TLF Research is GDPR Compliant

Here is a quick summary to reassure you how we look after personal data and how GDPR are been built into our processes and procedures.

Quick Overview Of Processes

GDPR has been built in to our ISO 27001 processes.

All client databases are kept for 12 months unless agreed otherwise in writing.

Privacy Policies are in place and available on our website for all to read and also referenced on all questionnaires.

All approved suppliers have gone through reviewed due diligence for GDPR.

Updated Terms of Business will appear in all proposals.

TLF Research People

All undergo GDPR training to ensure we’re clear on what GDPR means to us, our clients and participants.

All sign documentation confirming we will comply with GDPR.

All have specific training in how to handle GDPR enquiries, questions and complaints.

Our Clients

We have completed data security questionnaires and signed any new data contracts we have received.

If one of your customers wishes to exercise their rights under GDPR we have processes in place to identify, retrieve and delete data to help clients meet their obligations

We will inform you of a data breach without undue delay (although we hope we never have to).

Most Importantly

We want to reassure you that we will process your data in line with GDPR and our people are trained to reassure your customers of any questions they may have related to their data.

Our interviewing team have adopted the ART of Interviewing for GDPR :

  • Acknowledge a participant’s concerns

  • Reassure participants we’re GDPR compliant and take this very seriously

  • Tell your manager the participant’s wishes or concerns

If you have any questions about our processes for GDPR then please feel free to ask Joanne Wainwright :