The Thick Data Company Inc. (“we” or “us”) operates the thickdatacompany.com website (the “Website”). We respect the privacy of all of our clients, research participants and all other parties who may visit the Website (each a “User”), and we are committed to protecting the personal information of each User.
This Privacy Notice applies to all Users and is effective as of the date of its posting. Please take the time to review this Privacy Notice carefully. By accessing the Website, participating in any Research, as defined below, or providing personal information to us, you agree to the terms of this Privacy Notice. If you do not agree to the terms set out in this Privacy Notice, we request that you cease using the Website or participating in any Research immediately.
Personal Information Collected
1.1. Through your access and use of the Website or the use of our services we may collect the following types of “User Information”:
(a) Identifiers – information reasonably capable of identifying you, such as a real name, alias, postal address, email address, or other similar identifiers;
(b) Commercial information – information regarding services purchased from us, and information disclosed to us to perform such services regarding your business, and payment information, used to facilitate your payment;
(c) Research Information – information provided to us regarding your opinions or behaviour, such as responses to research questions, brand association, market insights, inclusive of video or audio recordings of such information; and
(d) Geolocation data- information that can be used to identify an electronic device's physical location.
1.2. In addition, we may collect the following types of Personal Information on a deidentified basis:
(a) Electronic network activity information regarding your interaction with the Website or our advertisements; and
(b) Inferences drawn from any of the information identified in this section - to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, abilities, and aptitudes.
(collectively “Device Information”)
1.3. We collect Device Information through the following ways:
(b) “Log files” track actions occurring on the Website, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
(c) “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Website.
1.4. Additionally when you register or participate in any Research, complete our client contact form, or subscribe to our mailing list, we collect certain Identifiers, Survey Information, Commercial information and Geolocation data submitted by you or your browser.
Use, Disclosure, and Consent
2.1. We use User Information to perform our services, including the preparation and administration of our Research, and to provide you information on our services via email. In performing our services, certain User Information will be provided to third party Service Providers for the purpose of performing such services, please refer below for more information on such third-party processors. Additionally, we may use such information to:
(a) communicate with you as may be required to ensure you receive a high level of service, including, ensuring you have access to our Research, or receive your Research participation honoraria, as may be applicable;
(b) administer the Research and prepare all necessary reports, results, and analysis in accordance with the terms of this Privacy Notice;
(c) verify your identity and screen for potential risk or fraud;
(d) provide you with information or advertising relating to our services; or
(e) meet regulatory requirements.
2.2. We use Device Information to assist us in screening for potential risk and fraud (in particular, your IP address), and more generally to evaluate, improve, develop and optimize the Website. We may also use Device Information to map and forecast general industry trends and other analytical information.
2.4. You provide us with implied consent where our purpose for collecting, using or disclosing Personal Information is necessary for the provision of our services or would be considered obvious or reasonable in the circumstances. Your consent may also be implied where you have received notice and a reasonable opportunity to opt-out of having the Personal Information used, and you have not provided us with notice of your opting-out, including but not limited to use for mail-outs, marketing or fundraising.
2.5. We may collect, use or disclose your Personal Information without your consent in the following circumstances:
(a) when permitted or required by law;
(b) in an emergency that threatens an individual's life, health, or personal security;
(c) when the Personal Information is available from a public source;
(d) when we require legal advice from a lawyer; or
(e) or the purposes of collecting a debt or protection from fraud; or other legally established reasons.
3.1. By registering to be invited to be a participant (a “Participant”) in any of the research administered by us on behalf of our clients (each a “Research”), you agree all Personal Information provided to us in the course of such participation shall be on the following terms and conditions:
(a) you expressly consent to the disclosure, transfer and sale of such information, on the basis as set out under subparagraph (b), to any applicable client for whom the Research is being conducted;
(b) we will provide you with prior written notice of the form in which your Personal Information recorded or received in the course of the Research will be transferred to our applicable client(s), if you do not consent to the form of such transfer, we request that you notify us immediately and abstain from participating in the Research;
(c) you acknowledge and agree that you shall not be required to provide any specific type of Personal Information, and you may elect not to answer any request for information in the course of your participation in the Research, and that all information provided by you is provided by you freely and with the express understanding of, and consent to, the purpose for which it will be used; and
(d) you acknowledge and agree that following the transfer of such information to any client, we will, upon request, remove any such Personal Information from our databases in accordance with this Policy, but cannot guarantee the removal of such information from any report, client database, or other location outside of our control.
Third-Party Service Providers
4.1. From time to time, we may make use of third-party service providers (“Service Providers”), including service providers located in Canada and the United States to store and process data, including your Personal Information, on our behalf. When acting on our behalf, such service Providers shall only be authorized to collect, use, disclose or store your Personal Information in accordance with this Privacy Notice. However, the government, courts, law enforcement, security, or regulatory agencies of a particular country may be able to obtain access to or disclosure of Personal Information as permitted by the laws of that country. A current list of third-party service providers who may have access to your personal information is as follows:
(a) GoogleDocs – we use GoogleDocs to record and store certain information, and to prepare reports and other forms of analysis you can find out more about how GoogleDocs handles your personal information here;
(b) GoogleDrive – we use GoogleDrive to store certain information and to provide clients with access to such information, you can read more about how GoogleDrive stores your information here;
(d) OneDrive/SharePoint – we use Microsoft’s One Drive and SharePoint applications to facilitate data storage and transmission, you can read more about how Microsoft safeguards such information here;
(f) QualBoard/QualMeeting – we use the QualBoard and QualMeeting applications provided by the Schlesinger Group to facilitate the administration of research meetings and recording of insights from such meetings, you can see how the Schlesinger Group handles personal information here;
(g) Indeemo – we use the Indeemo research platform to assist us in collecting Research information, you may consult Indeemo’s privacy statement here;
(i) Google Analytics– we use Google Analytics to help us understand how our customers use the Website, you can read more about how Google uses your Personal Information here; and
(j) [Insert any applicable eCommerce Platform used to power the Website, such as Shopify, or any Email campaign manager, such as MailChimp, or any additional third party].
4.2. Additionally, we may use other technologies from other service providers for Research to facilitate data collection and analysis or other Service Providers to collect data and provide information with respect to the performance and functionality of the Website. Such Service Providers may use information about your use of the Website to analyze its performance, though such Service Providers do not use personally identifiable Personal Information (such as your name, address, email address) when performing data analysis. We shall notify you of any such third party technologies prior to our use of such technologies in the course of the Research.
Storage of Personal Information
5.1. Your Personal Information may be stored electronically in our database, including databases hosted by applicable third-party Service Providers, or in hardcopy format. We will only retain Personal Information for the time necessary to fulfill the identified purposes or an applicable legal or business purpose. Please note, when you sign up as a Participant through the Website, submit our contact form, or enroll in our mailing list, we will maintain your User Information for our records unless and until you request that we delete this information. However, we make no guarantee of any period of retention, and reserve the right to delete such information at any time.
5.2. We will use appropriate security measures when destroying your Personal Information such as shredding documents or deleting electronically stored information.
Access to Personal Information and Your Legal Rights
6.1. If requested, we will provide you with a copy of any of your Personal Information in electronic form, which may include the following related information:
(a) what Information we are storing;
(b) where it is being stored; and
(c) for what purpose we are storing it.
6.2. Under applicable data protection laws you have rights in relation to your Personal Information that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing such data is your consent) to withdraw consent, or to cease use of any such Personal Information while we resolve any complaint made by you.
6.3. At any time, you may request that we remove your Personal Information from our records, and we will delete, or request that an applicable Service Provider deletes, such Personal Information within twenty-one (21) days of receipt of such request.
6.4. For privacy protection purposes, we will need to verify your identity before providing you with access to, deleting or otherwise modifying your Personal Information.
6.5. You can learn more about your legal rights at: Office of the Information and Privacy Commissioner for British Columbia.
6.6. To submit a question to us about the collection or use of the Personal Information, or to make any request pursuant to your rights set out above, please email us at firstname.lastname@example.org and insert “Privacy Information Question” in the subject header.If you are not happy with any aspect of how we collect and use your Personal data, you have the right to complain to the Office of the Information and Privacy Commissioner for British Columbia.
7.1. We are committed to ensuring the security of your Personal Information and may use passwords, encryption, firewalls, restricted employee access or other methods, at our reasonable discretion.
7.2. While we strive to use commercially acceptable means to protect the Personal Information, you acknowledge and agree that no method of transmission over the Internet, or method of electronic storage is 100% secure. We make no guarantee as to the absolute security of the Personal Information.
7.3. In the unlikely event that our system is breached, and any Personal Information has been compromised, we will notify such local authorities as may be required within seventy-two (72) hours of the breach and will also use our best efforts to notify you, using the most current contact information that we have on file. We are not responsible for any failure to notify you based on incorrect or outdated contact information.
(a) authentication - to identify you when you visit and navigate the Website;
(b) personalization - to store information about your preferences and to personalise the Website’s offering for you;
(c) security - to protect our Website;
(d) analysis - to help us to analyse the use and performance of the Website; and
8.3. Most browsers allow you to refuse to accept cookies or to delete cookies. Blocking cookies may negatively impact the performance of our website, or your access to all features of our website. You may obtain up-to-date information about blocking and deleting cookies via these links: Google Chrome; Mozilla Firefox; Internet Explorer; Safari.
Citizens of the European Union
9.1. If you are a European resident, please note that we are located in Canada and your Personal Information may be processed in any country where we engage service providers.
9.2. If you are located in the European Economic Area (“EEA”), we comply with the provisions of the General Data Protection Regulations that protect your Personal Information. Where we transfer your data to third parties outside of the EEA, we will ensure that certain safeguards are in place to ensure a similar degree of security for your Personal Information. As such:
(a) we may transfer your Personal Information to countries that the European Commission has approved as providing an adequate level of protection for Personal Information; or
(b) where we use certain service providers who are established outside of the EEA, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.
If none of the above safeguards is available, we shall only transfer your data where you have provided your consent. You will have the right to withdraw this consent at any time.
10.2. If any material changes are made to this Privacy Notice, we will notify you either through the email address you have provided us, or by placing a prominent notice on the Website.
10.3. By continuing to use the Website after changes are made to this Privacy Notice, you are agreeing to be bound by the updated Privacy Notice. If you do not agree to bound by the updated Privacy Notice, please stop using the Website.
Do Not Track
11.1. Please note that we do not alter our data collection and use practices when we receive any type of Do Not Track signal from your browser and will continue to collect, use, and dispose of your Personal Information in accordance with this Privacy Notice.
Links to Other Websites
13.1. If you are a parent or guardian and you are aware that your minor child has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from minors, we will take all appropriate steps to remove that information from our servers, unless otherwise agreed in writing.
14.1. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at email@example.com or by mail using the details provided below:
The Thick Data Company Inc.
Attn: Catriona Adam
129 Nanaimo Ave W
Penticton, BC, V2A 1N2
Last updated: 2023-03-27