WELCOME

Knowledge Technology Solutions, Inc., d.b.a. Quester®, an Iowa corporation (“Knowledge Technology Solutions,”, “Quester”, “we,” or “us”) is a full-service marketing research company located in the United States, with headquarters in Des Moines, IA. As a marketing research company, Quester collects data from research study participants so that our clients can understand their customers’ needs and recognize how their products and/or services are received in the general marketplace. This data is collected through online surveys, mobile surveys, phone interviews, focus groups and other research methodologies.

To protect confidentiality and respect your privacy, Quester will in no way make your personal information available to any party outside the scope of the research project. Personal information is only utilized to group responses which will provide feedback to our clients. Individual responses or specific information will only be used for research purposes with your consent. You always have the option to opt-out of or terminate your participation in research.

Information We Gather
Any research conducted by Quester will be entirely communicated to its research participants with full transparency prior to beginning the study. The information we receive, that you voluntarily provide as part of our research studies, generally includes certain demographic information (age, gender, and/or income level) that is only used to analyze data, information regarding your personal preferences and attitudes, as well as your specific purchase activities or hobbies. Please note, the information we collect is always strictly for use in research studies and Quester will never ask for financial account numbers or personal passwords.

Quester may receive personally-identifiable information from a third-party (e.g., our client) and/or from third-party providers of phone and address lists. The third-party (client) provides this information so that we can contact you to participate in research projects. In this case, we may be provided, from the third-party, with basic personal information (including name, age, etc.), your contact information (such as email address, phone number), your interests and/or product association, and your connection with the third-party.

Quester or our third-party sample provider(s) may assign unique identifiers to a participant’s computer to identify and track the computer. Quester works primarily with third-party providers to arrange this technology, or to track the online activities of the user of a computer. This technology will not disrupt or interfere with the regular use or control of a computer. Nor will it modify or alter the settings or functionality of a computer.

Quester uses the unique identifier to assist our clients in safeguarding the integrity of survey results (to ensure that one person does not complete a survey multiple times). The third-party provider may use and analyze publicly available information and data obtained from the computer’s web browser and from other publicly available data points, including, without limitation, the technical settings of the computer, the characteristics of the computer or web browser to create a unique identifier assigned to the computer. This technology may utilize both cookies as well as locally shared objects known as “flash cookies”. The unique identifier is an alpha-numeric ID. Additionally, to assist our clients in protecting and ensuring the integrity of survey results, we (a) may link or associate your unique identifier to you and any of your personally identifiable information; (b) may share your unique identifier with sample or panel providers; and (c) may receive or obtain a unique identifier linked to you from a third-party, including, without limitation, a sample or panel provider or a client of Quester. Any unique identifier(s) received or obtained by Quester and linked to a specific individual will be protected in accordance with this Privacy Policy.

How We Use and Share Your Personal Information
Research project participant information is used exclusively for research purposes. Quester will never attempt to sell our participants anything; we are only interested in gathering opinions. When you complete a research project, your personal responses are analyzed collectively with all other respondents’ information and may be reported individually to the client. We support the rights of our survey participants by limiting the use of personally identifiable information for legitimate marketing research purposes and actively support industry organizations created to uphold ethical survey research (this support includes making every effort to conform to the organizations’ ethical standards). We will never share our survey participants’ email addresses or personally identifiable information with anyone except our clients or approved vendors. Access to this data is strictly for purposes related to carrying out the research study, including hosting a survey or processing data. Quester will obtain guarantees from our vendors that they will safeguard personal information in consistency with this policy. All vendors, clients, and sub-contractors must sign an NDA, confidentiality or “chain of trust” agreement.

Clients who hire Quester to conduct market research are typically provided with participant level survey data that may include personally identifiable information and other data such as demographic information needed to analyze data (e.g., gender, income level). On some occasions our clients request contact information or customer IDs of survey participants for record keeping, authentication or other business purposes.

In certain instances, such as to protect someone’s safety, to protect our rights or property, or when required to do so by law (including to meet national security or law enforcement requirements), Quester may disclose your personal information to a third-party.

Collection of Minor Data
We understand the importance of protecting children’s privacy. Quester does not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If you are a child under the age of 13, please do not provide us with any personal information.

Parental Consent
If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information from our systems.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us at privacy@quester.com so that we can obtain your consent or delete the information.

Surveys Involving Minors Aged 13-17
In some cases, we may conduct online surveys that involve minors aged 13-17 with verifiable parental consent. In these instances:

  • Purpose of Collection: We will clearly state the purpose for collecting information from minors and obtain verifiable parental consent before collecting any personal information.
  • Type of Information Collected: We will only collect the minimum amount of personal information necessary for the specified research purpose.
  • Data Security: We will implement appropriate technical and organizational measures to protect the confidentiality, integrity, and availability of minor data.
  • Third-Party Sharing: We will only share minor data with third parties who have agreed to comply with applicable data protection laws and regulations.
  • Parental Rights: We will only share minor data with third parties who have agreed to comply with applicable data protection laws and regulations.
    • Access: Review the personal information we have collected from their child.
    • Correct: Request correction of any inaccurate information.
    • Delete: Request deletion of their child’s personal information.
    • Opt-Out: Prevent the “sale” or sharing of their child’s personal information (if applicable).

Notice to California Residents
Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), the “sale” or sharing of a minor’s personal information requires opt-in consent from the minor if they are 13 to 15 years old, or from the minor’s parent or guardian if the minor is under 13 years old. We will comply with these requirements and provide clear notice and opt-out options as required by law.

Service Providers
Quester may share your personal information with third party companies and individuals that provide services on our behalf or help us operate the Service (such as customer support, hosting, analytics, email delivery, marketing, and database management services). Following is a list of our service providers:

  • Microsoft 365
  • Ntirety
  • ShareFile
  • Forsta

Notice
Quester believes you have the right to be informed about personal information collected and provides transparent notice to online visitors and consumers with clear and accurate information about our policies, and our compliance with privacy and data protection. When we collect your personal information, we will give you timely and appropriate notice describing what personal information we are collecting, how we will use it, and the types of third parties with whom we may share it.

Choice
Research participants in the EU, the United Kingdom, and Switzerland will be given the opportunity to choose whether the personal information they share is to be disclosed to a third party (e.g., our client) or to opt out of the research study. This option is not given when the third party is acting as an agent to perform a specific task on behalf of and under the instructions of Quester (e.g., survey hosting or tabulating data).

If there is ever a need for Quester to collect more sensitive information than the information previously described, such as your name or contact information, or other data that may be considered sensitive per the regulations in your country, we will inform you at the start of the research study that we will be asking for this type of information. We will then provide the option for you to opt-out, either from participating in the study and/or providing that information. Research study participants will also be given the opportunity to choose, or opt out of, whether the personal information they provide can be utilized for a substantially different purpose for which it was originally collected or authorized by the individual.

Accountability for Onward Transfer
Third party agents and clients who work with Quester on research studies involving the personal data of EU, the United Kingdom, and Swiss citizens are contractually obligated to provide at least the same level of privacy protection as required by the principles Quester holds potential liability in cases of onward transfer to third party agents in agreement with the accountability for onward transfer principle.

Security
Quester takes the security of your personal information seriously. Access to research participant personal information is restricted and limited to Quester staff members and authorized third parties who have an explicit need to access such information for a legitimate business purpose, such as sending email invitations, hosting an online survey or processing data. We take precautions to protect personally identifiable information in our possession from loss, disclosure, alteration and destruction, misuse and unauthorized access.

Data Integrity and Purpose Limitation
It is Quester’s goal to maintain accurate data and provide mechanisms for you to access, correct or delete your personal data. We’ll keep your personal information only if we need it for the purposes for which we collected it, or as permitted by law. Data will only be used to provide the service(s) or carry out the transaction(s) you have requested or authorized. We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

International Data Transfers
We may transfer your personal data to countries outside the European Economic Area (EEA) for the purposes described in this policy. When we do so, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with the GDPR. These safeguards may include:

  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules
  • Adequacy decisions by the European Commission for specific countries

Data Processing Agreements
To ensure compliance with the General Data Protection Regulation (GDPR), Quester enters into Data Processing Agreements (DPAs) with all third-party processors who process personal data on our behalf. These agreements outline the responsibilities and obligations of both parties to ensure the protection and confidentiality of personal data. Our DPAs include provisions for:

  • The scope, nature, and purpose of data processing.
  • Security measures to protect personal data.
  • Restrictions on the use of sub-processors.
  • Assistance with data subject rights and data protection impact assessments.
  • Obligations to notify us of any data breaches.
  • Conditions for returning or deleting personal data at the end of the processing relationship.
  • Compliance audits and inspections.

By using our services, you acknowledge and agree that your personal data may be processed by third-party processors in accordance with these DPAs.

Access
Quester will make available to you your personal information in our custody or control that we have collected, upon your written request, to the extent required and/or permitted by applicable law. Availability will be provided so that you can correct, amend, or delete information where it is inaccurate. Personal information will not be provided in the case where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.

To request access to your personal information, please contact us in writing at the physical mailing address or the email address provided below. Quester will fulfill your request within 30 days or give notice of extension (up to 60 additional days).

Recourse, Enforcement and Liability
Quester completes a privacy compliance assessment at least annually and will make improvements to our controls and processes based on those results. In the event of any privacy or collection complaints, Quester provides recourse mechanisms for dispute resolution, to allow expedient resolution of such matters. We regularly review how we are meeting these privacy promises and provide an independent way to resolve complaints about our privacy practices.

Exceptions to our Privacy Policy
Any exceptions to this Privacy Policy in terms of what data is collected, how it is collected or how it is used will be explicitly disclosed before the data is collected. Additional consent will always be asked, and respondents can always opt-out if they choose.

Changes to Our Privacy Policy
Quester will review and update this Privacy Policy periodically to respond to changing legal, technical and business developments. We will note the date of its most recent revision herein. Please review this Privacy Policy frequently to be informed of your rights and how Quester is protecting your Personal Data.

Notification of Disclosures to Third Parties Policy
Click here for our Disclosures to Third Parties Notice

California Consumer Privacy Act (CCPA)
Click here for our California Consumers Privacy Notice

How to Contact Us
Quester
Attention: Privacy Officer
6500 University Avenue
Suite 205
Des Moines, IA 50324
privacy@quester.com

Last reviewed and modified on December 5, 2024