Page 61 - Ipsos
P. 61
Information Classification: Internal Use
Ipsos Book of Policies & Procedures
Personal Data: Whilst many of us will be familiar with the term “Personally Identifiable
Information” (“PII”), the European definition of personal data goes beyond the generally
accepted definition of PII used in North America. Personal Data refers to information that
can be used, independently or together with other information, to uniquely identify,
contact, or locate a single individual. In the context of our data collection platforms, this
means most of the data held on our Dimensions platforms, together with any files holding
client sample or other respondent sample data loaded onto Dimensions will, due to the
context, constitute personal data protected by relevant data privacy laws, even though
the name of the respondent may not be held in the data. Examples include name, age,
gender, mailing address, phone numbers, email address and identification numbers (for
example, Social Security Numbers and Social Insurance Numbers). Typically we are sent
PII information that includes a full name and contact information (such as an e-mail
address or telephone number) to our clients.
Sensitive Personal Information (SPI) - This includes data about an individual’s racial or
ethnic origin, age, date of birth, political opinions, religious beliefs (or other beliefs of a
similar nature), physical or mental health, sexual life/sexuality, financial information (bank
account number, credit scores, income, salary, bonus, Ipsos Financial Data etc.) and
criminal proceedings or convictions.
User - Is the person who has been granted access rights to information resources of
Ipsos
Records -Defined as any informational material, physical or electronic, (i.e., writing on paper, e-
mail, databases and database elements, spreadsheets, videotaped footage, audiotaped material,
information stored on computer hard drives, servers, or compact discs, etc.) generated or
received by the Company or its affiliates in connection with the conduct of business. Note:
Documentary material containing personal information in addition to information related to the
conduct of the Company business, for example, an appointment calendar containing records of
both personal and professional engagements, is considered to be a Record; the fact that personal
information is contained in a document along with other information does not mean that the
document is not a Record. As a general rule, electronic records, i.e., databases, video and audio
recordings, and e-mails, should be treated just like any other Records.
Financial Records – Defined as Records that must be kept for accounting, tax, or other financial
purposes.
Legal Records – Defined as - Legally Required Records are Records, other than Financial
Records, that are required to be kept in accordance with a specific federal, state, or local law or
regulation; are related to important property rights (including intellectual property rights) that the
Company is legally obligated to protect; or that are related to an identified, pending, or anticipated
legal claim or regulatory action.
Vital Records: Vital Records are Records that:
Are essential to maintaining the Company’s continuity of operations;
Are essential to the maintenance the Company’s legal and financial status;
Are necessary for fulfilling obligations to shareholders, employees, customers, regulators, or
other outside interests;
Document the Company’s ownership of assets and without which it would otherwise be difficult
or impossible to establish such ownership; and/or
Page 21 of 22
