Two Igloos Privacy Policy

July 2018

At Two Igloos we take your privacy seriously and endeavour at all times to protect and respect your privacy. This policy contains important information about the personal information we collect, how we use this data, the conditions under which we might disclose data to other parties and how data is secured. Please read this carefully and note that this policy may change over time. Please check this page to see any changes or updates.


We may be required to comply with requests for personal data from regulatory bodies and legislative authorities.


If you have any questions on our privacy policy, please email


We are committed to meeting the requirements of the following laws and codes:


  • The EU General Data Protection Regulation (GDPR)
  • Data Protection Act 1998 and the new Data Protection Act which will enact GDPR requirements
  • Market Research Society’s (MRS) Code of Conduct
  • ICC/ESOMAR (European Society for Opinion and Marketing Research) International Code on Market and Social Research.


It is not our aim to sell or promote anything. We conduct market research using applied methods and we commit, in obtaining your co-operation, not to mislead you about the nature of the research or how the findings will be used. Your responses will be treated as confidential unless you consent to being identified.


Policy key definitions:

  •  "I", "our", "us", or "we" refer to the business, [Two Igloos Ltd].
  •  "you", "the user" refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • PECR means Privacy & Electronic Communications Regulation.
  • ICO means Information Commissioner's Office.
  • Cookies mean small files stored on a users computer or device.



This policy contains the following sections:

  • Who we are
  • Data Security
  • Market Research Information We Collect
  • Marketing Communications Information We Collect


Who We Are

Two Igloos conduct market research and provide business consulting services in the UK, and across the globe. We are committed to conducting our business lawfully and to the highest professional industry standards.

Our registered office is: 119 Pancras Road, London, NW1 1UN


Data Security

How we keep your personal information secure


We take great care to ensure our business information systems are protected against the potential for malicious intrusion, for both stored and transmitted data. We use professional, reputable systems and suppliers and strong data encryption. In addition to data protection legislation (for example, the EU General Data Protection Regulation) we work to market research industry professional standards and best practice.


Sending EU citizens’ data outside of the EU

We keep EU citizens’ data within the European Union as standard. If we have a technical or business requirement for EU citizens’ data to transfer beyond the EU, then we obtain the individuals’ permission for this.


Market Research Information We Collect


Two Igloos collects and processes personal information as part of our business activity of conducting market research.


Two Igloos complies with data protection legislation as applicable to the rights of citizens in the geographic areas in which our research activities are conducted. In the EU, as from 25th May 2018, this is the General Data Protection Regulation (Regulation (EU) 2016/679), commonly known as GDPR, which replaces the 1995 Data Protection Directive (Directive 95/46/EC). This new GDPR ruling means that there is a single set of data protection rules across all EU member states for the protection of its citizens’ personal data. This includes Rights for Individuals.


GDPR – Summary of Individual Rights

  • The right to be informed – right to be informed about the collection and use of personal data
  • The right of access – right to access their personal data and supplementary information
  • The right to rectification – right for individuals to have inaccurate personal data rectified, or completed if it is incomplete
  • The right to erasure – right for individuals to have personal data erased in certain situations
  • The right to data portability – right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services
  • The right to object – right to restrict processing of their personal data in certain situations, for example the right to object to use of personal data for direct marketing purposes
  • Rights in relation to automated decision making and profiling – right to be informed about and object to automated processing of data which may which may produce a potentially damaging decision
  • The right to withdraw consent at any time – this applies where we are relying on consent to process your personal data.


We will not mislead you about the nature of the research or how the data will be used. If you are invited to take part in research, it will be because:

  • You were selected due to holding a product with, following a recent purchase from, or visit to, one of the companies for whom we work.
  • You were selected due to demographic information about that you have consented to share with us.
  • You have given permission for a company to supply your details to a third party for research purposes
  • You have taken part in previous research administered by Two Igloos and given us your permission to contact you in the future for research purposes.


If you have been contacted by Two Igloos and you do not believe you have given your permission or just wish your name to be removed from the database, let us know and we will remove you from the contact list for that particular research project and inform the relevant organisation who supplied your details.


We never knowingly invite children under the age of 16 to participate in research studies without taking measures to ensure appropriate consent from a responsible adult.


Why we collect and process personal data

The definition of personal data is where an individual can be identified directly or indirectly by that data on its own or together with other data. As part of our market research activities we may collect and/or process personal data that helps us:

  • To know who to approach for participation in our research projects. This could be name, email address, telephone number, address. This may be from our clients if we are helping them assess their customers’ views of their products and services, or to conduct research amongst their own employees. It may be from a professional supplier of potential market research participants, where prior informed consent from the individuals will have been obtained by such suppliers. We may collect information from public sources on who to approach for research. In all cases we will obtain informed consent at the point of participation to proceed.
  • To control the design of the data collection.
  • For quality control purposes. For example, IP address is often used at this stage prior to anonymising the data collected from surveys.
  • To provide information for analysis.


In order to run our business to provide services to our clients and/or to comply with other legal obligations, we also process personal data which includes:

  • Financial data – receiving and making payments
  • Transaction data – details of products and services you have purchased
  • Commercial data


We also collect, use and share Aggregated Data as part of the delivery of our service to our clients. Aggregated data may be derived from your personal data but is not considered personal data in law as this does not directly or indirectly reveal your identity. If we combine or connect any aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.


We may collect Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. This Special Category data is subject to even stricter rules than apply to standard personal data and is only collected with your permission or where we have another specific legal ground to do so.


Collecting information from you

We collect personal information from people who take part in our market research related activities including, surveys (on-line or face to face, telephone), focus group discussions and other market research related activities. We will always explain what we require and obtain consent before it is collected.


We collect information for market research by;

  • Web/internet surveys
  • Telephone surveys
  • Interviews by one of our interviewers either in-home or in a specific location (e.g. in a shopping centre, on a train station, at a venue) – this could be by using equipment such as a tablet or on paper forms
  • Self-completion surveys printed on paper forms – by post or in a specific location, site or event
  • Focus groups
  • Technology-based solutions (e.g. tracking website usage, behavioural data including eye-tracking data and collecting skin-response data)
  • Digital social media/interactive web platforms – in accordance with contractual terms and conditions as specified by the provider and relevant legislation
  • Mobile devices in accordance with contractual terms and conditions as specified by the provider and relevant legislation


Sending personal information outside of Two Igloos

  • We will respond to requests for personal information in accordance with legislative and regulatory requirements.
  • We may use a research solution that requires personal information in order to proceed. For example, when we run online interactive research sessions, or ask participants to undertake certain tasks using mobile apps. This would be explained at the point of participation to proceed. We undertake stringent scrutiny of such services to check data security. We use solutions that restrict data to the EU as standard. Contrary to this, we would obtain consent.
  • We may ask you to attend a focus group discussion or go somewhere to test a new product, and it is possible we would need to send your contact details to our organisers for this.
  • It may be beneficial to pass your answers to the client who has commissioned the research about their product or service. This would all be explained and your permission sought before we would do this.
  • Your answers may be held on a database that is used by our clients to view and manipulate anonymised and aggregated research data via a website we have built for this purpose. We will gain your consent for any personal data or personally identifiable information that is available to be viewed by our clients.
  • We may use an approved research supplier to provide specialist services such as data collection, analysis, consultancy, digital production or research tools, specialist techniques such as biometric data collection and analysis.


Keeping your personal information

We only keep personal information for as long as required for the purposes of the research. Our data retention policy states that we will not keep personal information for longer than a year, except where previously agreed with our research participants.


Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys in order to produce statistical analysis. From focus groups and small-scale research, we mask the identity of participants with labels such as ‘Male, 25-34, London’.


Use of cookies as part of our market research activities

If the use of cookies is required, this will be explained at the time and we will clarify how they will be used.


Marketing Communications Information We Collect


How we collect information from you

We collect, store and retain information about you in a variety of ways when visiting our website:


  • Registering to receive our marketing communications
  • Registering to download content from our website
  • Applying for vacancies listed on our websites
  • When you contact us via our enquiry email


The type of personal information we collect

By personal information we mean any information that you provide via our website that we have collected and may include (but not limited to): Forename, Surname, Postal address, Email address, Telephone number, Job title.


How we use your information

If you are (i) an existing client (ii) interacting with our marketing communications (iii) engaging with us through business development and potential future work (iv) have given express consent to us to use personal information for marketing purposes, Two Igloos may at times use your personal information to provide you with marketing communications related to products, services and information relating to conferences and events.


Sending your personal information outside of Two Igloos Ltd

We may share information with our third-party service providers for services such as data analysis, website hosting, infrastructure provision, IT services, e-mail delivery services, auditing services, business development and lead generation, marketing services or to comply with legal or regulatory requirements.


Use of cookies on our website

Two Igloos does not use cookies on our website.


Use of Google Analytics

We use Google Analytics which is a web analytics service offered by Google to track and report our website traffic.


Unsubscribing from marketing communications

You have the right to withdraw consent to receiving direct marketing messages making use of your personal data at any point. If at any point you would like to opt out from receiving any marketing communications, simply click on the unsubscribe link at the bottom of any emails you receive.


Links to other websites

The Two Igloos website will contain links to other websites. Please note that this Privacy Policy only applies to Two Igloos and our website. If you are taken to another website please read their own privacy policies. We do not control any third-party websites and are not responsible for their privacy policies. When you leave our website, you should read the privacy notice of every website that you visit.


Data Protection complaints

Individuals have the right to lodge complaints about data protection issues with their national supervisory authority of their EU Member State about alleged breaches of GDPR.