At MQO Research, our business is focused on professional, quality research and field services that protect the privacy and confidentiality of our research participants, clients, and the general public. We have developed robust policies and procedures to protect the information we collect and generate for all activities we undertake.
These policies are based on:
- Guidelines set out by the Canadian Research Insights Council and ESOMAR Code of Conduct and Good Practice
- The Personal Information Protection and Electronic Documents Act (PIPEDA) principles of fair information use (see below)
- Relevant provincial legislation including the Access to Information and Protection of Privacy Act (ATIPPA) and the Personal Health Information Act (PHIA)
Our privacy procedures are designed and enforced by our IT department, Chief Financial Officer, and Privacy Officer, and are reviewed and updated on an annual basis to ensure they comply with industry standards and relevant legislation, and that they meet the requirements set out by our clients and their commitments (afforded that they are in accordance with the aforementioned policies and legislation). Compliance with these procedures is strictly monitored and any issues are immediately addressed and rectified.
This Policy governs the collection, use, and disclosure of Personal Information by MQO Research in the course of commercial activities, in all forms (oral, electronic, or written).
“Personal Information” means any information relating to an identified or identifiable individual transferred to or by MQO Research or its permitted agents in performance of or pursuant to this Policy, and any information relating to an identified or identifiable individual derived or otherwise created in connection therewith. We do not place restrictions defined in this Policy on the gathering, utilization, or dissemination of the following types of data: non-personally identifiable information; an employee’s name, job title, business address, and/or phone number; or any publicly available information related to an individual that is designated by the Personal Information Protection and Electronic Documents Act (Canada).
Reasons for Collection of Personal Information
As a research firm, the reasons MQO collects personal information are solely for the purposes of:
- invitations to participate in quantitative and qualitative research
- determining suitability to participate in future research
- conducting research with the use of secondary sources of data
- administering honorariums for participation and/or prize fulfillment for research conducted that includes a draw
Usage of Collected Information
At the beginning of every research activity, participants are informed about the details of the study and the confidentiality that they can expect as a result of participating in the research.
Depending on the study, we may collect personal information such as:
- contact information (including name, email address, and/or telephone number)
- demographic information (including location, income, gender, age, socioeconomic status, marital status)
- other information (including personal opinions, personal service experiences, perceived satisfaction, personal perceptions, understanding, and so on)
In instances where information provided by a participant is insufficient to identify them personally, we do not consider it to be personal information and therefore this Policy is not applied.
We always collect the minimal amount of information required to achieve the study aims. Information collected is only ever used for research and/or customer service purposes. All results/responses are reported on in aggregate form such that no individual is identifiable by their responses. Only the appropriate members of our research team are provided with access to any personal-identifying information.
In the cases of where individual personal information must be shared with the client or publicly, respondents will be proactively informed of how that information will be used and/or shared and will be asked for express consent before this type of information is collected. If recording or observation equipment is used during any phase of a research study, consent is obtained from the respondent prior to participation. Personal information that is no longer needed for its intended use is deleted.
THE TEN PRINCIPLES OF FAIR INFORMATION USE
Principle 1 – Responsibility and Accountability
Principle 2 – Purpose Specification for Personal Information Collection
MQO Research explicitly states the purposes for collecting personal information before or during the time of collection. These purposes will be clearly communicated to respondents via oral, electronic, or written means during a research activity. Upon request, those collecting personal information will explain the purposes or direct the individual to a designated person within MQO Research for clarification. If personal information is to be used or disclosed for a previously unidentified purpose, the new purpose will be identified beforehand and, unless required or permitted by law, the respondent’s consent will be obtained. MQO Research may provide aggregated data to clients or third parties, ensuring that individual respondents cannot be identified.
Principle 3 – Consent for Personal Information Collection, Use, or Disclosure
Knowledge and consent from individuals are required for collecting, using, or disclosing their personal information, except when inappropriate. Respondents give consent by voluntarily participating in a research activity. Generally, personal information collected during interviews is not disclosed to third parties, but if a client wishes to contact respondents directly, MQO Research will obtain express permission from the respondent after explaining the reason for disclosure. Respondents always have the choice to participate in a research activity or withdraw at any time. MQO Research ensures that the identified purposes for using or disclosing personal information are clearly communicated and understood by respondents. Consent may be sought for new purposes after information has been collected, but before its use or disclosure. The nature of consent depends on the sensitivity of the information and respondents’ reasonable expectations. Respondents’ participation in research studies may imply consent for MQO Research to collect, use, and disclose personal information for identified purposes.
Principle 4 – Restricting Personal Information Collection
MQO Research limits the collection of personal information to what is necessary for specified purposes and collects it through fair and lawful means. During research activities, the organization collects only the required amount and type of personal information needed for specified purposes. Personal information is primarily collected from individuals or their household members, with external sources only used when permitted by law and with consent from individuals.
Principle 5 – Limiting Personal Information Use, Disclosure, and Retention
MQO Research uses or discloses personal information only for the purposes it was collected for, except with the individual’s consent or as required or permitted by law. Personal information is retained only for as long as necessary to fulfill the specified purposes. Respondent information may be disclosed to clients, third-party service providers, public authorities or agents, or other third parties when consent is obtained or disclosure is required or permitted by law. Only employees with a legitimate business need or relevant duties are granted access to respondents’ personal information. MQO Research retains personal information for a reasonable time to allow for re-contacting respondents if necessary. The organization employs controls, schedules, and practices for retaining and destroying personal information that is no longer needed, relevant, or required by law.
Principle 6 – Personal Information Accuracy
Personal information must be accurate, complete, and up-to-date as needed for its intended purposes. MQO Research ensures that personal information is sufficiently accurate, complete, and up-to-date to minimize the chance of using incorrect information when making decisions about respondents. The organization updates personal information as necessary to fulfill the specified purposes or upon receiving notifications from individuals.
Principle 7 – Protective Measures for Personal Information
MQO Research safeguards personal information with appropriate security measures based on the sensitivity of the information. The organization protects personal information against risks such as loss, theft, unauthorized access, disclosure, copying, use, modification, or destruction, regardless of the format it is held in. Contractual agreements are used to protect personal information disclosed to third parties, specifying the confidentiality of the information and the purposes for its use. All employees with access to personal information are required to maintain its confidentiality.
Principle 8 – Transparency of Policies and Procedures
MQO Research makes information about its policies and procedures regarding personal information management readily available to individuals. This information is presented in an easy-to-understand format, including details about the person(s) accountable for compliance, access to personal information, the types of personal information held and used, and disclosure of personal information to related organizations.
Principle 9 – Access to Personal Information
Upon request, MQO Research informs individuals about the existence, use, and disclosure of their personal information and provides access to that information. Individuals can challenge the accuracy and completeness of their information and request amendments as necessary. MQO Research grants access to personal information upon written request to the Privacy Officer, subject to certain exceptions such as revealing third-party information or threatening another individual’s life or security. To protect personal information, individuals may be required to provide identification before accessing their files. MQO Research corrects or completes inaccurate or incomplete personal information promptly and notifies third parties with access to that information of any changes or unresolved discrepancies. Respondents and employees can contact the MQO Research Privacy Officer to access their individual files.
Principle 10 – Addressing Compliance Challenges