Privacy Policy

Introduction

For us, the protection of personal data and information about your rights is essential; it reflects the relationship of trust that we have with you. This means that protecting your privacy is our priority when you entrust us with your information.

This privacy policy is intended to provide you with transparent information on how we collect and use your data.

Legal context

This policy is part of a legal context governed by the General Data Protection Regulation (GDPR) applicable since 25 May 2018 and the amended Data Protection Act of 6 January 1978.

Definitions

Personal data:

Current regulations specify that personal data is any information concerning an identified or identifiable natural person. In other words, data - whatever its nature - becomes personal data as soon as a link can be made between this data and an (identified or identifiable) individual.

We can therefore distinguish between two types of personal data concerning you:

• information that identifies you directly (e.g. your first and last name) or indirectly (e.g. your username on a website); this information is considered « nominative »;
• all other information which is not « nominative » and does not allow you to be identified, but which is associated with « nominative » information allowing you to be identified (e.g.: a notice that you leave on a website is not personal data in its own right, but rather becomes so when saved in a file with your identifier, the latter often allowing your opinion to be linked to your e-mail address, or even to your first and last name).

There is a great deal of « nominative » information that identifies you. Apart from your first and last name, this mainly includes: your identifier on a website, your e-mail address, your telephone number or your IP address. Sometimes, it is the combining of several pieces of information that makes it possible to make it « nominative » and, consequently, to identify you, for example: your date of birth combined with your postcode of residence.

In short, only completely anonymised information, which cannot be linked to an identified or identifiable individual - even indirectly through an identifier - does not constitute « Personal Data ».

Data processing:

Data processing is defined as any operation or set of operations carried out with or without automated processes and applied to personal data. For example, collecting, storing or deleting data are all forms of data processing.

Purpose of the processing:

The purpose of processing is the reason why we collect this data. We never collect personal data without a specific reason to do so.

Who are we?

The On-Qual platform, accessible at www.on-qual.com, offers online qualitative studies and solutions for dynamic contact between study participants and organisers (clients).

More specifically, On-Qual allows for the organisation of online focus groups via forums, chat, telephone and/or videoconference calls, individual bulletin boards/blogs and online communities.

On-Qual is published by MIS GROUP, a French company established in 2001 for the carrying out of online and offline, quantitative and qualitative marketing studies:

• Registered office: 85 rue nationale, 58000 LILLE
• Website: https://en.misgroup.io.
• Legal notices/contact : https://www.on-qual.com/en/legal-notice

What personal data do we collect?

We collect data on study participants, as well as on viewers. The information allowing for the creation and customisation of the participant or viewer account (e-mail, telephone number, last name, first name, company, profile picture) is provided by you, on your own initiative and on the basis of your consent.

With the participant's consent, we collect the following data:

• First and last names, e-mail addresses, gender, age, city/postcode of residence as well as information on profession are collected in order to identify each participant for our clients. We also collect all other information necessary (for example: client of a bank, internet access provider, etc.) depending on the subject of the study.
• The messages, photographs and videos are posted on the On-Qual platform in order to better allow the study of the quality of the products supplied by our clients.

We have also set up a logging system collecting IP addresses, connection times, equipment used (browser, operating system) on the basis of the legitimate interest of the security of our computer systems and prevention of robot intrusions. This data is not analysed for marketing purposes.

The data we collect for these precise purposes will not, under any circumstances, be used by MIS GROUP for any purposes other than those listed above.

Finally, we take all technical and organisational measures to ensure the security of your data (encryption of our servers, restricted access, data retention and destruction policy).

Who receives your data?

MIS GROUP, the publisher of On-Qual services, will have access to the data collected.

This data is hosted in France by the company OVH, as subcontractor, a company located at 2 rue Kellermann, 59100 Roubaix. No client, partner or supplier will have access to these servers.

Regarding the hosting of the recorded videos of the participants, at the client's request, MIS GROUP may call on Amazon Web Service, as subcontractor, a company located at 38 Avenue John F. Kennedy, Luxembourg.

The data collected during a qualitative study on On-Qual is provided to the client, the data controller, in order to better understand your opinions of the products, services or concepts subject to the studies.

How long do we store this data?

The information necessary for the maintenance of your participant or viewer account is stored all the time you are using our On-Qual service.

We keep the video recordings for a maximum of 90 days from the end of the study in order to give our clients time to retrieve the recordings.

This period of a maximum of 90 days remains the same; even in the event of transfer to Amazon Web Service, the storage period is not extended. Example: Transfer of recordings to Amazon Web Service 30 days after the end of the study, storage of recordings on Amazon Web Service for a maximum of 60 days.

We also keep the data recovered and collected on the online platform for a maximum of 90 days from the end of the study in order to give our clients time to retrieve the data.

Finally, the information collected in our legitimate interest in computer security, namely IP addresses, connection times and equipment used, is stored for a period of 6 months.

In the event of a problem, you can contact us at any time to exercise your rights as guaranteed by the GDPR.

What are your rights as a user?

You have the following rights:

Right of access:

Vous pouvez nous demander si nous détenons des données personnelles vous concernant, savoir de quelle manière ces données sont traitées, ainsi que les finalités auxquelles elles sont rattachées, et demander gratuitement une copie de vos données dans un format lisible et compréhensible.

Right to rectification:

If you notice an error, an oversight or an ambiguity about your personal data, you have the right to request that inaccurate data about you be rectified. More specifically, you can make this request following a request for a right of access for better knowledge of the data collected.

Right to erasure:

You can ask us at any time to delete your information as collected by our On-Qual service. All information about you will be deleted, with the exception of information such as your IP address, which we keep for our legitimate interest in computer security, and information which we keep in order to fulfil our legal and/or contractual obligations.

Right to portability:

You can ask us for the portability of the personal data that you have entrusted to us in a machine-readable format, when the processing of this data is carried out in an automated manner, and based on your consent, or on the execution of a contract stipulated with you.

Right to restrict processing:

You can request that processing of your personal data be restricted under certain conditions: when you dispute the accuracy of data, if the processing is unlawful but you do not wish to proceed with erasure, or when you need to in order to have noted, exercise or defend your legal rights.

Right to object:

You retain, at all times, the right to object to the use of your personal data in the context of the activities carried out by our company with regard to the processing of your data based on legitimate interest, such as sending e-mails from our On-Qual website.

Your requests for the exercise of rights as well as any questions in this regard can be sent to the following address: dpo@misgroup.io

For any additional information on your rights, consult the following link: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.

MIS GROUP undertakes to answer you as soon as possible and at the latest within 1 month. Finally, you can file a complaint with the CNIL if you feel that, despite our measures, your rights have not been respected: https://www.cnil.fr/fr/plaintes.

We reserve the right to amend this policy. We will systematically inform you of these changes so that you can read them before continuing to browse our On-Qual website.

Contact

f you have any questions regarding this Privacy Policy, you can e-mail our Data Protection Officer at this address: dpo@misgroup.io

Or send a letter to this address: MIS GROUP, 85 rue nationale, 59800 LILLE.