Survey Matters Privacy Policy

Updated December 2018

1. Background

1.1  General

 Survey Matters Pty Ltd (ABN 42 145 907 759) is a proprietary company limited by shares. References to ‘Survey Matters’, ‘we’, ‘us’ or ‘our’ are references to Survey Matters Pty Ltd and its related bodies corporate (as defined in the Corporations Act 2001 (Cth)).

 Survey Matters is committed to protecting your privacy, in accordance with applicable Australian privacy laws. This policy (‘Privacy Policy’) is designed to give you a greater understanding of how we collect, use, disclose and otherwise handle personal information.

 If you are resident in the European Union, please see heading 14 below for additional information that is relevant to you.

 We may amend this Privacy Policy from time to time.  The current version will be posted in our survey instrument and on our website at https://www.surveymatters.com.au/privacy-policy/ or you can request a copy by contacting our Privacy Officer (details under heading 13 below). All amended terms will automatically take effect immediately on posting. Please check this Privacy Policy periodically to inform yourself of any changes. If you do not accept the changes made to this Privacy Policy you should immediately stop using the survey instrument and our products and services.

1.2  What is personal information?

 In general terms, legislation defines 'personal information' as information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information is true or not and whether the information or opinion is recorded in a material form or not.

1.3  Our obligations

We comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth) (‘Privacy Act’).  The APPs regulate the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, security, accessibility and disposal.

The Privacy Act also includes a data breach notification regime, which requires us to address data breaches involving personal information held by us. 

We also comply with more specific privacy legislation in some circumstances, such as the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).

1.4 Employee records

 We are generally exempt from the Privacy Act when we collect and handle employee records and this Privacy Policy does not apply to that information. However, where State or Territory health privacy legislation applies, we are still required to protect the privacy of employee health information.  This Privacy Policy will apply in those circumstances. 

2.  What we collect

2.1  General

 The type of personal information that we collect about you depends on the type of dealings you have with us.  For example, if you:

  • are a participant in our surveys or research, we will, depending on the survey or research questions, collect your name, age, contact details, employment details (including membership of a professional and trade association or trade union) and other information relating to individuals’ profiles, (for example, behaviours, attitudes, and opinions) and your response to our questions

  • are a client of our services, we will collect your name, contact details (such as address, telephone number and email address), the position you hold in your organisation, what prompted you/your organisation to conduct research of the outcome you/your organisation seek to achieve through our research how you heard about us

  • are a service provider, we will collect your name and contact details, details about the goods or services you supply and payment details

  • send us an enquiry, complete a registration of interest or provide us with feedback, we may collect your name, contact details, details of your enquiry or feedback and information about our response

  • make an enquiry about our services or request information, we will collect your name, address, contact details, details of the research you are interested in and how you heard about us

  • apply for a job with us, we will collect the information you include in your job application, including your cover letter, resume, contact details and referee reports

  • subscribe to our online services or enter into any promotions or special offers, we will collect the information you provide when submitting your subscription or entry

In addition to the above, if you interact with Survey Matters generally, Survey Matters will collect your details (e.g. name, telephone number, email address), details of the services you are interested in, how you heard about us or our services and details of your dealings with us. Other information may be collected from other sources, but those sources should provide you with details of what personal information is being collected and why.

 The personal information collected may vary depending on your particular interaction with Survey Matters but will be limited to that information necessary to record and manage our interaction with you (e.g. your name, relevant contact details and information about the interaction) and to that information required to enable you to participate in our services and products being offered by us.

2.2  Sensitive information

Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection, such as health information.  We only collect sensitive information where it is reasonably necessary for our functions or activities and either:

  • the individual has consented; or

  • we are required or authorised by or under law (including applicable privacy legislation) to do so.

2.3 Collection of information other than personal information

When you participate in our research or visit our website, some of the information that is collected about you is not personal information, as it does not reveal your identity. 

Site visit information

For example, we record your server address, the date and time of your visit, the pages you visited, any documents you downloaded, the previous site you visited and the type of device, browser and operating system you used.

We use and disclose this information in anonymous, aggregated form only, for purposes including statistical analysis and to assist us to improve the functionality and usability of our survey instrument and website. You are not individually identified; however we reserve the right to use or disclose this information to try to locate an individual where we reasonably believe that the individual may have engaged in any unlawful or inappropriate activity in connection with our survey instrument and website, or where we are otherwise required or authorised by law to do so.

Cookies

A cookie is a small string of information that a website transfers to your browser for identification purposes. The cookies we use do not identify individual users, although they do identify the user's internet browser. 

We use cookies to hold anonymous session information.  This information is used to personalise your current visit to the website, for example to allow the website to remember who you are by keeping server variables linked to your session.

We only use non-persistent cookies.  That is, they are held on your browser's memory only for the duration of your session.

Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used.  There are also software products available that can manage cookies for you.  Rejecting cookies can, however, limit the functionality of our website. In some cases, this means you may not be able to complete a survey or questionnaire.

Online Behavioural Advertising

We use advertising programs that place cookies on your computer to collect information about your browsing history (including on external websites). This information, which does not identify you personally, is collected in order to improve your online experience by customising the advertising you see to your interests (including the display of more relevant ads on external websites). You can opt out of these programs at any time by clicking here

2.4  What if you don't provide us with your personal information?

 We will provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so.  A pseudonym is a name or other descriptor that is different to an individual’s actual name. 

 For example, when you respond to a survey, you have the option to not disclose certain personal information such as your age and gender. 

 In some cases however, if you don't provide us with your personal information when requested, we may not be able to provide you with the product or service that you are seeking.  For example, you must identify yourself in order for us to design the specific research for you and provide you with the result

3. How we collect personal information

3.1   Methods of collection

We collect personal information in a number of ways, including:

  • directly from you in person (for example, if you respond to our survey questions, face-to-face interview, a self-completion questionnaire, visit our office, or by participating in a discussion group or interview);

  • through our social media pages (for example, through Twitter, LinkedIn or our Facebook page);

  • through our website (for example, by responding to a survey or making an online enquiry);

  • over the telephone;

  • through written correspondence (such as letters, faxes and emails);

  • on hard copy forms (for example, competition entry forms and surveys);

  • through publicly available source of information such as directories of registered associations; and

  • from third parties, including through people and/or organisations which request us to design the research

3.2  Collection notices

Where we collect personal information about you, we will take reasonable steps to provide you with certain details about that collection (such as why we are collecting the information and who we may share it with).  We will generally include this information in a collection notice. 

Collection notices provide more specific information than this Privacy Policy.  The terms of this Privacy Policy are subject to any specific provisions contained in collection notices and in the terms and conditions of particular offers, products and services.  We encourage you to read those provisions carefully.

3.3  Unsolicited information

Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement). 

We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities).  If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

4. Why we collect personal information

The main purposes for which we collect, hold, use and disclose personal information are set out below:

  • to investigate the behaviours, attitudes, opinions, motivations or other characteristics of a whole population or particular part of a population;

  • for quality control or validation of research;

  • as a source of potential research participants;

  • to contact past participants to conduct further, follow-up research;

  • to verify your identity and conduct credit checks;

  • designing and delivering our services;

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the products, services and information that you request from us;

  • outlining our products and services to prospective and existing clients;

  • providing you with information and our services;

  • to communicate with you, including by email, mail or telephone;

  • processing information collected through our survey questions or research; to administer our services and for internal operations, including troubleshooting, data processing, testing, research, and statistical purposes;

  • promoting ourselves and our products and services, including through direct marketing, events and competitions;

  • performing research and statistical analysis;

  • protecting the security of client information and data, our offices, staff, and the property held on our premises;

  • to assist you with enquiries, resolving complaints or to improve our customer service;

  • recruiting staff and contractors;

  • to update our records;

  • to enforce the terms of any agreement that you enter into relating to our products and services; and

  • complying with legal and regulatory obligations including notifying you of matters to which we may be required by law to notify you.

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or:

  • which are required or authorised by or under law (including, without limitation, privacy legislation); and

  • for which you have provided your consent.

4.1  Direct marketing

You consent (until such time as you opt out, as described below) that we may use your personal information to let you know about us and our products and services (including promotions, special offers and events), either where we have your express or implied consent, or where we are otherwise permitted by law to do so.  We may contact you for these purposes in a variety of ways, including by mail, email, SMS, telephone and online advertising.

Opting out

Where you have consented to receiving marketing communications from us, your consent will remain current until you advise us otherwise.  However, you can opt out at any time, by:

  • contacting us (details under heading 13 below)

  • advising us if you receive a marketing call that you no longer wish to receive these calls

  • using the unsubscribe or opt-out facility that we include in our surveys and commercial electronic messages (such as emails and SMSes)

Once you do this, we will update your profile to ensure that you don’t receive further marketing messages or emails. Stopping marketing messages or emails will not stop service communications (such as contract updates).

 Third-party marketing

 We will get your express opt-in consent before we share your personal data with any company

outside the Survey Matters group for marketing purposes.

Notification of source

If we have collected the personal information that we use to send you marketing communications from a third party (for example a direct mail database provider), you can ask us to notify you of our source of information, and we will do so, unless this would be unreasonable or impracticable.

5. Who we may share your personal information with

Survey Matters may disclose your personal information, and you consent to Survey Matters disclosing your personal information, to our related bodies corporate and associated entities (as those terms are defined in the Corporations Act 2001 (Cth)).

We may also disclose your personal information, and you consent to us disclosing your personal information, to the following third parties:

  • financial institutions for payment processing

  • referees whose details are provided to us by job applicants

  • third parties who support our information technology or handle mailings on our behalf

  • our contracted service providers (including payment processors) and organisations that carry out activities essential to our research activities, including for quality control activities, data entry, data processing, conduct of interviewing, contacting people to ask them to participate in research exercises. In each case, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services

  • law enforcement agencies, other governmental agencies or third parties if we are required by law to do so, or in other limited circumstances (for example if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud or cyber-crime or to protect our survey instrument, website, our products or our technology assets or the rights, property or personal safety of any person)

  • our professional advisers

  • anyone else to whom you authorize us to disclose it, usually our client.

We may also disclose information to provide our products and services, to respond to legal requirements, enforce our policies, and protect our rights and property.

Unless required or authorised by law, the identity of research respondents will not be disclosed to anyone not directly involved with the research project or to clients requesting the research or used for any non-research purpose without the individual’s consent.

6. Cross border disclosure of personal information

We do not currently disclose personal information to third parties located overseas.  If this changes at some time in the future, we will comply with the requirements of the Privacy Act that apply to cross border disclosures of personal information and this Privacy Policy will be amended accordingly.

7.  Use of government related identifiers

We will not:

  • use a government related identifier of an individual (such as a Medicare number or driver's licence number) as our own identifier of individuals; or

  • otherwise use or disclose such a government related identifier,

unless this is permitted by the Privacy Act (for example, use of an identifier to verify an individual's identity or uses or disclosures required or authorised by or under an Australian law).

8. Data quality and security

8.1  General

Survey Matter is committed to keeping your personal information secure and confidential. All reasonable precautions will be taken to protect personal information from loss, misuse, unauthorised access or alteration. Paper documents are held in locked drawers and cabinets. We take reasonable steps to:

  • make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;

  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and

  • destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs.

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or phone number.

You acknowledge that the security of online transactions you conduct using the survey instrument and website cannot be guaranteed.  To the fullest extent permitted at law, Survey Matters does not accept responsibility for misuse of or loss of, or unauthorised access to, your personal information where the security of that information is not within Survey Matters’ control.

Within Survey Matters, access to personal information is restricted to personnel on a need to know basis. Survey Matters has directed its staff that personal information must be dealt with in accordance with this Privacy Policy and kept secure from unauthorised access or disclosure. We educate our staff about their duty to protect your privacy and provide training regarding this Privacy Policy.

8.2  Security

The steps we take to secure the personal information we hold include protection measures (such as firewalls and anti-virus software), security restrictions on access to our computer systems (such as login and password protection), controlled access to our corporate premises, policies on document storage and security, personnel security (including restricting access to personal information on our systems to staff who need that access to carry out their duties), staff training and workplace policies.

Online credit card payment security

We process payments using EFTPOS and online technologies.  All transactions processed by us meet industry security standards to ensure payment details are protected. .

Survey instrument and website security

While we strive to protect the personal information and privacy of users of our survey instrument and website, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by telephone or post (details under heading 13 below).

If you are registered to use our services (including undertaking a survey), you can also help to protect the privacy of your personal information by maintaining the confidentiality of your username and password and by ensuring that you log out of the survey when you have finished using it.  In addition, if you become aware of any security breach, please let us know as soon as possible.

IP Address

An IP (internet protocol) address is a number that is automatically assigned to your computer by your internet service provider when you log on. Your IP address is not linked to your personal information, but we do preserve the right to use IP addresses to identify individuals who may threaten our site, services or clients.  IP addresses may also be used to help diagnose problems with our website and to gather broad demographic information.

Third party websites

Links to third party websites that are not operated or controlled by us are provided for your convenience.  We are not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Data breaches

If there is any breach of your personal information, Survey Matters will deal with such breach and notify you in accordance with its obligations under the Privacy Act.

9.  How long we keep your information

We will only keep the information we collect about you for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject. This will involve us regularly reviewing our files to check that information is accurate, up-to-date and still required.

10. Mail and email information

If you wish to stop receiving any e-mails or other communications from Survey Matters which may be sent to you in the future, or if you have submitted personal information through the survey instrument or website and would like to have that information deleted from our records, please unsubscribe through the link at the bottom of any email or notify us at privacy@surveymatters.com.au.

Survey Matters will preserve the contents of any e-mail message that you send if we believe that we have a legal requirement to do so. E-mails sent to or from Survey Matters are routinely monitored for quality control, systems administration and legal compliance purposes.

11. Access and Correction

11.1  General

Please contact our Privacy Officer (details under heading 13 below) if you would like to access or correct the personal information that we hold about you.   We may require you to verify your identity before processing any access or correction requests, to make sure that the personal information we hold is properly protected.

11.2  Access

We will generally provide you with access to your personal information, subject to some exceptions permitted by law.  We will also generally provide access in the manner that you have requested (eg by providing photocopies or allowing a file to be viewed), provided it is reasonable and practicable for us to do so.  We may however charge a fee to cover our reasonable costs of locating the information and providing it to you. 

11.3  Correction

 If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information, we hold is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading. 

If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Privacy Act, you may ask us to notify that other entity.  If so, we will take reasonable steps to do so, unless this would be impracticable or unlawful.

11.4 Timeframe for access and correction requests

Except in the case of more complicated requests, we will endeavour to respond to access and correction requests within 30 days.

11.5 What if we do not agree to your request for access or correction?

If we do not agree to your access or correction request, or if we do not agree to give you access in the manner you requested, we will provide you with a written notice setting out:

  • the reasons for our decision (except to the extent that, having regard to the grounds for refusal, it would be unreasonable to do so); and

  • available complaint mechanisms.

 In addition, if we refuse to correct personal information in the manner you have requested, you may ask us to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, and we will take reasonable steps to do this in such a way that will make the statement apparent to users of the information.

12. Complaints

If you have a complaint about how we have collected or handled your personal information, please contact our Privacy Officer (details under heading 13 below). EU Users should see the separate complaint details under heading 14.6 below.

We will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within a week.  

If your complaint can't be resolved at the first instance, we will ask you to submit your complaint in writing. In most cases, we expect to investigate written complaints will be investigated and a response provided within 30 days of receipt. If the matter is more complex and our investigation may take longer, we will write and let you know, and tell you when we expect to provide our response.

If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner (see here for further information).

13. Our contact details

Please contact us if you have any queries about the personal information that we hold about you or the way we handle that personal information. Our contact details are set out below.

 Mail:  Privacy Officer, PO Box 476, Elsternwick, VIC 3185  

 Email:  privacy@surveymattters.com.au

 Telephone: +613 9452 0101

Please note calls may be recorded or monitored for training purposes.

Further general information about privacy is available on the website of the Office of the Australian Information Commissioner at www.oaic.gov.au or by calling the OAIC's enquiry line at 1300 363 992.

14. EU Users

14.1  Introduction

This section applies to users resident in the European Union in addition to the terms set out above. In this section "Data Protection Legislation" means the EU General Data Protection Regulation 2016/679, together with all other applicable legislation relating to privacy or data protection, and where we use the terms "personal data", "data subject", "controller", “processor” and "process" (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.

Survey Matters acts as data controller for the purpose of Data Protection Legislation and is responsible for processing your personal data under this Privacy Policy unless otherwise notified to you in connection with a particular product or service.

14.2 Legal grounds for us to use your personal information

Our processing of your personal information is necessary:

  • for the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts;

  • for the purposes of legitimate interests pursued by us; or

  • in order to comply with a legal obligation to which we are subject.

14.3 Legitimate interests

Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; (v) to update you and keep you informed about relevant products and services, unless you indicate at any time that you do not wish us to do so; and (vi) for our own marketing, research and product development.

14.4 Your rights

At any time, you have the right:

  • to be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);

  • to request access to or a copy of any personal data which we hold about you;

  • to rectification of your personal data, if you consider that it is inaccurate;

  • to ask us to delete your personal data, if you consider that we do not have the right to hold it;

  • to withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent);

  • to ask us to stop or start sending you marketing messages (e.g. our newsletter) at any time by using the below contact details;

  • to restrict processing of your personal data;

  • to data portability (moving some of your personal data elsewhere) in certain circumstances;

  • to object to your personal data being processed in certain circumstances; and

  • to not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.

Any request for access to or a copy of your personal data must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards your rights as a data subject.

We will correct any incorrect or incomplete information and will stop processing your personal data, or erase it, where there is no legal reason for us to continue to hold or use that information.

We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change by contacting our using the details provided in heading 13 above.

14.5  Overseas Transfers

You acknowledge and agree any personal data that you provide to Survey Matters will be transferred to and stored in Australia in accordance with this Privacy Policy.

Where we share data with group companies and other third parties as described in heading 5 above, your information may also be sent to and stored at, a destination outside the European Economic Area ("EEA") and may be processed by staff operating outside the EEA who work for us, or for one of our service providers, related companies, distributors, agents or contractors.

Where recipients are outside the EEA, we ensure that the recipient provides an adequate level of protection for your personal data or the transfer is otherwise permitted under applicable Data Protection Legislation.

14.6 Contact us

If you wish to exercise any of the rights relating to your information set out above, or if you have any questions or comments about data protection, or you wish to raise a complaint about how we are using your information you can contact us using the details set out in heading 13, or any other details notified to you from time to time:

If you have any concerns about our use of your information, you have the right to make a complaint to the relevant Data Protection Authority http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm which regulate and supervise the use of personal data in the EEA.