INFORMATION ABOUT ALL MSG VISITORS
MSG may collect certain information from and about its users in several ways – directly from you, from our Web server logs, and with cookies or other forms of passive data gathering.
User-Supplied Information: There are several areas in the Website where we collect personal information from you on a voluntary basis. Personal information is information about you that is personally identifiable that is not otherwise publicly available, such as your name, address, e-mail address, mailing address or phone numbers. We may collect this information at the following times: (i) when you register to receive communications from this Website (ii) when you seek information about or purchase products offered through this Website; (iii) when you enter promotions or sweepstakes offered by this Website; and (iv) when you provide personal information to us through feedback, survey, or other forms hosted on this Website.
Third Parties: We may receive tracking information about you from third parties (such as age, gender and interests) used primarily to enhance your experience using the website and its services.
Server Log Information: When you visit an Internet Website, you disclose certain information about yourself, such as your Internet Protocol (IP) address, the time of your visit, and the referring location (e.g., the website or page that offered a link to an MSG page). Like many other websites, MSG records this basic information about visits to this Website.
Below are the cookies created by the MSG website:
- Asp.net_Sessionid: The user's session ID.
- OrginalURL: The content management system used by MSG stores these cookies when the user logs in to identify the original landing URL.
- VisitCount: The content management system used by MSG stores these cookies when the user logs in to the VisitCount for the current active server session.
Additional cookies are created by either Google AdWords or Google Analytics. Cookies with hp*, or ga* are from Google Analytics and are used to track user content viewed within our site.
MSG uses both first party cookies and third party cookies. Google Analytics and Google AdWords do not use your device's entire Internet Protocol (IP) address for analysis and its cookies do not collect personal data. You can get more information about Google's cookies, including how to manage them here: https://policies.google.com/technologies/types. MSG may also collect passive data, such as clickstream data or a user's Internet Protocol ("IP") address, operating system, browser type, time and date of visit and page views. Clickstream data is a term defined to include a record of clicked selections and other mouse activities within the Website.
In the context of an onward transfer, M-S-G has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. M-S-G shall remain liable under the Privacy Shield Principles if its agent (e.g., 3rd party) processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
You should remember that whenever you voluntarily disclose personal information online, such as on message boards, through e-mail, discussion groups, or in chat areas, your information can be collected and used by others. Although MSG tries to protect your personal information, MSG cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. You are solely responsible for maintaining the secrecy of any passwords you set up and/or any account information.
HOW AND WHEN INFORMATION IS USED
We use information in different ways, depending on the type of information: User-Supplied Information: This information is used for purposes such as personalization and verification. We also use this information to improve our internal operations, as well as to ensure that we: (i) bill you properly; (ii) administer your account in accordance with your agreements with us, including processing and fulfilling your purchases of products; (iii) customize the advertising and content that you see; (iv) properly perform any services you have requested; and (v) communicate with you about this Website, our products, your orders and deliveries and service announcements.
MSG may supplement the personal information you submit to us with information obtained from third parties.
UNSUBSCRIBE OR OPTING OUT
Opting Out of MSG Marketing Communications: MSG maintains contact lists to communicate with our clients and prospects. All email messages sent to these lists include an opportunity to unsubscribe or opt-out of future email messages. You may request to opt out of our marketing and information products as well as be removed from further marketing or promotional communications. To opt-out of our marketing communications, please click here.
Opting out of our Marketing Data Products and Services: To opt-out of our Marketing Data Products and Services Databases, please contact us via email at email@example.com. Your request will remove your name and address from our marketing databases.
SERVER LOG INFORMATION
This information helps us identify which areas of our Website are of interest to our visitors. MSG may also collect the Internet [Protocol] (IP) addresses of its visitors for the purposes of system administration.
Cookies and Passive Data Collection: We may use to let you use our Website more easily and to let us keep track of certain statistical information that helps us improve this Website. Cookies also allow us to save preferences for you, so that you will not have to re-enter them the next time you visit.
MSG may disclose any of the information collected from you through this Website in order to: (i) comply with applicable laws; (ii) respond to government inquiries; (iii) comply with valid legal process; and (iv) protect the rights or property of MSG, the Website or Purchasers.
MINORS: THIS WEBSITE IS NOT INTENDED FOR USE BY INDIVIDUALS UNDER 18 YEARS OF AGE. ACCORDINGLY, MSG DOES NOT KNOWINGLY COLLECT, USE, OR DISCLOSE PERSONAL INFORMATION ABOUT INDIVIDUALS UNDER 18 YEARS OF AGE.
THIRD PARTY LINKS
WHILE MSG STRIVES TO SELECT THIRD PARTY PARTNERS WHO HAVE OR SHARE THE SAME STANDARDS IN REGARDS TO PRIVACY POLICIES COMPARABLE TO ITS OWN, THE USER AGREES THAT WITH RESPECT TO THOSE THIRD PARTIES, INCLUDING WITHOUT LIMITATION THE WEBSITES MSG LINKS TO, MSG DOES NOT MAKE ANY REPRESENTATION OR WARRANTY REGARDING THE SAME, NOR WILL MSG BE RESPONSIBLE TO THE USER OR ANYONE ELSE FOR ANY PRODUCTS, SERVICES OR OTHER MATERIAL THAT MAY BE SOLD, LICENSED, DISTRIBUTED OR PROMOTED BY SUCH THIRD PARTIES OR ON SUCH WEBSITES, OR FOR ANY CONTENT ON SUCH WEBSITES. MSG ENCOURAGES VISITORS OF THESE WEBSITES TO REVIEW THE PRIVACY POLICIES POSTED ON THESE WEBSITES.
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Accordingly, while we strive to protect your personal information, MSG cannot guarantee or warrant the security of any information you transmit to us. You transmit all such information at your own risk. However, once we receive your transmission, we make our best effort to ensure its security on our servers.
Questions regarding the above statement should be directed to MSG for clarification.
COMPLIANCE AND COOPERATION WITH REGULATORY AUTHORITIES
Marketing Systems Group complies with the EU-U.S. Privacy Shield Framework and the Swiss - U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Information transferred from the European Union and Switzerland to the United States respectively. Marketing Systems Group has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification please visit https://www.privacyshield.gov.
You have the right to access the Personal Information that we hold about you and to correct, update, amend, suppress, delete or otherwise modify any Personal Information where it is inaccurate, or has been processed in violation of the EU-US Privacy Shield Principles. When updating your Personal Information, we may ask you to verify your identity before we can act upon your request.
You may also, if governed by the General Data Protection Regulations, object to the use or processing of your Personal Information or withdraw consent to use your Personal Information at any time.
Under the General Data Protection Regulations, regarding the processing of your Personal Information, you have the following rights:
the right to require free of charge (i) information whether your Personal Information is retained and (ii) access to and/or (iii) duplicates of the Personal Information retained. However, if the request affects the rights and freedoms of others or is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the request;
the right to request proper rectification, removal or restriction of your Personal Information;
where processing of your Personal Information is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the Personal Information concerning you in a structured, commonly used and machine-readable format or to have your Personal Information transmitted directly to another company, where technically feasible (data portability);
where the processing of your Personal Information is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal or to any other existing legal justification of the processing activity in question; the right not to be subject to any automatic individual decisions which produces legal effects on you or similarly significantly affects you and
- the right to take legal actions in relation to any breach of your rights regarding the processing of the Personal Information, as well as to lodge complaints before the competent data protection regulators.
To exercise the rights referred to above, please contact us at firstname.lastname@example.org.
As far as we process your Personal Information on the basis of our legitimate interests pursuant to Art. 6 1) lit. f) GDPR, you may object to processing at any time. You may find the detailed description of our processing activities and the legal basis in the sections above. If you object, we will no longer process your Personal Information unless there are compelling and prevailing legitimate grounds for the processing or the data is necessary for the establishment, exercise or defense of legal claims. If you object to such processing, we ask you to state the grounds of your objection in order for us to examine the processing of your Personal Information and decide whether to adjust the processing accordingly.
Please note that the processing of your Personal Information may involve advertising activities as described above. If you do not want that we process your Personal Information for direct marketing activities, you can object free of charge at any time via e-mail email@example.com.
Marketing Systems Group will obtain your consent before sharing your Personal Information with any third party that is not acting as an agent or vendor to perform tasks on our behalf or to use the information for a purpose materially different from the purpose for which it was initially collected or subsequently authorized by you. An exception to this will be (among others) where Marketing Systems Group’s processing of Personal Information is necessary for compliance with a legal obligation under the applicable law.
If you are a citizen of the EU, for processing of your sensitive information (e.g. medical information, Personal Information revealing ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or a natural's person sex life or sexual orientation) in the EU, we will obtain your explicit consent.
Marketing Systems Group is among others not required to obtain explicit consent with respect to sensitive information where the processing is (a) necessary to protect the vital interests of the data subject or another natural person where the data subject is physically or legally incapable of giving consent; (b) necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity; (c) necessary to carry out Marketing Systems Group’s obligations in the field of employment law in so far as it is authorized by European Union or Member State Law or a collective agreement pursuant to Member State Law providing for appropriate safeguards for the fundamental rights and the interests of the data subject; or (e) related to information that is manifestly made public by the individual.
If you have any complaints regarding our compliance with this Policy or a Privacy Shield related or general privacy related complaint, you should first contact us via email at firstname.lastname@example.org. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with this Policy.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S. based third party dispute resolution provider (free of charge) at http://www.insightsassociation.org/get-support/privacy-shield-program/privacy-shield-eu-swiss-citizens-file-complaint
Marketing Systems Group has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the INSIGHTS ASSOCIATION PRIVACY SHIELD PROGRAM, a non-profit alternative dispute resolution provider located in the United States and operated by the Insights Association. If you do not receive a timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit http://insightsassociation.org/get-support/privacy-shield-program/privacy-shield-eu-swiss-citizens-file-complaint for more information and to file a complaint. These dispute resolution services are provided at no cost to you.
With respect to human resources data, Marketing Systems Group will cooperate and comply with the EU DPA's and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with the advice given by such authorities with respect to human resources data transferred from the EU and Switzerland in the context of the employment relationship. If you do not receive timely acknowledgement of your complaint from Marketing Systems Group, or if we have not addressed your complaint to your satisfaction, you may contact the EU DPA's for more information or to file a complaint. The services of the EU DPA's are provided at no cost to you.
Under certain conditions, more fully described on the Privacy Shield website, you have the possibility to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Marketing Systems Group is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
INFORMATION WE COLLECT FROM OR ABOUT YOU
Because we are in the market research space, we generally collect information about you (a subset of which may be "personal data" or "personally identifiable information" as defined under applicable law) either in connection with the services we are performing for you or your employer or in connection with our research activities.
If you are a client or work for a client, we likely have collected various contact, business, and in some cases financial information about you in the course of administering our relationship with you or your employer. In those cases, our legal basis for use of the information is our legitimate interest to perform our obligations under our contract with you or the company for which you work.
As to our research activities, we might collect information, a subset of which may be "personal data" or "personally identifiable information" as defined under applicable law, (i) in our primary business, as part of our purchase of survey panel from sample exchanges and others and the resale thereof to research companies, (ii) as part of our development and maintenance of our proprietary research data, or (iii) in all of our businesses, as part of data collection activity we undertake for research companies.
With respect to the portion of our business involving the purchase of survey panel from data providers and the resale thereof to research companies, we might collect personal data and demographic data of the nature described above from the suppliers in order to be able to fulfill the panelist criteria required by our research company customers. In those cases, our legal basis for the processing of the information is our legitimate interest to perform our obligations under our contract with the research company client requesting the panel composition in question.
With respect to the portion of our business involving the development and maintenance of our proprietary research participant database, we collect certain identifying information, as well as various demographic and preference-related information (a subset of which may be "personal data" or "personally identifiable information" as defined under applicable law), from various well know third party vendors. We maintain this information in our research participant database and use it as further described below. Our legal basis for collection and processing of this personal data from you is consent; we do not collect personal data without your affirmative consent, and consent can be withdrawn at any time, including, without limitation, by your requesting to be removed from our research participant database.
As to the information we collect about you (only a small subset of which may be "personal data" or "personally identifiable information" as defined under applicable law) in connection with data collection activity we undertake for research company clients, some of that data is collected directly by us from you, and is information you voluntarily disclose to us in connection with our survey and similar activity. Research participation is voluntary and participants always have the opportunity to decline involvement or to "opt out" of the research after agreeing to participate, as clearly identified in each survey. If the survey involves an incentive or a contest, we may ask for your name and telephone number or email address to notify you if you are a winner. There is never an obligation to provide this information to participate in the survey but if you don’t provide it, you may not be able to participate in the incentive program. Our legal basis for collection and processing of respondent-supplied personal data is consent; we do not collect personal data without the affirmative consent of the research participant, and consent can be withdrawn at any time.
As to certain studies we undertake for research companies, we may obtain information about you (which in some cases may be "personal data" or "personally identifiable information" as defined under applicable law) from the research company, third party vendors, or partners for use in connection with the studies. As to some studies, this might be your contact information, so we can send you an invitation to participate in the study. As to other studies, we may purchase existing data, such as demographic, interest, or behavioral information, about you from third party vendors and correlate and append that data to your survey responses so we can perform more robust analysis in connection with the study.
In these studies, you remain anonymous to us (i.e., the dataset is "pseudonymized"); the correlation is typically done through the use of third-party intermediaries who are able to associate your responses to other existing data through technology. In those cases, our legal basis for the collecting and processing of the information is our legitimate interest to perform our obligations under our contract with the research company commissioning the research study in question.
If you choose to use social media (for example, Facebook or LinkedIn) in order to contact us or find out about our services, we may collect your public-facing profile data, data relating to your interactions with us, and any data you post on message boards which are relevant to our business. From time to time, we engage the services of technology infrastructure vendors, such as "chat" service providers, in connection with our Websites to improve our customer experience, and these vendors might collect limited systems and related information from Website visitors for the limited purposes for which we have engaged them. In addition, our servers may automatically collect certain non-personal, log-file information about your use of our Websites whenever you access our websites. Information collected may include, but is not limited to, your Internet browser, operating system, internet source such as PC, tablet, or mobile, the domain name of your ISP, your click areas on the Website, time and date visited, length of time on the Website, and the third-party web sites or advertisements linked to or from the website that you visited. When you use or visit the Websites, our servers log your IP address. Currently, our systems do not respond to browser do-not-track signals, and do not treat such do-not-track signals as "do not sell" signals under CCPA (as defined below).
WHAT WE DO WITH INFORMATION WE COLLECT
Depending on how we obtain your personal data (as described above), we may either be considered a "controller" or a "processor" under applicable law as to that data. If we are the processor, we will process the data in accordance with the instructions provided to us by the controller of that data.
Regarding data collected as part of our research activities, we collect data in, and in connection with, our studies for research purposes only, and our use of that information is limited to that purpose. Research participant information and answers are not used by any entity as an aid for sales. In many cases, this information is shared with the client commissioning the study pursuant to our contract with that client. In some cases, we may need to share personal data with third parties for ancillary services in support of a research project. In these cases, we require the third party to follow all of the same privacy protection regulations.
With respect to data collected in connection with the development and maintenance of our proprietary research participant database, as to any research study, based on whether the demographic information you have supplied meets the required criteria of the particular study, we may use it to either (i) offer you the opportunity to participate in the research-related data collection activity we ourselves are undertaking for our research company client (e.g., interviews, surveys, focus groups, etc.), or (ii) provide your contact information to our research company client for it to directly contact you and offer you the opportunity to participate in its research project.
As to client data we collect, we do not use the information for any purpose other than to fulfill our obligations to clients. We keep client information secure at all times, and prevent the use and disclosure of it by our employees or any third parties.
Under certain circumstances, we may be required to release personal data in response to a legal request from public authorities including to meet national security or law enforcement requirements, or in response to a subpoena or other legal process.
We do not discriminate financially between those who elect to supply their personal data to us and those who elect to not do so, provided, however, that to the extent a survey or other research study—the completion of which would result in the payment of a financial incentive or entry in a sweepstakes—involves the collection of data and you decline to consent to such collection, you would not be able to proceed to participate in the study, and (depending on the specific study) to the extent you are required to supply your contact information at the conclusion of a survey in order for us to fulfill the participation incentive and you decline to provide your contact information, you would not receive the participation incentive.
In all cases, we will take reasonable steps to ensure the personal data is accurate, complete, current and relevant and being used only for the intended purposes. We will not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.
|Category of consumer personal information collected (non-HR)||Source from which collected||Purposes for which collected||Categories of third parties with whom shared|
|Name and contact information – research participants||Study participant; sometimes, client commissioning study||Inviting participation in study; administering studies; fulfilling participation incentive||Study-related vendors; technology infrastructure vendors|
|Name, contact information, and limited demographic details – panel exchange operations||Panel exchange platform||Determination of suitability of respondent for applicable study||Client seeking sample for research study; technology infrastructure vendors|
|Name, contact information, and demographics details||Supplied by person himself/herself||To be included in research panel and be offered participation opportunities||Client seeking sample for research study; technology infrastructure vendors|
|Name and contact information – website visitor||Supplied by person himself/herself||Marketing of MSG's own services||Technology infrastructure vendors|
|Name and contact information – client officer||Supplied by person himself/herself||Administration of business||Technology infrastructure vendors|
|Photo, video, or audio of research participant||Supplied by person himself/herself||Conducting research study||Client commissioning study; technology infrastructure vendors|
|Demographic details, when coupled with some identifying info||Supplied by person himself/herself; sometimes, third party vendor||Conducting research study||Client commissioning study; technology infrastructure vendors|
|Systems details – visitors to Websites (IP/device ID, browser settings, similar)||The computer or device of the person himself/herself||Internal analytics; improvement of Website experience||Technology infrastructure vendors|
All information may also be shared among our affiliated group of companies solely for administrative and operations purposes.
RETENTION OF PERSONAL DATA
We keep personal data for no longer than necessary for the purposes for which the personal data is collected or processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
YOUR RIGHTS AS TO YOUR PERSONAL DATA
If you would like further information about these rights or would like to exercise any of them, including to opt out of the "sale" of your information as defined in the CCPA, please write to us at 755 Business Center Drive Suite 200, Horsham, PA 19044 USA, Attn: Privacy Officer, call us at 866-564-0021, or submit your question or request at do not sell.
By law, as well as for your protection, if you request that we take certain actions as to personal data we have about you, we are required to take certain steps to verify your identity. If we are not able to verify your identity, we may not be able to respond to your request. To verify your identity, we request, at point of submission of your request, that you supply your basic contact information, as well as certain other non-personally identifiable information (e.g., information relating to your last interaction with us, such as subject matter and type of study), and we endeavor to match at least two pieces of this information with information in our possession. In addition, as to those rights permitted by law to be exercisable by an authorized agent on your behalf, in addition to verifying your identity as described above, we require the agent to also supply written authorization from you to act on your behalf, except where restricted by law.
Effective Date: 5/23/2018
Date Last Revised: 3/20/2020