Tjokro Group is committed to protecting the privacy of all information we collect from our clients, research participants, and visitors to the company websites and surveys relating to the above businesses (“Websites”). This policy applies to all client data and personal data we collect or use in the conduct of this business, and covers all client information data on our Websites. This policy does not apply to information we may collect from our employees or job applicants.

By accessing or browsing our Websites, participating in our surveys, contacting us on social media, or providing your data to us, you confirm that you have read and understood this entire privacy policy.

Information We Collect From or About You

Tjokro Group is an insights and strategy agency. For some of our businesses—those operating in marketing, digital, and branding consulting, strategy, development, and communications—we do not collect or process information as part of our core operations. For our other businesses—those involved in market research and analysis activities—we collect and process information. We may also collect information in connection with certain additional activities, such as visits to our Websites.

In the conduct of our market research and analysis business, most information we collect about you (only a small portion of which is “personal data” or “personally identifiable information” as defined by applicable law) is information you voluntarily provide to us in connection with our research studies. Consistent with industry practice, online survey activities are typically conducted anonymously or “pseudonymously” using a randomly assigned identifier code, so the identity of research participants is not known to us or the client commissioning the research. Some of our research takes the form of “research communities,” involving repeated interaction with participants over a period of time; in such cases, we typically have personal data about you (including a way to contact you), but other participants in the research will not have access to this information. Data collected as part of our research may include respondent demographic data and opinions respondents give about products or brands. In some studies, we may also collect photo, video, or audio responses. Research participation is voluntary and participants always have an opportunity to decline involvement or “opt-out” of a study after agreeing to participate, as clearly identified in each survey. If a survey involves an incentive or contest, we may ask for your name and phone number or email address to notify you if you are a winner. There is never any obligation to provide this information in order to participate in the survey, but if you do not provide it, you may be unable to participate in the incentive program. Our legal basis for collecting and processing personal data provided by respondents is consent; we do not collect personal data without consent from the research participant. Consent can be withdrawn at any time.

For certain research, we may obtain information about you (which in some cases may be “personal data” or “personally identifiable information” as defined by applicable law) from clients, third-party vendors, or our partners for use in connection with research. For some research, this may be your contact information so we can send an invitation to participate in the research. For other studies, we may purchase existing data, such as demographic, interest, or behavioral information, about you from third-party vendors and link and append that data to your survey responses so we can perform a more robust analysis in connection with the study. In such research, you remain anonymous to us (i.e., the data set is “pseudonymized”); the linkage is typically done through the use of a third-party intermediary who can link your responses to other existing data via technology, such as a pixel tag or cookie, or other identifying information they (but not we) have. In cases where we use cookies, pixels, or similar technology solutions, we will provide you with separate notice before using the cookie or pixel and give you the opportunity to opt out of the study before such use. In such cases, our legal basis for collecting and processing the information is our legitimate interest in performing our obligations under our contract with the client commissioning the research study.

For certain other research, we may collect public posts and comments you may make in connection with product reviews or on different company or brand social media pages which may, from time to time, include the “handle” or “username” you use for such posts, and which we pseudonymize at the time of collection. In such cases, our legal basis for collecting and processing the information is our legitimate interest in performing our obligations under our contract with the client commissioning the relevant research study.

Additionally, in connection with some of our online survey activities, we use software to identify certain system-related information about respondents who take our surveys, including IP address, device and browser type, and geographic location, and certain behavioral information within our surveys taken by such respondents, such as mouse movements and keyboard activity, to detect fraudulent activity (e.g., bots), protect research integrity, and optimize the survey experience. This information is used only for these purposes, and may also be shared with third-party vendors in connection with the fraud detection process mechanism. Our legal basis for collecting and processing this information is our legitimate interest in protecting the integrity of our business and enhancing the services we provide to our clients.

If you are a client or work for a client, we may have collected various contact, business, and in some cases, financial information about you during the course of managing our relationship with you or your company. In such cases, our legal basis for collecting and processing such information is our legitimate interest in performing our obligations under our contract with you or the company for which you work.

Should you choose to use social media (e.g., Facebook, Instagram, Twitter, LinkedIn, or our blogs) to contact us or find out about our services, we may collect your publicly viewable profile data, data relating to your interactions with us, and any data you submit on message boards relevant to our business.

We may collect certain information regarding visitors to our Websites, including IP address, device and browser type, date and time of visit, the visitor’s Internet service provider name, the state or country from which the Website was accessed, the webpage from which visitors linked themselves to the Website, and behavior while on the Website (e.g., which links are clicked). We may do so by using cookies, which are small files placed in your internet browser when you visit our Websites, to offer a more tailored experience in the future by, for example, understanding and remembering your browsing preferences. Sometimes, cookies, pixels, or web beacons may be placed on our Websites by service providers or partners; we do not permit personal data to be collected or accessed by these cookies, pixels, or web beacons. If you choose not to accept cookies from our Websites, you can disable their use in your browser settings. As a result, you may reduce the functionality of the web pages you view. At present, our systems do not respond to Do Not Track signals from browsers, and do not treat such Do Not Track signals as a “do not sell” signal under the CCPA (as defined below). Finally, when visiting our Websites, you are given the option to purchase products or sign up for our newsletters, whitepapers, e-books, or mailing lists, and if you do so, we will collect the information you provide for use in our business promotion to you. If you wish to be removed from our email lists, please email us at marketing@tjokrogroup.com or other contact email listed on the website of the specific Material you visited.

What We Do With the Information We Collect

Depending on how we obtain your personal data (as described above), we may be considered a “controller” or a “processor” under applicable law for such data. If we are a processor, we will process data according to the instructions given to us by the controller of such data.

Regarding data collected as part of our research activities, we collect data in, and in connection with, our research only for research purposes, and the use of such information is limited to that purpose. Research participant information and answers are not used by any entity as an aid to sales. In many cases, such information (which is typically anonymized) is shared with the client requesting the research in accordance with our contract with such client. In some cases, we may need to share personal data with third parties for additional services in support of a research project. In such cases, we contractually obligate such third parties to follow all the same privacy protection regulations as followed by Tjokro Group.

Regarding client data we collect, we do not use such information for any purpose other than to fulfill our obligations to the client. We keep client information secure at all times, and prevent the use and disclosure of such information by our employees or any third party.

To the extent we have operations in Southeast Asia and in Australia & New Zealand and conduct research globally, any data we collect and process in connection with our business activities may be transferred between or among two or more countries, either within Tjokro Group or between Tjokro Group and clients or other third parties described above. In all cases, we will take appropriate measures to ensure the recipient adequately protects any personal data transferred in accordance with this privacy policy.

Information we collect regarding visitors to our Websites, as well as visitors to our social media pages, is used for the improvement and maintenance of our Websites and the preparation of reports or compilation of statistics for the improvement of our Websites and the general range of services we offer. Information given on Tjokro Group Websites in connection with newsletters, whitepapers, and mailing lists will remain confidential and will only be used by Tjokro Group for its own marketing activities.

We do not sell personal data in the traditional sense, do not rent, sell, or give personal data to any third party for the purpose of marketing any products or services directly, and have not done so in the preceding 12 months.

Under certain circumstances, we may be required to release personal data in response to legal requests from public authorities, including to meet national security or law enforcement requirements, or in response to court subpoenas or other legal process.

We do not financially discriminate between those who choose to provide their personal data to us and those who choose not to, provided that, to the extent a survey or other research study—the completion of which would result in payment of a financial incentive or entry into a prize draw—involves the collection of data and you decline to consent to such collection, you will not be able to proceed to participate in the study, and (depending on the specific study) to the extent you are asked to provide your contact information at the end of a survey in order for us to fulfill a participation incentive and you decline to provide your contact information, you will not receive the participation incentive.

In all cases, Tjokro Group will take reasonable measures to ensure personal data is accurate, complete, current, and relevant, and is only used for its intended purpose. We will not process personal data in a manner that is incompatible with the purpose for which it was collected or subsequently authorized by the individual.

Storage of Personal Data

We store personal data no longer than is necessary for the purpose for which the personal data is collected or processed. The length of time we store personal data depends on the purposes for which we collected and use it and/or as required to comply with applicable laws and to establish, exercise, or defend our legal rights.

Information Security

We maintain physical, electronic, and procedural safeguards to help protect client data and personal data appropriate to industry standards and practices and in accordance with applicable law. Third parties that provide support or services to us and that may also receive client data or personal data are required by us to maintain safeguards similar to ours with respect to such information. We will take reasonable precautions, commensurate with industry standards and practices, to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Your Rights Regarding Your Personal Data

You have certain rights under the law to know specific details about our data handling practices generally; such information is described above and elsewhere in this Privacy Policy. Additionally, you have the right to request the following regarding any personal data we have about you: to be provided access to any personal data we have about you; to update your personal data that is out of date or incorrect; if our basis for processing your personal data is consent, to have your consent for further processing withdrawn; if we received your personal data from a third party, to be informed of the source of such data; to delete any personal data we have about you; to restrict how we process your personal data (including that we no longer “sell” your personal data as defined in the CCPA); to prevent the processing of your personal data for direct marketing purposes; that we do, or do not, provide your personal data to third-party service providers; that we provide a copy of any personal data we have about you; that we consider any legitimate objections you have to our usage of your personal data; and that you will not be discriminated against for exercising your privacy rights. Under applicable law, certain personal data may be exempt from some of these requests in certain circumstances.

Pursuant to law, as well as for your protection, if you request us to take a specific action regarding personal data we have about you, we are required to take certain steps to verify your identity. If we cannot verify your identity, we may not be able to respond to your request. To verify your identity, we request, at the time of your request submission, that you provide basic contact information, as well as certain other non-personally identifiable information (e.g., information relating to your last interaction with us, such as subject matter and type of study), and we attempt to match at least two pieces of such information to the information we have on file. Additionally, for rights that the law permits to be exercised by an authorized agent on your behalf, in addition to verifying your identity as described above, we require such agent to provide written authorization from you to act on your behalf, unless restricted by law.

Please note, some of these rights may not apply to information we may collect or process from or about you in your capacity as our employee, job applicant, or independent contractor; there are other laws applicable to such relationships which are not addressed in this Privacy Policy. If you have questions, please contact the Legal Department.

Careers

Any personal data that may be collected in the Careers section of our Websites will be used solely for the purpose of consideration for possible employment. Such information will not be used in connection with research or other aspects of our operations.

Children’s Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate, and/or monitor and guide their online activity.

Tjokro Group does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time by posting the amended version of the statement on one or more of our Websites. Please read this policy periodically.

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its Terms and Conditions.