1. What kind of information does PeopleMetrics collect?
Our Online Feedback System™ collects a wide range of information about respondents, depending on the information needs of our clients. Generally, PeopleMetrics may request certain personal, identifiable, financial or demographic information and respondents’ specific opinions about a variety of products, goods and services, among other things. Such information is voluntarily provided and the respondent has the option to decline to answer any question.
2. What does PeopleMetrics do with respondent information?
PeopleMetrics reports information (demographic data, etc.) gathered during measurement to our clients in the aggregate (individual responses are not identified). PeopleMetrics does not disclose a respondent’s personal, identifiable information to any other clients or third parties unless the respondent provides permission.
3. PeopleMetrics provides Security Safeguards to protect respondent information
We use advanced technology (128-bit SSL) and information management techniques to implement security (IP assigning procedure that limits responses to designated IP addresses), audit, and control programs designed to protect respondent data. In addition, we protect the privacy of information sent to and from our web sites and use specific controls designed to identify and authenticate all our online clients and prevent and detect unauthorized access to our web site and client information.
4. PeopleMetrics Privacy Statement (European Union Data Privacy)
This PeopleMetrics Privacy Statement applies only to personal data that PeopleMetrics receives from the European Union (“EU”).
Under the United States/European Union Data Protection Safe Harbor Arrangement (http://export.gov/safeharbor), PeopleMetrics acts as a data processor on behalf of its business customers, performing online surveys, targeted e-mail delivery and data analytics. PeopleMetrics adheres to the policies of its business customers and does not have independent rights to control personal data it collects and/or processes on their behalf.
For personal data transferred from EU business customers to PeopleMetrics, the company complies with the U.S. Department of Commerce’s EU Safe Harbor Principles and associated Frequently Asked Questions (FAQs).
PeopleMetrics will not disclose to third parties personal data processed on behalf of its business clients, except as permitted or required by the processing agreement, EU Safe Harbor, or applicable Member State data protection law.
Any information that PeopleMetrics’ EU business customers identify as sensitive will be treated accordingly.
In acting as a processor on behalf of our business customers (the EU controllers), PeopleMetrics complies with all applicable EU Safe Harbor Principles for personal data received from them for processing.
5. PeopleMetrics Personal Information Protection Policy (Japan)
This PeopleMetrics Personal Information Protection Policy (Japan) applies only to personal data that PeopleMetrics receives from Japan.
PeopleMetrics complies with the Japanese Personal Information Protection and related laws and ordinances that protect customer rights and interests.
A – Acquisition of Personal Information and Purpose of Use
PeopleMetrics will acquire personal information through rightful and just methods. Examples of the sources and types of information we may collect include, but are not limited to, the following:
- (a) Information submitted by various companies for customer related research studies on the behalf of our clients in Japan.
- (b) Attitudinal information submitted by customers as a part of customer engagement and other customer research studies referenced above (A-(a)).
- (c) Information submitted by various companies for employee engagement and other employee research studies on the behalf of our clients in Japan.
- (d) Attitudinal information submitted by employees as a part of employee engagement and other employee research studies referenced above (A-(c)).
PeopleMetrics will use personal information for the following purposes:
- (a) Statistical analysis and research interpretation of the customer and employee trends at the aggregate sub-group level.
- (b) Management of respondents’ survey data at the aggregate sub-group level.
- (c) Anonymous e-focus (online) groups to gather general employment related attitudes and feedback.
- (d) Anonymous employee surveys where the identity of respondents is kept confidential to the client.
B – Provision of Personal Information to Third Parties
PeopleMetrics will not provide employees’ personal information to any third party.
C – Retention of Personal Information
All personal information collected or provided to PeopleMetrics is retained for the duration of the study. At the end of the study or as directed by the client PeopleMetrics will ensure that all personal information stored electronically is securely deleted, erased and removed from our systems, and that all physical files containing personal information will be shredded and destroyed via secure document disposal processes.
D – Security Control Measures for Personal Information
PeopleMetrics will take appropriate measures to secure systems, etc. in efforts to prevent unauthorized access to personal information and divulgence, loss and damage of personal information. Should any accidents occur, PeopleMetrics will:
- (a) Preserve the evidence and investigate the cause of the accident.
- (b) Respond promptly and appropriately and make best efforts to rectify security control measures to prevent reoccurrence of the accident, etc.
E – Outsourcing the Handling of Personal Information
PeopleMetrics does not outsource handling of personal information.
F – Education of Employees
PeopleMetrics clearly defines roles and responsibilities of PeopleMetrics employees in regard to personal information handling. This is enforced at all levels within the organization. In addition, access to clients’ data is restricted to full-time employees only. Part-time, temporary and contract staff are not permitted to access these data. PeopleMetrics will continuously provide guidance, education and training on the protection of personal information to all employees to ensure compliance with the Policy. Employees who violate the Policy are subject to disciplinary action.