Kantar Health Privacy Policy

View this policy in Slovenský, Čeština, Magyar, Français, Deutsche, Español, italiano, 한국어, PolskiePortuguês简体中文, or 繁体中文。

Last updated: 2 August 2018, Version 7.

1.  Introduction

This Privacy Policy is provided by Kantar Health.  The specific legal entities that act as controller of your personal data and are defined as “Kantar Health”, “we” or “us” for the purposes of this Privacy Policy are:

Our trading names are Kantar Health or Evidencias, our legal entities include Kantar Health LLC, Kantar UK Ltd, Kantar Health SAS, Kantar Health GmbH, Kantar Health, SAU, Kantar Health Srl, Kantar Health s.r.o., Classe Assistencia Medica Ltda., Focus Assistencia Medica Ltda., TNS India Pvt Ltd, Korea legal entity name is Kantar Korea Ltd., TNS China Co., Ltd. Shanghai Branch, Kantar Singapore Pte. Ltd., Kantar Taiwan.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us on www.kantarhealth.com (“our site”), or in our studies, will be processed by us. Taking part in our surveys and research is entirely voluntary. Please read this Privacy Policy carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of this Privacy Policy, “personal data” means any information which relates to an identifiable living individual.

2.  Lawful Collection and Use of Data

Kantar Health collects information in several ways from different parts of our site, our mobile application and other activities such as social media, apps and online, face to face or telephone studies.

The main purposes for which we use your personal data are to:

  • Contact you for studies via email, through mobile notifications or texts or any other proposed communication options
  • Inform you of updates to our services, new features and details relevant to you through communications
  • Select you for future studies
  • Help you when you contact our support team
  • Allow us to reward you with the promised incentives
  • Protect Kantar Health from fraudulent behaviour
  • Prevent multiple entries in studies by the same individuals (in line with our Terms and Conditions)
  • Update, enrich and clean our database to improve our usage of data, allowing us to better select you for studies and receive communications

We have set out below more detailed information about how we use your personal data. We are also required by law to explain the legal basis for processing your personal data. These legal bases are listed below and could be different for each use case:

  • we have your consent for the use of your personal data
  • we need to use your personal data in order to perform a contract with you
  • we need to process your data to comply with a legal obligation
  • we need to process your data in order to protect your vital interests or someone else
  • the processing is necessary to perform a task in the public interest or
  • the use of your personal data is necessary for our (or our clients’) legitimate interests (in which case we will explain what those interests are).

We will never misrepresent ourselves or what we are doing. If you receive an email that concerns you, purporting to be from us, please let us know as shown below in ‘How to Contact Us’.

We will never misrepresent ourselves or what we are doing. If you receive an email that concerns you, purporting to be from us, please let us know as shown below in ‘How to Contact Us’.

Case

Purpose

Data collected/processed

Market Research

To understand your views about certain products and services or to understand your behaviour in different situations

Identifier, contact details, email address, voice, image, opinion

Scientific Research for academics, public health organisations or Research Council institutes

Including but not limiting to clinical studies, health economics and outcomes research (HEOR), non-interventional studies (NIS), real world research (RWR), observational studies, epidemiology research

Identifier, contact details, email address, health data, e.g. disease, health status, diagnose, treatment pattern, unmet needs

Scientific Research for commercial companies and charitable research organisations

Including but not limiting to clinical studies, health economics and outcomes research (HEOR), non-interventional studies (NIS), real world research (RWR), observational studies, epidemiology research

Identifier, contact details, email address, health data, e.g. disease, health status, diagnose, treatment pattern, unmet needs

Safety monitoring (Pharmacovigilance Adverse Events Reporting)

Report Adverse Events during our studies to competent authorities

Identifier, contact details, email address, disease, treatment, product taken and adverse events

Public Disclosure

To share or disclosed pursuant to judicial or other government subpoenas, warrants, orders or pursuant to similar and other legal or regulatory requirements, we will provide such information to the appropriate authorities.

Identifier, name, contact details, email address, incentive received.

Fraud Protection

Protection of our business interests against fraudulent behaviour or behaviour not in line with our Terms and Conditions

IP address, browser specifications, device specifications, postal addresses, email addresses, official identification number (i.e. ME number)

Survey Participation Uniqueness

Prevention of multiple entries in surveys by the same individuals in line with our Terms and Conditions

IP address, browser specifications, device specifications

Tracking of the Answers of Recurring Respondents (special research design projects)

When you participate in our surveys, we typically use a temporary ID which makes your answers in the survey anonymous to our clients. However, some of our clients have the specific research design need to understand how your opinion has evolved over a period of time. For this specific project type that we call "tracking" projects we will use persistent IDs and we will make this clear at the beginning of each of these surveys. Your survey responses will be considered as personal data and you will have the right to access them. Such projects will contain a notice on the very first page of the survey, so that you can identify them and decide whether or not to take part.

Persistent unique project-specific identifier

Data Matching and Enrichment

We enrich the data we hold on file about you by matching your personal data with third parties. This will help us to improve your panel profile and ensure that we select relevant surveys for you.

We utilize matching services (i.e. third parties who are specialized in data management) to acquire additional information about you from public and private data sources (such as social networks, retailers and content subscription services with whom you have an account) or to use your personal data as an aid to develop additional or new types of anonymous data sets (i.e. we compile your aggregate data with data from other consumers to create a new lifestyle segment). The matching service (our partner) holds the personal data we share for a short time, uses it to assemble the additional information, and then return the combined information to us. Partners are contractually bound to delete the data we share with them or and are not authorised to use it in any way other than for this specific purpose.

Persistent unique identifier, contact details, email address, social login, cookie, mobile device ID, official identification number (i.e. ME number)

Advertising Targeting and Media Buying Research

We use your personal data to help our clients and vendors enrich their data by using lookalike modelling techniques.

Thanks to your participation in our surveys and your profile data, we can help our clients to improve their advertising targeting, and to create better online advertising models, through lookalike modelling or similar research methodologies. We will use your personal data we collect about you through profile building, participation in research surveys or data matching to match with third-parties and platforms (our partners).

We include contractual safeguards to ensure that you will not automatically be targeted for commercial purposes as a result of your data being used to help create a lookalike audience, and that our partners cannot use your data for any other purpose.

Persistent unique identifier, contact details, email address, social login, cookie, IP address, mobile device ID, official identification number (i.e. ME number)

Ad Exposure and Measurement

In addition to cookie-based matching (which you can control and consent to via your panel account), we will use personal data you provide to us, such as email address, in a direct matching process with third parties (our clients and partners) to determine if you are a user of that service (such as social networks, websites, mobile apps) for advertising measurement research purposes. We will identify what advertisements you may have been exposed to on those sites and platforms and measure how brand attitudes or brand recall have impacted sales. The third parties that we work with are not allowed to use the data for any other purpose.

Persistent unique identifier, contact details, email address, social login, cookie, IP address, mobile device ID, official identification number (i.e. ME number)

Key Opinion Influence Mapping

 

To understand prescribing and treatment patterns and influence in given disease area

Email address, social media handles

 

When you participate in our research, we may ask you for a range of information, including, for example, your personal opinions, and demographic information, such as your age and household composition, your health status, such as condition you may suffer or diagnose and treatments. You may decline to answer any questions or withdraw from participation in a study at any time.

Our third party partners are all contractually bound to keep any information they collect and disclose to us, or that we collect and disclose to them, confidential and must protect it with security standards and practices that are equivalent to our own.

3.   Third Parties and Data Transfer Across Borders:

You can be assured that we will protect your privacy. We will not make your personal information available to anyone without your agreement unless it is for research purposes only or if required by law. This includes your name and e-mail address.

We may share your personal data with companies within our group (Kantar) or vendors to fulfil data processing requirements, e.g. data matching, third party service providers, online ad effectiveness measurement, social media data interactions, scientific publication, pharmacovigilance/safety follow up. Where these transfers are across borders or outside the EEA we shall put safeguards in place to ensure the transfer is made by a legitimate method for the purposes of EU data protection law and secure.

Your personal information may be collected, stored, transferred or processed by our sister companies within the WPP group, or 3rd party service providers for research-related purposes, such as data processing, and fulfilment of incentives both within and outside the EEA. They are all contractually bound to keep any information they collect and disclose to us or, we collect and disclose to them, confidential and must protect it with security standards and practices that are equivalent to our own.

4.   Confidentiality, Security and Industry Requirements:

We take appropriate technological and organisational measures to protect the personal information submitted to us, both during transmission and once we receive it. Our security procedures are consistent with generally accepted commercial standards used to protect personal information.

All our employees are contractually obliged to follow our policies and procedures regarding confidentiality, security and privacy.

We adhere to the following standards and industry requirements:

  • MRS (Market Research Society)
  • BHBIA (British Healthcare Business Intelligence Association)
  • EphMRA (European Pharmaceutical Marketing Research Association)
  • Insights Association
  • ADM (Arbeitskreis Deutscher Markt- und Sozialforschungsinstitute e. V.)
  • ESOMAR (European Society for Opinion and Marketing Research
  • ENCePP® - European Network of Centres for Pharmacoepidemiology and Pharmacovigilance
  • AEDEMO (Asociación Española de estudios de Mercado, marketing y opinión)
  • AMSRS (The Australian Market & Social Research Society)
  • ANEIMO (Asociación de Empresas de Investigación de mercados y opinion)
  • ASOCS (Association Society of Opinion and Behavior in the Domain of Sante)
  • ASSIRM (Italian Market Research, Studys of opinion and social research)
  • KORA (Korea Research Association)
  • SYNTEC (chambre SYNdicale des sociéTés d'Études et de Conseils)
  • Intellus WorldwideAFCROs (l'association française des sociétés de recherche sous contrat)
  • AIMFA (Agrupación de investigación y marketing farmacéutico)
  • AMCP (Academy of Managed Care Pharmacy)
  • ISOQOL (International Society for Quality of Life Research)
  • ISPE (International Society for PharmacoEpidemiology)
  • ISPOR (International Society for Pharmacoeconomics and Outcomes Research)
  • KRPIA (Korean Research-based Pharmaceutical Industry Association)
  • Medicines Australia         
  • ACIP (Association des Cadres de l’Industrie Pharmaceutique)
  • AMIPS (Association des Médecins de l'Industrie et des Produits de Santé)
  • APM  Health Europe (Medical press agency)
  • ADESSAT (Association D'Etude et de Suivi de l'Aménagement du Temps de Travail)

5.  Cookie Disclosures

Cookies are small text files stored on your computer by a website that assigns a numerical user ID and stores certain information about your online browsing. They are used by web developers to help users navigate their websites efficiently and perform certain functions. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website's server.

For behavioural tracking research, we use optional cookies / software applications, but only if you have given your explicit consent to such cookies / applications.

As is true of most online studies, we gather certain information automatically and store it in study data files. This information may include things like Internet Protocol addresses (IP address), browser type, Internet service provider (ISP); referring/exit pages, operating system and date/time stamp.

We use this automatically collected information to analyse trends such as browser usage and to administer the site, e.g. to optimise the study experience depending on your browser type. We may also use your IP address to check whether there have been multiple participations in the study from this IP address. 

6.  Accuracy

We take all reasonable steps to keep personal information in our possession or control, which is used on an on-going basis, accurate, complete, current and relevant, based on the most recent information made available to us by you and/or by our client. 

We rely on you to help us keep your personal information accurate, complete and current by answering our questions honestly and you are responsible for ensuring that the data controller (which may be us or - more often - our client) is notified of any changes to your personal data.

7.  Children’s Data Collection:

Kantar Health recognizes the need to provide further privacy protections with respect to personal data collected from children. We never knowingly invite children under the legal age set by the authorities in the country in which you reside to participate in research studies without parental permission. If it is necessary and appropriate to a particular project to directly involve children under the legal age, we take measures to ensure we have been given permission by their parent or legal guardian.

Kantar Health will provide parents and guardians information about the survey topic, about any personal or sensitive information which may be collected from the children, the way this data will be used and whether and with whom Kantar Health may share such information.

While the child is completing the survey, it is the responsibility of the parent or guardian to supervise them.

In certain circumstances, we may require additional consent for public health, regulatory, or commercial reasons.  We will explain this to you and the reasons for requiring it at the time we ask for it. 

8.  Sensitive Data

Kantar Health may collect personal data that is classified as “special categories” of personal data.  This includes racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.   You can choose whether or not to provide this data to us.  

9.  Rights of Individuals:

To request access to personal data that we hold about you, you should submit your request in writing to the e-mail address or postal address shown below in “How to Contact Us”.

You have the following rights in relation to your personal data:

  • Right to change your mind and to withdraw your consent
  • Right to access your personal data
  • Right to rectify your personal data
  • Right to erase your personal data from our systems, unless we have legitimate interest reasons for continuing to process the information
  • Right to port your personal data (portability right)
  • Right to restrict processing of your personal data
  • Right to object to the processing of your personal data

We shall also notify third parties to whom we have transferred your personal data of any changes that we make on your request. Note that while Kantar Health communicates to these third parties, Kantar Health is not responsible for the actions taken by these third parties to answer your request. You may be able to access your personal data held by these third parties and correct, amend or delete it where it is inaccurate.

10.  Data Storage and Retention

Personal information will be retained only for such period as is appropriate for its intended and lawful use, in this case we shall retain data for no longer than 12 months, unless otherwise required to do so by law, or contractually agreed by our clients. Personal information that is no longer required will be disposed of in ways that ensure their confidential nature is not compromised.

As part of the Company Business Continuity plan and as required by ISO 27001, ISO 9001, ISO 20252 and in certain instances the law, our electronic systems are backed up and archived.  These archives are retained for a defined period of time in a strictly controlled environment. Once expired, the data is deleted and the physical media destroyed to ensure the data is erased completely.

11.  Notification of Material Changes:

We reserve the right to change, add to, or remove portions from this Privacy Policy at any time. You should read this page regularly to ensure you are updated as to any changes. We will always display the most up-to-date policy on this web page..

Last updated: 20 May 2018

12.  How to Contact Us:

Our General Counsel and Data Protection Officer is Gillie Abbotts-Jones. Questions regarding this Privacy Policy and access requests should be directed to info@kantarhealth.com or 6 More London Place, London, UK

13.  Complaints & Country Specific Disclosures:

If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state or jurisdiction of your habitual residence, your place of work or the place of the alleged infringement. To find the contact details of your country supervisory authority, please consult our dedicated page http://www.kantarhealth.com/docs/privacy/20180409_nationaldataprotectionauthoritiespdf.pdf