Revised October 1, 2020
As the world around us grows more interconnected and technology-driven, protecting the proliferation of data that exists about each of us has become an important mission. Individuals expect companies to protect their personal information and to use and share such information in ways that are fair and ethical.
Any questions concerning the material presented in this document can be addressed to the contacts listed below. General inquiries may also be submitted through RSi’s parent company’s (Information Resources Inc., “IRI”) privacy inbox, which can be found at [email protected]
|Privacy Office & Data Protection Officer
|Information Security Office
RSi’s Global Code of Conduct
RSi’s Information Security Policy
RSi’s Privacy Shield Notice
RSi’s GDPR Privacy Notice
Various internal policies and procedures
RSi assesses privacy implications while developing its products and services and incorporates appropriate privacy protections and data minimization techniques. RSi takes into account the privacy principles and regulations that may apply in a certain jurisdiction (for instance the GDPR in Europe) or by industry.
In many jurisdictions organizations are required to establish a lawful basis for their use of personal data. RSi has established different lawful bases for different types of processing. In almost all cases, RSi’s basis for processing personal data will be Legitimate Interest, Performance of a Contract, or Consent.
Legitimate Interests. RSi may process personal data based on a legitimate interest in performing market research or other marketing services because the benefits of improving services to existing clients and offering services to new clients would likely outweigh the risk of any harm.
Performance of a contract. Many of RSi’s services are engaged in on the basis of a contract. RSi’s clients engage us contractually in order to perform analytics, offer access to data through our platforms, and to manage CRMs and panels on the client’s behalf.
Consent. RSi typically acts as a data processor, or service provider, to organisations known as data controllers. RSi relies on consent obtained by the data controller because it has a direct relationship with the individual and obtains consent.
RSi is committed to complying with applicable laws regarding the collection of data about children.
RSi has invested in and implemented a series of controls to ensure that personal information is maintained according to our overarching principles of confidentiality, integrity, and availability. Personal Information is housed in physically and electronically secure facilities with protections against intrusion. Protections include extensive physical security, multiple layers of firewalls, and intrusion detection at the network and host level. Additionally, systems, servers and networks are encrypted to prevent loss or unauthorized modification of data.