Privacy Policy

Purpose

Epinion respects every person’s right to privacy and the right to correct and legal processing of their personal information. As a trusted and profiled research company, it is important for Epinion that our many different stakeholders trust our processing of confidential and personal data.

This privacy policy must support Epinion complying with current legislation, comply with and meet the applicable data protection laws, including the EU Data Protection Regulation (EU Regulation 2016/679) and the Personal Data Processing Act. Furthermore, it supports Epinion complying with the international ethical guidelines for analytical companies adopted by ESOMAR, the international industry organization of companies working within market, opinion and social research and data analytics.

The purpose of this privacy policy is to ensure transparency and legality in our processing of personal data to the persons we analyze; and to employees, customers, and other partners.

Epinion ensures that all our employees know and work in accordance with this privacy policy.

Privacy Policy in Danish: Epinion Privatlivspolitik

 

Contact information on our Data Protection Officer

Epinion is a company that processes personal and confidential data on many citizens, why we have considered it necessary for us to have a Data Protection Officer (DPO).

You can contact our Data Protection Officer if you need guidance on using your rights or if you have any questions about Epinion’s processing of personal data. You can contact our Data Protection Officer:

Trine Genefke Bojsen

T: +45 87 30 95 00
E: dpo@epinionglobal.com

 

Basis, Purpose and Principles for Processing Your Personal Information

We process different types of data about you, depending on whether you are a participant in a survey, employee, partner or customer. The bulk of our personal data comes from participants in surveys and analyzes as well as our employees. This privacy policy is therefore specifically addressed to these groups, as we do not treat personal data about partners or customers for purposes other than contractual compliance between companies. Finally, we also get information about you via cookies when you visit our website if you consent to this.

Our studies always follow a legitimate and credible purpose. In some surveys, we treat personal data on behalf of public authorities, interest organizations or companies, in these cases we are data processors. You can read more about what this means to you and your rights, in Section 9 of this Privacy Policy.

When Epinion is the data processor, we are subject to the data controller’s instructions regarding transfer, rights, etc. See more in section 8.

 

If you participate in a survey

We only deal with the information about you that is necessary to achieve the purpose of the survey. If you participate in one of our analyses, such as a telephone interview or a panel prior to a parliamentary election, we always seek to minimize the data we collect for our survey, by only processing the information, and asking the questions relevant to the analysis.

Participation in our studies is always voluntary and is often based on consent. We always tell you the purpose of the survey and do not process your data if you do not want to attend.

In addition, you decide which and what kind of information you want to provide. It is important for Epinion that you participate voluntarily in our studies and that you have a positive experience without feeling pressured.

You are always free to withdraw your consent if you regret participating in a survey. If this is the case, please contact the Data Protection Officer, ref. section 2 above.

We also carry out projects where the basis for processing is not consent. Here, the basis for processing will often be legitimate interests and the exercise of authority. You can always refuse to participate in the survey, and we will also often be able to delete your information. However, there may be cases where we cannot delete you. Here we can always refer you to the data controller by contacting our DPO, who can guide you.

 

If you are an employee or an applicant

If you are an Epinion employee, we only process the data about you that is necessary in regard to your employment relationship and to fulfill our statutory obligations, like paying your salary or processing vacation requests.

If you apply for a position in Epinion, we will not process any further data than is necessary to evaluate your application, and we will only keep your data for a limited period if you do not get the job, see below in sections 6 and 7.

 

Disclosure

Epinion does not disclose information about you to third parties without your consent unless we are legally required by law or otherwise.

Disclosure if you participate in a survey
If you participate in a survey, you will always be informed as to whether your participation is 100% anonymous, where only Epinion employees know your identity or whether your responses are shared with others, e.g. the customer that ordered the survey. By doing this, we make are sure that you can give your informed consent.

In addition, we disclose information in the following cases:

  • Information is disclosed to the data processor with which we have entered into a data processing agreement with and acting under instructions from us. Data processing is always in accordance with our privacy policy and with the necessary security measures.
  • In cases where we conduct a survey on behalf of a data controller, we may be legally or contractually bound to disclose the responses you provide. You will always be informed in advance on whether your information is being disclosed.

Disclosure if you are an applicant or employee
We will not disclose your information to any third party if you are applying for a job. Similarly, we do not disclose data about our employees without their consent. However, we disclose information that is legally required, including in the following cases:

  • Data on employees is disclosed to public authorities in cases where we are required by law to share your information, for example, with tax authorities or others in connection with your employment relationship.
  • Data is disclosed to private persons in connection with your employment relationship, e.g. pension funds.

We will process these types of data about you

Surveys
In connection with our surveys, we always provide information about what categories of data we are processing. All studies are different, so we collect different data types according to the purpose of the study.

We typically process these types of data in connection with surveys and analyses:

  • Name, address, phone number, to get in touch with you.
  • Social Security Number, legally provided through application by the Data Inspectorate or from the Social Security Number Registry, in cases where we conduct the survey on behalf of a public authority or as part of a project in the public interest.

In addition, we process the data you provide in connection with participation in our surveys. They can be about everything from customer satisfaction to political polls and affiliation. Therefore it is not possible to provide a complete list in this document. However, you will always be informed about the type of information we need in the survey.

Employees and applicants
In connection with recruitment or employment, we treat the following data about you:

  • Name, address, telephone, e-mail
  • CV
  • Application
  • Criminal record (if required for recruitment)
  • References
  • Degrees / Diplomas
  • Social Security Number
  • Potentially trade union membership (if relevant)
  • Other information relevant to the recruitment

During employment and in connection with terminations, in addition to the above information, we may process the following data:

  • Health Information
  • Timesheets
  • Holiday Information
  • Maternity/paternity leave
  • Other information relevant to the employment

Your rights

According to the EU Data Protection Act, and the Danish Data Protection Act, you have several rights that you can rely on in connection with Epinion’s processing of personal data. These rights are as follows.

Disclosure
Upon obtaining data, we will provide you with the following information:

  • Who we are
  • The purpose of the data processing, and on which legal basis we process your data
  • How long we keep your information or which criteria are used to determine the storage length
  • Your rights to request insight, rectification, deletion or restriction of your information (see below)
  • Your right to withdraw your consent
  • Contact information on our Data Protection Officer
  • Your opportunity to file a complaint

Right of access
You have the right to gain insight into the data we process about you and the right to obtain a copy of any information contained, including information about who has provided the data if they do not originate from you.

However, you should be aware that this right may be restricted because of the research clause in the Danish Data Protection Act.

The right to delete and the right to get corrected data
You are entitled to delete or correct information about you. You are entitled to delete your information when they are no longer necessary or if you choose to withdraw your consent for our survey. You may also contact us if you believe that we are handling your personal data illegally.

When you request to have your information deleted or corrected, we will assess whether the terms are met. If the terms are met, we will correct or delete your information as soon as possible and otherwise we will contact you with a reason why we cannot delete or correct your information.

We will send you a confirmation after we have corrected or deleted the data.

Complaints
If you believe we handle your information illegally or if you believe we do not comply with your rights, you are entitled to appeal to the Danish Data Protection Agency, or with the supervisory authority in the country you are residing.

You can read more about complaints on the Danish Data Protection Agency’s website at:
https://www.datatilsynet.dk/borger/klage-til-datatilsynet/

Time limits for Deletion and Storage

In case of surveys
Epinion deletes or anonymizes personal information when they are no longer relevant for the purpose for which they were collected.

Data obtained in connection with a survey is stored for the period necessary to complete the study and up to 6 months after the study has been completed, in case of any revision or objection from the customer.

Epinion also conducts long-term studies where it may be necessary to keep the data for a number of years to compare data over a long period of time.

In addition, we may store data longer for statistical purposes and operational reasons, or for specific legal obligations.

About employees and applicants
We always keep relevant personal data for 5 years for the purposes of accounting laws, including information on payroll and other information about the employment. In addition, we keep personal data for a longer period, if there is any other legislation that imposes storage.

We only store job applications we have received for a period of up to 6 months.

 

Epinion as a Data Processor

In some analysis tasks, it is not Epinion, which is the data controller, but the data processor. We are the data processor in those tasks where we treat the information on behalf of a customer; private or public.

In these cases, we work under the instructions of the customer, and it is therefore the customer who determines the storage length and who is responsible for compliance with your rights, with the necessary assistance from Epinion.

When we are a data processor, we may receive personal information from the customer, and in these cases, it is the customer’s obligation to ensure that there is a legal basis for disclosing information to us. We never do studies where there is no necessary basis for processing data or where processing will otherwise be illegal or unethical.

 

Information security

Epinion has adopted an information security policy that guarantees the confidentiality, integrity and availability of information through organizational and technical security measures.

All information is processed in accordance with this Privacy Policy and Information Security Policy. By doing so, we ensure that personal data is not lost, handled by unauthorized persons, or inadvertently changed.

Our information security policy also ensures risk assessment and impact assessment through changes in IT systems or our internal workflows. This ensures that your data is protected by a high level of protection.

 

© Epinion