hello@grailinsights.com

Privacy Policy

LAST REVISION UPDATE: August 24, 2018

Grail Insights recognizes the importance of protecting your privacy. The following privacy policy ("Privacy Policy") applies to all our customers, respondents as well as website visitors and describes what information Grail Insights collects how Grail Insights collects that information, and how Grail Insights stores, uses, transfers, and discloses (collectively "Uses") the collected information.

This Privacy Policy is subject to Grail Insights’ Terms and Conditions of Use ("T&Cs"), which can be found at the bottom of the web site home page. Grail Insights may update or amend this Privacy Policy from time to time, as Grail Insights deems necessary. When Grail Insights updates or amends its Privacy Policy, we will post the revision date of the updated or amended Privacy Policy at the top of the document.

SERVICES COVERED BY THIS POLICY

This Privacy Policy applies when you use our Services. The following are collectively called “Services”.

EU – U.S. PRIVACY SHIELD AND SWISS – U.S. PRIVACY SHIELD COMPLIANT

Grail Insights is committed to and fully complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Grail Insights has certified to the Department of Commerce that it adheres to the seven Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

AFFILIATE, PARTNER AND THIRD-PARTY WEB SITES

This Privacy Policy applies to Services mentioned above. To the extent that this Site permits you to link to other web sites of Grail Insights’ affiliates, partners, or other third parties, separate privacy policies may apply to those linked web sites. Those separate privacy policies may contain different terms that are not the same as those terms contained in Grail Insights’ Privacy Policy. Your access to and use of such linked web sites through links that are provided on this Site are not governed by this Privacy Policy. Rather, your access to and use of such linked web sites are governed by the privacy policies in those linked web sites, and Grail Insights expressly disclaims any and all responsibility for your access to and use of such linked web sites, as well as for any use of the Personal Information (defined below) that you may provide, or any Personal Information that may be collected about you (including via cookies), at such linked web sites.

RESEARCH INVITATIONS & REQUESTS

We contact potential respondents via calls or emails only if they meet specific research requirements such as one or more of the followings:

PURPOSE OF COLLECTION OF PERSONAL INFORMATION

“Personal Data" is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that we have access to.

How we use your personal data will depend on which Services you use and how you use those Services. We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and legitimate interest as the lawful basis for processing. For certain processing, we may also use consent as a lawful basis provided under the Data Protection Regulations.

Where you have consented to a particular processing, you have a right to withdraw the consent at any time. When we use legitimate interest for processing, you may object to such processing.

WHAT PERSONAL INFORMATION GRAIL INSIGHTS ACTIVELY COLLECTS

A.  Personal Data Collected from Respondents

Your responses will be treated as confidential unless you consent to being identified.

B.  Data from Social Media and Business Directories

C.  Other Users and website visitors.

D.  Sensitive Data

Other than the personal information that we collect from sources other than you, Personal Information is provided by you on a voluntary basis, and by submitting your Personal Information you consent to its use in a manner consistent with the Privacy Policy. You can choose not to provide certain information, but then you may not be able to take advantage of our services or participate in some of the Site’s features.

WHAT PERSONAL INFORMATION GRAIL INSIGHTS PASSIVELY COLLECTS: COOKIES AND OTHER TECHNOLOGIES

This Site, Grail Insights’ online services, applications, platforms, email messages, and advertisements, if any, may use "cookies" and other technologies to collect information about you. A cookie is a small data file stored on the web browser on your computer’s hard drive. A cookie associates the identification numbers built into the cookie with information about you that you have provided to us. This association allows us to recognize you when you arrive at our web site. Other technologies tell us where on our website you have visited, counts how many users visited certain web pages within our web site, and measures the effectiveness of advertisements, if any, and web searches

Like most web sites, we also automatically collect some tracking information and store that tracking information in an anonymous, aggregated and non-personal format. This tracking information includes Internet Protocol (IP) addresses, browser type and language, Internet Service Provider (ISP), operating system used, date and time stamps and click stream data. We use this tracking information to understand and analyze trends, to administer our web site, and to learn about user behavior on our web site. However, Grail Insights may use IP addresses to identify you when Grail Insights feels, in its sole discretion, that it is necessary to enforce compliance with its T&Cs, this Privacy Policy, to protect its services, Web Site, systems, information, employees, business partners, affiliates, users, customers or others, or when required by law. We also may determine what technology is available through your browser in order to serve you the most appropriate version of a web page. For example, we may determine that you have installed a version of Flash, and we will then send you the appropriate Flash version of the web page rather than an HTML page.

HOW WE USE THE PERSONAL INFORMATION

A.  Research Activities

We use your personal information for carrying out research studies for client projects or for internal studies. We only process respondent data for the purposes of the market research surveys. If we initially collected your information for phone survey, we may use this data for future online surveys and vice versa.

Additionally, we use your data for the following purposes

B.  Aggregated Research Analysis and Insights

The personal data we collect is also combined with the responses/views/opinions of others who participated in the same research for analysis. Such analysis is reported back anonymously to the client that commissioned the study.

All of your survey responses are treated as confidential. We will never intentionally disclose your personal information or individual survey responses to the client that commissioned the study or any third parties unless you consent to sharing your personal data and/or individual responses

C.  Periodic Newsletters and Marketing Materials

We may send you marketing / promotional materials. You may choose to restrict the collection or use of your personal information.

DISCLOSURE OF PERSONAL INFORMATION

As a general rule, Grail Insights does not share with or disclose to any third parties any specific Personal Information collected from you, except (a) as otherwise described in this Privacy Policy, (b) when Grail Insights has your permission, (c) under special circumstances such as, but not limited to, when Grail Insights believes in good faith that the law requires such disclosure, or when the disclosure will protect the safety of others.

While we aim to limit the sharing of your data, at times, it is necessary to share your data with certain service providers. The following categories of recipient will most likely receive your data in order for us to provide services to you

Accountability for Onward Transfer (Transfers to Third Parties): If Grail Insights transfers information to a third party that is acting as its agent, Grail Insights will require the third party to have adequate privacy protection as is required by the relevant Privacy Shield Principles or under other Data Protection laws. With respect to onward transfers, Grail Insights remains liable under the Principles if its agent processes personal information in a manner inconsistent with the Principles, unless Grail Insights proves that it is not responsible for the event giving rise to the damage.

Other: Grail Insights may, if required by law, legal process, litigation and/or requests from public or governmental authorities, disclose your Personal Information. We may also disclose Personal Information about you if we determine, in good faith and in our sole discretion, that such disclosure is necessary for purposes of national security, law enforcement, the prevention of a crime, or other issues of public importance. We may also disclose Personal Information about you if we determine, in our sole discretion, that it is reasonably necessary to enforce the T&Cs, or to protect our operations or users. Additionally, in the event of a corporate reorganization, merger or acquisition, or sale, we may transfer any and all Personal Information we collect to a relevant third party.

HOW YOU CONTROL THE USE OF YOUR PERSONAL INFORMATION

There may be times that you wish to access your Personal Information. Grail Insights makes commercially reasonable efforts to provide you with access to your Personal Information so you can instruct us to correct or update the Personal Information if it is inaccurate, or delete your Personal Information if Grail Insights is not required to retain it by law or for a legitimate business purpose. To receive a copy of your Personal Information, or to provide instructions to us on what you want corrected or updated, send us an e-mail at privacy@grailinsights.com

You can additionally contact us at privacy@grailinsights.com regarding exercising the following rights.

In the event you decide that you want to opt out from Grail Insights’ use of your Personal Information that you previously provided to Grail Insights, you may opt out of our use of your Personal Information by contacting us at privacy@grailinsights.com

INTEGRITY AND INFORMATION SECURITY MEASURES

While Grail Insights endeavors to protect your Personal Information, we cannot warrant the security of any Personal Information, and ultimately you provide your Personal Information to us at your own risk. Grail Insights uses commercially reasonable efforts and security practices to safeguard your Personal Information, and employs security measures designed to protect your Personal Information from access by unauthorized persons. Some of those measures include, but may not be limited to, encryption, firewalls, physical access controls, restricted access to data, monitoring for threats and vulnerabilities and use of Secure Socket Layers (SSL).

DATA RETENTION POLICY

Grail Insights retains your Personal Information for the period necessary to fulfill the purpose for which it was collected, as outlined previously in this Privacy Policy, unless a longer retention period is mandated or permitted by law.

Survey Respondent’s personal information (other than survey responses) is retained for a period of two years from the date of collection or the date of last contact, whichever is later. If you choose to have your information deleted or opt out from future surveys, then we will delete all information except limited information necessary to avoid contacting you again.

Survey responses and personal information contained in files received from clients are retained as per customer contracts or as per Grail Insights retention policy.

CROSS BORDER DATA TRANSFER

Since we are a global company, your data may be processed outside of the EU region. Some countries where we process data may not have as protective laws as your own country and there are risks associated with such transfer. You agree to the cross border transfer of your data to countries outside of EU region. Where applicable, Eu – U.S. Privacy Shield And Swiss – U.S. Privacy Shield may be used to meet cross border transfers requirements. In the absence of this, Standard Contract Clauses are in place for cross border transfers 

CHILDREN

This web site is not intended for use by children. Grail Insights does not knowingly solicit or collect Personal Information from children under the age of 18. If you are under the age of 18, you must obtain the consent of your parent or guardian to use this Web Site. Grail Insights encourages parents and guardians to take an active role in their children’s online activities and interests.

INQUIRIES AND COMPLAINTS

In compliance with EU – U.S. Privacy Shield and Swiss – U.S. Privacy Shield principles, Grail Insights commits to respond to inquiries and resolve complaints about your privacy and our collection or use of your Personal Information. Any individual with inquiries or complaints regarding this Privacy Policy and/or his or her Personal Information should first contact privacy@grailinsights.com

Grail Insights has further committed to refer unresolved privacy complaints to an independent dispute resolution mechanism operated by the International Centre for Dispute Resolution (“ICDR”), the international division of the American Arbitration Association (“AAA”). If you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed by Grail Insights, then please visit http://info.adr.org/safeharbor for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you. You may have the ability, under certain conditions, to invoke binding arbitration with a Privacy Shield Panel for complaints regarding Grail Insight’s Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information regarding this arbitration, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

CONTACT INFORMATION

If you have questions or complaints regarding this policy, you may contact us through email at privacy@grailinsights.com. You may contact us at our mailing address below:

Grail Insights

| 4th Floor | Tower B | Tech Boulevard | Sector 127 | Noida | India | 201301

If you are a resident of the European Economic Area and we maintain your personal data within the scope of the General Data Protection Regulation (GDPR), you have additional rights. If you are not satisfied with the resolution, you can also lodge a complaint with the Supervisory Authority in the country of your residence.

CHANGES TO THIS PRIVACY POLICY AND NOTIFICATION TO YOU

Grail Insights reserves the right, in its sole discretion, to make changes to this Privacy Policy. When changes are made to the Privacy Policy, the "Last Revision Date" field at the top of the Privacy Policy will be updated accordingly. Changes to the Privacy Policy become effective upon posting and updating the "Last Revision Date." Grail Insights encourages you to periodically review the Privacy Policy to be informed of any changes.

You confirm that your continued use of our services after any change in this Privacy Policy will constitute your acceptance of such changes and agree to be subject to the revised privacy policy.