At Roy Morgan, we know that successful market research relies on the goodwill of the public. Protecting the privacy of the people who make our business possible is one way of ensuring ongoing goodwill and is therefore vital to our ongoing business success.
The Federal Privacy Act 1988 (Cth), is legislation that defines a set of 13 Australian Privacy Principles (APP’s) that govern the way organisations collect, use, protect and disclose personal information.
Roy Morgan embraces the Australian Privacy Principles because they build on our Company objective to protect the privacy of respondents, clients and other people associated with our Company.
Roy Morgan also complies with the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) to the extent that we collect or process personal information of residents of the European Union.
Roy Morgan also abides by the principles of the Research Society - Code of Professional Behaviour. More information about the code can be found at www.researchsociety.com.au
Why do we collect information?
The purpose of market and social research is to gather and present the opinions of the public directly to the people making decisions about goods, services or social policies that touch many aspects of our daily lives.
To enable this, Roy Morgan asks members of the public for their opinions on a variety of different issues.
We use data at an aggregate level, that is, we use the combined answers of many people to draw conclusions as to the opinions of broad segments of the population.
Why do we collect personal information?
Sometimes, Roy Morgan collects personal information from the people we interview, our respondents. Most often this is used to verify that the person gathering the information captured the respondent’s true and correct opinions. We audit at least 10% of all our interviewers work by cross checking with the respondent to ensure the interview is authentic and the data collected was accurate.
Personal information can also be used to enable us to gain an accurate picture of what certain groups of people in society think, for example, what percentage of young people take public transport to work? How could the public transport system be improved to encourage more young people to use it?
We may also gather personal contact information such as name and contact details so we can contact the Respondent for further research or when rewards and prize draws are offered.
Information that identifies an individual, such as name or address, is removed from our survey data as soon as it is no longer needed i.e. we use only de-identified data for research analysis.
How does Roy Morgan collect personal information?
Research may be conducted in person or via the telephone or other electronic means. Our interviewers will always clearly identify themselves to respondents and in the case of face-to-face interviews, our interviewers will always have a photo ID.
If we are collecting your name and contact details, the purpose of this will always be made clear either in writing or by our interviewer.
Who has access to my personal information?
Roy Morgan will only transfer personal information to third parties that are involved in completion of the research project or product. Examples of these parties are: mailing houses, auditing contractors, software suppliers and administrators, businesses that provide data enhancement, sampling, statistical or modelling services, or printing contractors. We do not sell data that directly identifies individuals and we contractually prohibit our clients or partners from re-identifying individuals from our data.
Roy Morgan will not transfer personal details to a client or any third party not involved in the completion of the research project without the consent of the individual the details relate to.
We are not involved in direct marketing and will never sell personal information to marketing companies for direct marketing or any other purposes.
Is my personal information accessible to overseas recipients?
All Roy Morgan computer systems are located in Australia. This means that from the minute we collect your data and right through our processing area, your data stays in Australia.
How do we protect the data we collect from misuse?
Roy Morgan takes all reasonable precautions to protect information held about people who make our research possible.
All our systems are security protected and all Roy Morgan staff and interviewers sign a confidentiality agreement upon commencing with the company. Personal information is stored securely and destroyed as soon as it is no longer required for research purposes.
With Internet based projects, we attempt to minimise the flow of personal information over the internet. Wherever possible we initiate surveys from a panel of Respondents and use a unique code to record information from a Respondent which is then matched to their personal information resident on our internal systems.
Access to personal information
As set out in the Australian Privacy Principles and GDPR, individuals may seek access to and request the correction or deletion of personal information held about them while this information remains identifiable. You may withdraw your consent for us to continue to hold your personal information at any time. To action a request, please contact our Privacy Officer (contact details below).
What happens in the event of a data breach?
In the event of a data breach, Roy Morgan will contain the breach, take remedial action and determine whether the data breach is a reportable "eligible data breach" under Australian Privacy law and GDPR requirements.
Roy Morgan will notify and communicate with all affected individuals as required.
The Privacy Commissioner has power to award compensation against Roy Morgan in appropriate circumstances.
All general queries, concerns or complaints should be directed to our Privacy Officer via the contact details listed below. If your query is regarding removal of your contact details from our records we will confirm in writing to you as soon as this is actioned. Our privacy officer or their representative will contact you for all other queries. GDPR queries, concerns and complaints will be referred to our Data Protection Officer.
Phone: 1-800 337 332
GPO BOX 2282
Melbourne, VIC 3001
Other related documents and links: