Last update: 15 April 2021
This Privacy Policy describes the information that Dixa ApS and its affiliated legal entities (hereinafter “Dixa,” “us” and “we”) as the data controller may collect for the purposes of researching, how we use and disclose your personal data, and the measures we take to protect it. By accepting participation in research projects and submitting your information and responses, you accept the practices described in this Policy.
Our entities include:
Dixa ApS
Artillerivej 86, st. tv.,
2300 Copenhagen S,
Denmark
Dixa Ltd.
823 Salisbury House
29 Finsbury Circus
London, EC2M 5QQ
England
As part of research activities, we process (e.g. collect, analyse, store, use, consult, anonymise or delete) different types of personal data based on either our legitimate interest or your prior consent. Furthermore, your personal data may be processed in order to comply with legal obligations.
General personal data
Dixa may process the following general personal data:
- Full Name
- E-Mail Address
- Phone number
- Survey response results, e.g. preferences, etc.
- Video recordings and transcripts
- Personal data provided to us about your preferences
Dixa, or its system provider vendors, may collect the following information of your device when you use the systems in order for them to function and in order to be accountable in relation to security and data protection compliance:
- Log Data (IP-Address, browser type, browsing history on the website, date and time stamps etc.)
- Location data (General geographic area)
- Clicks and actions on websites
2. Collection of your personal data
We may collect your personal data either directly from you, or third parties, such as professional networks as Xing and LinkedIn, or receive them from assessment providers.
3. Usage of personal data
We will use the personal data we collect about you to:
- Assess your responses, preferences and behaviour in relation to a research topic
- Communicate with you about research projects
- Comply with our legal requirements
4. Storage/Retention
We keep your contact information (Full Name, E-Mail Address, and Phone number) as a Feedback Panelist for up to 3 (three) months after you sign off from the Feedback Panel. We keep any other personal data you have provided us as a Feedback Panelist for the duration of the research projects and up to 2 (two) years after the project has been completed. Your personal data may be stored beyond this period if we are legally obliged to it, and otherwise, we may anonymize it, in which case it is no longer personal data.
5. Sharing of personal data
We may share your personal data with our employees involved in the research project on a business need-to-know basis. Furthermore, your personal data may be shared with third parties who assist us in the research projects, such as providers of research assessments. In these circumstances, however, we make sure that your personal data is limited to the extent necessary. All our third-party service providers are required to take appropriate security measures to protect your personal data. Additionally, we restrict our third-party service providers to use your personal data for their own purposes and they are only permitted to process your personal data for specified purposes that are in accordance with our instructions. Lastly, your personal data may be shared if we are required to do so in order to comply with the law or court order.
6. Security
We have implemented technical and organisational measures which ensure that your personal data is kept securely and protected against unauthorised access or unlawful processing. We will notify you and any applicable supervisory authority of a suspected data breach whenever we are legally required to do so.
7. Third country transfers
In certain cases, Dixa may transfer your personal data to a third country outside the EU/EEA, which do not offer the same level of protection of your personal data, as the laws in the EU/EEA do. In connection with such transfers, Dixa will ensure that an appropriate level of protection is ensured. Such appropriate level of protection is currently ensured through EU Standard Contractual Clauses, and/or Binding Corporate Rules.
8. Your rights
You have the following rights in relation to your personal data being processed by Dixa, however, under certain circumstances, some rights are subject to limitation:
- Right of access You may request access to the personal data processed by Dixa.
- Right of rectification You may request that your personal data is corrected in case it is incorrect.
- Right of objection If you believe Dixa is processing your personal data unlawfully or you do not otherwise believe Dixa is entitled to process some of your personal data, you may send an objection.
- Right of erasure You may request that Dixa deletes your personal data
- Right of data portability You may ask Dixa to export some of your personal data
- Right to revoke your consent You can at any time revoke a consent you have given to process your personal data. This will however only affect future processing’s and does not affect the lawfulness of previously processed personal data.
If you have questions regarding this policy or you wish to exercise your rights, you can contact the following departments in writing:
Privacy
10. Complaint
You can generally complain to Dixa or the Danish Data Protection Authority in relation to the processing of your personal data as governed by this privacy notice.
Dixa ApS – DK Danish Data Protection Authority https://datatilsynet.dk/kontakt/skriv-til-os