Following are answers to questions relevant to Over the Shoulder (OTS) studies conducted in European Union countries.

Q: What data does the Over the Shoulder system collect?

A: The only data the Over the Shoulder app collects, uses or uploads from your smartphone is:

  1.  The answers you give to the questions we ask. 

  2. The time you submitted each answer.

  3. The geolocation data of where you were at the time when you submitted your answer. If instructed, you can disable the abs access to your to your location information so that it is not captured. Over the Shoulder does NOT constantly geolocate or geotrack you

  4. The device model of the phone you are using (for Android devices only).

Over the Shoulder does NOT ever access, use, or upload any of the following:

OTS does NOT access, use or upload your contacts or address book.

OTS does NOT monitor other apps on your phone or any usage information about them.

OTS does NOT access use, record or upload ANY information about your phone calls, the texts you send or receive, or the websites you visit.

OTS does NOT track where your smart phone is, with the exception of when you upload the answer to a question we’ve asked you (as detailed above).  

Over the Shoulder does NOT continuously run your phone's GPS location chip. On the Android operating platform, Over the Shoulder will run the background and check for connections while it is trying to upload answers you’ve recorded on it. Once they’re submitted, Over the Shoulder goes inactive.

OTS was specifically designed to avoid any activity that could cause wear on your battery.

When you finish the study you participate in and delete the app, OTS leaves no active or passive software on your phone, and the memory it was using is freed up immediately.


Q: How long will the data collected in this study be kept?

A: In compliance with CASRO guidelines, Over the Shoulder keeps the data you submit for a period of one year. After one year, your data is deleted from all systems and servers within the OTS platform.


Q: For what purpose is the data collected used?

A: The data you submit is analyzed and used by the specific market research agency that executed the study, and the client company that commissioned the study. The purpose of collecting this data is to help companies better understand the behaviors, motivations, and perceptions of products, services and brands to improve their ability to perform marketing activities like new product development, brand communications and sales activities. Over the Shoulder will not use or share any Personal Information collected, either within Over the Shoulder or with a third party, for our own direct marketing purposes.



Q: How do you protect data that I submit during an Over the Shoulder study?

A: Because of the confidential and personal nature of some of the data Over the Shoulder collects, we take extreme caution with your personally identifiable information and your submissions. This include, but are not limited to:

Your name and other personally identifiable information are kept on a server system separate from the data collected via your participation in the project. 

Encryption is used in all situations where your data is stored (including backups) and transferred within the Over the Shoulder system.

Data is stored in locations that are actively monitored, physically secured, and certified to SSAE16 & ISO 27001 standards.

Over the Shoulder has a Privacy Administrator who is responsible for the internal supervision of Over the Shoulder’s privacy policies.

Over the Shoulder educates its employees about compliance with EU Safe Harbor Principles and has self-assessment procedures in place to ensure its compliance.


Q: Who will have access to the data that I submit?

A: The data you submit to Over the Shoulder can be accessed by the specific research practitioner conducting the project you are participating in, and employees of the company sponsoring the research who are authorized access it. Your data may also be reviewed by Over the Shoulder's Privacy Administrator, Quality Assurance and Community Management employees, and Helpdesk employees, all of whom are legally bound to maintain its privacy.


Q: Where is the data I submit stored?

A; The data you submit is stored on electronically and physically secure, actively monitored servers, and potentially on the systems used by the practitioner conducting the research project you are participating in and the company sponsoring the project. Your data, or portions of it will be stored on servers located within the EU, and within the United States of America.


Q; Where is the data I submit analyzed or processed?

A; The data you submit as you participate in an Over the Shoulder project may be reviewed, processed or analyzed in the United States and in EU countries.


Q: Is Over the Shoulder EU Safe Harbor complaint?

A: Over the Shoulder adheres to the Safe Harbor Agreement concerning the collection, use, transfer, and retention of data from the European Union.  Accordingly, Over the Shoulder follows the Safe Harbor Principles published by the U.S. Department of Commerce with respect to all such data, and this Privacy Policy complies with such Principles. Compliance with the Principles may be limited, however, in certain cases to the extent necessary to meet national security, public interest or law enforcement requirements. All Over the Shoulder employees with access to Personal Information are obligated to familiarize themselves and comply with the provisions of this Statement. For further information about the Safe Harbor Privacy Framework and the documents that comprise its requirements, see the U.S. Department of Commerce website at http://www.export.gov/safeharbor/.

ver the Shoulder may disclose Personal Information to third parties when such disclosure is necessary or appropriate for Over the Shoulder’s provision of such services to its clients or otherwise for Over the Shoulder’s operation of its business.  

As part of our market research process, all Over the Shoulder questionnaires provide respondents with choices related to Personal Information. The choice to provide Personal Information is purely voluntary.  If a respondent chooses not to provide Personal Information, the person may be automatically excluded from the study. In addition, Over the Shoulder reviews and communicates results to clients in a consolidated format and as such, no one individual’s Personal Information is reported separately, except that photos of and provided by individual Participants may be used from time to time.  

Over the Shoulder will disclose Personal Information to a third party if (a) Over the Shoulder has received the Participant’s permission to make the disclosure, (b) the disclosure is required by law, (c) the disclosure is reasonably related to the sale or disposition of all or part of Over the Shoulder’s business, (d) the information in question is publicly available, and/or (e) the disclosure is reasonably necessary for the establishment of a legal claim.

Additionally, Over the Shoulder may disclose Personal Information to an Over the Shoulder affiliate or to persons or entities providing services on behalf of Over the Shoulder, an Over the Shoulder client, or the individual (each a “Transferee”), consistent with the purpose for which the information was obtained, if the Transferee, with respect to the Personal Information in question (a) is subject to law providing an adequate level of privacy protection including, without limitation, Transferees that are located within the EU or Transferees that are otherwise subject to an “adequacy” finding, (b) has agreed in writing to provide an adequate level of privacy protection, and/or (c) subscribes to the Principles.

Over the Shoulder takes reasonable steps to ensure that Personal Information is accurate, complete, current and relevant for the purposes for which it was collected.

Upon request, Over the Shoulder will permit EU Citizens to access Personal Information collected by Over the Shoulder and will give them the opportunity to correct, amend, modify or delete inaccurate data upon request. Such access may be denied or limited by Over the Shoulder, however, if providing such access is unreasonably burdensome, time consuming or would result in significant and/or unreasonable monetary cost, or if the rights of persons other than the individual requesting amendment would be violated.

Over the Shoulder will respond to such requests within a reasonable time period. Depending on the nature of the request, Over the Shoulder reserves the right to charge a reasonable fee to cover the costs of providing access. Over the Shoulder may delete Personal Information if the Personal Information is not complete, current, and accurate or is inappropriate for its original intended use.  Any deletion or modification may be subject to the consent of the Participant that originally submitted the Personal Information. In order to request access to information or to request amendment, modification or deletion of data, or if you believe that Over the Shoulder is not complying with the Safe Harbor Principles, or this policy, please contact Over the Shoulder by e-mail at the email address provided below.

In the event that any citizen of the European Union is not entirely satisfied with the resolution of a complaint proposed by Over the Shoulder, Over the Shoulder will cooperate with the relevant European Data Protection Authorities to resolve that individual's complaint.

Contacting Us

If you have any questions or concerns about this Policy, send an email with your questions to: admin@overtheshoulder.com

The Effective Date of this Privacy Policy is May 25, 2012.