Data Protection Principles
Demand diversity adheres to the following principles when processing your personal data:
1. Lawfulness, fairness and transparency – data must be processed lawfully, fairly and in a transparent manner.
2. Purpose limitation – data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
3. Data minimisation – data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
4. Accuracy – data must be accurate and, where necessary, kept up to date.
5. Storage limitation – data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
6. Integrity and confidentiality – data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
Personal data we collect
Demand Diversity own and process research panels, and other contact information so that we may operate and market our non-profit. This may include the following information:
contact details (such as telephone number and email address)
What we do with your personal data
You may provide us with information over the phone, email or otherwise, when you:
request information or materials regarding our services or ask us to contact you;
complete any of our online forms, for example, when you complete the “CHAT WITH US” or “SIGN UP” online forms;
make any comment or contribution on our Sites.
Applicants for employment
We may also collect personal information from you when you apply for a job with us through our careers page or respond to a specific listed employment position with us. This information may include your contact information, curriculum vitae, previous work experience, education, transcript, driver’s license information, social security number or national identification number and information relating to references.
Applicants for employment
to administer our Sites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
to improve our Sites to ensure that content is presented in the most effective manner for you and for your computer; and
as part of our efforts to keep our Sites safe and secure.
For more information about cookies and other technologies, please see the section Cookies below.
Applicants for employment
We collect most of this information from you directly. However, we also receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, subcontractors in technical, payment and delivery services, analytics providers, search information providers, credit reference agencies) and may receive information about you from them. We also collect information about you:
from publicly accessible sources, e.g. Companies House;
from third party sources of information, e.g. client due diligence providers;
which you have made public on websites associated with you or your company or on social media platforms such as LinkedIn;
from a third party, e.g. a person who has introduced you to us or other professionals (such as accountants) you may engage.
Sensitive personal data
We do not generally seek to collect sensitive personal data through our Sites. Sensitive personal data is information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; health or sex life, sexual orientation; genetic data or biometric data. If we do collect sensitive personal data, we will ask for your explicit consent to our proposed use of that data at the time of collection.
For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged , we need your consent to send you unsolicited email marketing. Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal. You have the right to opt out of receiving email marketing communications from us at any time by:
contacting us using the contact details set out above; or
using the “unsubscribe” link in emails.
Security of your personal data
Demand Diversity use appropriate technical and organisational safeguards to protect personal data both online and offline from unauthorised use, loss or destruction. We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access. Only authorised personnel and third-party service providers are permitted access to personal data, and that access is limited by need. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data. Despite these precautions, however, Demand Diversity cannot guarantee the security of information transmitted over the Internet or that unauthorised persons will not obtain access to personal data. In the event of a data breach, Demand Diversity have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so.
How long we keep your personal data
Your personal data will not be kept for longer than is necessary for the purposes for which it was collected and processed. The criteria we use for retaining your personal data, includes the following:
General queries and correspondence – when you make an enquiry or contact us by email or telephone, we will retain your information for as long as necessary to respond to your queries. After this period, we will not hold your personal data for longer than one year if we have not had any active subsequent contact with you;
Direct marketing – where we hold your personal data on our database for direct marketing purposes, we will retain your data for no longer than two years if we have not had any active subsequent contact with you.
Legal and regulatory requirements – we may need to retain personal data for up 7 years where necessary to comply with our legal obligations, resolve disputes or enforce our terms and conditions.
Access to and updating your personal data
You have the right to access information which we hold about you (“data subject access request”). You also have the right to receive your personal information in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. Please keep us informed if your personal data changes during your relationship with us. obligations, resolve disputes or enforce our terms and conditions.
Right to object
You have the right to object at any time to our processing of your personal information for direct marketing purposes.
Where we process your information based on our legitimate interests
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Your other rights
You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete. In certain circumstances, you have the right to:
request the erasure of your personal information erasure (“right to be forgotten”);
restrict the processing of your personal information to processing in certain circumstances.
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.
Exercising your rights