Protection

by ad-hoc
CATEGORIES :
18 July 2022

PERSONAL INFORMATION PROTECTION POLICY

This document outlines Ad Hoc Research’s policy relating to the protection of the personal information we gather in the course of our studies, from individuals as well as from businesses.

Personal information includes any information which allows the identification of a study participant, whether such information is in verbal, digital or written form.

The policy is structured according to the ten principles relating to the equitable processing of personal information pursuant to the federal Personal Information Protection and Electronic Documents Act. These principles are interdependent:

  1. accountability;
  2. identifying purposes for collecting personal information;
  3. consent;
  4. limiting collection;
  5. limiting use, disclosure and retention;
  6. accuracy;
  7. safeguards;
  8. openness;
  9. individual access;
  10. challenging compliance.

1. Accountability:

Ad Hoc Research is responsible for personal information under its control.

For this purpose, we adopted this policy and designated a person responsible for the protection of personal information.

The designated person is responsible for …

  1. Applying and enforcing Ad Hoc Research’s policy relating to the protection of personal information;
  2. training employees about this policy;
  3. managing inquiries and requests for information;
  4. processing complaints relating to the protection of personal information.

The person responsible for the protection of personal information can be reached…

  • at the following email address : personal-Information@adhoc-research.com..
  • à l’adresse postale suivante : Responsable des renseignements personnels, Ad hoc recherche, 400 boul. de Maisonneuve Ouest, bureau 1200, Montréal (Québec), H3A 1L4.

2. Identifying purposes for collecting personal information:

In the course of its operations, Ad Hoc Research collects personal information from study participants for the purposes of carrying out such studies.

The purposes for which personal information is collected are identified before data collection in at least one of the following documents:

  • the client’s request for service proposal;
  • Ad Hoc Research’s service proposal;
  • the project file;
  • data collection tool(s) (such as questionnaires, discussion guides, interview guides and online community activity guides).

A complete list of specific information to be collected can be found in the data collection tools (e.g.: questionnaires, discussion guides, interview guides, online community activity guides).

3. Consent:

Participation in Ad Hoc Research’s studies, regardless of the type of study (whether they are surveys, focus groups, individual interviews or online communities), is always on a voluntary basis.

Avant d’accepter de prendre part à une étude, les participants sont informés qu’elle est menée par Ad hoc recherche et on leur précise quels sont objectifs de la collecte d’information. À cette fin Ad hoc recherche s’assure que son personnel oeuvrant à la collecte des données soit formé sur les objectifs de l’étude de façon à pouvoir en informer adéquatement les participants.

The participant’s consent is explicitly obtained by the interviewer upon collection of personal information during which there is human interaction or implicitly when the participant completes an online survey.

During the study, participants have every right to refuse to answer one or more specific questions. They can also terminate their participation at all times.

The data we gather is only presented to our clients in aggregate form. We never disclose any identifiable information relating to a participant without having previously obtained such participant’s explicit consent.

When carrying out studies focused on minors, we gather personal information from such minors only once we’ve obtained the consent of a parent or legal guardian.

4. Limiting collection:

Ad Hoc Research only collects personal information which is necessary to the purposes identified in its studies.

The personal information we collect is used solely for the purposes for which it was collected. We do not use such information for other studies or for our specific needs.

Personal information will never be sold to any third parties.

5. Limiting use, disclosure and retention:

Ad Hoc Research covenants to use and communicate the personal information it collects only for the purposes for which it was collected. It retains such information only as long as is necessary to fulfill such purposes.

Nominal lists provided by our clients are accessible only to company employees who need to have access to such information as part of their work.

Consequently, when a project is completed, we delete personal information from company files or anonymise such information. For example…

  • nominal lists provided by clients are deleted;
  • respondents’ identifiable data (such as name, last name, phone number, home address, email address, etc.) is erased from project documents and deleted from databases;
  • interview and focus group recordings as well as answers of everyone who participates in an online community are erased or deleted.


When a client asks for telephone interview recordings, Ad Hoc Research provides recordings starting from the first question of the survey, excluding the introduction where the respondent’s name might be mentioned. The file does not include the respondent’s name or phone number, unless such respondent has given his/her explicit consent.

When a client asks for focus group or individual interview recordings, the client must agree to safeguard such recording, refrain from disclosing it and destroy it after use.

When a client wishes to remotely attend a focus group or individual interview, the client must refrain from recording any discussions.

6. Accuracy:

Ad Hoc Research strives to collect the most accurate, complete and up-to-date personal information possible to meet the informational requirements related to its projects. For this purpose, Ad Hoc Research adopted several quality control measures. Such measures vary according to the data collection method used.

7. Safeguards:

Ad Hoc Research covenants to use all appropriate safeguard measures to protect the information with which is it entrusted. For this purpose, it has undertaken the necessary steps to meet the requirements under norm ISO/IEC 27002 by the end of the year 2023.

The personal information we gather is stored on our secure servers located in our Montréal offices.

All company employees must subscribe to our policy relating to the security of information and agree to be bound by confidentiality obligations upon hiring, and formally reiterate such commitment every year thereafter. Our security policy sets forth the principles that must be rigorously followed by every employee. These rules address such matters as access and transportation of information, personal use of resources and confidentiality of company information.

We require from our partners commitments regarding protection of personal information and security that are at least equal to the ones we follow. Subcontractors are bound by confidentiality agreements, whether or not they have access to sensitive information.

8. Openness:

An overview of Ad Hoc Research’s policy relating to the protection of personal information appears on its website, where one can access the complete policy.

In addition, the company’s policy is available upon request to the person responsible for the protection of personal information, whose contact information is indicated at Section 1 of this document.

When required, it is included in the company’s service proposals.

9. Individual access:

Upon request by a study participant, Ad Hoc Research notifies the participant with respect to the existence of his or her personal information, the use of such information and, as the case may be, the fact that the information was conveyed to third parties.

Participants can consult the information that Ad Hoc Research keeps relating to them. They can challenge its accuracy and integrity as well as request that appropriate corrections be made. When corrections are requested relating to information provided by one of our clients, we refer the participant to our client or, with the participant’s permission, we relay the corrections directly to our client.

The project manager answers participants’ requests for access to their personal information. We strive to answer such requests within five business days.

When someone we contact to participate in one of our studies asks how we obtained his or her contact information, we answer honestly. Depending on the method of collection, such information can be conveyed by an interviewer, a recruiter or the project manager.

If you wish to be removed from our calling lists, please contact us at 833-334-4040.

10. Challenging compliance:

Any individual can file a complaint in the event that Ad Hoc Research does not comply with the principles set forth in this policy.

The complaint must be addressed to the person responsible for the protection of personal information, whose contact information is indicated at Section 1 of this document.

This person shall see to it that the complaint is carefully and diligently examined and, if required, that necessary actions are taken in order to correct the situation and ensure that similar cases do not reoccur.