GDPR Privacy Policy

1. Introduction

Echelon Insights LLC is committed to international compliance with data protection laws, regulation and rules. This policy adopts the fundamental principles of the EU’s General Data Protection Regulation (“GDPR”).

Echelon Insights LLC depends on the collection and analysis of information about living individuals (“Data Subjects”) to carry out its market research and associated business. Maintaining respondents’ and the public’s confidence requires that respondents do not suffer direct adverse consequences, risk or harm as a result of providing Echelon Insights LLC with their information or their Personal Data being processed for Echelon’s business purposes. The information may be obtained from any kind of individual or organization.

This Policy describes the minimum standards of how Personal Data must be processed, collected, handled and stored to meet Echelon’s data protection standards.

2. Application of National Laws and Codes of Conduct

This Data Protection Policy adopts the internationally accepted privacy principles as enhanced by the GDPR. It is subsidiary to and supplements any applicable national legislation. The relevant national laws will take precedence if there is a conflict with this Policy or it has stricter requirements than this Policy. Any registration, notification or reporting requirement for data processing under national laws must be observed. The contents of this Policy must also be observed in the absence of corresponding national legislation.

3. Principles for Processing Personal Data

All Personal Data must be dealt with properly, irrespective of how they are collected, recorded and processed – whether on paper, in a computer file, database, or recorded on other material – and there are generally accepted principles to safeguard this, as set out in the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, as well as relevant safeguards in various statutes across the world, including the GDPR.

Echelon Insights LLC regards the lawful and correct treatment of Personal Data and maintains the confidence of those with whom it deals as a vital component of its business operations and is committed to act ethically and responsibly in respect of these Personal Data and to provide always a high degree of confidentiality and security.

To demonstrate these commitments, Echelon Insights LLC adheres to the principles relating to the processing of Personal Data found in the GDPR which are themselves an embodiment of the OECD principles. Echelon Insights LLC respects the following principles, concerning Personal Data and that they are:

• Processed fairly and lawfully.
• Processed for limited purposes and in an appropriate way.
• Adequate, relevant and not excessive for the purpose.
• Accurate.
• Not kept longer than necessary for the purpose.
• Processed in line with Data Subjects’ rights.
• Secure.
• Not transferred to people or organizations situated in other countries without adequate protection.

3.1. Lawfulness, Fairness and Transparency

Personal Data must be processed and collected lawfully, fairly and in a transparent manner in relation to the Data Subject. Furthermore, Data Subjects must be informed of how his/her data are being handled. In general, Personal Data must be collected directly from the individual concerned.

3.2. Purpose Limitation

Personal Data must only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Subsequent changes to the purpose are only possible to a limited extent and require substantiation and validation.

3.3. Data Minimization

Personal Data must be adequate, relevant and limited what is necessary in relation for the purpose for which they are processed. It must be determined whether and to what extent the processing of Personal Data is necessary to achieve the purpose for which the processing is undertaken. Where the purpose allows and where the expense involved is in proportion with the goal being pursued, anonymized data must be used instead of Personal Data.

3.4. Accuracy

Personal Data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that Personal Data that are inaccurate, having regard for the purpose for which they are processed, are erased or rectified without delay.

3.5. Storage Limitation

Personal Data must not be retained in a form which permits identification of Data Subjects for longer than is necessary for the purpose for which the Personal Data are processed. Echelon Insights LLC will not keep Personal Data longer than is necessary for the purpose or purposes for which they were collected. Echelon Insights LLC will take all reasonable steps to destroy, or erase from its systems, all Personal Data which are no longer required.

3.6. Integrity and Confidentiality

Personal Data must be processed in a manner that ensures appropriate security of the Personal Data from being revealed, disseminated, accessed or manipulated.

3.7 Restriction on Transfers

Personal Data must not be transferred to other countries that do not offer an adequate level of protection. Echelon Insights LLC has introduced various measures to adduce such adequate level of protection on a general basis, however, various countries may have further and/or different requirements that must be adhered to.

4.0 Rights of the Data Subject

Every Data Subject has the following rights. Their request is to be handled immediately by Echelon and may not result in any disadvantage to the Data Subject.

Right of access: The Data Subjects may request information on which Personal Data relating to him/her have been stored, how the data were collected and for what purpose.If Personal Data are transmitted to 3^rd  parties, information must be given about the identity of the recipient or the categories of recipients.

Right to rectification: If Personal Data are incorrect or incomplete, the Data Subject can demand that they are corrected or supplemented.

Right to withdraw consent: Where the Personal Data are processed on the basis of Consent (see also the separate guidance on Consent), the Data Subjects can object to the processing at any time. These Personal Data must be blocked from the processing that has been objected to.

Right to erasure. The Data Subject may request his or her data to be deleted if the processing of such data has no legal basis, or if the legal basis has ceased to apply. The same applies if the purpose behind the data processing has lapsed or ceased to be applicable for other reasons. Existing retention periods and conflicting interests meriting protection must be observed.

Right to object: The Data Subjects generally has a right to object to his/her data being processed and this must be taken into account if the protection of his/her interest takes precedence over the interests of the data controller owing to the particular personal

5. Information on the controller:

5.1 Information of the data controller

The controller for the data collection is:

Echelon Insights LLC

121 N. Washington Street, Alexandria Virginia, U.S.A. 22314  

Tel: +1 703-879-1250

E-mail: info@echeloninsights.com 

Internet address: www.echeloninsights.com

5.2. Information on the data protection officer [DPO]:

Our data protection officer can be reached at:

Data Protection Officer

Echelon Insights LLC

121 N. Washington Street, Alexandria Virginia, U.S.A. 22314

Tel: +1 703-879-1250

E-mail: info@echeloninsights.com