Our Policies

Borderless Access GDPR Policy

Borderless Access GDPR Policy

What does Borderless Access do?

Borderless Access is a digital MR solutions provider. It provides access to experiences and life moments of engaged consumers, driven by Technology & Community Analytics, to its global clientele of MR firms, Ad Agencies, Consultancy firms, and End Enterprises who need responsive, high quality, valuable insights of hard-to-reach audiences (Consumers, B2B & Specialist Audiences, including Healthcare). Its’ focus on innovation extends to providing market research products & solutions, such as SmartSight, HealthSight, and TAPP.

Applicability:

The terms of this policy will be applicable to all the data subjects residing and located in the European Union and would replace the existing EU Data Protection Directive (46/95/EC). The intent of this policy is to make you aware of the additional rights that have been granted to you under the General Data Protection Regulations which shall come into effect from the 25th of May, 2018.
The policy gives direction to organization to establish and maintain data privacy framework to protect PII (Personal identified Information). It states the organization’s commitment to comply with the data protection regulations. The organization is committed to being transparent about how it collects and uses the personal data of its workforce, clients and suppliers and to meeting its data protection obligations. This policy also sets out the organization’s commitment to data protection and individual rights and obligations in relations to personal data.

Scope

The Policy covers all data subjects and individuals who visit our website and who belong to or are citizens of or residing in the European Union. The visitors may range from being individuals, entities, organizations or corporations.

Purpose:

When you choose to visit our website and decide to register yourself on our platform by sharing the information that is requested from you, then we may process your data for the following reasons:

  1. We may process your data where law requires us to do so.
  2. If we have a legitimate interest in processing your data such as direct marketing, market research, data analytics, advertising, business intelligence, data engineering etc.
  3. To send you newsletters, e-mails relating to participation in any of our events or surveys, our proprietary product related information, promotional events.
  4. We may also collect information about you through social media widgets and if you would require us to refrain from obtaining your information through such platforms then you may inform us about the same by writing to us on the e-mail ID specified under this policy.
  5. The information that we process about you would be done so only after receiving explicit consents from you.
  6. We shall keep you informed if the purpose for which we are collecting your data changes for any reason whatsoever.
  7. We may after receiving your consent send you information/ provide demo/ connect with our sales representatives in response to your query/ request while filling our contact us form, panel book download form, Instabid registration.

We process this information to ensure that you receive the aspects of our services and also to identify and stop the misuse of any data shared with us.

User Registration:

You as a data subject may register on our website and in doing so may share your personal data with us. The personal data that is communicated to us is determined by the respective sign-up form used for the registration and the information provide to us through the contact us page. The personal data entered by you is collected and stored in accordance with the GDPR regulations. We may transfer your data to one or more processors for legitimate purposes by keeping you informed of the purpose for which we are sharing the information. By registering on our website, the IP address—assigned to you by your internet service provider (ISP) is stored with us along with the date, and time of the registration. The storage of this data takes place against the background.

Your registration on our website is intended to enable us to offer you with contents or services that may only be offered to registered users due to the nature of the matter in question. You are a registered user are free to change the personal data specified during the registration at any time, or to have them completely deleted from our database.

We shall, at any time provide you with information upon request as to what personal data is being stored about you. In addition, we shall correct or erase personal data at your, insofar as there are no statutory storage obligations. A Data Protection Officer particularly designated in this privacy policy, as well as the entirety of our employees are available to the data subject in this respect as contact persons.

Subscriptions:

As a part of services offering, you may be sent our newsletters or product and services related information. We keep our customers and vendors informed by means of a newsletter about any enterprise offers or latest developments in the area of our expertise including but not limited to any upcoming events that we may be attending on a global scale. You may receive our newsletters only if (1) you have a valid e-mail address and (2) you register for the newsletter mailing. A confirmation e-mail will be sent to the e-mail address registered by you for the first time for receiving the newsletter through e-mail via a double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

You may terminate the subscription to our newsletter at any time. The consent to the storage of personal data, which you have has given for e-mailing the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link ('unsubscribe') is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly through our website, or to communicate this to us in a different way.

Integration – Social media, Advertising and 3rd party tools:

In order to enhance your experience while accessing this website and for marketing purpose, we have assimilated certain social media and 3rd party tools such as, LinkedIn, Google, Twitter, Facebook, HubSpot, Hotjar and other related platforms for improving the user experience and for marketing/ re-marketing purpose.

LinkedIn – a professional social media networking site is based out of California USA and its Ireland based entity is responsible for handling privacy matters outside the USA.

The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy. The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy.

Google – Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users.
https://support.google.com/adwordspolicy/answer/1316548?hl=en.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google's use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

  • Google Display Network Impression Reporting
  • Demographics and Interests Reporting

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Should you have any concerns over the way your data is being processed by Google or if you decide to object the preference based advertising then you may call upon www.google.com/settings/ads and make the desired settings on each Internet browser used by you. For further information about Google’s privacy policy, please visit https://www.google.com/intl/en/policies/privacy/.

Furthermore, we have Google, LinkedIn, Twitter, Facebook, Remarketing Services which are an extension of the respective platforms advertising services integrated into our website. By having these services amalgamated into our platform, the respective advertising platforms would be capable of displaying relevant advertisements to you based on your preferences and browsing habits.


Notwithstanding anything to the contrary, we share your data with each of the below entities for legitimate processing of personal data and we have adequate legal mechanisms and contractual obligations in place with these entities to treat your data in a manner which is goes hand-in-hand with the GDPR regulations.

HubSpot, Inc.
Located at: 25 First Street, 2nd FloorCambridge, MA 02141United States
Contact: https://www.hubspot.com/company/contact
Privacy policy link: https://legal.hubspot.com/data-privacy

Hotjar Ltd (Headquartered in Malta)
Located at: Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta
Contact: https://www.hotjar.com/contact
Privacy policy link: https://www.hotjar.com/legal/compliance/gdpr-commitment

Twitter Inc.
Located at: 1355 Market St #900, San Francisco, CA 94103, USA
Contact: https://help.twitter.com/en/contact-us
Privacy policy link: https://twitter.com/en/privacy

Facebook Inc.
Located at 1 Hacker Way, Menlo Park
Contact: https://www.facebook.com/help/
Privacy policy link: https://en-gb.facebook.com/business/gdpr

Security of personal information:

Borderless Access Panels is an ISO:270001 certified company and we take adequate steps to help protect your personal information, however you acknowledge that no company can fully prevent security risks and we do not under any circumstances represent that the website is free from any harmful elements including but not limited to viruses, spywares, cancel bots, Trojans and such application which may be placed on the website without the knowledge of the Company, however the Company shall take all necessary and reasonable steps mentioned below to ensure that the website is free from the above mentioned programs.

In pursuance to the GDPR regulations, we would be taking the below steps to ensure that your data is safe and secure while it is with us:

  • We pseudonymise and encrypt sensitive & special category of personal data.
  • We maintain ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  • We have the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
  • We have a dedicated process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing your data.
  • We have contracts with third parties to ensure that the same level of protection is accorded to the data transferred to third countries or international organisations.
  • In case if your data is being shared with any third party then you would specifically be made aware of the names of such third party to whom your data is being shared after receiving an explicit consent from you.

Where we have given you (or where you have chosen) a password that enables you to access all or certain parts of our website, you are responsible for keeping this password confidential. We strongly suggest that you do not to share your passwords with anyone.

Borderless Access Panels complies with the privacy requirements as set forth by the European union’s data protection regulation GDRP (General data protection regulation) regarding the collection, use and retention of personal information. Borderless Access Panels ensures adherence to principles listed below.

  • Personal information is processed lawfully, fairly and in a transparent manner in relation to the data subjects (“Lawfulness, fairness and transparency”)
  • Personal Information is collected for specified, explicit and legitimate purpose and not further processed in a manner that is incompatible with those purpose (“Purpose limitation”)
  • Personal information is adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed (“data minimization”)
  • Information is accurate and where necessary, kept up to date; every reasonable step is taken to provide that personal which is inaccurate, having regard to the purpose for which it is processed, is erased or rectified without delay (“accuracy”)
  • Information is kept in a form which permits identification of data subjects for no longer that is necessary for the purpose for which personal data is processed (“storage limitation”)
  • Information is processed in a manner that ensures appropriate security of the personal data, including protection against the unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organization measures (“Integrity and confidentiality)

Individual Rights:

As per the GDPR regulations, you will have the below rights for being a data subject (for the purpose of this clause you will be defined as an “Individual”)

  • An individual has the rights to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have rights to transmit to another controller without hindrance from the controller to which personal data have been provided.
  • An individual has the rights to object, on ground relating to his or her particular situation, at any time, to the processing of personal data concerning him or her including profiling based on those provisions. The controller shall no longer process personal data unless the controller demonstrates controlling legitimate grounds for the processing which override the interests, rights and freedoms of the individual or for the establishment, exercise or defense of legal claims.
  • An individual has the rights not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
  • An individual has rights to obtain from the controller confirmation as to whether or not personal data concerning him or her is being processed and where that is the case, access to the personal data and the following information is provided.
    • The purpose of the processing.
    • The categories of personal data concerned.
    • The recipient or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organization.
    • Where possible, the envisaged period for which the personal data will be stored or if not possible, the criteria used to determine the period.
    • The existence of the rights to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing.
    • The rights to lodge a complaint with a supervisory authority.
    • Where person data is not collected from the data source, any available information as to their source.
  • An individual has the rights to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
  • An individual has the rights to obtain from the controller the erasure or forgotten of personal data concerning him or her without undue delay.
  • An individual has the right to obtain from the controller restriction of processing in a situation where accuracy of the personal data is contested by the data subject, the processing is unlawful and data subject opposes the erasure of the personal data and requests the restriction of their use instead.
  • The notification of the personal data breaches with serious impact on the individual privacy will be reported to supervisory authority and the communication of personal data breach of data subject.

Security of personal data

Compliance and cooperation with regulatory authority:

We regularity review our compliance with our privacy notice. We also adhere to regulatory framework including GDPR (General data protection regulation) and other applicable regulation around private data protection.

When we receive formal written complaints, we will contact the person who made the complaint to follow-up. We will work with the appropriate regulatory authorities, including local data protection authorities to resolve any complaint the personal data that we cannot resolve with data subject directly by accessing this Website and its contents, you understand that data privacy laws may vary across various jurisdictions and you would be subjected to the laws of the country under which you reside.

Delete/Unsubscribe policy

If at any time you require us to cease processing your personal data, you may write to us on the e-mail specified below. By following the appropriate directions, your record will be marked as \"do not contact\", and you will no longer receive communications from Borderless Access Panels. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Change Control:

This policy and the terms herein shall be applicable to you in the event of Borderless Access Panels undergoing any functional changes in the way it operates. Such changes may include the Company being re-branded or undergoing the process of a merger or de-merger etc. On occurrence of any of these events, your rights as data subjects would remain intact without any changes.

Contact us:

We have taken great measures to ensure that your visit to www.borderlessaccess.com is an excellent one and that your privacy is respected. If you have any questions, comments or concerns about our privacy practices, please contact us by email on connect@borderlessaccess.com or write to the following address:

Borderless Access Panels Pvt. ltd.
Building 2A, Aster- East Tower, Lower Ground Floor,
Embassy Tech Village (Formerly Vrindavan Tech Village),
Marathalli – Sarjapur Outer Ring Road,
Devarabeesanahalli, Bangalore - 560 103.

Borderless Access Panels Services has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:

[For any data privacy related concerns, please contact us on the below ID]

Attn: dataprotectionofficer02@borderlessaccess.com