimate interests, balanced against your interests and rights and freedoms).
- To employ internal marketing techniques such as tracking customer preferences to provide a customized Site experience and communicating with you about Services, special offers, and other services. This includes the use of Google Analytics (legal basis: the processing is necessary for the purposes of our legitimate interests, balanced against your interests and rights and freedoms).
- To enhance the Services, including by providing proof to our customers that you have certain competencies, for example based on your LinkedIn profile (legal basis: the processing is necessary for the purposes of our legitimate interests, balanced against your interests and rights and freedoms).
- To gather generic product, location and other contributed information to make reports based on aggregate anonymized data, which we may use internally, or which we may sell to others This processing is necessary for the purposes of our legitimate interests, which we have balanced against your interests and rights and freedoms. You are free to opt-out of these third-party disclosures, and we will honor all requests for opt-outs received at security@respondent.io to the extent that we can still differentiate and remove your personal information. Information that has been depersonalized and aggregated to the point where it is no longer attributable to you may not be removable from our disclosures to third parties.
- To use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
- To comply with court and governmental orders (legal basis: the processing is necessary for the purposes of our legitimate interests, balanced against your interests and rights and freedoms).
- We may also ask your separate consent for additional ways to process your personal data, for example to provide you with advertisements, offers, and other promotional content, or when we want to process your location data (legal basis: your consent).
Tracking, Use of Cookies, Web Beacons and Similar Devices
In order to improve our Products and the App and provide more convenient, relevant experiences to our users, we and our agents may use "cookies," "web beacons," and similar devices to track your activities. A cookie is a small amount of data that is transferred to your browser by a web server and can only be read by the server that gave it to you. It functions as your identification card and enables us to record your passwords and preferences. It cannot be executed as code or deliver viruses. A web beacon is a small transparent .gif image that is embedded in an HTML page or email used to track when the page or email has been viewed. Most browsers are initially set to accept cookies, and most services that include similar devices are typically initially activated to collect data. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. We do not support browsers’ Do Not Track features. You can enable or disable Do Not Track by visiting the preferences or settings page of your browser.
Protecting Your Information
- We use a variety of security measures, including SSL, encryption, and authentication tools, to help protect your information. It is your responsibility, however, to maintain security of any Link you receive when using the Services.
- We do not retain your Personal Information for longer than is necessary for our business purposes. When we no longer need your Personal Information, we dispose of it in a commercially reasonable manner. We will not retain your personal information for more than three years.
Disclosure to Third Parties
We will not share your Personal Information with third parties without your consent, except in the limited circumstances described below:
- We may share your Personal Information with our third party service providers for the limited purposes described in the section entitled "How Your Information is Used."
- We will share your Personal Information with our customers to ensure (i) you receive suitable requests for research studies and (ii) our customers reach the right target audience.
- We will share your Personal Information when required by law, regulation, or litigation, and as necessary for purposes of national security, law enforcement, or other issues of public importance.
- If we sell assets or are acquired by or merged with another entity, we may provide such entity customer information without obtaining your further consent. We may provide notice of such asset sales, acquisitions, or mergers on the Site.
Your Choices
- If at any time you are uncomfortable with our use of your Personal Information for internal marketing purposes, you may opt-out as described in "Opting-Out or Updating Your Personal Information and Privacy Preferences." Note that if you opt not to provide us with certain mandatory information, then our Services may be unavailable to you.
- You may similarly opt out of receiving communications from us, but you will continue to receive communications regarding your use of the Services (e.g. when you have decided to participate in a Project).
- For our websites, you may set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Site may then be inaccessible or not function properly.
Opting-Out or Updating Your Personal Information and Privacy Preferences.
In order to exercise the rights found in this Privacy Policy relating to your Personal Information, or if you would like more information about how and why your Personal Information is collected as per CCPA and related laws, you may use any of the following methods. We shall answer all enquiries and requests as soon as we are able, but in no event in more than 45 days.
- You may email us at security@respondent.io. In your email, please clearly state your name, account email, and your request vis a vis your data. This may include requesting that we delete some or all of your Personal Information; that we edit or make changes to your Personal Information that we are storing; or that you are choosing to opt-out of some or all of the disclosures to third parties listed in this Policy. Please note that choosing to opt out of those disclosures may result in the Services no longer being available to you.
- You may change your Personal Information available on the platform at any time by visiting your account preferences.
Should you choose to exercise your rights pursuant to this Policy and applicable law, you are entitled to being treated the same as all other customers who have not exercised this right. This means that should you choose to opt-out of marketing or other communications of that nature, we will not increase the price of or otherwise change the Services. However, should you choose to opt out of all disclosures to third parties or delete certain Personal Information required to provide the Services, we may no longer be able to provide you the Services, as the Services are dependent on your consent to have your Personal Information shared with researchers and customers.
Notice to EU citizens
In accordance with the applicable laws in the European Union, you have the following rights with respect to your personal data, which apply differently in different circumstances: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability and right to object to processing. Most of these rights are not absolute. Below we describe these rights in more detail and provide information on how you can exercise them. If you make a request to exercise your rights, we will respond within one month, but have the right to extend this period by two additional months, where necessary. If we extend the response period, we will let you know within one month from your request.
Information for Users Outside the United States
Any information that we collect is transferred to, stored in, accessed from, and processed in the United States or other jurisdictions in which we or our service providers maintain facilities for the purposes described in this Privacy Policy. You understand that these jurisdictions may have different data protection regimes than in the country in which you are located. By using the site or Services, you consent to such transfer and processing of your information. Where legally required, we will use an adequate transfer method. For example, if we transfer your personal data out of the European Economic Area, we implement appropriate safeguards in accordance with applicable law (such as the EU Standard Contractual Clauses). If you need more information, please email us at security@respondent.io.
Queries Regarding Data Protection
Respondent's Principal Engineer is designated as the data protection officer ("Data Protection Officer") who is responsible for our compliance with and enforcement of this Privacy Policy. The Data Protection Officer is available to answer questions from any employees, website visitors, customers, business partners, vendors, or others who may have questions concerning this Privacy Policy or our data security practices. Respondent's Data Protection Officer may be contacted at: security@respondent.io.