Our registered office address is The Hive Central, 14/F, Manning House, #38-48 Queen’s Road, Central, Hong Kong. We are registered with the Hong Kong International Chamber of Commerce (No. 1732888).
This policy was last updated on the date that appears at the top of this page.
The Privacy of The Method Research is available: Here
1. Who We Are
For the purposes of data protection law, The Method Consulting Limited is the controller of the personal data it collects from you. This means that it decides why and how your personal data is processed and is responsible for that processing.
Please see the end of this policy for our legal and contact information.
2. Types of Personal Data We Collect About You
The Method Consulting Limited collects personal data from you if you (or an organisation for whom you work) purchase or use our services, request information, register for an event, sign up for an e-alert service, request customer support or correspond with us.
We collect and process the following personal data about you:
- Identity information, such as your first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, and gender.
- Contact information, such as billing address, delivery address, email address and telephone numbers.
- Financial information, such as payment-related information.
- Transaction information, such as details about payments to and from you and other details of products and services you have purchased from us.
- Technical information, such as internet protocol (IP) address, your login data, browser type, and version, location, operating system and platform, and device and cookie IDs on the devices you use to access this website and our other web-based products.
- Profile information, such as your username and password, purchases or orders made by you or on behalf of an organisation, your interests, preferences, feedback, and survey responses.
- Usage information, such as information about how you use our website, products and services. Our technologies automatically collect and log certain information to help us administer, protect, and improve our services, analyse usage and improve user experience.
Marketing and communications information, such as your preferences in receiving marketing from us and, where applicable, third parties and your communication preferences.
Other information relating to you which you may provide to us, for example in the correspondence that you send to us.
We may hold information about you that has not come directly from yourself. It may, for example, come from your employer, other organisations, such as educational institutions, to which you belong, if they use our services and products. We also collect personal data from third parties such as our partners and associates, and publicly available websites, to help us maintain data accuracy and provide and enhance our services and products. Please see further How do we collect your personal data?
We share personal data with others only as described in this Statement, or when we believe that the law otherwise permits or requires it. Please see further 3. How Do We Collect Your Personal Data?
The Method Consulting Limited may request personal data as part of the recruitment and employment process or as anonymised input into our services and products. This includes and is not limited to anonymised consumer surveys conducted via social media, online panels, communities as well as regular surveys sent to our employees and clients.
3. How Do We Collect Your Personal Data?
We use different methods to collect personal data from and about you as follows:
3.1. Direct contact with you during the course of business. You may give us your contact details, and payment details for invoice purposes, by placing an order online, at events or by corresponding with us by post, phone, email or in other ways (all of which are provided by you on a voluntary basis). This includes personal data you provide when you:
- subscribe to our products or publications
- create an account on our website
- request marketing information to be sent to you
- respond to our surveys
- provide us with some feedback on our products or services
- provide us with your contact details for us to assist you with using our products
- interact with us at events and meetings
If you do not provide this information, we will not be able to interact or communicate with you to provide our services in the ways mentioned above.
3.2. Automated interactions with our website where we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. f
3.3. Using third party or publicly available sources, where we may receive personal data about you from:
- Your employer or organisation for whom you work where that organisation is a client, supplier, commercial partner or other company with whom we have a business or contractual relationship. The terms of our contract with your employer or organisation may require us to process your personal data in order to comply with our obligations under that contract or to exercise our rights under it.
- Analytics providers such as Google Inc. based outside the EU
- Survey and marketing companies based inside and outside the EU
- Contact, financial and transaction data from providers of technical, payment and delivery services who host our data inside and outside of the EU.
- Identity and contact data from publicly availably sources such as Companies House.
4. How Does The Method Consulting Limited Use Personal Data?
We process your personal data for the purposes listed below.
- Personalisation: We use personal data to deliver and suggest tailored content to personalise your experience with our services and websites.
- We use personal data such as names, emails and domain addresses, phone numbers, and information to set up and carry out research, however, the exact personal data processed will depend on the services to be provided. Where we engage with clients for consulting/research services, we may collect and process personal data in order to satisfy our obligations under the statement of work.
- We do not collect special category personal data for research projects. We request that clients only provide the personal data that is required for us to fulfil our obligation.
Where data is collected for consulting/research services, it is used for several purposes, such as;
- Providing services to clients – data is processed in order to provide the service detailed in statement of work;
- Client management – when communicating with and assessing the needs of clients, personal data may be processed in order to ensure that their needs are met. This may include assessing whether the right collection of services is being provided to our clients;
- Administration – in order to manage and administer our services, we may collect and process personal data. This may include (but is not limited to) maintaining internal business records, managing client relationships, hosting events and administering client-facing applications.
- We sometimes run surveys to help us with our research. You control how much information you share with us.
- We will only retain your personal data for as long as we need to in order to fulfil the uses we describe in this notice (or until you exercise your right to erasure, which is explained in the section about your rights).
We use your personal data to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, and online. If we send you a marketing email, it will include instructions on how to opt-out of receiving these emails in the future. We also maintain email preferences for our services for you to manage your information and marketing preferences. Please remember that even if you opt-out of receiving marketing emails, we may still send you important service information related to your accounts and subscriptions.
We process your personal data for direct marketing purposes on the basis that it is necessary for us to pursue our legitimate interests as a business (see above in this section for further details). From time to time we may tailor and personalise marketing communications that we send to you, for example, by notifying you of products, services, offers or promotions that apply to your interests, location, industry sector, employer or job role.
We process your personal data for the below purposes on the basis that the processing is necessary for us to pursue our legitimate interests as a business. When we rely on legitimate interests, we conduct legitimate interest assessments to demonstrate accountability in considering and protecting people’s rights and interests.
If you do not wish to receive marketing communications from us, you can opt-out at any time by using the unsubscribe link inside the email (to unsubscribe from marketing emails), by sending an email to firstname.lastname@example.org.
HR / Recruitment
We collect personal data for our staff as part of the administration, management and promotion of our business activities.
Where an individual is applying to work for us, personal data is collected through the application process. Data collected on applicants via the website will be used for the purposes detailed below.
- Employment – we process an applicant’s personal data in order to assess their potential employment at The Method Consulting Limited
- Administration and management – we may also use this personal data in order to make informed management decisions and for administration purposes.
Administrative and Technical Aspects of Our Business
General administration: We use your personal data for the following legal and administrative purposes:
- to administer our websites and our social media pages and for internal operations, including troubleshooting, testing and statistical reporting purposes;
- to enable us to make payments to contractors and freelancers who provide services to us;
- for the prevention of fraud and other criminal activities;
- to meet our internal and external audit requirements;
- for network and information security purposes for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- for the purposes of a corporate restructure or reorganisation or sale of our business or assets;
- for efficiency, accuracy or other improvements of our databases and systems e.g. by combining systems or consolidating records we or our group companies hold about you;
- to enforce or protect our privacy, safety, property or contractual and other legal rights or to bring or defend legal proceedings;
- to respond to non-mandatory requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; and
- for general administration including managing your queries, complaints, or claims, sending service messages and providing you with important information about our business.
We process your personal data to comply with our legal obligations including:
- to verify the accuracy of information we hold about you;
- to keep a record relating to the rights you exercise in connection with our processing of your personal data;
- to respond to mandatory requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; and
- to respond to and resolve your complaints relating to the services we provide.
5. With Whom Do We Share Your Personal Data?
The Method Consulting Limited only shares or discloses personal data when necessary to provide its services or conduct our business operations as described below. When we share personal data, we do so in accordance with our documented data privacy and security requirements. We may occasionally share non-personal, anonymised, and statistical data with third parties, including survey findings from our online consumer surveys, employees and clients. Below are the parties with whom we may share your personal data and the reasons that we share that information.
Our Suppliers, Service Providers and Other Recipients
We may share your information with our third-party service providers, agents, subcontractors and other organisations (as listed below) for the purposes of providing services to us or directly to you on our behalf.
- Recipient/relationship to us
- Industry sector (& sub-sector)
- Accountancy services
- Professional services (accountancy)
- Advertising/digital agencies
- Marketing (advertising and digital)
- Banks, payment processors and financial services providers
- Financial (banking)
- Cloud storage providers
- IT (cloud services)
- Direct marketing service providers
- Marketing (direct marketing)
- Financial auditing services
- Audit (financial)
- Government tax administration offices
- Government (tax)
- IT support service providers
- IT (support and maintenance)
- Legal advisers
- Professional services (legal services)
- On-site security access control services
- Security (on-site)
The recipients mentioned above are located in the European Economic Area and the USA and ASEAN areas.
When we use third-party service providers, we only disclose to them any personal data that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions. When we share your personal data with third parties that are controllers of that information, they may disclose or transfer it to other organisations in accordance with their data protection policies. We only transfer personal data to any parties who have been subject to rigorous due diligence and with whom there is a clear data-sharing contract in place between us and the third parties. This does not affect any of your data subject rights as detailed below. Where you ask us to rectify, erase or restrict the processing of your information, we ensure that this request is passed on to any such third parties with whom we have shared your personal data.
Other Ways We May Share Your Personal Data
- Our content and event partners: We occasionally partner with other organisations who provide content, or host events, which may be held anywhere in the world. As part of these arrangements, you may be a client (or work for a client) of both The Method Consulting Limited and our partners, and we and our partners may collect and share information about you. We will handle personal data in accordance with this policy.
- Third parties for re-organisation: We may disclose your personal data to any third party who is restructuring, selling, buying or acquiring some or all of our business or assets (or contemplating doing so) or in the event of a merger, bankruptcy, dissolution, re-organisation or similar event to with any parties involved in those processes or transactions.
- Third parties for legal reasons: We will share personal data only when we believe it is required, such as:
- If we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation or police, court or government request, which may include such authorities outside your country of residence;
- To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities; and
- To protect our rights, users, systems, and services.
6. Where and How Does The Method Consulting Limited Transfer Your Personal Data?
When we transfer personal data from The Method Consulting Limited Economic Area to other countries (‘third countries) in which applicable laws do not offer the same level of data privacy protection as in your home country, we take measures to provide an appropriate level of data privacy protection. In other words, your rights and protections remain with your data. If you would like to know more about our data transfer practices, please contact our team by email at email@example.com
The Method Consulting Limited has networks, databases, servers, systems, and support located throughout our offices globally. We collaborate with third parties such as cloud hosting services, located around the world to serve the needs of our business, workforce, and customers. We take appropriate steps to ensure that personal data is processed, secured, and transferred according to applicable law. As a global organisation, we may need to transfer your personal data within The Method Consulting Limited or to third party cloud hosting providers, outside of your home country.
Our Data Protection and Information Security team conduct rigorous due diligence on third-party providers to ensure that the security of any personal data is paramount.
7. Securing Your Personal Data
The Method Consulting Limited uses appropriate technologies, policies, processes and procedures to protect personal data. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed and updated regularly to reflect changes in legislation and in business needs.
Examples of the technologies, policies, processes and procedures we maintain are:
- We have measures in place to protect against accidental loss and unauthorised access, use, destruction, or disclosure of data;
- We have a framework of policies and procedures which ensure we regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
- We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our clients and to protect our people and assets;
- We place appropriate restrictions on access to personal data;
- We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely;
- We regularly conduct security awareness and data protection training for employees and contractors annually and as necessary;
- We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions;
- We require, using contracts and security reviews, our third-party vendors, service providers and their sub-contractors to protect any personal data with which they are entrusted in accordance with our security policies and procedures.
8. How Long Do We Keep Your Data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We have an internal Data Retention Policy which mandates the retention of personal data only for as long as is necessary to serve the purpose for which it was collected.
The length of time we retain your personal data is determined by several factors including the purpose for which we use that information and our obligations under other laws. We determine the period of retention of your personal data based on the following criteria:
- Retention in case of queries. We will retain your personal data in case of queries from you, including on behalf of an organisation for whom you work.
- Retention in case of claims. We will retain certain of your personal data for the period in which you or a third party might bring claims against us.
- Retention in accordance with legal and regulatory requirements. We will carefully consider whether we need to retain your personal data after the period described above in case of a legal or regulatory requirement.
The exceptions to the above are where:
- you exercise your right to require us to retain your personal data for a period longer than our stated retention period (see further Restriction of processing below);
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Request deletion below);
- we bring or defend a legal claim or other proceedings during the period we retain your personal data, in which case we will retain your personal data until those proceedings have concluded and no further appeals are possible; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal data for a longer or shorter period.
- When we no longer need your personal data, we securely delete or destroy it.
9. Your Rights
The European Union’s General Data Protection Regulation (GDPR), The UK’s Data Protection Act 2018 and other applicable data protection laws provide you with rights over your personal data.
The Method Consulting Limited respects your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal data. Please remember, that on occasions your personal data may have been shared with you by your employer or by other organisations, such as educational institutions, to which you belong if they use our services and products.
If you wish to exercise any of your rights listed below, please contact our Data Protection team by email at firstname.lastname@example.org.
- Information regarding processing: You have the right to be informed about why, how and by whom your personal data is processed (which is what this policy sets out to do).
- Access to personal data: If you request access to a copy the personal data we hold about you, we will gladly comply, subject to any relevant legal requirements and exemptions, including completing our identity verification procedures. Before providing data to you, we will ask for proof of identity and enough information about your interaction with us so that we can locate any relevant data.
- Request correction: You have the right to correct or amend your personal data if it is inaccurate or requires updating.
- Request deletion: You have the right to request deletion of your personal data; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by using the “Contact Us” option within the relevant service.
- Object to processing: If you object to the processing of your personal data, or if you have provided your consent to processing and you later choose to withdraw it, we will respect your choice in accordance with our legal obligations. In relation to Marketing preferences: You can opt-out of email marketing; you can use the unsubscribe link found in the email communication you receive from us or visit the applicable email preference centre.
- Restriction of processing: You can ask us to suspend the processing of your personal data if you want us to establish the accuracy of the information; where our use of the information is unlawful but you do not want us to erase it; where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; and you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request personal data transfer (“data portability”): We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time: You have the right to withdraw your personal data where we are relying on consent to process it. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Making a complaint: If you are not satisfied with how The Method Consulting Limited manages your personal data, you have the right to make a complaint to a data protection regulator in Hong Kong.
Where your personal data has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.
10. International Transfers
The Method Consulting Limited is committed to compliance with the UK GDPR & Data Protection Act 2018, the EU GDPR and relevant data protection requirements as required by law in countries in which our offices are based.
When we are involved in transfers of personal data to countries that are not deemed adequate by the UK or EU Data Protection Authorities, we use appropriate safeguards for those transfers, mostly the use of standard contractual data protection clauses adopted by a supervisory authority and approved by the Commission, to ensure that safeguards are met.
We also comply with industry-standard Data Protection Obligations, such as the GEANT Data Protection Code of Conduct and ESOMAR Data Protection Checklist.
To contact us about this, please write to the data protection team at our registered office address below or email us at email@example.com
11. Links To Third Party Websites
12. Policy Changes
13. Contact and Legal Information
To contact us for any reason, including to exercise any of your rights in relation to your personal data, please write to the Data Protection Team at our registered office address below or email us at firstname.lastname@example.org
The Site is owned and operated by The Method Consulting Limited
The Method Consulting Limited
The Hive Central
14/F, Manning House,
#38-48 Queen’s Road Central,
Central, Hong Kong
Registered in Hong Kong, No. 173288