The Behavioral Insights Team (BIT) is an organization that carries out research to develop recommendations for how to improve people’s lives and communities. We are recruiting Facebook users who are interested in helping in the decision-making process on what to do about problematic content on social media.
Download the Privacy Notice in other languages
Privacy Notice: French
Privacy Notice: Hindi
Privacy Notice: Portuguese (Brazil)
Privacy Notice: English (Nigeria)
The first step involves asking you some screening questions which will help us put together a group of participants who we will consider suitable.
If selected to participate after the screening stage, you will be asked to attend online sessions during which you will be asked for your opinions on various information presented and on possible options for dealing with the issue of problematic content on social media. Your participation and individual contributions will not be made public.
After the online sessions we may contact you to find out if you would be happy to discuss your experience of the sessions, which may be recorded for promotional purposes.
This privacy notice is based on how we collect and use your own data in connection with this project.
Behavioural Insights Ltd (the legal name of BIT) is the controller and is responsible for your own data collected that are being collected via this site.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights in relation to your own data, please contact the DPO:
|Post:||Behavioural Insights Ltd, 58 Victoria Embankment, London, EC4Y 0DS, United Kingdom.|
You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the organization that protects data issues in the UK (www.ico.org.uk). We would, however, prefer that you give us the privilege to deal with your concerns before you approach the ICO so please contact us in the first instance.
We promise to respect any of your personal information which is under our control and to keep it safe. We aim to be clear when we collect your information about what we will do with it and let you know of any changes whatsoever to this notice.
We understand that discussing personal beliefs and opinions can be uncomfortable, and even cause anxiety. You are welcome to stop participating, at any time– simply email BIT at the address listed below and ask to not to continue and have your own data deleted. Your participation in this study is entirely as you wish; there are no punishment if you are not willing to participate.
What personal data will we collect?
For the purposes of the screening stage, we will collect: your name, country of residence, email address, telephone number, age. If you do not provide information when requested, unfortunately you will be disqualified for selection to participate in the online sessions.
If you are selected as eligible to participate in the online sessions, we will collect the following additional information: gender, ethnicity (which is deemed ‘special category’ own data under data protection laws), address, income & employment information, the political party you belong, or your personal views on political topics, opinions on several issues, records of our communications with you to prepare you and arrange your attendance at the online sessions and respond to questions you may have, a record of your agreement of a non-disclosure agreement, recordings of your voice and image during the online sessions, opinions you express during the online sessions, and record of your attendance at the online sessions.
Please make sure that any personal details you provide are accurate and up to date, and let us know about any changes as soon as possible.
What is our lawful basis for treating your own data?
ACCEPTANCE: Our lawful basis for treating your own data is acceptance/ explicit acceptance (as per Articles 6(1)(a) and 9(2)(a) of the GDPR).
What do we do with information we collect?
The purposes for which BIT is treating your own data during the screening stage are to: find out more about you so that we can ultimately select a group of participants for the online sessions who reflect the demographic make-up of your country, to communicate with you regarding whether you have been selected to participate in the online sessions, and to comply with our contractual, legal, or regulatory obligations.
The own data collected for screening purposes will be analysed using software with the objective of selecting a group of participants that are eligible for the online sessions. Other than deciding on whether or not you are eligible to be selected as a participant, this automated processing will not have any legal or similarly significant effects on you.
The purposes for which BIT is treating your own data in anticipation of, during and after the online sessions (including responses to a further survey) are to: assist with the objective of selecting a group of participants for the online sessions who reflect the demographic make-up of your country, operate and administrate the online sessions, communicate with you to arrange your attendance and respond to questions you may have, maintain a record of your agreement of a non-disclosure agreement, record the online sessions so the opinions expressed can be analysed later, finding out more about your experiences of the sessions, and to comply with our contractual, legal, or regulatory obligations. Data collected during the screening process may be used to achieve these purposes.
Own data which you provide during the screening stage and (if applicable) the online sessions will remain confidential to BIT (and the third parties noted below). We will not use your name or any own data in any analysis summary or report.
If you agree to being recorded during a discussion on your experience of the sessions, the recordings of the discussion may be shared for BIT’s promotional purposes.
Who else has access to your information?
BIT may disclose your information to third parties in connection with the purposes of treating your own data set out in this notice. These third parties may include:
- other companies in BIT’s group, including Behavioural Insights US (Inc);
- suppliers (including technology providers such as Smart Survey and MailChimp), research assistants and sub-contractors who may process information on behalf of BIT;
- our client, whose identity will be made clear to you if you are selected to participate in the online sessions (no own data will be disclosed to our client before then), who may process some information provided during the online sessions.
We may also disclose your personal information if required by law, or to protect or defend ourselves or others against illegal or harmful activities, or as part of a reorganisation or restructuring of our organisations.
We may share your data with one of our group companies. As of the date of last review of this notice, the group of companies comprise:
- Behavioural Insights Ltd
- Behavioural Insights Ventures Ltd
- Behavioural Insights US (Inc)
- Behavioural Insights (Australia) Pty. Ltd
- Behavioural Insights (New Zealand) Ltd
- Behavioural Insights (Singapore) Pte Ltd
As above, we may also share some of your data with our client in the United States or with its group companies or our suppliers in other countries.
In sharing this personal information with other companies, your information may be transferred outside of the UK and European Economic Area, whose laws may not afford own data the same level protection. In this case, we will ensure appropriate safeguards are implemented to provide an adequate level of protection for own data and you are fully informed of the transfer (unless it is otherwise prohibited by law to inform you).
In relation to other group entities outside of the EEA, we have put in place standard contractual measures (as laid down in the European Commission Decision 2010/87/EU of 5 February 2010 or as updated from time to time) to ensure an adequate level of protection for your personal information if we transfer own data to any of those entities. If you require further information about this, you can request it from the Data Protection Officer.
We take all reasonable steps to protect your own information and follow procedures designed to minimise unauthorised access, alteration, loss or disclosure of your information.
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of treating as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing.
We ensure that those who have permanent or regular access to own data, or that are involved in the treating of own data, are trained and informed of their rights and responsibilities when treating own data.
We have put in place procedures to deal with any suspected own data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your own data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. When it is no longer necessary to retain your own data, it will be securely deleted.
To determine the appropriate retention period for own data, we consider the amount, nature, and sensitivity of the own data, the potential risk of harm from unauthorised use or disclosure of your own data, the purposes for which we process your own data and whether we can achieve those purposes through other means, and appropriate the legal requirements.
In some circumstances we will anonymise your own data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Please note that, under Data Protection law, and in compliance with the relevant data processing conditions, own data can be kept for longer periods of time when processed purely for archiving purposes in the public interest, scientific or historical research, and statistical purposes.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your own data, including rights to:
- Request access to your own data: this enables you to receive a copy of the own data we hold about you and to check we are lawfully processing it.
- Request correction of your own data: this enables you to have any incomplete or inaccurate data we hold about you corrected.
- Request erasure of your own data: this enables you to ask us to delete or remove own data where there is no good reason for us continuing to process it.
- Object to processing of your own data: you can object where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your own data for direct marketing purposes.
- Request restriction of processing your own data: This enables you to ask us to suspend the processing of your own data.
- Data portability: Where the processing takes place on the basis of your acceptance or contract, and is carried out by automated means, you have the right to request that we provide your own data to you in a machine-readable format.
- Request transfer of your own data.
- Right to withdraw acceptance to the processing of your own data: This applies where we have relied on acceptance to process own data. Please note that withdrawal of acceptance will not affect the lawfulness of any processing carried out before withdrawing your acceptance.
- To object to direct marketing (including being added) and treating it for the purposes of scientific/historical research and statistics.
- Not to be subject to decisions based purely on automated processing where it produces a legal or similarly significant effect on you.
If you wish to exercise any of the rights set out above, please contact the Data Protection Officer with your specific request by email to: firstname.lastname@example.org
You will not have to pay a fee to access your own data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your own data (or to exercise any of your other rights). This is a security measure to ensure that own data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Changes to this Notice
We may change this Privacy Notice from time to time. If we make any significant changes in the way we treat your personal information we will make this clear by email.
Behavioural Insights Ltd is a limited company registered in England and Wales. Registration number: 08567792.
Registered office: 58 Victoria Embankment, London, EC4Y 0DS.