PRIVACY POLICY - Updated March 2026

ImpactSense Ltd is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, share and protect personal information when we provide market research, insight, consultancy and related services.This policy applies to people who visit our website, contact us, work with us as clients or suppliers, take part in our research, are invited to take part in research, or whose personal information is processed as part of a research project.We conduct both quantitative and qualitative research, including surveys, interviews, focus groups, online communities, diary studies, customer panels, segmentation, brand tracking, behavioural research, journey mapping, ethnography, usability research, proposition testing, campaign testing and other insight activities.

Who we are
ImpactSense Ltd is a private limited company registered in England and Wales.Company name: ImpactSense Ltd  
Company number: 12208821  
Registered office: 71 Queen Victoria Street, London, England, EC4V 4BE  
Email: hello@impactsense.com  
Website: www.impactsense.com  
UK telephone: +44 207 164 6489  

For the purposes of data protection law, ImpactSense Ltd may act as either a data controller or a data processor.We act as a data controller when we decide why and how personal information is used, for example when we manage our website, respond to enquiries, manage client and supplier relationships, conduct our own research, recruit participants directly, or administer incentives.We act as a data processor when we process personal information on behalf of a client who decides the purpose of the research and how personal information should be used. Where this applies, the client’s own privacy information may also be relevant.Where appropriate, we will explain our role in the specific research invitation, survey introduction, consent form, recruitment screener or participant information sheet.

What this policy covers
‍This policy covers personal information used in connection with:
- Quantitative research, including surveys, polls, trackers, concept tests, brand studies, customer experience studies and segmentation projects.
- Qualitative research, including depth interviews, focus groups, workshops, online communities, diary studies, ethnography, user research, video research and in-person research.
- Participant recruitment, screening, quality control and incentive management.
- Research analysis, reporting, presentation and insight delivery.
- Client, supplier, partner and business contact management.
- Website visits, enquiries, events and marketing communications.
- Internal administration, operations, legal compliance and security.This policy should be read alongside any study-specific privacy notice or participant information sheet that is provided for a particular research project.

The personal information we collect
‍The personal information we collect depends on the nature of the research or service. It may include the following.

Research participant information
‍We may collect:
- Name.
- Email address.
- Telephone number.
- Postal address or broad location.
- Age or age band.
- Gender.
- Household information.
- Employment status.
- Job title.
- Company or organisation.
- Industry or sector.
- Income band or socio-economic information.
- Customer, user or membership status.
- Purchase behaviour, brand usage or category behaviour.
- Opinions, attitudes, preferences, needs, motivations and experiences.
- Survey responses, interview responses, comments, ratings and verbatim answers.
- Photographs, videos, audio recordings, screen recordings, transcripts, chat messages, uploaded files or diary entries, where relevant to the research.
- Technical information such as IP address, device type, browser type, operating system, survey timestamps, quality control flags, cookies, fraud prevention indicators and completion data.
- Incentive information, such as payment details, gift card details or information needed to process a research incentive.

Special category information
‍Some research may involve personal information that is treated as more sensitive under data protection law. This may include information about:

- Health.
- Ethnicity.
- Political opinions.
- Religious or philosophical beliefs.
- Sexual orientation.
- Trade union membership.
- Biometric data, where used for identification.
- Other sensitive life experiences that participants choose to share during research.We only collect special category information where it is relevant to the research, where participants have been clearly informed, and where an appropriate lawful condition applies.

Client, supplier and business contact informationWe may collect:
- Name.
- Job title.
- Organisation.
- Work email address.
- Work telephone number.
- Business address.
- Meeting notes.
- Project correspondence.
- Contractual information.
- Invoicing and payment information.
- Records of services provided or received.

Website and enquiry information
We may collect:
‍- Information submitted through website forms.
- Email or telephone enquiries.
- Event registrations.
- Newsletter or communications preferences.
- Website usage and analytics information.
- Cookie and device information.

4. How we collect personal information
‍We may collect personal information directly from you when you:
- Complete a survey.
- Take part in an interview, focus group, workshop, diary study, online community or other research activity.
- Complete a recruitment screener.
- Agree to take part in research.
- Contact us by email, telephone, website form, live chat, social media or another channel.
- Attend a meeting, webinar or event.
- Work with us as a client, supplier, partner or contractor.

We may also receive personal information from:
- Our clients, where they ask us to carry out research with their customers, employees, members, stakeholders, users or other audiences.
- Research panels, recruitment agencies, sample providers and fieldwork partners.
- Publicly available sources, such as company websites, professional directories, Companies House, LinkedIn or other business sources, where relevant and lawful.
- Technology providers that support surveys, video calls, transcription, analysis, hosting, security, communications, scheduling or file sharing.
- Other research participants, where they mention another person during a research activity.## 5. How we use personal informationWe use personal information to:- Invite people to take part in research.
- Screen people for research eligibility.
- Run quantitative surveys and other structured research.
- Run qualitative interviews, focus groups, workshops, communities, diary studies and other research activities.
- Record, transcribe, translate, code, analyse and summarise research, where appropriate.
- Understand opinions, behaviours, motivations, needs and experiences.
- Create research outputs, including reports, presentations, dashboards, models, segmentations and recommendations.
- Carry out data cleaning, quality checks, fraud prevention and response validation.
- Manage incentives and participant payments.
- Contact participants about a research activity they have agreed to take part in.
- Respond to enquiries.
- Manage client, supplier and partner relationships.
- Manage contracts, invoices, accounts and business records.
- Improve our research methods, tools, services and internal processes.
- Protect our systems, people, participants, clients and business.
- Comply with legal, regulatory and contractual obligations.

We do not sell personal information. We do not use research participation as a disguised form of sales or marketing.

Lawful bases for processing personal information
‍We rely on different lawful bases depending on the context.

Consent
‍We may rely on consent where you agree to take part in research, agree to be recorded, agree to take part in follow-up research, agree to receive marketing communications, or agree to the use of specific types of information.

Where we rely on consent, you can withdraw your consent at any time. This will not affect processing that has already taken place before consent was withdrawn.

Legitimate interests
‍We may rely on legitimate interests where we have a genuine and lawful reason to use personal information, where the use is necessary, and where we have balanced this against the rights and interests of the individual.

Examples may include:
- Conducting business-to-business research.
- Inviting relevant individuals to take part in professional or stakeholder research.
- Managing client and supplier relationships.
- Improving our services.
- Maintaining data quality.
- Preventing fraud.
- Protecting our systems and business.
- Producing aggregated or anonymised insight.

Contract
We may use personal information where necessary to perform a contract or take steps before entering into a contract. This may apply to clients, suppliers, contractors, research partners and other business relationships.

Legal obligation
‍We may use personal information where necessary to comply with legal obligations, including tax, accounting, company, employment, data protection, regulatory and legal record-keeping requirements.

Special category data
‍Where we process special category data, we will identify both a lawful basis under Article 6 UK GDPR and a special category condition under Article 9 UK GDPR.

Depending on the study, this may include explicit consent, research purposes with appropriate safeguards, or another condition permitted by law

Quantitative research
‍For quantitative research, we may collect structured survey responses and related information such as demographics, behaviours, brand usage, customer status, attitudes, ratings, preferences and open-ended comments.

Quantitative research may be used for:
- Customer insight.
- Consumer insight.
- Brand tracking.
- Campaign evaluation.
- Proposition testing.
- Product development.
- Customer experience research.
- Market sizing.
- Segmentation.
- Behavioural research.
- Public opinion research.
- Business-to-business research.
- Statistical modelling and analysis.

We may use research panels, sample providers, recruitment partners or client-supplied contact lists to reach relevant participants.We use quality control measures to protect the reliability of data. These may include response validation, attention checks, speed checks, consistency checks, duplicate detection, device or IP checks, panel quality checks, fraud prevention tools, automated monitoring and human review.Survey results are usually reported in aggregated or anonymised form. Where individual-level survey data is shared with a client, this will be limited to what is necessary and will be managed under appropriate safeguards.

Qualitative research
‍For qualitative research, we may collect richer information through:
- 1-1 interviews.
- Focus groups.
- Workshops.
- Online communities.
- Diary studies.
- Ethnography.
- Accompanied tasks.
- User research.
- Video calls.
- In-person sessions.
- Screen sharing.
- Chat, photo, video or written tasks.Qualitative research may involve audio or video recording. We will tell participants when recording is taking place and explain how recordings will be used.

Recordings, transcripts, notes and research materials may be used for:
- Analysis.
- Quality control.
- Internal research team review.
- Client review, where relevant to the project.
- Creating reports, presentations, clips, quotes or summaries.
- Supporting accurate interpretation of what participants said or did.We may use anonymised quotes, clips, images or examples in research outputs. We will take care not to identify participants unless this has been clearly explained and agreed, or unless identification is inherent in the nature of the research.

Confidentiality, anonymity and reporting
‍Market research is generally conducted to understand groups, audiences, markets and behaviours, not to make decisions about individual participants.Where possible, we report research findings in aggregated or anonymised form.

However, the level of anonymity or confidentiality may vary by project.
For example:
- In a general consumer survey, findings may be reported only at an aggregate level.
- In a qualitative project, a client may see anonymised quotes, clips or transcripts.
- In a business-to-business expert interview, the participant’s role, organisation type or identity may be relevant to the research.
- In customer or employee research, the client may know who was invited to take part, but may not receive identifiable responses unless this has been explained.
- In some projects, responses may be linked to customer records, usage data or other information supplied by the client, where lawful and explained in the study information.

We will not intentionally identify a participant in research outputs unless:
- The participant has been told and has agreed.
- Identification is necessary and expected for the type of research.
- The information is already public and is being used lawfully.
- Disclosure is required by law.
- There is a serious safeguarding, legal or safety concern.

Client-sponsored research
‍Many of our studies are carried out on behalf of clients.Depending on the project, the client may provide contact details, customer data, employee data, user data or other information to help us conduct the research.

We may share research findings with the client. These findings are usually aggregated or anonymised, but in some projects they may include identifiable data where this is necessary, lawful and explained to participants.Where we act as a processor for a client, we process personal information in accordance with the client’s instructions and our contract with them.Where we act as an independent controller or joint controller, we will ensure that our responsibilities are clear and that appropriate privacy information is provided.

Participant recruitment and panels
‍We may recruit participants directly or through research panels, sample providers, specialist recruiters, client lists, professional sources or our own networks.

Recruitment may involve collecting information to check whether someone is suitable for a particular study. This may include demographic, behavioural, professional, category usage or customer information.

We may also use quality control and authentication processes to help ensure participants are genuine, relevant and able to provide reliable insight.If you are recruited through a third-party panel or recruiter, that organisation may also process your personal information under its own privacy policy.
‍
Incentives and payments
‍Where incentives are offered for taking part in research, we may collect and use the information needed to administer the incentive. This may include your name, email address, postal address, payment details, bank details, PayPal details, gift card details or other fulfilment information.

We may share necessary information with incentive providers, payment providers, recruiters or other suppliers who help us fulfil incentives.

We may retain incentive and payment records where necessary for accounting, audit, fraud prevention, tax or legal purposes.

Use of technology, analytics and AI-assisted tools
We use technology to support our research and business operations.

This may include:
- Survey platforms.
- Online community platforms.
- Video conferencing tools.
- Transcription tools.
- Translation tools.
- Analysis and coding tools.
- Dashboard and reporting tools.
- Data visualisation tools.
- AI-assisted tools.
- Secure file storage and collaboration systems.
- Email, scheduling and project management tools.
- Quality control and fraud prevention tools.

We may use AI-assisted tools to help with tasks such as summarising, coding, pattern recognition, analysis, drafting research outputs, transcript review, translation or data quality checks.Where we use AI-assisted tools, we aim to use them responsibly and with appropriate human oversight. We do not use research responses to make automated decisions with legal or similarly significant effects about individual participants.

We also take steps to minimise identifiable information where possible and to use appropriate supplier safeguards.

Children and young people
‍Some research may involve children or young people. Where this happens, we will take additional care.

Depending on the age of the participant and the nature of the research, we may seek consent or permission from a parent or guardian, as well as the child or young person’s own agreement to take part.

We will aim to provide information in a clear and age-appropriate way and will design the research with the participant’s wellbeing, privacy and ability to withdraw in mind.

Who we share personal information with
‍We may share personal information with
:- Clients, where necessary for a research project and in line with the study information.
- Research panels, sample providers and recruitment partners.
- Fieldwork agencies and moderators.
- Transcribers, translators, coders and analysts.
- Survey, online community and video research platforms.
- Incentive and payment providers.
- IT, hosting, cloud storage, security, email and collaboration providers.
- Professional advisers, including accountants, lawyers, auditors and insurers.
- Public authorities, regulators, courts or law enforcement bodies where required by law.
- Potential buyers, investors or advisers in the event of a business sale, restructuring or investment process, subject to appropriate safeguards.

We require suppliers and partners to protect personal information appropriately and only use it for agreed purposes.

International transfers
‍Some of the suppliers, systems, partners or clients we work with may process personal information outside the UK.

Where personal information is transferred outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, approved contractual clauses, transfer risk assessments or other legally recognised safeguards.

How long we keep personal information
‍We keep personal information only for as long as necessary for the purpose for which it was collected.

Retention periods vary depending on the project, the type of data and any legal, contractual or operational requirements.

As a general guide:
- Recruitment and screening information is usually kept for the duration of the project and a reasonable period afterwards for administration, quality control and audit purposes.
- Survey response data is usually kept for the duration of analysis, reporting and validation, and may be retained for longer where needed for trend analysis, modelling or research integrity.
- Qualitative recordings are usually kept only for as long as needed for analysis, reporting, quality control and client review.
- Transcripts, notes, anonymised clips, aggregated data and research outputs may be kept for longer where they no longer identify individuals or where there is a legitimate research or business need.
- Incentive and payment records may be kept for accounting, tax, audit and fraud prevention purposes.
- Client, supplier, financial and contractual records may be kept for longer to meet legal, accounting and business requirements.
- Website and enquiry records are kept only for as long as needed to respond, manage the relationship, maintain records or comply with legal obligations.

Where a study-specific privacy notice provides a more specific retention period, that notice will apply.When personal information is no longer needed, we will delete it, anonymise it or securely archive it, as appropriate.

How we protect personal information
‍We use appropriate technical and organisational measures to protect personal information.

These may include:
- Access controls.
- Password protection.
- Multi-factor authentication where appropriate.
- Secure file storage and transfer.
- Encryption where appropriate.
- Role-based permissions.
- Supplier due diligence.
- Data processing agreements.
- Confidentiality obligations.
- Staff training.
- Data minimisation.
- Pseudonymisation or anonymisation where appropriate.
- Secure deletion processes.
- Quality control and monitoring.No system can be guaranteed to be completely secure, but we take reasonable steps to protect personal information from unauthorised access, loss, misuse, alteration or disclosure.

Your rights
Depending on the circumstances, you may have the right to:
- Ask for access to your personal information.
- Ask us to correct inaccurate or incomplete information.
- Ask us to delete your personal information.
- Ask us to restrict how we use your personal information.
- Object to certain uses of your personal information.
- Withdraw consent, where we rely on consent.
- Ask for a copy of your personal information in a portable format, where applicable.
- Complain to the UK Information Commissioner’s Office.

Some rights may be limited where information has been anonymised, where we are acting as a processor for a client, where we need to keep information for legal reasons, or where fulfilling the request would affect the rights and freedoms of others.

To exercise your rights, contact us at: hello@impactsense.com

You also have the right to complain to the UK Information Commissioner’s Office. You can find more information at www.ico.org.uk.

Marketing communications

‍We may contact business contacts about our services, events, research, thought leadership or updates where lawful to do so.

You can opt out of marketing communications at any time by using the unsubscribe link in our emails or by contacting us at hello@impactsense.com.

We do not sell personal information to third parties.

Cookies and website analytics
‍Our website may use cookies and similar technologies to operate the site, improve performance, understand visitor behaviour, support security and manage preferences.Where required, we will ask for consent before placing non-essential cookies.You can manage cookies through your browser settings and, where available, through our website cookie tools.

Links to other websites
‍Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. You should read the privacy information provided by any third-party website you visit.

Changes to this policy
‍We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, research methods, technology, suppliers or business operations.

The latest version will be published on our website with the date of update.

Contact us
If you have any questions about this Privacy Policy or how we use personal information, please contact:
ImpactSense Ltd  
71 Queen Victoria Street  
London  
England  
EC4V 4BE  Email: hello@impactsense.com  
Website: www.impactsense.com  
UK telephone: +44 207 164 6489