Privacy Policy for Clients

LAST UPDATED 10 JUNE 2022

This notice will explain how The Unmistakables Ltd will collect, store and process personal information (personal data) relating to scopes of work carried out under contract with our client(s). We are committed to protecting the privacy of anyone whose personal data we process.

In relation to this personal data, we are the Data Processor and our client(s) are the Data Controller. We may carry out the work with a Joint Data Processor(s), which will be confirmed directly with clients in writing where applicable.

 

Data Protection Principles

 

We will comply with data protection laws and principles, as set out in the UK General Data Protection Regulation (GDPR). We will ensure that all personal data will be:

  • used fairly, lawfully and transparently;

  • used for specified, explicit purposes;

  • used in a way that is adequate, relevant and limited to only what is necessary;

  • accurate and kept up to date as necessary;

  • kept for no longer than is necessary;

  • handled securely.

What data do we collect?

 

Personal data will be collected, stored and processed only to the extent that it is necessary to gather information and undertake research as part of our contracted scopes of work. The methodology for our work will be signed off by our relevant client.
 

We will collect personal data from:

  • key stakeholders, including our client’s employees and freelancers; and/or

  • research participants, including target audiences or relevant communities outside of our client’s organisation.
     

Data may include:

  • contact details such as name, title, address, phone number and email addresses;

  • protected characteristics (also known as special category data) such as date of birth, gender, ethnicity, sexuality, religion and socio-economic status; and/or

  • other sensitive and/or confidential information that research participants may disclose in response to ethnographic (qualitative) and quantitative research.

How do we collect personal data?

 

We may collect personal data directly from individuals through ethnographic (qualitative) and quantitative research. Interviews, focus group discussions and/or workshops will only be recorded with consent of our client and the relevant participants. Any recordings will only be used to inform our research, findings and recommendations as set out in the scope of work.

Where pre-agreed with our client in writing, we may also collect data through:

  • a research partner(s) who has signed a non-disclosure agreement with us and shared their privacy policy, as well as their marketing outreach partners as approved by our client(s);

  • a subcontractor(s) who has signed a non-disclosure agreement with us and shared their privacy policy.

How will we use personal data?

 

We will use data so that we can:

  • analyse themes and trends;

  • present anonymised findings and make recommendations to the client.

How will we use particularly sensitive data?

 

We will only use particularly sensitive personal data (special category data) to inform our findings and recommendations. Personal data that is collated in reports and presented to our client will be anonymised and will not include contact details of individuals.

How do we store personal data?

We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we restrict access to personal data to employees, freelancers and suppliers who have a business need-to-know and who have signed contracts with a non-disclosure agreement to protect data that is collected, stored and processed as part of each scope of work.

After each scope of work is over, we will review the personal data in due course, then securely destroy personal data in accordance with applicable laws and regulations.


Data protection rights

 

We will consider the data protection rights of individuals as applicable in relation to the lawful basis of the processing activities:

  • The right to access – Individuals have the right to request copies of personal data from us.

  • The right to rectification – Individuals have the right to request that we correct any information they believe is inaccurate, and/or to complete any information they believe is incomplete.

  • The right to erasure – Individuals have the right to request that we erase their personal data, under certain conditions.

  • The right to restrict processing – Individuals have the right to request that we restrict the processing of their personal data, under certain conditions.

  • The right to object to processing – Individuals have the right to object to our processing of their personal data, under certain conditions.

  • The right to data portability – Individuals have the right to request that we transfer the data that we have collected to another organisation, or directly to them, under certain conditions.

 

Individuals can exercise any of these rights by contacting our Privacy Lead at info@theunmistakables.com. If an individual makes a request, we have one month to respond to them.

How to contact us


If you have any questions about this notice or the personal data we hold, please do not hesitate to contact our Privacy Lead at info@theunmistakables.com.

How to contact the appropriate authority

 

If you feel that we have not addressed your concern in a satisfactory manner, you may contact your local authority on Data Protection Rights (e.g. the Information Commissioner’s Office for individuals in the UK).