Our Privacy Policy & IT Security Policy

SCIATIUS RESEARCH is fully committed to compliance with applicable data protection laws, including GDPR, CCPA, and PDPA.

We maintain personal data responsibly to meet legal and operational needs, ensuring trust and efficient outcomes.

The personal data we process includes employees, clients, customers, suppliers, and other related entities, whether digital or paper records.

1. Scope of this Policy

This policy applies to all staff handling personal data and extends to third‑party processors or storage providers.

2. Principles

We adhere to seven core principles:

  • Legality, Transparency & Fairness: processed lawfully and fairly.
  • Purpose Limitation: specific legitimate purposes.
  • Minimization: only necessary data.
  • Accuracy: kept accurate/up to date.
  • Storage Limitation: retained only as necessary.
  • Integrity & Confidentiality: protected by security.
  • Accountability: compliance documented and maintained.

These principles cover all aspects of data handling.

3. Types of Data

We collect data from:

  • Survey participants
  • Website visitors and other contacts
  • Employees, contractors, business partners
  • Clients (current and prospective)

Sensitive data (e.g., race, opinions, health, beliefs, criminal records) is processed within legal limits.

4. Handling of Personal/Sensitive Information

We ensure compliance through:

  • Fair and lawful collection
  • Specified use purposes
  • Minimal data collection
  • Maintained data accuracy
  • Timely data deletion
  • Physical & technical data safeguards
  • No transfers abroad without safeguards
  • Respecting data subject rights

We have trained staff, defined enquiry processes, and regular assessments to uphold standards.

5. Access to Personal Data

Individuals have the right to:

  • Know held data and its reasons
  • Access it
  • Correct or delete inaccuracies
  • Restrict processing
  • Object to certain processing
  • Be protected from automated decisions

Submit requests in writing. We respond within 30 days or explain any delays.

6. Employee Responsibilities

All employees must:

  • Provide accurate and updated data
  • Update changes promptly
  • Process data per this policy
  • Ensure secure retention and deletion

7. More Information

For questions about personal data or this policy, contact us at: hr@sciatiusresearch.com