Last modified: 06/02/2023
Who we are
We are Nightingale Design Research Limited, a company registered in England and Wales with company number 10279953. We use our expertise in design research to give our clients insights to drive growth. By enabling them to understand their users, map their markets, shape their business models and test their ideas they are able to secure funding and customers.
How do we collect, use and process your personal data?
The kind of data we collect, how we collect it, use it, and how long we keep it for depends on the nature of our relationship with you. We only collect the data we need in order to carry out the functions of our business. We store data securely and only keep it for as long as necessary. Further information can be found below.
If you visit our website
Like most website operators, we collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Our purpose in collecting non-personally identifying information is to better understand how visitors use our website. From time to time, we may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
If you subscribe to our newsletter, sign up to an event or contact us via our website
We will only contact you in order to fulfil your request (e.g. send you a newsletter, event information or response to your query) or with relevant information that we think will be of interest to you. We always ensure that there is an easy way to unsubscribe and once unsubscribed we will delete the information we hold about you.
Our clients and suppliers
We only hold information that enables us to carry out our contractual obligations to clients and suppliers. We keep the information securely for a period of 6 years after a completed contract.
If you sign up to join our database of research participants
If you sign up to join our database of research participants we will gather data in order to contact you along with some basic demographic information to enable us to match you to appropriate research studies. You can unsubscribe from the database at any time by using the unsubscribe link on emails you receive from us or by emailing us directly at email@example.com. If you match the general criteria for an upcoming research study we will contact you to provide you with information about the study and ask if you wish to participate. If required we may gather additional information from you to ensure you meet any specific criteria required by the study. Your data will be held securely in our database for 2 years after which we will contact you to ask you to opt in to remain on the database. If you do not opt in your data will be destroyed.
If you participate in research
If you participate in research the session will be recorded and then transcribed. Recordings are stored securely and then destroyed 1 month after project close. All other data held is anonymised so that it is non identifying. Transcripts of recordings are edited to ensure all identifying information is removed.
How do we safeguard personal data?
We have put in place reasonable commercial standards of technology and operational security to protect all information provided by you from unauthorised access, disclosure, alteration, or destruction. We hold Cyber Essentials certification which means we are working to/ have the necessary measures in place to safeguard our IT against cyber attack. We are also entered on the data protection register of the Information Commissioner's Office (ICO).
How can you access, amend or take back the personal data that you have given to us?
At any time, you have the right to ask us to confirm what information we hold about you and you may ask us to modify, update or delete such information. Email us at firstname.lastname@example.org
How do we store and transfer your data internationally?
We use a number of reputable suppliers for our software and cloud storage solutions and personal data which we gather and we have taken all reasonable steps to ensure that our suppliers are committed to compliance with the EU General Data Protection Regulation (GDPR).