TRC Global Privacy & Data Protection Policy
We at TRC are committed to maintaining the privacy and security of the Personal Information of all the visitors to this web site as well as all respondents participating in our hosted surveys. As a part of that commitment, TRC is in the process of implementing our updated Global Privacy and Data Protection Policy. These policies will address the current needs of our visitors and survey respondents to know what information about them we collect, why we collect it, and where it goes. We encourage you to read this Gobal Privacy and Data Protection Policy. In addition, as a member of the Insights Association, the professional trade association of survey research companies, TRC adheres to the mandated Insights Association Code of Standards and Ethics for Survey Research. You may visit them at www.insightsassociation.org.
At this web site, TRC does not actively initiate any collection of any individual information. We passively collect information that is automatically sent to us by your web browser. This information typically includes your domain name (the site after the @ in your e-mail address). It may also contain your user name (the name before the @ in your e-mail address). The amount of information sent depends on the settings you have on your web browser; please refer to your browser if you want to learn what information it sends. At this page we do not actively seek to identify any individual visitor, with the exception of investigating security breaches or cooperating with authorities pursuant to a legal matter.
We use the information we automatically receive from your web browser to see which pages you visit within our site, which site you visited before coming to ours, and where you go after you leave. We at TRC can then develop statistics that are helpful to understanding how this site is used by our visitors. This statistical data is interpreted by TRC in its continuing effort to present the web site content that visitors are seeking in a format they find most helpful.
TRC will not use or share, either within TRC or with a third party, any information collected at this page for direct marketing purposes. Because of the nature of the Internet, we may transmit the information to another country, but within TRC, for purposes other than direct marketing, such as for storage, or because of where our servers are located. We may also use it to investigate security breaches or cooperate with authorities pursuant to a legal matter. We may also remove all the personally identifiable information and use the rest for historical, statistical or scientific purposes.
If you e-mail us, you are voluntarily releasing information to us. Your e-mail address will be used by TRC to respond to you. We will not use the information that can identify you, such as your e-mail address, for direct marketing purposes.
Data Protection Policy
TRC depends on the collection and analysis of information about individuals ("Survey Respondents") to carry out its market research and consulting business. This information may be collected from any kind of individual or organization.
Survey Respondent data is the most common data that is collected by TRC. As a Market Research and consulting firm we may collect personal data from survey respondents during the survey process. A survey may be web or telephone based.
The types of personal data we may collect could include but not be limited to the following, Name, Address, Email Address, Phone number or IP address. The data we collect will be used for Market Research purposes only. Your responses to Survey Questions are kept confidential and reporting is aggregated across all survey respondents.
The data we collect will be stored on servers located in the United States managed in accordance to high industry security standards. The data may be accessed, subject to strict confidentiality obligations. by recipients who are employees of
TRC Insights, LLC and it's affiliated entities. The data will be retained as long as needed to fulfill our obligations to firms that we provide services to. At that time data will be remove and erased from our systems.
Client provided data is also commonly processed by TRC. Clients usually provide us with sample or to enhance the existing sample for a project. In respect of any personal data that is received, TRC will process these personal data in accordance with the instructions received from the client and in accordance with TRC principles for processing personal data.
Cookies on the survey environment
Cookies may be used during the survey you are participating in to assist in the functioning of the survey and well as to protect from fraudulent behavior.
Principles for Processing Personal Data
TRC adheres to the following priciples for processing personal data.
- Processed in line with Data Subjects' rights.
- Processed fairly and lawfully.
- Processed for limited purposes and in an appropriate way.
- Adequate, relevant and not excessive for the purpose.
- Not kept longer than necessary for the purpose.
- Not transferred to people or organisations situated in other countries without adequate protection
TRC operates under a strong security and privacy regime. TRC has successfully undergone third party Service Organization Control auditing ( SOC reports) and in the process of obtaining HiTrust certification. The SOC report provides assurance that we have designed and implemented effective security controls as defined in the SOC standards. During the examination, the independent auditors evaluated and tested controls over the following domains:
- Organization and management
- Risk management, design, and implementation of controls
- Monitoring of controls
- Logical and physical access controls
- Systems operation
- Change Management
Privacy questions, access rights, incident reporting
Before TRC is able to assist you, provide you with any information, or correct any inaccuracies, we may ask you to verify your identity and to provide other details to help us to respond to your request. We will endeavor to respond within an appropriate timeframe.
In this privacy notice, the term “personal data” includes:
• Under the laws of the United States, personal data shall include any “non-public personal information” as that term is defined in the Gramm-Leach-Bliley Act found at 15 USC Subchapter 1 §6809(4), and "protected health information" as defined in the Health Insurance Portability and Accountability Act found at 45 CFR §160.103.
• Under the laws of the countries in the European Economic Area (“EEA”), personal data shall have the meaning given to it in Directive 95/46/EC (the “EU Directive”) and in the General Data Protection Regulation (“GDPR”).
• Under the laws of Australia, personal data shall include information or an opinion about an identified individual or an individual who is reasonably identifiable: (a) whether the information is true or not; and (b) whether the information or opinion is recorded in a material form or not.