Privacy Policy

TOUCHSTONE RESEARCH INC.

PRIVACY POLICY

This Privacy Policy was updated on February [X], 2020.

Touchstone Research, Inc. (collectively with its affiliates, subsidiaries and divisions, together “Touchstone Research” or “TSR” or “we” or “us“) is firmly committed to ensuring the privacy of those customers (“Clients” or “you”) who use the TSR website and to individuals who participate in our research activities (“Research Participants” or “you”) on or through the websites or platforms owned, maintained or licensed by TSR, including but not limited to:  panelpolls.com, familyopinions.com, espnfanadvisors.com, americangirlforum.net, mobilegamesfeedbackpanel.com, disneyaic.com, and childresearch.com (collectively “Sites”) and other TSR-related Sites, apps, survey software or other feedback tools, offline and online communications and services (“Services”). This Privacy Policy applies where referenced and to the Sites and apps where it appears.  By using our Services or visiting our Sites, you agree to our Privacy Policy. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SITES OR SERVICES.

TSR is a full-service marketing research firm that has been providing quantitative and qualitative market research services for clients for over 25 years.  We at TSR have always cared deeply about the privacy and security of data from our clients and Research Participants.  This Privacy Policy explains how we collect, store, use, and disclose information that we receive from you via our Sites or Services, including the associated online opinion panels, community discussion boards, forums, blogs, member generated polls, chats, etc. (“Panel“).

TSR adheres to the EU-US and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce, under the enforcement authority of the Federal Trade Commission, regarding the collection, use, and retention of personal information from the European Union member countries.  TSR adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this Privacy Policy or any policy on our website and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/.

 

This Privacy Policy is provided in a layered format so you can click through to the specific areas set out below:

  1. Information we collect and how it is used
  2. Who we share your information with
  3. How long we retain your information
  4. What rights you have over your information
  5. Where your information is used
  6. Privacy Rights for California Residents
  7. How we protect your information
  8. Third Party Links
  9. Parent/Family Research Participation Information & COPPA Compliance
  10. Changes to this Privacy Policy
  11. Contact Us

 

  1. Information We Collect & How it is Used

Our Clients’ Information

You may choose to provide us with your personal contact information on our Contact Form, when subscribing to our Tech Savvy Researcher Newsletter and when commenting on our blog articles.  This information includes, your: name, email address and phone number.

We collect this information with your consent and use your contact information to connect with you when you ask us to do so.  We may also use your contact information to tell you about changes to this Privacy Policy.

Our Research Participants’ Information

As a Research Participant, the collection, use and sharing of your personal data is subject to this Privacy Policy (which includes our Cookie Policy and other documents referenced in this Privacy Policy) and updates. When you visit or use any of the TSR Sites or our Services, you may share and/or we may automatically collect information that identifies you personally. As used in this Privacy Policy, “personal information” means information that relates to, identifies, describes or could reasonably be linked (directly or indirectly) with a consumer or device, this includes:  your name, postal address, email address and phone number, your device IDs, IP address, cookie data and other information that may be used to identify your device or browser; demographic information, such as your age, gender, and race; and sensitive categories of information, such as your political opinions, and religious or philosophical beliefs.

Generally, we collect your information when you provide it to us by visiting the TSR Sites and/or using our Services. This may include registering for an account on our Site, filling out surveys, joining/participating in online research communities, participating in qualitative sessions, joining a research Panel/recruitment data base, or otherwise volunteering or providing information about yourself.

You have choices about the information you provide. You don’t have to provide additional information; however, certain information may be required in order to participate in certain research activities. You can choose not to provide us with that information; however, you may not be able to participate in our Panels or use the Sites, and we may not be able to provide you with our Services as a result.

In addition to the information referenced above, we also collect other information, that may be considered personally identifiable, when you visit the Sites and use our Services, or when we conduct business transactions with our partners and third-party vendors and Trust Service Providers.

Cookies, Logs & Digital Finger Printing

Cookies.  Cookies are small information files that are placed on your computer when you visit a website.  TSR uses both “session cookies” and “persistent cookies.”  A session cookie remembers your preferences for a single site visit, while a persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the site. These persistent types of cookies can be removed. Each web browser implements different functionality, so please refer to the manuals or technical support resources that are available in conjunction with your web browser to learn the correct way to modify your cookies set-up.  If you decide to block one or more cookies, the website may not function correctly, also survey functionality may be impaired.

Our Sites use Google Analytics, a service which transmits website traffic data to Google servers in the United States.  Google Analytics does not identify individual users or associate your IP address with any other data held by Google.  We use reports by Google Analytics to help us understand website traffic and website usage.   To opt-out of Google analytics, please click here – https://tools.google.com/dlpage/gaoptout.

You can also opt-out of cookies in the preferences or options menus of your browser. If you decide to block one or more cookies, the website may not function correctly, also survey functionality may be impaired.

The information collected from cookies on the Site is used for our legitimate business interests. We use cookies on the Sites to:

  • determine how visitors to our site engage with and navigate our site, what websites users visit before visiting our site, how often they visit our site, and other similar information. This helps us improve our site and the content we display to our visitors.
  • determine the type of operating system and browser that you and other visitors to our site are using. Some of the surveys we design will work best with certain kinds of browsers or may require certain other software to be installed, so we use this information to determine whether a participant’s computer is capable of displaying those questionnaires.
  • facilitate surveys including preventing individual users from taking any given survey more than one time.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org, or www.aboutcookies.org.

Log Files.  Web servers use log files to record data about our website visitors’ movement on the site. This is common for many websites and is used to analyze site visitor website interface and produce website traffic statistics. This information typically includes:

  • the IP address of each visitor
  • the time of the visit
  • browser type
  • ISP
  • pages visited.

The log file may also keep track of what resources were loaded during each visit, such as images, JavaScript, or CSS files. The purpose is not to identify individual visitors but to monitor site traffic and trends.

Digital Fingerprints.  Generally, digital fingerprinting technologies assign a unique identifier or “Machine-ID” to a user’s computer to identify and track the computer. We analyze publicly available information and data obtained from the computer’s web browser and from other publicly available data points, including, without limitation, the technical settings of the computer, the characteristics of the computer, and the computer’s IP address, to create a unique identifier assigned to the computer.

For data quality control purposes (e.g. identifying fraudulent respondents), security, and related purposes, Touchstone Research will:

  • link or associate your unique identifier to you and any of your personal information;
  • share your unique identifier with our clients and with other sample or panel providers;
  • receive or obtain a unique identifier linked to you from a third party, including without limitation a sample or panel provider or a client of Touchstone Research.

Unaffiliated Vendors.  Touchstone Research uses vendors for data quality control purposes, including but not limited to:

  • Imperium (RelevantID®, Verity® and RealAnswer® Technology): Digital fingerprinting, address verification and survey quality checks
  • Xverify: Email and address verification

Any unique identifier(s) received or obtained by TSR and linked to a specific individual will be protected in accordance with this Privacy Policy.

Do Not Track (DNT).  Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, and our website is not currently set up to respond to those signals for tracking on our website.

 

  1. Who we share your information with

Our Clients’ Information

We share your information with the service providers we engage to perform services on our behalf, including the companies that help us manage our customer contact information and provide the Site.  These companies are contractually obligated to use your information solely on our behalf in connection with providing services to us.

We do not sell or rent Clients’ personal information to unaffiliated parties.

Our Research Participants’ Information

We may share Research Participants’ information with the following:

  • Rewards and incentive programs
  • Fulfillment (mailing) houses in order to send gifts or prizes to Research Participants
  • Vendors we hire to help us with data management/processing or companies that work on studies on behalf of or in collaboration with us.
  • Vendors who we hire to perform quality control on our behalf, to validate and ensure research participants authenticity and to protect against fraud and for our purposes.

We will also share your personal information:

  • In the event of a sale of all or part of our business, we will share your personal information with prospective buyers.
  • To fulfil a legal obligation, including to protect ourselves or our members, enforce our Terms of Use, or in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. We may attempt to notify Research Participants about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge any demand or inquiry.
  • With our Clients or unaffiliated parties for security purposes, including, for monitoring the proprietary and confidential information of our Clients. For instance, TSR’s Clients may disclose confidential and/or proprietary content (e.g., concepts, ideas, ads, videos, creative content, etc.) to you as part of surveys, online communities, qualitative sessions and other research activities which you may not disclose or use for any purpose except for the sole purpose of completing the research activity. If you fail to comply, we may share your information with our Client or other unaffiliated parties for enforcement purposes which may include pursuing legal action.
  • In addition to security purposes, with our Clients as described in this Privacy Policy, or as otherwise described to you (for example if you are selected to participate in a qualitative study such as a focus group).
  • To unaffiliated parties in accordance with this Privacy Policy or where we have your express permission to do so.

If you use the Community Features such as the Community Forum Area on our Site to post blogs, bulletins or chat with fellow community members, you should be aware that any personal information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums. If you give permission for your child to participate in a community activity such as a forum on our Site that permits minors’ participation, the community rules will forbid members from posting personal information, you must instruct your child not to post personal information and to abide by the Rules of the community. We may remove personal information submitted in these community activities once we become aware of it but we are not responsible for the personal information submitted in these forums.

TSR shall remain liable under the EU-US Privacy Shield Principle of Accountability for Onward Transfer if its subprocessors process your Personal information in a manner inconsistent with the Privacy Shield Principles, unless TSR proves that it is not responsible for the event giving rise to the damage.

 

  1. How long we retain your information

We make efforts to ensure that personal information we receive, process, or maintain is accurate, complete, and reliable. We rely on the accuracy of the information provided directly to us but accept responsibility for the management and confidentiality of the personal information collected. In general, we keep personal information as long as we need it for our legitimate business purposes. For example, we may retain personal information for any period required by law or to comply with our legal obligations, protect intellectual property, prevent fraud, resolve disputes, and enforce our agreements.

 

  1. What rights you have over your information

You may request to opt out of any future contacts from us at any time.

We maintain processes or mechanisms to allow you to do the following at any time:

  • See what data we have about you, if any.
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.

You may make changes to your account information, access, correct, or delete personal information held by TSR by contacting us at:

Touchstone Research, Inc.
Attn:  Travis Santa, Privacy Officer

470 James Street, Suite 007

New Haven, CT 06513

Email:  [email protected]

 

Research Participants can also access personal information about themselves by clicking [here] to fill out a Subject Access Request Form, using the Contact Us page on the Site or sending a letter to the mailing address listed in the Contact Us section of this Privacy Policy, they can review the personal information about themselves and their household, update, correct the data, or indicate that they wish to withdraw from participation in a Panel. You may be asked to verify your identity, including by providing your full name or email address. There are no costs to you for exercising your right to access your personal information, or to request further information on our Privacy Policy or practices.

EU & Swiss Citizens

In compliance with the EU-US and Swiss-U.S. Privacy Shield Principles, TSR commits to resolve complaints about your privacy and our collection or use of your personal information.  European Union individuals with inquiries or complaints regarding this Privacy Policy should first contact TSR at:

Touchstone Research, Inc.
Attn:  Travis Santa, Privacy Officer

470 James Street, Suite 007

New Haven, CT 06513

Email:  [email protected]

We have appointed DP-Dock in Germany to act as our GDPR representative in the EU. Our representative can be contacted as follows:

Email: [email protected]

DP-Dock GmbH
Ballindamm 39
20095 Hamburg
Germany
Tel: +49 (0) 40 99999 – 3430
Fax: +49 (0) 40 99999 – 3332
www.dp-dock.com

TSR has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the INSIGHTS ASSOCIATION PRIVACY SHIELD PROGRAM, a non-profit alternative dispute resolution provider located in the United States and operated by the Insights Association.  If you do not receive a timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.insightsassociation.org/get-support/privacy-shield-program/privacy-shield-eu-swiss-citizens-file-complaint for more information and to file a complaint.  These dispute resolution services are provided to you at no cost.

If your complaint is not resolved after following the recourse mechanisms described above, you may have the ability, under certain limited conditions, to invoke binding arbitration before the Privacy Shield Arbitration Panel.

TSR further commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.

 

  1. Where your information is used

We collect and receive data from inside and outside of the United States.

To ensure that EU personal data is adequately protected when transferred outside the EU, the Data Protection Directive 95/46/EC and, as of May 25, 2018, the General Data Protection Regulation mandate that such transfers take place using certain legal mechanisms described in this EU Data Protection Unit FAQ.

We will use European Commission-approved Standard Contractual Clauses as a legal mechanism for data transfers from the EU. As explained in the EU Data Protection Unit FAQ, these clauses are contractual commitments between companies transferring personal data, binding them to protect the privacy and security of the data. We use Standard Contractual Clauses so that the data flows necessary to provide, maintain, and develop our Panels take place legally.

We have appointed DP-Dock in Germany to act as our GDPR representative in the EU. Our representative can be contacted as follows:

Email: [email protected]

DP-Dock GmbH
Ballindamm 39
20095 Hamburg
Germany
Tel: +49 (0) 40 99999 – 3430
Fax: +49 (0) 40 99999 – 3332
www.dp-dock.com

 

  1. Privacy Rights for California Residents

California residents have the following rights provided to them under the California Consumer Privacy Act (CCPA):

  • Notice of Categories of Personal Information

California residents have the right to request that TSR provide notice of the categories of personal information we have collected from you.  You have the right to know the categories of sources from which the personal information has been collected, the business or commercial purpose for collecting or selling personal information, and the categories of third parties with whom your personal information is shared.  For more information, please consult our Notice of Collection of Categories of Personal Information which contains a list of categories of Personal Information collected, used, disclosed and/or sold to third parties for a business or commercial purpose.

  • Right to “Know/Access” Personal Information Collected and Right to Deletion

California residents have the right to request what personal information has been collected from them as well as the right to have their personal information deleted.  You can make this request by contacting us at:

Touchstone Research, Inc.
Attn:  Travis Santa, Privacy Officer

470 James Street, Suite 007

New Haven, CT 06513

Email:  [email protected]

Research Participants can also access personal  information about themselves by clicking [here] to fill out a Subject Access Request Form, using the Contact Us page on the Site or sending a letter to the mailing address listed in the Contact Us section of this Privacy Policy, they can review the personal information about themselves and their household, update, correct the data, or indicate that they wish to withdraw from participation in a Panel. You will be asked to verify your identity, including providing your full name or email address.

Research Participants can also request that their personal information be deleted by clicking [here] to fill out a Subject Access Request Form, using the Contact Us page on the Site or sending a letter to the mailing address listed above. You will be asked to verify your identity before we can honor your request.

Please note that any request to delete or access personal information will only apply to the 12-month period preceding the request, and you are entitled to place a request for access to your personal information no more than twice in any 12-month period.

    • Right to Opt-out of the “Sale” of your Personal Information

 

The CCPA broadly defines the “sale” of Personal Information to include renting, releasing, disclosing, transferring or making available information in exchange for monetary as well as non-monetary consideration.

In connection with our research related services, we may, from time to time, provide some personal information about you to our Clients or our service providers, such as your contact, demographics or professional information  and this may be deemed a “sale” under CCPA. As a result, we may sell the personal information of minors under 16. However, it is against our policy to sell the personal information of minors without affirmative authorization. We require the parent or guardian of minors under the age of 16 to complete a form authorizing us to share their personal information with others for purposes of our research related services.

Research Participants can opt-out of the “Sale” of their personal information online by clicking [here] and selecting the “Opt-Out of Sale” option in the Form), using the Contact Us page on the Site, or by sending a letter to the mailing address listed above.

  • Right to Non-Discrimination

California residents have the right not to receive discriminatory treatment by TSR for exercising their rights under the CCPA.  Please note that certain exercises of your rights may prevent TSR from providing certain services to you.

  • Right to Use an Authorized Agent

You have the right to designate an authorized agent to make a request under the CCPA on your behalf. To designate an authorized agent, contact us using the Contact Us form on the Site or send a letter to the mailing address listed above.  In order to verify you have authorized an agent we will require a signed, written authorization from you.

 

  1. How we protect your information
  • We use physical, electronic, and managerial procedures to safeguard and secure the information we collect online and to protect your personal information, including email address, from loss or theft, unauthorized access, disclosure, copying, use or modification
  • We have an extensive rights management for Touchstone Research, team members, clients and authorized vendor/client staff. Access is password protected and on a “need-to-know” basis.
  • Security includes SSL (HTTPS) authentication and encryption for data transmission. Servers are kept in secure access (logged) controlled data center, fully air-conditioned, fire doors and nitrogen firefighting appliances. All server systems are connected to each other and to the Internet with a maximum performance of 155 Mbit.

Although we take reasonable precautions to protect the information that we collect, no data transmission over the Internet can be guaranteed to be 100% secure. The Internet by its nature is a public medium, and we encourage you to use caution when disclosing information online. Once we receive your transmission, we make our best effort to ensure its security on our system; however, we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk.

 

  1. Third Party Links

Our Sites contain links to other sites that are not owned or controlled by TSR.  TSR is not responsible for the privacy practices of other websites. We encourage you to be aware when you leave our Sites, and to read the privacy statements of any website that collects personally identifiable information.

 

  1. Parent Research Participants: Family Participation

TSR is committed to securing the privacy of minors, including complying with applicable laws such as the Children’s Online Privacy Protection Act (COPPA). Children under 13 cannot participate in our research studies without parental/legal guardian consent. TSR is a member of the kidSAFE Seal Program.

The kidSAFE Seal Program is an independent safety certification service and seal-of-approval program designed exclusively for children-friendly websites and technologies. As a participating member in the Program, TSR adheres to the strict information collection, use and disclosure requirements set forth by the Program. The kidSAFE certification seal posted on this page indicates that TSR has established COPPA compliant privacy practices and has agreed to submit to kidSAFE’s oversight and consumer dispute resolution process. The “kidSAFE+ COPPA” Seal, which is an FTC-approved COPPA certification program, means kidSAFE has verified our compliance with the Program’s additional “COPPA Privacy Rules”. These rules are modeled after the Children’s Online Privacy Protection Rule, a U.S. federal privacy law commonly referred to as “COPPA” or the “COPPA Rule”.

 

  1. Changes to this Policy

If we decide to change our Privacy Policy, we will post those changes on our Sites, and we may also email you, or put a notice on other places we deem appropriate so that you are made aware of the changes.  We will obtain prior parental consent if any changes we make to this Policy affect users under the age of 13 in a way that requires such consent under COPPA.  We reserve the right to modify this Privacy Policy at any time, for any reason, at our sole discretion, so please review it frequently.

 

  1. Contact Us

If you have questions or concerns about our Privacy Policy that aren’t addressed above, you can contact us by calling: 1-800-409-2665, or simply click here, or write:

Touchstone Research, Inc.
Attn:  Travis Santa, Privacy Officer

470 James Street, Suite 007

New Haven, CT 06513

Email:  [email protected]