Privacy Policy and Data Security Policy

As a longstanding independent market and social research company, the protection of personal data has always been a top priority for Alpha Research Ltd (Alpha Research).  We are fully committed to protecting and respecting your privacy and complying with the requirements of the Genearal Data Protection Legislation (GDPR) and the research industry professional standards.

Alpha Research is a Company Partner of the Market Research Society (MRS) and abides by the MRS Code of Conduct.  We are also registered with the Information Commissioner’s Office (ICO) for the processing of personal data (registration Z9813573).

If you have any question about how we look after your data please contact us:


Personal data is defined as anything that may identify an individual e.g. full name (if in addition to any of the following…), address, telephone number email, national insurance number, ID/membership number of any kind, ISP address etc.  Alpha Research also includes photos/recordings in their definition of personal data (but only when combined with identifiable information).


Alpha Research is a market and social research agency.  We conduct research on behalf of a wide range of public, semi-public, not-for-profit and private sector organisations (our clients).  We may collect and process personal data about you in the following ways:

  1. If you have commissioned a project or made an enquiry with Alpha Research, we will retain your details for future communications. If you have sent details of your services to Alpha Research we may also retain your details.
  2. We may request your consent to take part in one of our research projects, for example a survey (conducted online, by telephone, face to face or by post) or a focus group or other qualitative research. When we invite you to take part in a survey or other research exercise we will explain why the data is being collected and how it will be processed.  This will allow you to decide whether you wish to give your consent by taking part.  Any information you provide when you participate in research for us will be used only for the research purposes stated.
  3. Following participation in a research project we may also recontact you about taking part in further research, if you have agreed to this.
  4. There may be occasions where our clients ask us to contact their databases and will provide us with your contact details for this purpose (e.g. email address, telephone number, postal address). They may also provide us with additional information they hold about you where this will help us conduct the survey or the analysis of the results.
  5. There may also be instances where we have lawfully received your data from a sample supplier that has lawfully collected your details and has the right to sell this on.


The legal basis on which we collect and/or process your data will be either:

  1. You have specifically agreed to take part in a survey or other research exercise administered by Alpha Research (“consent”) or
  2. The organisation that commissioned the research has a legitimate interest in analysing and/or processing data you have provided to it (“legitimate interest”)


When we ask your consent to collect and process personal data about you we will provide you with the name of the company collecting the data, the subject and purpose of the research, the type of organisation on whose behalf we are working, how we will use the data, the time commitment involved, any tasks required/costs you may incur, any recordings being made, and how long we will retain your personal data.  We will also make reference to the MRS Code of Conduct and to your right to withdraw at any time.

We will only use any personal data we collect from your for the purpose for which consent has been obtained.

Anyone collecting personal data on our behalf will have signed contracts with us, agreeing that they (their employees and any individuals acting on their behalf) will strictly adhere to the requirements of this policy and the General Data Protection Regulation (GDPR).

It is the responsibility of our clients/suppliers to ensure that when they provide us with personal data about you, they have complied with the requirements of GDPR .


If you participate in a research project for us, we will retain your personal data until the related project invoice has been paid by our client (completion) plus six months.  After this time, we will use a physical or digital file shredder service to destroy the personal data we hold about you.  The six-month period enables quality control to be completed and any project queries to be answered.

Anyone collecting personal data on our behalf will have signed contracts with us, agreeing that they will also securely destroy any personal data after this same six-month period.

Should we ask your permission to recontact you to follow up on a piece of research you have taken part in, any follow-up will only relate to the project/client concerned, and we will specify the time-period concerned when you give your consent.

For qualitative methodologies e.g. focus groups, depth interviews, bulletin boards etc., we may ask your consent to extend Alpha Research’s retention of personal data for up to 12 months.  This allows us to monitor repeat participation/maintain quality research recruitment.  Photos/recordings – only when containing no identifying information – may be kept indefinitely, as they could for example be included in research reports used/retained by our clients for internal use.

Any exception to the above retention procedures will have been agreed at the consent stage.

If at any point you wish to withdraw from research you have agreed to participate in, you should contact your recruiter or Alpha Research.  You will have been provided with details of how to do this when you gave your consent.

If you would like to revoke your consent and do not want us to hold on to your personal data, you can simply reply to any received communication (or email with the title ‘DELETE ME’, or write to Alpha Research Ltd, Robert House, 19 Station Road, Chinnor, Oxfordshire OX39 4PU.


In most cases personal data is not shared outside of Alpha Research / Alpha Research employees.

We will never sell or lease your data to any third parties.  From time to time we may transfer your data to another company that performs functions on our behalf.  Where personal data is not needed to complete the task required then it will be removed prior to sharing the data. We will only share your personal data with third parties who are directly involved in the research process and only for the purposes of our research.  Third parties processing data on our behalf are obliged to hold your data securely and to delete it on completion of the project.  They must also follow the requirements of this policy and the General Data Protection Regulation.


We invest appropriate resources to protect your personal data from loss, misuse, unauthorised access, modification or disclosure and use strict procedures and security features to prevent unauthorised access.

Any physical records – photos/recordings/files – that contain personal data will be stored in a secure/locked location. We operate a clear-desk policy for personal data.

Any digital records – photos/recordings/files – that contain personal data will be stored password protected on a secure server and never on personal hard drives (unless the device is kept in locked storage when not in use).  All devices that can be used to access personal data are password protected with a screen-out of a maximum of 5 minutes.

Our own servers run up-to-date IT security software and continual virus/malicious scanning software.


If we collect or process your personal data, you have the following legal rights which allow you to see, change or delete, or question how we use your personal data.  Further information can be obtained from the Information Commissioner’s Office.

  • The right to be informed: We must tell you about the collection and use of your personal data.  We do this through our privacy notice and before we carry out our research.
  • The right of access: You may request from us details of the personal data we hold and we must give you that data if you ask for it.
  • The right to rectification: We must hold accurate data, so we must amend the data we hold if you tell us it is wrong.
  • The right to erasure: We must delete your data permanently if you ask us to.
  • The right to restrict processing: You can ask us to limit the way that we use your data.
  • The right to data portability: You are allowed to take your data from us in a format that allows you to transfer it easily to another service.
  • The right to object: You may ask us to stop using your data.
  • The right not to be subject to automated decision-making including profiling: We do not carry out any automated decision-making using personal data and any profiling uses anonymised data only and is used only for analysis.

We may update this policy.  The associated procedures are monitored and reviewed on a regular basis and altered in line with technological advances and updated guidelines.


What Our Clients Say

We have been lucky enough to received many testimonials from clients over the past 30 years, here are a selection of some of these endorsements.