Commercial Victimisation Survey > Privacy

The Commercial Victimisation Survey and your personal data

This Privacy Policy explains who we are, the personal data we collect, how we use it, who we share it with, and what your legal rights are.

About Ipsos

Ipsos MORI (UK) Ltd is a specialist research agency, commonly known as “Ipsos”. Ipsos UK is part of the Ipsos worldwide group of companies, and a member of the Market Research Society. As such we abide by the Market Research Society Code of Conduct and associated regulations and guidelines.

What personal data and data about businesses has Ipsos received for this survey?

Ipsos has personal data and data about your business because we have been asked by the Home Office to carry out anonymous survey research on their behalf.

The Home Office has obtained a limited amount of data about your organisation so that we can invite you to take part in this research survey. This has been taken from the Inter-Departmental Business Register, which is a list of UK businesses and public sector organisations maintained by the Office for National Statistics (ONS) for statistical purposes. It is fully compliant with the European Union regulation on harmonisation of business registers for statistical purposes (EC No 177/2008).

The data the Home Office shared with us is:

What is Ipsos’s legal basis for processing your personal data?

Ipsos requires a legal basis to process your personal data. Ipsos’s legal basis for processing is your consent to take part in this Commercial Victimisation Survey. If you wish to withdraw your consent at any time, please see the section below covering ‘Your Rights’.

How will Ipsos use any personal data including survey responses you provide?

Firstly, responding to this survey is entirely voluntary and any answers are given with your consent.

Ipsos will keep your responses in strict confidence in accordance with this Privacy Policy. Ipsos can assure you that you will NOT be identifiable in any published results.

Who we share your data with

Ipsos is administering all aspects of the survey, so will not be sharing any data with third parties.

How will Ipsos ensure my personal information is secure?

Ipsos takes its information security responsibilities seriously and applies various precautions to ensure your information is protected from loss, theft or misuse. Security precautions include appropriate physical security of offices and controlled and limited access to computer systems.

Ipsos has regular internal and external audits of its information security controls and working practices and is accredited to the International Standard for Information Security, ISO 27001.

How long will Ipsos retain my personal data and identifiable responses?

Ipsos will only retain your data in a way that can identify you for as long as is necessary to support the research project and findings. In practice, this means that once we have satisfactorily reported the anonymous research findings, we will securely remove your personal, identifying data from our systems.

For this project, we will securely remove your personal data from our systems by 31 May 2024.

Your rights

You have the right to access your personal data within the limited period that Ipsos holds it.

Providing responses to this survey is entirely voluntary and is done so with your consent. You have the right to withdraw your consent and to object to our processing of your personal data at any time.

You also have the right to rectify any incorrect or out-of-date personal data about you which we may hold.

If you want to exercise your rights, please contact us at the Ipsos address below.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), if you have concerns on how we have processed your personal data. You can find details about how to contact the Information Commissioner’s Office at https://ico.org.uk/global/contact-us/ or by sending an email to: casework@ico.org.uk.

Where will my personal data be held and processed?

All of your personal data used and collected for this survey will be securely stored by Ipsos in data centres and servers within the United Kingdom.

How can I contact Ipsos about this survey and/or my personal data?

Contact Ipsos:

Email: compliance@ipsos.com with “23-011734-01 CVS 2023” in the email subject line.


23-011734-01 Commercial Victimisation Survey
Compliance Department
Market and Opinion Research International Limited (Ipsos)
3 Thomas More Square
London E1W 1YW
United Kingdom