This Privacy Policy explains how the Synthetic Market Research Association (the “Association”, “we”, “us”, “our”) collects, uses, shares, and protects personal information when you visit our website (the “Site”) or use our services (together, the “Services”).
This document is designed to be clear and practical. It is not legal advice. If you need a jurisdiction-specific version (e.g., Canada PIPEDA/Quebec Law 25, EU GDPR, UK GDPR, California CPRA), you should have counsel review and adapt it.
1) What we collect
- Contact details (e.g., name, email) when you subscribe to updates, contact us, or apply to join.
- Organisation details (e.g., company name, role) if you submit a membership or directory request.
- Submissions you send us (e.g., directory entry details, feedback, comments, suggested edits).
- Device and usage data (e.g., pages visited, time on page, referral source, approximate location at city/region level).
- Log data (e.g., IP address, browser type, operating system, timestamps).
- Cookies and similar technologies to operate the site, remember preferences, and understand usage.
We do not intentionally collect sensitive personal information (such as health data, precise location, biometric identifiers, or government IDs) unless you choose to provide it. Please avoid including sensitive information in free-text submissions.
2) How we use personal information
We use personal information to:
- Operate and secure the Site and Services.
- Provide requested materials (e.g., newsletters, event information, resources).
- Process membership applications and administer membership (if applicable).
- Manage the directory (e.g., publish or update entries when authorised).
- Respond to enquiries and support requests.
- Improve the Site and Services (e.g., understanding what content is most useful).
- Comply with legal obligations and enforce our terms.
3) Legal bases (where applicable)
Depending on your jurisdiction, we may rely on: your consent (e.g., marketing emails), performance of a contract (e.g., membership administration), legitimate interests (e.g., site security and analytics), and legal obligations.
4) Cookies and analytics
We may use cookies and similar technologies for essential site functionality, security, and basic analytics. If we use third-party analytics (e.g., privacy-friendly analytics tools), those providers may set their own cookies or process device data according to their policies.
You can typically control cookies through your browser settings. If you disable cookies, parts of the Site may not function properly.
5) How we share personal information
We may share personal information with:
- Service providers who help us run the Site/Services (e.g., hosting, email delivery, analytics, customer support). They are authorised to process information only to provide services to us.
- Working groups / events (limited sharing) where necessary to run a programme you joined (e.g., attendee list). We will aim to share the minimum needed and indicate when lists are visible to other members.
- Public directory visitors when you submit a directory entry for publication. Only the information you intend for publication should be submitted.
- Legal and safety disclosures if required by law, subpoena, or to protect rights, safety, and security.
- Business transitions (rare) if we restructure, merge, or transfer assets; we will take reasonable steps to protect your information.
We do not sell personal information in the ordinary sense. If a specific law defines “sale” broadly, we will provide appropriate disclosures and opt-outs if required.
6) Directory entries
Directory entries are intended to be professional and organisation-focused. If you submit a directory entry, you represent that you have the right to share the content provided (including logos and descriptions) and that it does not include confidential or sensitive personal information.
If a directory entry includes contact details, we recommend using role-based addresses (e.g., research@company.com) rather than personal emails.
7) Email communications
If you subscribe to updates, we may send newsletters, standards updates, and event announcements. You can opt out at any time using the unsubscribe link in the email or by contacting us.
8) Data retention
We retain personal information only as long as necessary for the purposes described above, including maintaining membership records, responding to requests, meeting legal obligations, and ensuring security. When no longer needed, we delete or anonymise it.
9) Security
We use reasonable administrative, technical, and organisational measures to protect personal information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
10) Your rights
Depending on your jurisdiction, you may have rights to:
- Access your personal information.
- Correct inaccurate personal information.
- Delete personal information (subject to legal exceptions).
- Withdraw consent (where processing is based on consent).
- Object to or restrict certain processing.
- Receive a copy of your information (data portability) in some cases.
To make a request, contact us using the details below. We may need to verify your identity and clarify your request.
11) Children
The Site and Services are not intended for children. We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take steps to delete it.
12) International transfers
If we use service providers in different countries, your information may be processed outside your jurisdiction. Where required, we use reasonable safeguards (such as contractual protections) to protect personal information.
13) Changes to this policy
We may update this Privacy Policy from time to time. The updated policy will be posted on the Site with a revised “Last updated” date. Your continued use of the Site or Services after changes become effective constitutes acceptance.
14) Contact
For privacy questions or requests, contact: info@syntheticmarketresearch.org (replace with your official contact email).
If you want this policy tailored to a specific jurisdiction (Ontario/Canada, UK, EU, US state laws), you can keep the structure and swap in the required statutory language and rights notices.