MIS Group Privacy Policy - Customer Research

MIS Group Privacy Policy applying to research involving Customers of a “Partner Brand”


In order to elicit feedback from its customers, as part of a qualitative approach, and with a view to providing them with the best possible experience, our “Partner Brand” has instructed us (MIS Group) to conduct research involving the following activities:

  • Sending one or more emails from a mailing list: invitation email and potential reminder email(s);
  • Collecting data from an online questionnaire or contact form.

By “Partner Brand”, we mean the brand of which you are a customer and whose name is mentioned in the email that you have received.
This brand has commissioned the research study. It has set the objectives/goals for the research study, and is therefore the data controller, as per the allocation of roles outlined under the General Data Protection Regulation (GDPR).

MIS Group, which has been instructed by the Partner Brand, is the data processor.

Who are we?

Since 2001, MIS Group has been supporting large national and international brands, small businesses, research and consultancy firms, public institutions, and universities/business schools with their marketing studies, with services such as online surveys, online discussion forums, consumer meetings and product tests.

To view the MIS Group Legal Notice: click here

Data recorded in the mailing list

1. Data concerned

As a customer of the Partner Brand, your email address, title and name have been entered into a mailing list.
Only these three pieces of contact information have been disclosed by the Partner Brand to MIS Group, with a legitimate interest (lawful basis), and in order to enable MIS Group to send personalised invitations.

The recipients on the mailing list are customers who have been chosen to take part in the research study. They all received an invitation email similar to the one that you received from MIS Group.

2. Storing the data

Your three pieces of contact information are stored in a secure database hosted on an OVH server in France, which is separate from the server on which the answers collected from the online questionnaire or contact form are stored.

Only MIS Group employees authorised to work on the research study may access this database, which contains all contact information. These authorised employees are the research managers from the department involved in the study, staff from the IT department and the Data Protection Officer (DPO).
This database will therefore remain confidential throughout the research and will be deleted at the end of the research.
Under no circumstances will the information stored in this database be used for any other purpose than conducting the research.

3. Reminder emails

You do not have to take part in the research study.
However, you will likely receive one or more reminder emails in the next few days if you have not yet taken part and if you have not removed yourself from the mailing list using the link at the bottom of the email.

Data collected from the questionnaire or contact form

By agreeing to take part in the research study (e.g., by clicking on the button in the email), you will be directed to a questionnaire or a simple online contact form.

We guarantee that your answers collected from the questionnaire or the contact form will be completely confidential:

  • These answers are collected directly by MIS Group, and stored in a secure database hosted on an OVH server in France (separate from your contract information outlined above);
  • Therefore, only authorised MIG Group employees may access these answers, in the same way as your contact information used to send the personalised invitation email;
  • The storage period for these answers is as short as strictly necessary for the purposes of the research.

Lawful basis for data processing

The lawful basis for processing the personal data required for this research (contact information and answers) is the legitimate interest of providing the best possible experience to the Partner Brand’s customers, by assessing and improving the products and/or services offered to them.

As the amount of contact information disclosed by the Partner Brand to MIS Group for conducting this research is limited to a strict minimum, it may be established that the Partner Brand’s legitimate interest is proportionate to the limitation of the legitimate interest of the data subjects.
No other method, which would involve processing less personal data, is available for carrying out the activities required for this research.

Exercising your rights

If you have any questions about how your personal data are processed in connection with this research, and/or if you would like to exercise your right of access, right to rectification, right to erasure and right to portability over your data, please contact us at this email address: Mr Michaël Saulnier - dpo@misgroup.io

Date of last revision: 16 February 2022

See all Policies