Sibyl Privacy Policy

Last Updated 05/17/2018

We don’t own your data. You do.

Survey Makers (our customers):

Your survey data is private, and it belongs to you. How you choose to use it is up to you. We won’t use your information for any purpose other than to provide great service to you. We do, however, have to comply with the law, so under certain rare circumstances we could theoretically be required to release your information (if we’re subpoenaed for example).

We don’t use your respondents’ email addresses. We act only as guardians of your data. We only use your data in accordance with this Privacy Policy.

You are the “data controller” to the survey respondents. We give you the ability to communicate your compliance statements regarding data handling and privacy to your respondents but we can’t enforce them ourselves. You are responsible for honoring respondent requests under EU privacy regulations.

We are the “data processor” to respondents. We give you the ability to securely collect respondent data and comply with data processing consent/notification requirements.

We are a data controller for your account information. When you create an account, we collect the minimal required information to deliver our services and communicate with you. This information is never sold.

We take our data security very seriously. More information on that below.

You determine where respondent data is shared or sent. What happens to the data after we collect it is up to you, our customer.

Survey Takers:

Survey creators ‘control’ the surveys. We’re only processors for those surveys. We merely process that data on behalf of our customers. If you have any questions about a survey you’re taking, you should contact your survey creator. They own and control any data obtained from their surveys.

If you are an EU Resident, the GDPR grants you certain rights regarding your information.

Questions or concerns from the EU regarding GDPR should be directed to:

Information Commissioner's Office https://ico.org.uk/concerns/

US-EU Privacy Shield and Swiss-US Privacy Shield inquiries may be directed to:

Council of Better Business Bureaus, Inc. BBB EU Privacy Shield https://ico.org.uk/concerns/

The Sibyl data privacy contact can be reached at:

Data Protection Officer 267 South Dean St. Englewood, NJ 07631 Phone: 201.647.9292 Email: DPO@sibylsurveys.com

Do you think a survey violates our Terms of Service or is engaging in illegal activity? Report it by emailing us at DPO@sibylsurveys.com

What information do we collect from you?

What do we use this information for?

All of the information we collect from you could be used:

Data Security : How We Protect Your Information

We implement various security measures to protect your personal information and your data.

Unique user names and passwords must be entered each time a person logs on. Our information systems and technical infrastructure are hosted within world-class, SOC 2 accredited data centers with Amazon Web Services (AWS) that use physical security, firewalls and other technology to prevent access from outside intruders. We offer the use of a secure server. All information is transmitted via Secure Socket Layer (SSL) technology. All data is stored in an encrypted manner at rest.

After a transaction, your private information (credit cards, social security numbers, financials, etc.) are never stored.

Data Retention Deletion

Sibyl retains data processed on behalf of our Customers and data collected from our Customers for only as long as it is needed to provide services to our Customers. Sibyl will use this data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements including institutional and state requirements. For instance, occasionally data needs to be completely destroyed after its intended use. In many cases (for example when a customer stops paying for their account), their data is locked away rather than destroyed so that the data can be retrieved in the event of a mistake. We can, however, comply with a request for total data destruction on your order.

Do we use cookies?

We do! Cookies are small files that we transfer to your computer through your web browser (if your browser permissions allow it). These cookies enable us to recognize your browser and capture and remember certain information such as your preferences. We also compile aggregate data about our website traffic and website interaction so that we can improve upon our website in the future. You can always access your browser settings to block cookies although doing so may disrupt certain site functions.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer your data to outside parties. This does not include circumstances where we must comply with law or circumstances in which a trusted third party is assisting us in conducting our business or servicing you as long as our privacy assurances are met.

Children’s Online Privacy Protection Act

We comply with the requirements of COPPA (Children’s Online Privacy Protection Act). Our website, products and services are all directed to people who are at least 13 years old or older.

Your Consent

By using our site, you consent to our Privacy Policy.

Changes to our Privacy Policy

We reserve the right to change our privacy policy. If we decide to do so, the changes will be posted on this page.

Contact Us

If you have any questions regarding this Privacy Policy or the information contained herein you can contact us directly at:

Sibyl Surveys – Signet Research Inc. Attention ‘DPO’ 267 S. Dean St. Englewood, NJ 07631 201.945.6903 x23 DPO@sibylsurveys.com

Privacy Shield

Sibyl is a Covered Entity under the Signet Research Inc. Privacy Shield certification. Sibyl will never transfer Data to a third-party without the written permission of the customer.

Complaints and Inquiries

Sibyl is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and individuals have a right to contact the FTC regarding services provided by Sibyl.

If you are an EU or Swiss citizen, and have questions about your personal information that may have been collected in a Sibyl survey, please contact the entity that created or sent you the survey. Sibyl is not responsible for any Data collected and only processes Data as controlled by the customer. If the survey creator is unresponsive with your inquiry, please contact the Sibyl DPO.

General inquiries regarding this policy, or any complaints regarding surveys that are unresolved by the survey creator, may be sent to the Sibyl DPO at DPO@sibylsurveys.com.

Information Related to Privacy Shield

For details about the Privacy Shield program: https://www.privacyshield.gov/

Sibyl complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively.

In compliance with the Privacy Shield, Sibyl is committed to resolving complaints about our collection or use of your personal information. Any EU or Swiss individuals with questions or complaints regarding the Privacy Shield should first contact Sibyl at: DPO@sibylsurveys.com

Sibyl has further committed to refer unresolved Privacy Shield complaints to the Council of Better Business Bureaus, Inc. BBB EU Privacy Shield (BBB), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the BBB for more information or to file a complaint.

During the normal provisioning of Sibyl services, in a case where personal data are transferred from the EU to the United States, it is solely for the purpose of processing as per instructions from the controller.

Sibyl provides appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alternation, unauthorized disclosure or access, and understands whether onward transfer is allowed.

Because adequate protection is provided by Privacy Shield participants, contracts with Privacy Shield participants for mere processing do not require prior authorization (or such authorization will be granted automatically by the EU Member States), as would be required for contracts with recipients not participating in the Privacy Shield or otherwise not providing adequate protection.

Sibyl self-certifies with Privacy Shield. A self-assessment is signed by a company officer or other authorized representative of the organization at least once a year and made available upon request by individuals or in the context of an investigation or a complaint about non-compliance. Sibyl is required to respond promptly to EU or Swiss individual inquiries, and other requests for information from the Department of Commerce relating to its adherence to the Privacy Shield Principles.

Under Privacy Shield, an individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Under Privacy Shield, Sibyl must respond to individual complaints within 45 days. For additional information, visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction