Our GDPR Policy

Our GDPR Policy

Respect for privacy and rigour in data processing are of great importance to CSA.

We ensure continuous compliance with the code of ethics of research organisations. CSA is a member of Syntec (French professional union for market and opinion surveys). CSA is also involved in establishing a code of ethics for market and opinion research as part of ESOMAR (world association for market, social and opinion research), which brings together survey professionals worldwide.

We have obligations to you:

• Because the processing of personal data is not like other types of processing.
• Because it may concern your private life.
• Because it could undermine your freedoms.

To reconcile your privacy and the processing of this data in the course of our activities, we adapt our procedures to comply with the European regulation on the protection of personal data (GDPR).

Processing of the personal data collected complies with the following principles:

Information

CSA informs the interviewee of the object of the survey and the purpose of the data collected, as well as the transmissions envisaged.

Your participation in a market survey is purely voluntary. Our approach has no commercial purpose with regard to the interviewees. Our job is not direct marketing or direct selling.

Purpose

The data we collect is for a specific purpose. It cannot be reused in a way that is incompatible with the purpose for which it was collected.

Confidentiality

In accordance with the code of ethics of research organisations, if the survey is presented as anonymous, CSA undertakes not to disclose your personal data to the sponsor of the survey without your prior consent, whether it is administered by telephone, online or face-to-face.

As part of our surveys we may temporarily transfer your personal data to specialised processors based in France or in the EU. These processors are selected based on their data protection safeguards. They are in charge of the technical implementation of the surveys (e.g. online questionnaires). The data transmitted is deleted at the end of the survey.

Security

CSA adopts reasonable security measures to protect the data in its possession.

Data retention

Personal data has an expiry date.  We set a reasonable data retention period based on the survey we conduct. Generally this period does not exceed 3 months after the completion of the survey.

Exercising your rights

As part of our surveys, in accordance with the European Data Protection Regulation, you have the right to access, rectify, delete your data, the right to data portability and the right to object to and restrict the processing of your data. If you wish to exercise these rights, please contact us:

– by emailing: dpo.csa@csa.eu
– by writing to the following address: CSA – Data Protection Officer – 2 bis rue Godefroy – 92800 PUTEAUX

To process your request as quickly as possible, please indicated the reference of the relevant survey. This 7-digit number is always indicated in our emails and stated in our telephone surveys.

For security reasons, we will ask you to prove your identity (e.g. photo of your national identity card) before granting you access to your personal data or implementing your corrections. This proof will be deleted as soon as checks have been completed.

If, after contacting us, you feel that your Data Protection rights are being denied, you may lodge a complaint with CNIL.

If you would like information about how we manage personal data and cookies on the website, please visit the Legal Notice page.