Privacy Policy

Our commitment to your privacy

How we use your information

People who have contacted us with a request for information

If you apply to work with us

If you are employed by us

Commercial communications

Business contact, marketing and administration

Email marketing

People who participate in our market research or health outcomes research projects

If you use our website

How long we keep your personal data for

Who we share your information with

How we protect your information

Your data protection rights

How can you access your information

Changes to this privacy policy

How to contact us

Our commitment to your privacy

7i Group Ltd is committed to protecting and respecting your privacy. We take our responsibilities regarding the security of information that we collect seriously. This policy sets out how we use and protect the information that you provide to us. Please read this policy carefully. If you have any questions, please contact compliance@7i-group.com.

In this policy 7i Group Ltd, we, and us means 7i Group Ltd, No.1 Mereside, Alderley Park, Alderley Edge, Cheshire SK10 4TG, UK, a company registered in England, company number 10688789.

This privacy policy applies to 7i Group Ltd who are processing personal data under the EU General Data Protection Regulation (EU GDPR) and the UK General Data Protection Regulation (UK GDPR). 7i Group Ltd is the controller for the personal data. Please read this policy carefully.

This Privacy Policy provides information on:

  • how we use your personal data;
  • types of personal data we collect;
  • sources of your personal information;
  • legal grounds for processing your personal data;
  • sharing your personal data;
  • retention of personal data;
  • how we use Cookies and other tracking technology;
  • our policy on correcting and updating personal data;
  • making a complaint about our handling of your personal data.

It also includes specific information for exercising your rights under the EU General Data Protection Regulation (GDPR) and the UK General Data Protection Regulation (UK GDRP).

How we use your information

People who have contacted us with a request for information

If you have requested information from 7i Group Ltd, we will collect and process the personal data that you provide in order to respond to your request. Unless you consent to the contrary, we shall only use your personal data to provide the information you have requested.

We may collect some or all of the following personal data (this may vary according to your relationship with us):

  • Name
  • Address
  • Email address
  • Telephone number
  • Business name
  • Job title
  • Profession

We will process your personal information where there is a legitimate interest in us doing so, if it is reasonably necessary to achieve our or others’ legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).

If you apply to us for employment

If you apply to work at 7i Group Ltd, we will only use the information you supply to us to process your application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference, we will not do so without informing you beforehand unless the disclosure is required by law.

Personal information about unsuccessful candidates, including the results of any assessments, may be held for 6 months after the recruitment exercise has been completed, if we feel there maybe future suitable vacancies and we want to keep your details longer we will ask your permission. It will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

For some vacancies we may advertise through a recruitment agency. The recruitment agency will collect the application information and might ask you to complete a work preference questionnaire which is used to assess your suitability for the role you have applied for, the results of which are assessed by recruiters. Please read the recruitment agencies privacy policy for further information about the data that they collect and what it is used for.

If you are employed by us

Details of our Data Protection Policy in so far as it affects employees of 7i Group Ltd can be found in our Staff Handbook.

Commercial communications

We obtain information directly from you, via normal business channels such as email, telephone, video conferencing etc. and in person, for example at conferences and events. Personal data is required to allow us to provide our services to our clients.

We will not share your personal information with any third parties save with your permission or required or allowed by law, for example, to obtain legal advice.

If you have contacted us, then we shall rely on our legitimate interests to record your information.

If we wish to record any sensitive information about you, for example, about your dietary requirements, then we will have to have a legal reason to do so or ask for your explicit consent.

If we are in negotiation with you for goods or services then we shall rely upon contractual obligations to process the information, as we will either have a contract in place, or be in negotiations to enter into one.

Business contact, marketing and administration

If you are a business contact, we will ask you if you would like to receive regular communications from us, and we shall do this in accordance with any guidelines concerning the data protection or ePrivacy (electronic marketing) regulations. You can change your preferences at any time, and if you ask us to stop communicating with you, we shall action this request immediately.

We need to manage the business for example, processing invoices, entering into contracts and to do that we rely on our legitimate interests, legal obligations and fulfilment of our contractual obligations.

We may use your personal information to obtain legal advice or if it is necessary to defend a legal claim or pursue a bad debt, and we may have to pass your information to public authorities and organisations where the law requires us to do so.

To ensure that emails and IT networks have not been compromised we will monitor network traffic and may process personal data as a result of this monitoring.

Email marketing

We stay in touch with our clients and prospects using email and to do this we use an email broadcast company. Emails will either be fully opted-in by the subscriber, or we shall be relying on the soft-opt-in rule within the ePrivacy legislation. Within our emails we utilise web beacon technology, sometimes called pixels, which allows us to see whether the email was delivered, which links were clicked and so on. This is to help us offer a better, more relevant service. The only information collected will be IP address, date/time, general location, and device details. We never share this information or any of your details with third parties.

People who participate in our market research or health outcomes research projects

How we use your personal data

7i Group Ltd and its suppliers use your personal data for conducting market research or health outcomes research projects (‘research’) either as 7i Group Ltd or on behalf of our clients. We use your personal data for the following purposes:

  • Performance of research and analysis either as 7i group Ltd or on behalf of our clients;
  • Monitoring and keeping records of communications between you and 7i Group Ltd staff;
  • Compliance with our contracts with our clients;
  • Sharing of information, as needed, with translators, analysts, data processing companies, fieldwork partners;
  • Adherence and compliance with legal and regulatory obligations, requirements, and guidance

Types of personal data we collect

The nature of the personal data collected about you will depend on your relationship with us and the type of work we conduct. We typically uses a network of fieldwork partners and clinical sites to recruit participants to participate in a research project and conduct interviews. (‘fieldwork partner’). Please read the fieldwork partner’s privacy policy for further information about the data that they collect and what it is used for. Typically, the fieldwork partner assigns a respondent identifier to minimise the personal data collected by us.

Types of personal data that maybe collected include:

  • Respondent identifier assigned by the fieldwork partner;
  • Information submitted by you during a research interview or when completing a paper or internet questionnaire. This may include information on age, gender, nationality, health data: including, for example, disease specific experience or drug purchasing/prescribing history, Adverse Events;
  • System access information, such as usernames, passwords, and other personally identifiable information;
  • Your bank account details;
  • Remuneration, including honoraria/fees for service and expenses payment in relation to your participation in, and contribution to, programmes and services;
  • Your contact details, such as title, name, email address, mobile/telephone number, and company information such as job title/role, office location, mobile/telephone number.

Sources of your personal information

Most of the personal information we process is provided directly by you, or by the fieldwork partner. Sometimes the sponsoring client may provide a list of names for the purposes of contacting potential respondents. We will follow the client’s instruction on processing the personal data but will ensure that the personal data is processed according to data protection legislation including assurance that the list of names can be legitimately used for the intended research purpose.

Legal grounds for processing your personal data

Under data protection legislation, there are various grounds on which we can rely when processing your personal data. In some contexts, more than one ground applies. Typically, for research we rely on Legitimate Interests and Consent. We may also be required to use your personal data to comply with its legal obligation.

Consent

To process your personal data, we obtain your explicit consent. This means that before we collect any information from you, we ensure that you are provided with full details about the purpose and nature of the research and what will happen to the information we collect.

Withdrawal of your consent

If we have relied on consent as a ground for processing, you may withdraw consent at any time – though if you do so that will not affect the lawfulness of what we have done before you withdraw consent. See section ‘Your rights’.

Legitimate interests

Examples of personal data that maybe processed using legitimate interests:

  • Maintaining records relating to your participation in research projects;
  • Adhering to regulatory bodies guidance and compliance requirements;
  • Audit requirements;
  • Monitoring and keeping records of communications between you, the fieldwork partner and 7i Group Ltd staff.

Sharing your personal data

In some cases, we may need to share personal information with third parties that provide research services in support of the research project e.g. translators, analysts, data processing companies, fieldwork agencies. Any third party that receives personal information is obligated to follow all the same privacy protection regulations as followed by us.

Retention of personal data

We will not retain your personal information for longer than is necessary. At the end of the research project we redact (remove) the personal data no longer required for the project after 12 months. This means that most of the personal data collected during the research project is then deleted and there is minimal personal data retained by us.

If you use our website

When you visit our website, we will collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. Our web servers capture IP Addresses that are stored in log files by default for troubleshooting connections.

We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered from these sites with any personally identifying information from any source. If we do want to collect personally identifiable information through our websites, we will ask your permission and explain what we intend to do with it.

Appropriate security measures are in place, in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from our websites.

Cookies

Like most websites we use ‘cookies’ to collect anonymous statistics about how people use the site, and to help us keep it relevant for the user. Cookies ‘remember’ bits of information from your visit to the site.

A cookie is a simple text file that’s stored on your computer or mobile device by a website’s server. Only that server can retrieve or read the contents of that cookie. Each cookie is unique to your web browser. So if we put a cookie on your computer, it can’t be read by any other website.

If you don’t want your web visits to be tracked for statistical purposes like this you can set your computer to block cookies at any time. The way in which you do this depends upon the web browser which you use. Go to www.aboutcookies.org to find out more.

How we use cookies to collect statistics

To improve our service, we collect anonymous web statistics using a cloud tool called Google Analytics. This stores a few cookies on the users’ computers or mobiles devices to tell us how many people have visited each web page, how they got there, and where they navigate from there. The data collected is completely anonymous and does not store any personal details. If you want to stop our websites collecting usage data about you via Google Analytics, you can disable cookies in your browsers, disable JavaScript in your browser and use Google’s Opt-out browser add-on: https://tools.google.com/dlpage/gaoptout

How long we keep your personal data for

We are required by law to keep your personal data only for as long as is necessary for the purposes for which we are using it. The period for which we keep your personal data will be determined by several criteria, including the purposes for which we are using the information, the amount and sensitivity of the information, the potential risk from any unauthorised use or disclosure of the information, and our legal and regulatory obligations.

We keep a backup of our data to restore the original data after a data loss event. When we delete your personal data, it will be deleted from the live storage immediately but there will be a delay before it is removed from the backup data

Who we share your information with

We use selected agents to process your information on our behalf, such as software providers to host our website. Such third parties will be authorised to see and use your information but only to fulfil their contractual obligations to us and will not be permitted to use it for any other purpose. We retain full responsibility for how your personal information may be used by such agents.

The personal data that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom (UK) or the European Economic Area (“EEA”). It may also be processed by staff of 7i Group Ltd who are operating outside the UK or EEA. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

We may share your personal information so that we can comply with a legal obligation to which we are subject. For example: where we are obliged to share your personal information with regulatory bodies which govern our work and services; government departments such as law enforcement and HMRC; court orders etc.

We will process your personal information where there is a legitimate interest in us doing so if it is reasonably necessary to achieve our or others’ legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).

7i Group Ltd does not sell, trade or rent your personal information.

How we protect your information

We generally store and process your information within the United Kingdom (UK) or European Economic Area (EEA).

Where we need to transfer your information outside of the UK or the EEA we only do so to countries which have been determined by the UK Government or European Commission to have an adequate level of data protection. If we transfer personal information to countries that have not been determined to have an adequate level of protection, we do so using a variety of legal mechanisms, including the US Privacy Shield and contracts, to help ensure your rights and protections.

In order to protect your personal data 7i Group Ltd employ:

  • technical measures, including but not limited to, robust network security, firewalls, anti-virus protection, regular internal and external oversight and inspection, including penetration testing, access controls, audit trails, encryption of devices and data both whilst at rest and during any transmission to and from third parties in order to keep your personal data secure.
  • organisational measures including, but not limited to, training of all individuals who process personal data in data protection and information governance, the creation of and adherence to appropriate policies and procedures.

Your rights

7i Group Ltd tries to be as open as it can be in terms of giving people access to their personal information.

You have specific rights connected to provision of your personal information to 7i Group Ltd. These include your rights to request what personal information we may hold about you, if any, and for what purposes. You have the right to request that 7i Group Ltd:

  • change the consent which you have provided to us in relation to your personal information;
  • correct any inaccurate or incomplete personal information which we may hold about you;
  • provide you with a complete copy of your personal data;
  • provide you with a complete copy of your personal information for you to move elsewhere where you have provided this information by consent or by a contract with us;
  • temporarily restrict the processing of your personal information, whilst an objection from you is being resolved;
  • permanently erase all your personal information promptly, and confirm to you that this has been done (there may be reasons why we may be unable to do this);
  • stop the processing of your personal information for the purpose of direct marketing.

You also have the right to

  • withdraw consent that you have provided to us to process your personal information, at any time;
  • object to profiling or to any decisions being taken by us by automated means.

If you have a concern about the way we are collecting or using your personal data, or if we do not address your request, or fail to provide you with a valid reason why we have been unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website https://ico.org.uk/

How to access your information

You can request to access any personal information that you have submitted to us. The easiest way is to request a copy via the contact details listed below.

Send us an email: compliance@7i-group.com

Or write to us at:

7i Group Ltd
No.1 Mereside
Alderley Park
Alderley Edge
Cheshire SK10 4TG
UK

Please ensure that you include your name and clear instructions on what you would like us to do.

If you require us to supply you with details of the personal information that we hold about you, then we will provide this information free of charge and we will provide this information to you within one month of your request unless the request is complex or is numerous requests. If this is the case, we will inform you within one month of your request about the reason for the extension of time.

Changes to this privacy policy

We keep our privacy policy under regular review and reserve the right to revise it at any time. Any changes we may make to our privacy policy in the future will be posted on this page. There is a date at the bottom of the page which indicates the date it was updated. Please revisit this policy each time you consider giving personal information.

How to contact us

If you have any questions or comments about our website’s privacy policy or any other aspect of our website, or should you wish to review or request a change to any personally identifiable information that you have submitted to 7i Group Ltd via our site, please contact us at the postal address or email address listed below.

7i Group Ltd
No.1 Mereside
Alderley Park
Alderley Edge
Cheshire SK10 4TG
UK

Email: compliance@7i-group.com

If you would like to contact the Information Commissioner’s Office, they can be contacted via their website https://ico.org.uk/

7i Group Data Protection Notice – v3 26th May 2021