Privacy Policy

Globális Adatvédelmi Tájékoztató

Privacy Policy

Thank you for choosing to be part of our community at Basis, including Basis Research Limited, Basis B2B Research Limited, Basis Health London Limited, Basis Chicago Limited, Basis New York LLC and Basis Ideas LLC (“company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at DPO@basisresearch.co.uk

When you visit our website, and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our website and contact us if you need clarification.

This privacy policy applies to all information collected through our website and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “website”).

Basis Consumer US, including Basis Research LA LLC, Basis New York LLC and Basis Chicago Limited (Basis), also follows the US Data Privacy Framework Principles. These Principles apply to any personal data we transfer from the US. They do not apply to information that cannot identify someone, including data that has been pseudonymised. The Data Privacy Framework Principles Policy can be found here.

The BBB National Programs consumer privacy complaint system can be found here

Please use contracts@basisresearch.co.uk as the shared point of contact responsible for handling all Data Privacy Framework complaints.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

Table of Contents

1.          What information do we collect?

2.          How do we use your information?

3.          How will we process your personal data?

4.          How We Use and Share Personal Data

5.          Do we use cookies and other tracking technologies?

6.          Do we use Google Maps?

7.          How long do we keep your information?

8.          How do we keep your information safe?

9.          Do we collect information from minors?

10.       Your Privacy Rights

11.       Personal Information 

12.       Cookies and similar technologies

13.       Controls for do-not-track features

14.       Do we make updates to this policy?

15.       How can you review, update, or delete the data we collect from you?

16.       How can you contact us about this policy?

17.       Jurisdiction-Specific Information

1. What information do we collect?

Personal information you disclose to us  

In Short:We collect personal information that you provide to us such as name, address, and contact information.

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services in person or when registering on our website, when participating in activities on our website, or otherwise contacting us.  

The personal information that we collect depends on the context of your interactions with us, and our website, the choices you make and features you use. The personal information we collect can include the following: 

Name and contact data: your first and last name, email address, postal address, phone number, and other similar contact data. 

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.   

Information automatically collected  

In Short:Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our website. 

We automatically collect certain information when you visit, use or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our website and other technical information. This information is primarily needed to maintain the security and operation of our website, and for our internal analytics and reporting purposes.  

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookies Policy. 

Information collected from other sources  

In Short:We may collect limited data from public databases, marketing partners, and other outside sources.   

We may obtain information about you from other sources, such as public databases, joint marketing partners, as well as from other third parties. Examples of the information we receive from other sources include social media profile information; marketing leads and search results and links, including paid listings (such as sponsored links).   

2. How do we use your information?

In Short:We process your information for purposes based on legitimate business interests, the fulfilment of our contract with you, compliance with our legal obligations, and/or your consent.   

We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests (“Business Purposes”), in order to enter into or perform a contract with you, with your consent (“Consent”), and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.   

We use the information we collect or receive:      

  1. To send you marketing and promotional communications. We and/or our third party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails at any time (see “10. Your Privacy Rights” below).                 
  2. Request Feedback. We may use your information to request feedback, and to contact you about your use of our website.   
  3. To protect our website. We may use your information as part of our efforts to keep our website safe and secure (for example, for fraud monitoring and prevention).   
  4. To enforce our terms and conditions, and policies. 
  5. To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.   
  6. For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our website, products, services, marketing and your experience.   

3. How will we process your personal data?

In Short: We use your personal data only for the purposes explained in this notice and in line with the lawful bases set out under data protection law. We handle it securely and limit access to those who need it for legitimate business purposes.

What are our legal bases for processing your personal data?

We may process personal data under the following lawful bases:

  • Consent: We process personal data where you have given us clear consent for a specific purpose, for example, participating in a research project.
  • Performance of a Contract: We process personal data where it is necessary to perform or manage a contract with you or with our clients, for example, to deliver services, manage projects, or meet our contractual obligations.
  • Legitimate Interests: We process personal data where it is reasonably necessary to achieve our legitimate business interests, for example, to operate and improve our services, investigate or prevent policy breaches, suspected fraud, or threats to the safety of any person.
  • Legal Obligations: We process personal data where it is necessary to comply with our legal obligations, for example, to meet regulatory requirements, respond to lawful requests from public authorities, or comply with a court order, subpoena, or other legal process (including those relating to national security or law enforcement).
  • Vital Interests: We process personal data where it is necessary to protect your vital interests or those of another person, for example, in emergency situations involving risk to life or serious harm.

4. How We Use and Share Personal Data

In short: We share your personal data only where we have a lawful basis to do so.

We use your personal data to operate our business, provide services, and meet our legal and contractual obligations. We only share personal data where it is necessary and in line with the legal bases described above.

We may share personal data in the following situations:

  • Business Transfers: We may share or transfer personal data in connection with, or during negotiations of, a merger, sale of company assets, financing, or acquisition of all or part of our business.
  • Legal Requirements and Protection of Rights: We may disclose personal data where required to do so by law, or where it is necessary to protect our rights, property, or safety, or that of others.
  • With Consent: Where you have provided your consent, we may share personal data for the specific purpose you have agreed to.
  • Service Providers and Business Partners: We may share personal data with trusted third parties who perform services for us or on our behalf, for example, those listed below, for data analysis, email delivery, hosting, customer support, or marketing. These parties are only permitted to use the information to provide their services and are required to protect it.

We have categorised each of the following third parties to help you more easily understand the purpose of our data collection and why we might share your information with them.

  • Content Optimisation 
    Google Fonts, Typekit, Vimeo, YouTube, ReadyMag
  • Advertising/retargeting:
    LinkedIn Insight Tag and Google Ads.
  • Analytics 
    Google Analytics (GA4) and HubSpot.
  • website Hosting 
    WordPress + Pantheon.

5.  Do we use cookies and other tracking technologies?

In Short:We may use cookies and other tracking technologies to collect and store your information.   

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy. 

6. Do we use Google Maps?

In Short:Yes, we use Google Maps for the purpose of providing better service.   

Our website and mobile applications may use Google Maps APIs to display maps, provide directions, or offer other location-based features.

When you use these features, certain information, for example your device’s location or IP address, may be processed by Google in accordance with the Google Maps Platform Terms of Service and the Google Privacy Policy.

We do not permanently store or cache your precise location information. Location data are used only as needed to deliver the requested service (for example, showing nearby offices or survey locations).

You can withdraw permission for location access at any time through your browser, app, or device settings.

7. How long do we keep your information?

In Short:We keep your information for as long as necessary to fulfil the purposes outlined in this privacy policy, unless otherwise required by law.   

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. 

8. How do we keep your information safe?

In Short:We aim to protect your personal information through a system of organisational and technical security measures.  

We take the security of your personal information seriously and use a range of technical and organisational measures to protect it. While we work hard to keep your data safe, no online system or data transfer can ever be completely secure. We recommend using secure networks and taking care when sharing personal information online.

9. Do we collect information from minors?

In Short:We do not knowingly collect data from or market to children under 13 years of age. 

Our website is not designed for, or intentionally directed at, children under 13 years of age. We do not knowingly collect or market to anyone under 13.

By using our website, you confirm that you are at least 13 years old, or that you are the parent or guardian of a child who is permitted to use the site.

If we learn that we have collected personal information from a child under 13 without appropriate consent, we will take steps to delete that information as soon as possible.

If you become aware of any data we have collected from children under age 13, please contact us at DPO@basisresearch.co.uk

10. Your Privacy Rights

In some regions — such as the European Economic Area (EEA), the United Kingdom, and other jurisdictions with data protection laws — you have rights that allow you greater access to and control over your personal information.

Depending on where you live, these rights may include the ability to:

  • Access your personal data and obtain a copy
  • Request correction or deletion
  • Restrict or object to the processing of your data
  • Request data portability (a copy of your information in a structured format)
  • Withdraw consent, where processing is based on consent

To exercise any of these rights, please contact our Data Protection Officer (DPO) using the contact details provided below. We will review and respond to all requests in line with applicable data protection laws.

If we rely on your consent to process your personal data, you may withdraw that consent at any time — this will not affect the lawfulness of processing carried out before withdrawal.

If you believe your personal data are being processed unlawfully, you also have the right to contact or lodge a complaint with your local data protection authority.

If you believe your personal data are being processed unlawfully, you also have the right to contact or lodge a complaint with your local data protection authority. In the United Kingdom, this is the Information Commissioner’s Office (ICO). A list of EU supervisory authorities can be found here.

Additional or region-specific privacy rights are set out in the “Additional Information by Jurisdiction” section at the end of this Privacy Notice.   

11. Cookies and similar technologies

Most web browsers accept cookies by default, but you can change your browser settings at any time to delete or block cookies. Please note that disabling cookies may affect how some parts of our website function.

We use cookies and similar technologies to improve site performance, understand how our website is used, and support personalised content and advertising where permitted by law. Where required, we will ask for your consent before placing non-essential cookies.

You can also manage your preferences or opt out of interest-based advertising by visiting www.aboutads.info/choices or, if you are in California or another state with similar privacy laws, by using the “Do Not Sell or Share My Personal Information” link in Your Privacy Choices page here.

For full details about the types of cookies we use and how to manage them, please see our Cookie Policy.

12. Opting out of email marketing

You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. You will then be removed from the marketing email list.

13. Controls for do-not-track features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.  

14. Do we make updates to this policy?

In Short:Yes, we will update this policy as necessary to stay compliant with relevant laws. 

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we will prominently post a notice of such changes. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.  

15. How can you review, update, or delete the data we collect from you?

Based on the laws of some countries, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances.

If you would at any time like to review or change the personal information we hold about you, please contact us using DPO@basisresearch.co.uk.    

If you do contact us to exercise your privacy rights or ask us to delete your personal data, we will respond to your request within 30 days. and take appropriate action in line with applicable data protection laws. Some information may be retained where necessary to prevent fraud, resolve technical or security issues, support investigations, enforce our legal rights, or meet legal and regulatory requirements.

16. How can you contact us about this policy?

If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO), by email at DPO@basisresearch.co.uk, or by post to: 

The Data Protection Officer

Basis Research Ltd

Hanway House 
24 Hanway Street 
London W1T 1UH 
United Kingdom    

17. Jurisdiction-Specific Information

We process personal data in accordance with applicable privacy and data protection laws in the regions where we operate, including the UK General Data Protection Regulation (“UK GDPR”), the EU General Data Protection Regulation 2016/679 (“GDPR”), the Data Protection Act 2018, and relevant United States state privacy laws.

Across all regions, we apply consistent privacy standards and respect any additional or differing local requirements.

In some regions, additional or differing requirements apply. The following sections describe how we address those regional privacy obligations and apply consistent standards across our global operations.

United States

We comply with applicable US state privacy laws, including the California Consumer Privacy Act 2018 (CCPA) as amended by the California Privacy Rights Act 2020 (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA) and the Utah Consumer Privacy Act (UCPA).
To meet these laws, we:

  • provide transparent information about the categories of personal information we collect, its sources, purposes and any disclosures;
  • enable individuals to opt out of sale, sharing, targeted advertising or certain types of profiling;
  • limit the use of sensitive personal information (as required in California) and respect opt-out preferences;
  • honour requests to access, delete or correct personal information; and
  • never sell or share personal information for monetary gain.
    We also include clear instructions on how residents of each state can exercise their rights.

Canada

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA).
In practice, this means we:

  • obtain meaningful and informed consent before collecting or using personal information;
  • make available details of how and where consent was obtained;
  • ensure transparency about any transfers of personal information outside Canada and the safeguards in place; and
  • provide accessible ways for individuals to challenge or question our handling of their information.

Australia

We comply with the Privacy Act 1988 and the Australian Privacy Principles (APPs).
We:

  • provide transparency about which overseas countries personal information may be transferred to, where practicable;
  • ensure that overseas recipients provide a level of protection substantially similar to the APPs;
  • apply heightened protection for sensitive information; and
  • respond promptly to access and correction requests in accordance with Australian law.

Japan

We process personal data in line with the Act on the Protection of Personal Information (APPI).
To comply, we:

  • define and communicate clear and specific purposes of use before collecting personal data and do not repurpose it without consent;
  • provide information on overseas transfers, including destination countries and safeguards;
  • allow individuals to request access, correction, deletion, or suspension of use and to stop sharing with third parties; and
  • maintain a local contact point in Japan for data access or complaints, when required.

South Korea

We process personal data under the Personal Information Protection Act (PIPA).
Our compliance measures include:

  • identifying specific and unambiguous purposes for processing prior to collection, and obtaining new consent for any change;
  • obtaining explicit consent for collection, use and international transfers, specifying the items of data, recipients, purposes and retention periods;
  • providing rights to access, correction, deletion or suspension and allowing withdrawal of consent at any time;
  • applying strengthened safeguards for sensitive information and unique identifiers; and
  • appointing a local representative in Korea where required.

Brazil

We comply with Brazil’s Lei Geral de Proteção de Dados (LGPD).
Accordingly, we:

  • identify and communicate the legal basis for each processing activity, such as consent, contractual necessity or legitimate interest;
  • ensure transparency about international data transfers and the safeguards applied;
  • enable individuals to confirm, access, correct, anonymise, delete or port their data and to withdraw consent at any time; and
  • provide contact details for our Data Protection Officer and information on how to raise complaints with the Autoridade Nacional de Proteção de Dados (ANPD).

Hungary

We process personal data in Hungary in line with the GDPR and Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (the “Privacy Act”).
We comply with Hungarian national provisions by:

  • defining specific and unambiguous purposes for processing before collecting data, ensuring they are clearly explained and not used incompatibly;
  • collecting employee or contractor data only where strictly necessary under the Labour Code (Act I of 2012);
  • processing biometric or criminal record data only when legally required or essential to protect a legitimate and significant interest;
  • conducting direct marketing only with prior explicit consent under Act XLVIII of 2008; and
  • applying retention and deletion schedules that meet Hungarian legal standards, particularly in finance, tax and accounting.

The national supervisory authority is the Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH), which oversees compliance and handles data protection complaints.

Basis

Consumer

B2B

Health

Studio

Ideas (AI)

Multi-colored letter b's laying stacked on their side
Stylized C for consumers
b2b icon
3D H icon for Health
studio icon
Black I icon for ideas with glowing white markings

The global insight consultancy that digs deeper, challenges assumptions, and turns uncertainty into real business results.

Learn more

Basis Consumer helps brands decode what drives behavior, predict future shifts, and turn research into a competitive advantage.

Learn more

Basis B2B helps brands navigate long sales cycles, niche audiences, and high-stakes decisions with speed and precision.

Learn more

Basis Health helps pharma, biotech, and med device companies translate complex data into strategic clarity—fast.

Learn more

Bring your insights to life with executive-ready creative. We craft high-impact deliverables that go beyond reports, ensuring your insights are acted upon.

Learn more

Basis Ideas builds bespoke data ecosystems to surface early signals, uncover hidden opportunities, and fuel bold moves. It’s innovation strategy, backed by intelligence your competitors don’t have.

Learn more