Privacy Policy

• Effective Date: 19^st January 2017
• Last Updated: 24^th October 2024

Introduction

This Privacy Policy explains how Quest Sampling (referred to as "Company," "we," "our," or "us") collects, uses, and protects personal information obtained through our website and services. By engaging with our services, you consent to the collection and processing of your data as outlined in this policy.

1. Information We Collect

We collect personal data to enhance user experience, improve our services, and facilitate survey participation. This information includes:

• Personal Information: Name, email address, contact details, demographic data, and any voluntarily provided information.
• Technical Data: Browser type, operating system, IP address (first block only), and approximate geographic location for survey verification purposes.
• Cookies & Tracking Technologies: Used for survey quality assurance, site optimization, and to deliver relevant content. You can manage or disable cookies via your browser settings.

2. How We Use Your Information

Your data is used for the following purposes:

• Facilitating access to panel activities and surveys.
• Communicating with you about survey opportunities and updates.
• Conducting research and improving our services.
• Ensuring data security and fraud prevention.
• Compliance with legal and regulatory requirements.

3. Your Rights & Data Management

At Quest Sampling, we respect your rights regarding your personal information. You can access, update, or request the deletion of your data at any time.

A. Access, Edit & Deletion Rights

You have the right to:

• Review the personal information we have collected about you.
• Request corrections to inaccurate or incomplete data.
• Request deletion of your data, subject to applicable legal requirements.

To exercise these rights, you can:

• Email us at: privacy@questsampling.com.
• Manage your profile settings on our website.
• Send a written request via mail to:

Quest Sampling FZCO
IFZA Business Park, DDP, Building A1,
Dubai, UAE, PO Box- 74603
Attn: Privacy Compliance Officer Our Legal Department oversees compliance with this Privacy Policy and will process your request in accordance with applicable data protection laws.

B. Opting Out

If you no longer wish to receive survey invitations or other communications, you can:

• Adjust your preferences in your account settings.
• Request account deletion through your profile. Allow up to 72 hours for opt-out requests to be processed.

• Email us at: privacy@questsampling.com.

C. Security of Your Data

We implement strict technical and organizational safeguards to protect your personal information from unauthorized access, modification, disclosure, or destruction. For any questions, concerns, or complaints regarding our privacy practices, feel free to contact us at privacy@questsampling.com.

4. Third-Party Data Sharing

We do not sell, trade, or share personal information with third parties without consent, except in cases where:

• Required by law.
• Necessary to fulfill contractual obligations.
• Involving trusted third-party service providers who assist in our operations (under strict data protection agreements).

5. GDPR Rights (For EU Residents)

Under the General Data Protection Regulation (GDPR), panelists have the following rights:

• Right to Be Informed: Transparency about how we process your data.
• Right to Access: Request details of the data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete information.
• Right to Erasure: Request deletion of your data ("Right to be Forgotten").
• Right to Restriction of Processing: Limit how your data is processed.
• Right to Data Portability: Obtain and transfer your data in a structured format.
• Right to Object: Decline processing based on legitimate interests.
• Right to Avoid Automated Decision-Making: Not be subject to solely automated processing with significant effects.

To exercise these rights, contact privacy@questsampling.com.

6. CCPA & U.S. State Privacy Rights

If you are a California, Virginia, Colorado, Connecticut, or Utah resident, you have the following rights under state privacy laws:

• Right to Know: Request details of the personal data collected in the past 12 months.
• Right to Delete: Ask for your personal information to be erased.
• Right to Opt-Out: Decline the sale of personal data (we do not sell data).
• Right to Non-Discrimination: Not be penalized for exercising privacy rights.

To submit a request, email privacy@questsampling.com.

7. Children’s Privacy Policy

Our website and services are intended for users 18 years and older. We do not knowingly collect data from minors. If we suspect an underage user, their information will be removed promptly.

8. Email Communications

• All emails will clearly display our company name and logo.
• Survey invitations may vary in frequency, and there is no guarantee of a minimum number of opportunities.

9. Updates to This Privacy Policy

We may revise this policy periodically. Changes will be communicated via our website or email notifications for significant updates. If you disagree with any changes, you must discontinue your membership.

10. Information Security Framework

A. Objective

The purpose of this framework is to establish a structured approach to safeguarding Quest Sampling’s proprietary and customer information. This document defines the security controls and measures necessary to protect sensitive data while ensuring adherence to applicable local and international security regulations. It provides clear directives that all employees, contractors, and associated entities must follow to maintain a secure information environment.

B. Scope & Applicability

This policy applies to all forms of information associated with Quest Sampling, covering areas such as customer data, source code, architectural diagrams, financial records, and Personally Identifiable Information (PII). It is binding on all employees, subsidiaries, contractors, partners, and any third-party service providers who access, process, store, or transmit Quest Sampling’s data.

C. Core Information Security Goals

• Alignment with Business Strategy: Ensure that security initiatives align with Quest Sampling’s broader business objectives.
• Regulatory & Compliance Adherence: Maintain compliance with applicable legal, regulatory, and industry standards.
• Risk Management & Security Planning: Establish an evolving security plan that proactively identifies and mitigates threats.
• Incident Handling & Response: Implement robust detection, containment, and resolution mechanisms for security breaches.
• Asset Protection & Risk Evaluation: Maintain an accurate record of assets and conduct regular risk assessments to prevent vulnerabilities.

D. Information Security Governance

Every individual associated with Quest Sampling must adhere to established security policies. Security guidelines will be communicated during onboarding and reinforced periodically. All policies will remain accessible at all times and will undergo an annual review to reflect operational changes. If business transformations impact data security, an immediate policy update will be initiated. Approval from senior management is mandatory for all modifications.

E. Security Measures & Implementation

 Human Resource Security

Employees and contractors have direct access to sensitive data, making personnel security a priority. Specific policies and best practices for managing human-related security risks are outlined in the HR Security Policy (Internal Doc).

 Asset Security & Management

A structured asset management system mitigates potential risks associated with information exposure. Key measures include:

• Asset Accountability: All digital and physical assets (data, hardware, and software) must be cataloged and assigned to a responsible individual.
• Ownership Assignment: Each designated asset owner is accountable for the asset’s security and maintenance.
• Data Classification: Information is categorized based on sensitivity and must be managed accordingly.
• Asset Protection Guidelines: Further details on asset security protocols are provided in the Asset Management Policy (internal document).

F. Operational Security & Data Protection

• System capacity planning and integration of new infrastructure must comply with internal security standards.
• A structured change management process will regulate system modifications to prevent unauthorized alterations.
• Routine data backups will be performed and tested to safeguard against data loss.

G. Policy Management & Lifecycle

      Policy Updates & Modifications

• Policies will be reviewed regularly and updated when required.
• All modification requests must include a business rationale.
• The Director of Operations will evaluate and approve any requested changes.
• The Security Team will ensure proper communication of policy updates to all employees.

     Exceptions to Policy Compliance

• Adherence to security policies is mandatory for all employees and third parties.
• In situations where compliance is impractical, an exception request must be submitted for evaluation.
• Approved exceptions will be monitored, assigned remediation deadlines, and periodically reviewed to ensure corrective measures are implemented.

10. Grievance & Data Protection Officer

Quest Sampling is committed to safeguarding your privacy and ensuring compliance with data protection regulations. For any concerns, inquiries, or requests related to your personal data, you may contact our Data Protection Officer (DPO), Pulkit Singh, via:

• Email: pulkit.singh@questsampling.com
• Phone: +91-9650092129
• Mail: Quest Sampling FZCO IFZA Business Park, DDP, Building A1,Dubai, UAE, PO Box- 74603

Our DPO is available to assist you with any privacy-related matters in accordance with applicable regulations.

11. Contact Us

For any questions or concerns regarding this Privacy Policy, please contact us at: Email: privacy@questsampling.com.