Cookie & Privacy Policy
We consider our commitment to clients, staff and the wider community to be incredibly important. We recognise our wider responsibilities as a UK company and constantly review our equal opportunities and environmental policies, in accordance with UK and European law.
Privacy is always of the utmost importance, and we are fully GDPR-compliant.
PRIVACY NOTICE
Last amended: 25th July 2024
INTRODUCTION
This Privacy Notice describes personal data processing activities by the Rippleffect Group, namely Reading Room Digital Limited t/a Reading Room and RONIN International Limited, including its international subsidiaries (RONIN Research GmbH, RONIN Research Inc., RONIN Research Lda, and RONIN Research (Hong Kong) Limited) (“Rippleffect”, “we”, “our”, “us”).
Note: this Privacy Notice does apply to how we engage with our clients for business-to-business communications, marketing and other standard dealings. However, this Privacy Notice does not apply to the processing of personal data in market research or UX surveys carried out by us or on our behalf of, or on behalf of our clients. Please refer to our separate market research privacy notices for this purpose.
We take your privacy very seriously. We have published this Privacy Notice to inform you of the principles governing our use of your personal data, the types of personal data we may obtain and process, and how we use, share and protect your personal data, including your rights in relation to your personal data. We also provide contact details for any further information. Please read through this Privacy Notice carefully.
This Privacy Notice contains information on:
The personal data we collect about you;
How and with whom we might share your personal data;
Your rights in relation to personal data that relates to you.
For your convenience, this Privacy Notice may include links to resources that may aid you in understanding how this Privacy Notice applies to you. This Privacy Notice does not extend to external resources, and we have only included these links for information and reference purposes. If you go to these 3rd-party sites, you will become subject to their privacy policies as advertised to you when you access each site.
Where this Privacy Notice is provided in a language other than English and arising a conflict between the English version and other versions, the English version prevails.
We may make updates to this Privacy notice from time to time, without prior notice to you. Where the changes are significant, we will endeavour to notify you in writing of these changes. We encourage you to review this Privacy Notice at regular intervals.
ABOUT THE RIPPLEFFECT GROUP
Rippleffect Group Limited is a private limited company incorporated and registered in England and Wales with company number 08869791 and whose registered office is at 47-51 Great Suffolk Street, SE1 0BS London, United Kingdom.
Rippleffect includes the following companies:
RONIN International Limited, and its international subsidiaries, RONIN Research Inc., RONIN Research GmbH, RONIN Research Lda, and RONIN Research (Hong Kong) Limited.
RONIN International provides market research data collection services to the world’s largest market research agencies, delivering fieldwork services for both quantitative and qualitative market research. We offer end-to-end fieldwork services from set up and scripting through to data delivery and top line reporting, covering all the major European, American, Asian, and other global markets, on a recurring and ad hoc basis. RONIN is registered with the ICO (ZA219373).
Reading Room Digital Limited t/a Reading Room is a full-service digital consultancy providing services including the design, development, and maintenance of websites; UX, UI and segmentation research; content and imagery; hosting, support, monitoring and maintenance of websites; and digital communications planning from offices in London, Bristol, and Lancaster. Reading Room is registered with the ICO (Z9516303).
To find out more about RONIN International and Reading Room, please visit their websites available at the following links:
RONIN International: https://www.ronin.com/
Reading Room: https://www.readingroom.com/
THE INFORMATION WE OBTAIN AND PROCESS
Personal information (or “personal data”) is any information from which an individual can be directly or indirectly identified. Personal data that has been stripped of all identifying particulars is called “anonymised data” and outside of the scope of data protection law.
There are “special categories” of personal data which require a higher level of protection because it is of a more sensitive nature. The special categories of personal information comprise information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation and genetic and biometric data (if used for ID purposes). In addition, special requirements apply to personal information on criminal convictions and offences.
The types of personal data we may process about you depend on your relationship with us and how you interact with us, and our services. They include, without limitation:
Your full name;
Your postal address;
Your e-mail address;
Your telephone number(s), which could include mobile and business phones;
Information about how you use or interact with our website(s), including, without limitation, your IP address, browser type, OS, referring website addresses; and information about actions you take or content or components you engage with;
Images and/or voice captured through audio or video recordings;
Information relating to you as our business contact, including but not limited to your company name, job title, the division or department to which you belong and other information relating to you as a business professional;
Information relating to the company you work for or represent;
We will not ask you to provide, and do not intend to collect, special category personal data about you, and ask you to refrain from sharing such information about you, unless we have specifically requested you to do so, for example if we need to make reasonable adjustments for you if you will attend an event we host, subject to a separate notice.
HOW WE OBTAIN YOUR INFORMATION
We may collect this information from a variety of sources, such as:
Information you provide, such as;
Information collected through or in connection with our websites, including, without limitation, https://www.ronin.com, https://www.readingroom.com, https://www.fatmedia.co.uk and https://www.rippleffect.com;
Information provided during or in connection with business meetings;
Information provided during or in connection with events, tradeshows, meetings and/or conferences that we—and specifically our employees, representatives, workers and/or agents (together “associates”)—sponsored, hosted or attended, either virtually or in person;
Information provided in telephone calls, e-mail messages, and/or other forms of communication that you may have used to contact us.
Information that we collect from third parties, such as:
Information about you, including, without limitation, your personal information and business contact details, from third parties including, without limitation, social media networks, event organisers or sponsors, and referrals from business contacts;
Information that we collect through automated means:
Cookies are small pieces of information which we use to support users when they perform actions on our website, to analyse traffic on our website(s), and to track how you engage with content and components on our website(s). These includes session cookies, which expire when you close the browser you used to visit our website(s), and persistent cookies that will remain on your device for longer. Some cookies are necessary for our website(s) to operate as intended, but other cookies are optional, and you will be given an option whether or not to consent to our use of cookies before these are placed on your device. Please note that where you haven’t given your consent to cookies, cookies are disabled, or you have deleted cookies from your browser or device, your experience of our website(s) may be limited or be unable to deliver all functionalities.
Some cookies are placed by us, these are also known as ‘first-party’ cookies, whereas other cookies are placed on our behalf by third parties, these are known as ‘third-party’ cookies. Third-party cookies are placed (and process your personal data) only on our instructions. To review a list of cookies used on our website(s), please visit our Cookie statements:
For https://www.ronin.com, please click here.
For https://www.readingroom.com, please click here.
For https://www.fatmedia.co.uk, please click here.
We also maintain logs of information relating to usage on our website(s). This may include automatic gathering of information about you, including, without limitation, your IP address, the type of browser you are using to visit our website(s), your internet service provider, which pages you visit upon leaving our website(s), your OS, and date and time stamps.
WHY WE PROCESS YOUR INFORMATION
We process your personal data and business contact details for several purposes. These include, without limitation:
To communicate with you about our products and services, company updates, events, newsletters and thought leadership content, including where we give you the ability down access and download specific documentation on our website(s);
To maintain a directory of actual and/or potential clients and suppliers, and keep this directory up-to-date by adding or amending it from time to time;
To respond to requests for information, quotations or tender; and to conduct our business with you, including, without limitation, when we enter into contracts for services, complete transactions with you, and work with you on projects, for example when you notify us about defects or log support tickets with us;
To deliver content to you through third-parties, such as LinkedIn and other platforms, via their targeting and audience matching tools;
To comply with any reasonably instructions we receive from you and/or to fulfil specific purposes for which we have asked for and you have given your consent;
To protect and secure our website(s) and our business;
To manage, evaluate, and respond to data subject requests, including, without limitation, requests to be opted out or unsubscribed from our communications;
To conduct market research with you, to evaluate and improve our services, by contacting you to complete client satisfaction surveys via telephone or e-mail, and by giving you the opportunity and asking you to share feedback on our website(s) and services, including potential future products and services;
To contact you in relation to, and assess your interest in, potential career opportunities with us; if you apply for a position with us, note that your personal data will be processed in accordance with our separate Applicant Privacy Notice;
In specific circumstances, we may also process your personal information to establish, exercise or defend a legal claim, protect our rights, or respond to an order from applicable courts or government agencies, as applicable.
HOW WE SHARE YOUR INFORMATION
We may share your personal data and business contact details as follows:
With other companies within the Rippleffect Group, including directors, employees, consultants, advisers, and agents of these companies, only in accordance with this Privacy Notice, or as communicated to you at the point that your personal data was collected, or as subsequently consented by you. Our organisation is international in scope, which means that we may transfer your personal information with Rippleffect Group entities to countries where we have offices or where we conduct business, as noted earlier in this Privacy Notice, including outside of the United Kingdom and European Economic Union.
With third-parties and service providers we have engaged to perform services on our behalf, or that have been engaged by our service providers to perform services on our behalf. These third parties only process your personal data on our behalf or as otherwise necessary to perform the services for which we engaged them. These may include, without limitation, (a) business software, such as our CRM, project management software, financial software, e-mail marketing software, market research and UX research software; (b) social media, professional networking, and marketing automation platforms; (c) third-party cookie providers, as described elsewhere in this Privacy Notice; and (d) back-up services, both physical and in the cloud.
Where, in specific circumstances, we are legally required to do so (pursuant to applicable laws, regulations, or in relation to a specific legal or court process); if we believe it is necessary to protect our business from harm or financial loss, or in connection with actual or suspected fraud or illegal activity, and the investigation thereof; or if we determine it is reasonably necessary, lawful and appropriate to disclose your information for purposes of national security, law enforcement, or similar circumstances of public importance.
In the event that we sell or transfer parts of or all of our business or assets, we may also share your personal information as part of that process. In such circumstances, we will use reasonable efforts to direct the recipient organisation to only use personal information you have provided to us, as described elsewhere in this Privacy Notice or as otherwise applicable, in a manner consistent with this Privacy Notice. Once such a transfer or sale has occurred, you may contact the recipient organisation with any inquiries relating to your personal information and their use thereof.
Where your personal information is shared with entities located outside of the United Kingdom, the European Economic Union, or other countries that offer an adequate level of data protection as determined by the European Commission or by the UK’s Information Commissioner’s Office, as applicable to you, we enter into appropriate safeguards with the receiving entities prior to any transfer, including, without limitation, European Commission-approved Standard Contractual Clauses (SCCs), the UK’s Information Commissioner’s Office International Data Transfer Agreement (IDTA) or their International Data Transfer Addendum to the SCC, and/or alternative mechanisms approved under data protection laws, such as, for example, making sure that recipient entities in the USA are self-certified to the EU-U.S. Data Privacy Framework (DPF).
OUR LEGAL BASES
Depending on why we are processing your personal information as outlined in this Privacy Notice, we will rely on one of the following legal bases:
You have given your informed consent to the processing for a specific purpose; where we are relying on your informed consent to process your personal data, you can withdraw your consent at any time;
We need to process your personal data to perform our obligations under a contract to which you are a party, or to act on a pre-contractual request, such as when putting a quotation together or responding to a request for tender;
To comply with a legal or statutory obligation;
When the processing is necessary for the purposes of our legitimate interests, or those of a third party, and such legitimate are compatible with and not overridden by your rights and freedoms as determined in a legitimate interests assessment.
HOW WE SECURE YOUR INFORMATION
We are an ISO 27001-certified and Cyber Essentials Plus-accredited organisation, and we deploy a range of appropriate technical and organisation controls, including automated and physical controls, to protect the information we are responsible for, including, without limitation, personal data we have received or collected, confidential information we hold in the performance of our services, and personal data and/or confidential information we process on behalf of third parties, including, without limitation, our clients, as defined in contracts in place between us and such third parties.
Our technical controls are based on (a) the nature, scope, context, and purposes of our processing of your personal data and (b) our ongoing assessment of key criteria, including prevalent and evolving information security risks to your personal data, including their likelihood and severity, industry best practice, the legal and regulatory privacy landscape, , insurance requirements, and requirements of our clients. We regularly review and monitor our practices and systems against relevant risk assessments and the criteria previously listed.
HOW LONG WE KEEP YOUR INFORMATION FOR
Your personal information is only retained for as long as necessary for us to fulfil the purpose for which it was originally collected, as set out in this Privacy Notice, in other privacy information notices shared with you at the time what we collected personal data from you, in accordance with applicable data protection law and to comply with our legal, regulatory, or contractual obligations.
YOUR RIGHTS IN RELATION TO YOUR INFORMATION
As a data subject, you have certain rights in relation to your personal data.
You can ask to access a copy of your personal data on request (“right of access”);
You can request that we update or rectify incorrect or incomplete data that we hold about you (“right to rectification”);
You can request that we delete or stop processing personal data we hold about you, for example, if the purpose for which we were processing it has lapsed, or if you object to our legitimate interests in processing it (“right to erasure” and “right to restrict processing”);
You have a “right to data portability”;
Where we are relying on our legitimate interests for the processing, you can object to our processing of your personal data (“right to object”).
Please note that some of these rights are subject to exceptions or may only be available to you in the context of specific processing activities and their corresponding legal basis. Where this is the case, we will write to you and explain our reasons why.
You can also opt-out from receiving certain communications from us, such as marketing communications, by clicking on the unsubscribe link at the bottom of any e-mail we send you or sent on our behalf by third parties or by contacting us as outlined in the ‘Getting in touch’ section of this Privacy Notice. Please note that, if you opt-out from receiving certain communications, we may still be in touch in the performance of services to achieve our contractual obligations to you.
IDENTITY VERIFICATION
If you want to exercise any of these rights, you can contact us using the contact details provided under ‘Getting in touch’. We will endeavour to act on your requests no later than 30 days after receipt. If we require more time, we will let you know within this timeframe. We may need to get in touch first to ask for additional information confirming your identity, so that we do not act on malicious or fraudulent requests.
This information will only be stored to verify that your request is genuine after which it will be destroyed; it will not be used for any other purpose. If your request is likely to affect other individuals, we may take additional verification steps, but this will be communicated to you in writing. If we cannot deliver on your request at all, we will be in touch in writing to explain why. If the request is deemed unreasonable or excessive, we may request you to pay a small fee before we send you a copy of your data – this will be kept to a reasonable amount.
GETTING IN TOUCH
We have appointed a Data Protection Officer who is the point of contact for any questions you may have in relation to this Privacy Notice, your personal data and how we use it. The DPO also acts as the point of contact for any organisation or regulatory body that would have questions about your data and how we use it. If you have any questions, including about this Privacy Notice, please e-mail [email protected] or reach out by postal mail to:
FAO: Data Protection Officer
Rippleffect Group
Harling House, 4th floor
47-51 Great Suffolk Street
SE1 0BS, London, UK
We will always endeavour to address any complaints or disputes that individuals have about their personal data or privacy, but if you have reason to believe we have not treated you fairly and our response to you have not been satisfactory, you can choose to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s Data Protection Authority and supervisory authority in the UK, by telephone on 0303 123 1113 or on www.ico.org.uk.
OTHER WEBSITES
Our website(s) may include links to other websites for your information. We are not responsible for these websites, and they operate independently from us. When visiting these other websites, we recommend you review their privacy notices to understand how they will process your personal information and how to exercise your rights.
Personal Data Breach Notification Policy
Cookies
This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. You consent to our cookies if you continue to use our website.
Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website or via your browser settings.
Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.
Please state your consent ID and date when you contact us regarding your consent.
Your consent applies to the following domains: readingroom.com
Cookie |
Description |
Duration |
Type |
---|---|---|---|
__cfduid |
The cookie is set by CloudFare. The cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information. |
1 month |
Necessary |
_dc_gtm_UA-7570464-2 |
This cookie is associated with sites using Google Tag Manager to load other scripts and code into a page. It may be regarded as Strictly Necessary as, without it, other scripts may not function correctly. The end of the name is a unique number which is also an identifier for an associated Google Analytics account. |
1 minute |
Necessary |
_gat_UA-7570464-2 |
This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It is a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
1 minute |
Performance |
_ga |
This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify differences between unique and repeat visits. |
2 years |
Analytics |
_gid |
This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form. |
1 day |
Analytics |