Consumer privacy is a top priority for RKON. We rely primarily on demographic and aggregated data from which we cannot directly identify people, and we maintain appropriate limits on access to data about specific individuals where we hold it. Our internal policies and procedures conform to applicable laws and industry standards around the globe. They also incorporate the principle of Privacy by Design—a commitment to include appropriate privacy protections in the design and
implementation of our products and services. We deploy consumer-friendly privacy controls that are easy to find and easy to use. We believe in responsible stewardship of data, and we are continually striving to improve our own practices and maintain a high standard for our industries.
PRIVACY BY DESIGN
While developing our products and services, we assess their potential impact on personal data and embed appropriate privacy protections into our data processing activities, taking into account the other privacy principles described below.
TRUST AND ACCOUNTABILITY
We are committed to responsible stewardship of the data under our control and to compliance with all applicable data protection laws that regulate the collection, use and disclosure of data about individual people. RKON’s internal privacy team oversees compliance with applicable privacy laws, self-regulatory programs that we participate in, and our internal privacy policies. We use tools and methods designed to prevent individuals from being identifiable in our reports and insights, and we take steps to prevent the data we collect from being reused in ways that have not been communicated to individuals and/or could negatively affect them. RKON participates in the following self-regulatory programs for our integrated RKON Marketing Cloud platform:
- The Digital Advertising Alliance (DAA): We adhere to the DAA’s self-regulatory principles for online behavioral advertising, including the DAA’s application of self-regulatory principles to the mobile environment.
- The Network Advertising Initiative (NAI): We adhere to the NAI Code of Conduct.
THE DATA RKON COLLECTS
RKON collects personal data from:
- People we contact in regard to RKON surveys conducted online, in person, by telephone, email, or postal mail.
- Website browsers, mobile and other devices that are measured by our digital and mobile products, or segmented into audiences for online or mobile advertisements by the RKON Marketing Cloud.
- Visitors to our websites and people who contact us via our websites, via email, or other means.
- Public sources—about the public activities of certain public figures, such as professional athletes.
- Publicly available social media posts, for products that measure online reaction to video content, products, and brands.
- Our employees, contractors, and business contacts at other companies in the course of conducting our business.
We are continually working to maintain the personal data we collect so that it is complete, accurate, relevant, and up to date.
BASIS FOR PROCESSING
Many privacy laws require companies to establish a lawful basis for their uses of personal data. While RKON has established different lawful bases for different types of processing, in almost all cases our basis for processing personal data will be one of the following:
- Performance of a contract—RKON operates its research panels and conducts surveys on the basis of a contract—a panel membership or market research agreement between RKON and our research subjects. For many panels, these agreements cover all members of a household, because market research practices often require analysis of data at a household level.
- Consent—Where RKON bases its processing of personal data on consent, we may seek consent directly from individuals or, where RKON acts as a data processor (a service provider to another company), we may rely on consent obtained by the data controller (a third party who typically has a direct relationship with the individual and obtains consent).
- Legitimate Interests—In some cases, we may base the processing of personal data on our legitimate interest in performing market research or other services, because of its benefits in improving the efficiency of our clients and the markets in which they operate. Where we rely on this as our basis for processing, we make sure our activity is appropriately balanced by strong privacy protections designed to minimize the risks to data subjects.
DATA MINIMIZATION AND COLLECTION LIMITATION
Following the concept of data minimization, we limit the collection of personal data to the extent possible while still enabling us to derive meaningful and accurate measurements and insights.
- When we use direct identifiers, we limit access to such information both internally and externally and implement appropriate data security measures, which are designed to protect individuals’ privacy.
- Before we obtain third-party data, we review the third party’s data collection practices and the privacy notices that are made available to individuals to make sure that our use of the data is consistent with the commitments those companies have made to individuals.
- When we have removed identifying elements from the data that we collect, we take steps to prevent the data from being re-associated with identifiable data.