Our Privacy Commitment

Research Participant Privacy Policy

Our Privacy Commitment to Research Participants

NORC often invites individuals to become research participants in major national research projects. Research participants may complete surveys to provide feedback and opinions on a range of social, political, lifestyle, marketing, and other questions, and may contribute other types of data. Research participants may receive certain benefits or incentives from NORC for participating in our research.
 

NORC respects the privacy of every research participant. This Privacy Statement outlines the information NORC may collect and how we may use information you provide as a NORC research participant. NORC conducts many different types of research projects and each project has specific requirements about the types of data we collect and what we do with that data. Therefore, this Statement is meant to serve as general guidance on how NORC handles research participant data. Specific data collection and data sharing requirements will be provided to research participants as part of the consent process of individual projects and may vary slightly from this Statement.
 

This Statement will also tell you how you can verify the accuracy of your personally identifying information (PII) submitted to and how you can request that we delete or update your PII. We’ve developed our privacy policy from industry guidelines and standards, and local, national, and international laws and requirements. All privacy practices and methods described in this policy apply only insofar as permitted by the applicable standards, laws and requirements.
 

About NORC’s Research Participant Privacy Policy

This Privacy Policy sets forth the typical collection, use and disclosure of personal data or personally identifiable information (“PII”) and other information by NORC in connection with NORC’s research. Your participation in NORC’s research is completely voluntary. NORC strives to conform its privacy practices to applicable laws, codes, and regulations, and the codes of standards of applicable market and opinion survey research associations. For clarification, except for where you have been provided with separate privacy information related to a specific NORC research project, this Privacy Policy applies to data collected by NORC from NORC’s research participants. All references to “us” or “we” refer to NORC.

All PII is stored on servers located in the United States. These servers are owned and maintained by NORC.

 

For the purpose of this Privacy Policy, the term “PII” shall include, without limitation, your name, address(es), telephone number(s) (including home, cell, and/or business telephone numbers), email address(es), date of birth, any unique identification number we may assign to you, and Sensitive Data (as defined herein).

What information is collected by NORC, how is PII collected, and how is it used?

  1. INFORMATION YOU SUBMIT

    The type of information NORC may collect from research participants varies depending the specifics of each research project, but will often times include the collection of PII as defined above. In addition to the collection of PII, you may be asked to voluntarily provide or disclose Sensitive Data. “Sensitive Data” means PII that discloses or reveals health and medical conditions, sexual orientation or sexual life, political opinions/views, race/ethnic origin, religious and philosophical beliefs and trade-union membership.

  2. INFORMATION COLLECTED ABOUT RESEARCH PARTICIPANTS THROUGH AUTOMATED MEANS

    The Some NORC research involves collecting information that research participants submit via their computers. In these circumstances, NORC may also collect certain information automatically, such as information about: (i) your device or computer and its capabilities, including, without limitation, the operating system, the applications or programs on your device or computer, IP address, device carrier, device type, time zone, network status, browser type, browser identifier, unique device identification number, carrier user ID (a number uniquely allocated to you by your network provider), media access control address, international mobile equipment identity, locale and other information that alone or in combination may be used to uniquely identify your device or computer; and (ii) your activities in connection with NORC’s research. Specific examples of this information, and the technology that collects it, are below:

    COOKIES: NORC’s Use of Cookies Generally.

    Cookies are small files that store certain data on a device or computer. NORC may use session and persistent cookies for several purposes including, without limitation, to provide a better survey experience, quality control, validation, to enable or facilitate survey participation, tracking of completed surveys or other completed actions, and for fraud detection and/or prevention. Session cookies expire when you close your browser. Persistent cookies remain on your device or computer indefinitely until deleted.

    Use of Cookies by Subcontractors Generally.

    NORC may use third parties to provide services and certain functionality to NORC, including, without limitation, panelist fraud detection services. NORC may use contracts with such third parties to control their use of cookies and to limit their use of cookies to the limited purposes set forth in the contracts.

    Log Files

    For some research projects, NORC may automatically gather and store certain information in log files, including, without limitation, data available from your web browser, including, without limitation, IP Address, browser type, internet service provider, referring/exiting pages, operating system, date/time stamp and click stream data.

    Watermarking

    Generally, watermarking involves placing a technology or file on your device or computer to identify that it has previously been used to register with or access NORC’s research. Watermarking is used for quality control and validation purposes and fraud detection and/or prevention purposes. NORC may engage in watermarking activities directly or through a third party vendor.

  3. INFORMATION COLLECTED FROM THIRD PARTIES

    NORC may obtain PII and demographic information from third parties, including, without limitation, information services bureaus, other sample suppliers and/or social media platforms. NORC may use the PII for various purposes, including, without limitation, data validation, data append, fraud detection purposes, and/or sending you a one-time email to invite you to participate in our research.
     

  4. NORC’S USE OF INFORMATION

    In addition to other purposes set forth in this Privacy Policy, and in accordance with any specific research project requirements that will be made known to you as a research participant, NORC may use information as follows: (i) to communicate with you regarding your participation in our research; (ii) to communicate with you regarding your participation in our research; (iii); to comply with any and all legal obligations, including, without limitation, tax obligations; (iv) to update NORC’s records; (v) to comply with any data suppression obligations or requirements; (vi) for fraud detection and/or prevention purposes; and (vii) as otherwise permitted pursuant to this Privacy Policy or as otherwise authorized by you.

What communications will I receive as a research participant with NORC?

Communications you will receive from NORC will be specific to the particular research project you are participating in. Examples of communications you may receive from NORC as a research participant may be mail, telephone calls, or text messages. Specifics regarding communication types, preferences, and waivers are specific to each project and are normally handled around the time an individual consents to become a NORC research participant. All PII is stored on servers located in the United States. These servers are owned and maintained by NORC.

For the purpose of this Privacy Policy, the term “PII” shall include, without limitation, your name, address(es), telephone number(s) (including home, cell, and/or business telephone numbers), email address(es), date of birth, any unique identification number we may assign to you, and Sensitive Data (as defined herein).

 

Does NORC share Personally Identifying Information (PII) and survey responses collected through NORC’s research with third parties?

In most instances, NORC only provides non-PII data to third parties. PII is typically de-identified, anonymized, and aggregated before it is shared with any third parties. However, depending on the specific research project, there may be exceptions.
 

Generally, disclosures of PII by NORC to a third party are made pursuant to a written agreement between NORC and the third party, which, among other things, limits use of the PII. NORC can provide an accounting of disclosures available to the person named in the record upon request. Any accounting of PII disclosures should be made through NORC’s Privacy Compliance Office through one of the contact methods provided below.
 

NORC will disclose PII collected through NORC’s Services to third parties as follows:

  1. With your consent, other than your consent to the processing and sharing described in this Privacy Policy and specifically this section.

  2. Pursuant to applicable law or in response to a subpoena or an order of a court or government agency.

  3. To establish, exercise, or defend legal claims of an individual or NORC, including in order to protect the safety of an individual or to protect NORC’s rights and/or property.

  4. To a parent, subsidiary, or affiliate of NORC: (i) in the event of a reorganization or restructuring, or (ii) for use and processing in accordance with this Privacy Policy or as authorized by you.

  5. To authorized agents and/or subcontractors of NORC and/or of NORC’s clients, who are providing services, including, without limitation, data append services, data validation services, fraud detection and/or prevention services, database-matching services, coding services, data segmentation services, and reward, incentive, and sweepstakes related services.

  6. In connection with a change of ownership or control, including, without limitation, a merger or an acquisition of any or all of NORC’s business assets, provided that the party receiving or acquiring the PII agrees to use, protect, and maintain the security, integrity, and confidentiality of PII in accordance with this Privacy Policy.

  7. As otherwise permitted pursuant to this Privacy Policy.
     

How can I opt out of certain data collection and/or use?

Participation in all NORC research is voluntary, and you may choose not to answer any questions you don’t wish to answer.
 

Generally, there are multiple opt-out options for NORC research participants. Specifics of how to opt-out of NORC research are specific to each project and will be made available to research participants in accordance with their consent to participate in a specific research project.
 

How long does NORC keep my PII and other information?

NORC may retain PII and other information relating to your research participation to the extent required or permitted by law.
 

How can I access the PII and other information collected about me?

You may request access to review, correct, delete or to object to the processing of your PII by contacting us as set forth below.
 

What security is available for the PII and other information collected through NORC research?

NORC maintains appropriate technical, administrative and physical safeguards to protect PII and other information disclosed or collected by NORC. NORC reviews, monitors and evaluates its privacy practices and protection systems on a regular basis. Notwithstanding the foregoing, transmissions over the Internet and/or a mobile network are not one hundred percent (100%) secure and NORC does not guarantee the security of transmissions. Please be apprised all Internet-based communication is subject to the remote likelihood of tampering from an outside source. NORC is not responsible for any errors by individuals in submitting PII to NORC.
 

Who can I contact with questions or concerns about this Privacy Policy?

Questions or Concerns Generally. 
If you have any questions or concerns regarding NORC’s privacy practices and/or this Privacy Policy or want to communicate an opt-out request to NORC, or want to exercise your rights to access, review, correct, delete or object to the processing of PII, please contact us via email at privacy@norc.org. You may also send a letter by U.S. Mail to:
 

Chief Privacy Officer 
Privacy Compliance Office 
55 East Monroe Street, 20th Floor Chicago, IL 60603
 

We value the opinions and feedback of our research participants to help improve our service.
 

CHANGES TO THIS PRIVACY STATEMENT

We may update this privacy statement to reflect changes to our information practices. We encourage you to periodically review our website for the latest information on our privacy practices.
 

Last Updated: April 26, 2023