Download our Profile
Infinite Insight Data Privacy Statement
As a market research and opinion polling agency, the privacy of our respondents is a prime concern. Members of the public will only voice their opinions if they can be certain that no breach of confidentiality will occur.
From its inception in 2010, Infinite Insight has firmly committed to complying with the ICC/ESOMAR Code of Practice and the Market & Social Research Association’s (MSRA) Code of Ethics.
Since it came into effect in 2018, Infinite Insight has voluntarily complied with
the General Data Protection Regulation (GDPR) by the European Union in those African
countries, which have not yet formulated their own country-
The Data Protection Act of 2019 has come into effect in Kenya, Infinite Insight is complying with the regulations laid out therein.
1. Infinite Insight Ltd. (also “We”, the “Company”) is registered in Kenya as a research
agency; we engage in market, social, and public opinion research. We operate on the
basis of a research permit, issued annually by NACOSTI. The Company is not involved
2. “Respondents” are defined as members of the public, who have given their consent to participating in a research project.
3. “Staff” of Infinite Insight includes directors, permanent employees, and temporary contract staff, including field interviewers, moderators, and external consultants.
4. “Clients” are defined as local and international companies, research agencies, or academic institutions, who commission us to provide research services in Kenya. Such research services include consumer research, public opinion polls, and social research.
Section I: Research Activities
Infinite Insight collects data in three major ways:
1. Personal Interviews (F2F: face-
2. Telephonic Interviews (CATI): respondents’ phone numbers are randomly generated (i.e. random digit dialing), at times supplemented with geographically targeted calling among respondents, who had given prior Informed Consent to be contacted for telephonic interviews.
3. Online Interviewing (CAWI): Links to the survey are sent to randomly generated phone numbers, or emailed to respondents, who had given their Informed Consent to being contacted; in addition, links may be posted on social media.
Participation in all research projects is voluntary. Respondents must give prior Informed Consent to participation; in telephonic surveys, Informed Consent can be given verbally, once the Informed Consent statement has been read out aloud and the respondent has understood its content.
Data Collection among Minors:
In the case of minors (respondents below the age of 18), parents or legal guardians are required to have given their consent to their wards’ participation.
Contact details (personal identifiers) of minors will only be retained for verification and quality control purposes; once this has been completed, they will be deleted.
Should we, at any time, learn that a minor has been interviewed without parental consent, all data (identifiers, classification data, and survey responses), will be deleted.
Parental consent is a necessary condition, but not a sufficient one; i.e. underage respondents retain their right to refuse answering all or part of the questionnaire.
Types of Data Collected:
There are three categories that are collected in a research project:
1. Personal Information (Identifiers):
Identifiers include respondents’ names, addresses, phone numbers, and email addresses. These data are collected only for Quality Control purposes. All personal identifiers are kept separated from the bulk of the survey data and can only be linked via serial numbers. Should verification reveal that data were collected erroneously, fraudulently, or without Informed Consent (or if Consent is revoked at this stage), both survey responses and contact information will be deleted with immediate effect.
Once the veracity of an interview has been established, the Data Processing Manager will permanently delete these identifying data. Thereafter, survey data cannot be traced back to any individual respondent. Nobody, including Infinite Insight Staff, will be able to ascertain who gave what answers
Respondents’ identifiable information may only be shared and/ or retained, if:
2. Classification Data (Demographics):
Classification data include sex, age (or age band), marital status, ethnicity, religious
3. Survey Responses:
Survey Responses comprise all opinions or behaviours volunteered by the respondent during an interview. These data are of interest only in aggregated form. Various statistical operations can be performed to establish group behaviour or preferences; thus, while collective tendencies can be established, no prediction on the behaviour or opinions of any given respondent can be made.
Data Retention Schedule:
1. Data Type: Identifiers (Contact Details)
Retention Period: 2 weeks; alternatively, if Informed Consent has been given, for the duration of the project.
Identifiers will be deleted as soon as the commissioning client has accepted the data and all queries on data collection have been resolved; this typically occurs within two weeks following completion of fieldwork.
If Informed Consent has been given to retain contact information to allow follow-
2. Data Type: Classification Data & Survey Responses
Retention Period: minimum of 1 year
Aggregated anonymised data is retained for two purposes:
(1) To assist clients with data analysis, when in need of information on local context.
(2) To facilitate longitudinal studies (tracking of consumer habits or public opinion)
3. Data Type: Reports & Presentations
Retention Period: indefinite
Analytical reports and graphic presentations are based on aggregated data; they never contain identifiers. These reports and presentations are archived permanently (see section on Data Security).
Purpose of Data Collection:
Data collected during fieldwork is analysed to provide insights on trends among Kenyan consumers and Kenyan general public. These include the establishment of category usage or brand shares; media usage; opinions on national or international issues.
Data collected in Kenya is processed in Kenya; commissioning clients only receive the analytical reports and aggregated anonymised data in electronic format. Data are transferred using secure transfer protocols (e.g. DropBox).
Data Processing & Data Security:
In field, irrespective of data collection mode, data collection platforms (e.g. Dooblo Survey to Go) are used. Interviewers log in with their ID and password; then interviews are uploaded onto a cloud server upon completion; all information on the interview is automatically deleted from the device at that moment.
Only the Data Processing Manager has access to the cloud server. At the end of each day, the data is downloaded to his system; in the process, all data will be removed from the cloud server.
The DP system is password-
The survey data (excluding identifiers) are stored on an offline external device in the office of the Managing Director.
Infinite Insight adopted a home-
Since 2014, Infinite Insight has adopted data collection on mobile devices. Paper documents, such as lists or questionnaires, do not accrue to the same extent as in the past. Paper documents, such as Informed Consent Forms, corporate records, tax records) are stored in strongboxes in a secured storage room at the house of the Managing Director.
On our home page (www.infiniteinsight.net), no cookies are used; we do not track page traffic or conduct page analytics.
In online surveys, cookies will be deployed by our cloud service provider only to prevent multiple entries.
Summary of Respondents’ Rights:
Section II: Employees’ Data Privacy
In compliance with the Data Protection Act, and The Employment Act (Amendment) Act of 2022, Infinite Insight maintains all personal data of its employees within individual Employee Personnel Files which are securely stored with access to only authorized personnel within the Company. All collection and processing of information and data contained within the Employee Personnel File is in accordance with the employees’ right to privacy.
All data and information is lawfully and legitimately collected and not used for purposes other than as outlined within this Policy document.
The Employees’ Personal data consensually collected from the employee and stored in individual employee personnel files include:
New Employees are requested to provide personal information prior to the confirmation of employment. Employees are further requested to periodically verify and update their personal data to ensure its accuracy and that any inaccurate personal data is promptly deleted or rectified.
Additional information contained within Personnel Files include:
An employee is provided with a copy, or original of all documents generated by the Company and held within an employee’s file. The information contained within the employee’s personnel file is limited to its relevance and necessity for the purpose of which it may be required or processed.
Data and information contained within Employee Personnel files are a documented written history of the employment and are maintained for the employees’ Employment Lifecycle and duration of employment.
Personal Data Access
Personal Data Storage and Safety
Transparency and Employee Awareness
o The employee’s Letter of Employment,
o Employment Induction
o The Company’s HR Manual
o Annual MSRA Ethics Training for all staff; this includes data privacy regulations that must be adhered to.
o Project briefings and training sessions always contain the MSRA Ethics Training, including the sensitization to data privacy regulations.
Employees Obligations to Infinite Insight’ Clients
Section III: Data Privacy Officer & Handling of Complaints
The Role of the Data Protection Officer
The Data Protection Officer serves as liaison between the public and the company. And if privacy concerns arise, it will be the Data Protection Officer’s task to see that a revocation of Informed Consent will be acted upon without delay.
If a respondent had previously agreed to participate in future research projects, but has changed his/her mind, the Data Protection Officer will assure that Name, Phone Number, Address, and Email Address are deleted from the database with immediate effect.
For any questions regarding our data privacy policies, contact us on firstname.lastname@example.org
Or contact us by mail or phone:
Data Protection Officer
Infinite Insight Limited
Mirage Tower 2, Pent Floor, Room 32
P.O. Box 1324, 00606 Nairobi
Tel: +254 774157784
Last updated on 28/10/2022
Infinite Insight is registered as a Data Controller and a Data Processor with the Office of the Data Protection Commissioner (ODPC), Kenya.