GDPR and ESOMAR

Our GDPR Guidelines

Quintana Research (henceforth mentioned as “Us” or “We”) fully abides by all the compliance measures as described under the General Data Privacy Regulation (“GDPR”).

Privacy Policy

We have prepared a Privacy Policy for all our partners, clients, and vendors to abide by the GDPR compliance measures as per industry standard.

We have a Consent Management Program in place where users have to give us their clear and explicit consent.
Users also have the right to extract their consent. They can do so by sending us an email or clicking on the opt-out option.
1. purpose of data collection;
2. the data is categorized into: transferred and non-transferred PII (Personal identifiable information), and sensitive and non-sensitive data;
3. Time and date of the consent gained from users;
4. Time and date for the modification, or objection, or erasure of the PII information;
5. Maintaining the record of EU certification (if any);
6. Record of technical details of the data collection; and
7. To record and review the results of data protection impact assessment, when required.
We have a Data Subject Access Rights procedure in place. Users can request for a copy of all the Personal Data collected regarding themselves using this procedure.
We take no more than 30 days to handle such requests.
Records of any such requests made are documented and stored correctly.
Users can send a request for the disclosure of the purpose, period, and the category of information related to recipients and with who the data is shared with by send an email to the address given in our Privacy Policy.
We have a Data Erasure Procedure in our Privacy Policy. It permits users to make requests for rectifying, erasing, or deleting their Personal Data.
Users can find the right email address to raise any related issues in the Policy.
We use pseudonymization wherever possible, aided by encryption technology, to reduce any risk to the users.
All Personal Information stored in our servers is entirely secured and encrypted.
We have a Breach Management procedure in place. The Privacy Policy has given the email address to address any such issues.
Any breaches occurred are duly documented and the supervisory authority is notified within 72 hours.
We are well prepared to perform an assessment of the impact of processing operations on the protection of personal data whenever the nature, scope, context and purpose of our processing will attract the same.
We shall designate a DPO if and when any instance arises where our central purpose requires consistent and systematic data monitoring of the users.
Our DPO will report to the CEO and/or the Board directly.
We follow industry-standard clauses for data protection in all our contracts with our vendors and customers.
We take care that our contracts do not raise any conflict with the fundamental rights or freedoms of the users.

Our ESOMAR Guidelines

Quintana Research (henceforth mentioned as “Us” or “We”) fully abides by all the compliance measures as described under the terms of ESOMAR.

Privacy Policy

We have prepared a Privacy Policy that lists down all the fundamental principles of our ESOMAR compliance.

Quintana Research takes steps to ensure that none of our data subjects get harmed as a consequence of providing their Personal Data for research.
If ever Quintana Research participates in non-research activities, such as commercial or promotional activities directed towards any of the data subjects, they shall clearly distinguish such activities as separate to the research.
Our research team will always uphold their ethical behaviour standards and not do any such thing that may harm any data subject or harm the reputation of the research study in any way.
Our research team shall limit their data collection and/or processing of personal data only till those items which are relevant to the research.
Quintana Research will always take consent from a parent or legal guardian before collecting any personal data from children.
Please note: Quintana Research currently doesn’t do any interviews with children.
During the process of data collection, the research team shall remain transparent about the information they plan to collect, the purpose for its collection, with whom the data might be shared, and in what form.
Our research team must clearly state the general purpose of the research study as soon as it is methodologically possible.
Our team must respect and honour the right of a data subject if they refuse to participate in a study.
If the team is planning to collect personal data for a research study that may also be used for some non-research purposes, then it must be clearly stated to the data subjects beforehand. They must also get the consent from the users for the non-research use.
We shall ensure that no personal data can be traced, nor can an individual’s identity be inferred via deductive disclosure.
We shall not hold the personal data of respondents any longer than it is needed for the purpose for which it was collected or used.
We shall never share the personal data of a respondent with a client; unless they have given consent for the same and also agreed to the specific purpose of its usage.
If the personal data has to be transferred to any other service providers, then Quintana Research must ensure that the recipients implement the same levels of security measures.
Our Privacy Policy notice is easily accessible to all data subjects and is easy to comprehend.
If a data breach occurs of any personal data, Quintana Research has a duty of care towards the violated test subjects. We follow all applicable data breach notification laws.
Our team designs market research as per the specifications and quality agreed to by the client and in accordance with the guidelines.
We provide our clients with optimum technical information related to the research so that they can assess the validity of the results and any conclusions drawn.
We ensure that our research findings and consequent interpretations are clearly and adequately supported by data.
We allow clients to conduct independent checks on the quality of our data collection and data preparation on special request.
When publishing research findings, we make sure that the public gets access to enough basic information so they can assess the quality of the data used and the validity of the conclusions.
If requested, Quintana Research can provide additional technical information that will help assess the validity of any published findings; unless we are contractually prohibited.
When the client plans to publish the findings of a research project, we ensure that they are consulted as to the form and content of publication. Both, we and the client have a responsibility to ensure that published results are not misleading.
Quintana Research team remains honest, truthful and objective and we ensure that our research is carried out in accordance with appropriate scientific research principles, methods and techniques.
We always behave ethically, and we do not do anything that unjustifiably damage the reputation of research or lead to a loss of public confidence in it.
We conform to all applicable international and national laws, and local codes of conduct and professional standards or rules.