Our Privacy Commitment
Our Privacy Commitment to Research Participants
NORC often invites individuals to become research participants in major national research projects. Research participants may complete surveys to provide feedback and opinions on a range of social, political, lifestyle, marketing, and other questions, and may contribute other types of data. Research participants may receive certain benefits or incentives from NORC for participating in our research.
NORC respects the privacy of every research participant. This Privacy Statement outlines the information NORC may collect and how we may use information you provide as a NORC research participant. NORC conducts many different types of research projects and each project has specific requirements about the types of data we collect and what we do with that data. Therefore, this Statement is meant to serve as general guidance on how NORC handles research participant data. Specific data collection and data sharing requirements will be provided to research participants as part of the consent process of individual projects and may vary slightly from this Statement.
All PII is stored on servers located in the United States. These servers are owned and maintained by NORC.
What information is collected by NORC, how is PII collected, and how is it used?
- INFORMATION YOU SUBMIT
The type of information NORC may collect from research participants varies depending the specifics of each research project, but will often times include the collection of PII as defined above. In addition to the collection of PII, you may be asked to voluntarily provide or disclose Sensitive Data. “Sensitive Data” means PII that discloses or reveals health and medical conditions, sexual orientation or sexual life, political opinions/views, race/ethnic origin, religious and philosophical beliefs and trade-union membership.
- INFORMATION COLLECTED ABOUT RESEARCH PARTICIPANTS THROUGH AUTOMATED MEANS
The Some NORC research involves collecting information that research participants submit via their computers. In these circumstances, NORC may also collect certain information automatically, such as information about: (i) your device or computer and its capabilities, including, without limitation, the operating system, the applications or programs on your device or computer, IP address, device carrier, device type, time zone, network status, browser type, browser identifier, unique device identification number, carrier user ID (a number uniquely allocated to you by your network provider), media access control address, international mobile equipment identity, locale and other information that alone or in combination may be used to uniquely identify your device or computer; and (ii) your activities in connection with NORC’s research. Specific examples of this information, and the technology that collects it, are below:
Cookies are small files that store certain data on a device or computer. NORC may use session and persistent cookies for several purposes including, without limitation, to provide a better survey experience, quality control, validation, to enable or facilitate survey participation, tracking of completed surveys or other completed actions, and for fraud detection and/or prevention. Session cookies expire when you close your browser. Persistent cookies remain on your device or computer indefinitely until deleted.
For some research projects, NORC may automatically gather and store certain information in log files, including, without limitation, data available from your web browser, including, without limitation, IP Address, browser type, internet service provider, referring/exiting pages, operating system, date/time stamp and click stream data.
Generally, watermarking involves placing a technology or file on your device or computer to identify that it has previously been used to register with or access NORC’s research. Watermarking is used for quality control and validation purposes and fraud detection and/or prevention purposes. NORC may engage in watermarking activities directly or through a third party vendor.
INFORMATION COLLECTED FROM THIRD PARTIES
NORC may obtain PII and demographic information from third parties, including, without limitation, information services bureaus, other sample suppliers and/or social media platforms. NORC may use the PII for various purposes, including, without limitation, data validation, data append, fraud detection purposes, and/or sending you a one-time email to invite you to participate in our research.
- NORC’S USE OF INFORMATION
What communications will I receive as a research participant with NORC?
Communications you will receive from NORC will be specific to the particular research project you are participating in. Examples of communications you may receive from NORC as a research participant may be mail, telephone calls, or text messages. Specifics regarding communication types, preferences, and waivers are specific to each project and are normally handled around the time an individual consents to become a NORC research participant. All PII is stored on servers located in the United States. These servers are owned and maintained by NORC.
Does NORC share Personally Identifying Information (PII) and survey responses collected through NORC’s research with third parties?
In most instances, NORC only provides non-PII data to third parties. PII is typically de-identified, anonymized, and aggregated before it is shared with any third parties. However, depending on the specific research project, there may be exceptions.
Generally, disclosures of PII by NORC to a third party are made pursuant to a written agreement between NORC and the third party, which, among other things, limits use of the PII. NORC can provide an accounting of disclosures available to the person named in the record upon request. Any accounting of PII disclosures should be made through NORC’s Privacy Compliance Office through one of the contact methods provided below.
NORC will disclose PII collected through NORC’s Services to third parties as follows:
- Pursuant to applicable law or in response to a subpoena or an order of a court or government agency.
- To establish, exercise, or defend legal claims of an individual or NORC, including in order to protect the safety of an individual or to protect NORC’s rights and/or property.
- To authorized agents and/or subcontractors of NORC and/or of NORC’s clients, who are providing services, including, without limitation, data append services, data validation services, fraud detection and/or prevention services, database-matching services, coding services, data segmentation services, and reward, incentive, and sweepstakes related services.
How can I opt out of certain data collection and/or use?
Participation in all NORC research is voluntary, and you may choose not to answer any questions you don’t wish to answer.
Generally, there are multiple opt-out options for NORC research participants. Specifics of how to opt-out of NORC research are specific to each project and will be made available to research participants in accordance with their consent to participate in a specific research project.
How long does NORC keep my PII and other information?
NORC may retain PII and other information relating to your research participation to the extent required or permitted by law.
How can I access the PII and other information collected about me?
You may request access to review, correct, delete or to object to the processing of your PII by contacting us as set forth below.
What security is available for the PII and other information collected through NORC research?
NORC maintains appropriate technical, administrative and physical safeguards to protect PII and other information disclosed or collected by NORC. NORC reviews, monitors and evaluates its privacy practices and protection systems on a regular basis. Notwithstanding the foregoing, transmissions over the Internet and/or a mobile network are not one hundred percent (100%) secure and NORC does not guarantee the security of transmissions. Please be apprised all Internet-based communication is subject to the remote likelihood of tampering from an outside source. NORC is not responsible for any errors by individuals in submitting PII to NORC.
Questions or Concerns Generally.
Chief Privacy Officer
Privacy Compliance Office
55 East Monroe Street, 20th Floor Chicago, IL 60603
We value the opinions and feedback of our research participants to help improve our service.
CHANGES TO THIS PRIVACY STATEMENT
We may update this privacy statement to reflect changes to our information practices. We encourage you to periodically review our website for the latest information on our privacy practices.
Last Updated: April 26, 2023