Data Security and Privacy Policy

Helix Research and Evaluation (“Helix”) takes great care to protect and respect your privacy and the information you provide whilst engaging in research with us.  This includes research hosted on our own website, other websites on our behalf, or by other means including online, by telephone and face to face.

We are committed to meeting the requirements of the following laws and codes:

  • UK General Data Protection Regulations (UK GDPR)
  • Data Protection Act 2018
  • Social Research Association’s Research Ethics Guidance [1]
  • Market Research Society’s Code of Conduct [2]
  • UK Policy Framework for Health and Social Care Research [3]

Helix Research and Evaluation is registered with the
Information Commissioner’s Office (reference number: ZA655054)

Information we collect

Helix collects information about you when you use our website, for example,  information facilitated by cookie technology. ‘Cookies’ are designed to enhance your online visit and permit you to access the full service within the website. We will collect, store and process information about you if you voluntarily complete the contact form.

We will also collect your information when you take part in research with us. When we contact you, we generally do so for one of the following purposes:

  • To invite you to participate in research
  • To confirm the details of research you have agreed to take part in
  • To conduct research with you
  • To validate answers/views you gave in research we conducted (if you have consented to us doing so)
  • To update and to ensure that our records of your personal information are correct
  • To provide you with an incentive for taking part.

The information we collect can contain your personal opinions, views and experiences, as well as personal information such as name, email address, telephone number etc.  Where relevant to the research being undertaken, we may collect business contact information, such as, organisation/company name, job title, and department. 

Gaining your consent to take part in our research

If you are invited to take part in research, it will be because of one of the following reasons:

  • You were selected due to your recent engagement with one of the client organisations for whom we work
  • You have given permission for an organisation or company to supply your details to Helix for research purposes
  • You have taken part in previous research administered by Helix and given us your permission to contact you in the future for research purposes
  • One of our staff has contacted you and, based on your responses to their questions has recruited you for research purposes (based on information provided by you to them directly).

If you have been contacted by Helix and you do not believe you have given your permission, let us know and we will remove you from the contact list for that particular research project and inform the relevant organisation who supplied your details.

If we invite you take part in our research, we must provide you with information about the key elements of the research and, if relevant, explain what you can expect from the researchers.

All research participants will also be asked to complete a consent form to confirm that:

  • They have read and understood the information provided about the research
  • They have been able to ask questions if needed
  • They understand that their participation is voluntary, and they can change their mind or withdraw their data at any time, without giving a reason
  • If relevant, that they agree to take part in an interview for the research and that will be recorded in writing (and/or by voice recorder, with their consent).

The consent form will also set out participants’ rights under the UK GDPR and Data Protection Act 2018, explaining how their data will be stored and processed securely, and asking for them to confirm their understanding of these issues.

Storing personal and research data

We will maintain appropriate safeguards to ensure the security, integrity, accuracy and privacy of the information you have provided.  Any research data we collect will be coded and/or anonymised.  This means participants’ names, or any personal identifiers will not be attached to the data we collect and store. 

Personal data will be stored on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

Anonymised research data will be held for five years and thereafter it will be deleted or destroyed.

How we use your information

The personal information we collect is:

  • Used to carry out obligations arising from any contracts entered into with you
  • Used to seek your views or comments on the services we provide
  • Combined with the responses/views/opinions/experiences of others who participated in the same research and reported back anonymously to the client that commissioned the study in order to address the objectives that have been set for the research project.  Any personal identifiers will be changed or deleted when we come to write about the results of the research. This means participants will not be identified personally in any reports or other written outputs
  • Used to administer incentives
  • Occasionally used to re-contact you to validate your responses (if you have consented to us doing so).

All of your responses (provided via web-based surveys, by Zoom or other online communication tool, by telephone, or face to face) are treated as confidential. We will never intentionally disclose your personal information or individual responses to the client that commissioned the study or any third parties unless:

  • You request or consent to sharing your identifying information and individual responses
  • In the rare but possible circumstance that the information is subject to disclosure pursuant to judicial or other government warrants, orders or for similar legal or regulatory requirements.

Who we share the information with

Please be reassured that we will not release your information to third parties, unless you have requested us to do so. Occasionally we may employ other companies and individuals to perform functions on our behalf relating to the research we undertake. They will have access to the personal information needed to perform their functions but will not use it for other purposes. They must also process the personal information as set out in this Privacy Policy and as permitted by UK Data Protection Law.  Our staff and sub-contractors are trained in our data security systems and procedures and are asked to sign to sign a Data Protection declaration, to ensure they are aware of their legal duties and agree to comply with these.

By participating in our research, you consent to us transferring your personally identifiable data to other organisations/companies within the EEA only for the purposes mentioned above. We shall endeavour to ensure that your personal information is kept confidential and secure.

Use of ‘cookies’ on our website

Like many other websites, this website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual.  We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn’t working as it should for particular technologies), how long they spend on the site, what page they look at etc.

Use of ‘cookies’ when you complete an online survey with us

When you complete a survey with us, we will use a session cookie. This is a temporary cookie and is removed when you close the browser. This session cookie allows us to give your visit to our website (or one of our third-party partners’ websites) a unique identifier so you can complete the survey.

Switching off ‘cookies’

It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, we suggest consulting the Help section of your browser or taking a look at the guidance on cookies published on the ICO website [4] which covers commonly used browsers. Turning cookies off may result in a loss of functionality when using our website or completing a survey with us.

Data security

Helix maintains appropriate technical, administrative and physical safeguards to protect information, including, without limitation, personally identifiable information, received or collected by us. We review, monitor and evaluate our privacy practices and protection systems on a regular basis.  This includes ensuring that any security measures taken include:

  • Taking steps to control physical access security – restricting access to offices, desks, storage areas, equipment and other places where unauthorised access by people could compromise security
  • Putting in place controls on access to information – procedures for authorising and authenticating data users, as well as software controls for restricting access, and techniques for protecting data such as encryption
  • Establishing a business continuity plan – ensuring there are procedures for protecting and restoring if possible personal data held by the business in the event of a disaster
  • Training staff and sub-contractors on security systems and procedures – includes asking all sub-contractors to sign a Data Protection declaration, to ensure they are aware of their duties under the Act and agree to comply with these
  • Detecting and investigating breaches of security should they occur – ensuring that any breaches of data security (loss or theft of data, etc) are reported immediately and appropriate actions taken.

Only certain employees have access to the personal information you provide to us and are only granted access for data analysis and quality control purposes. Helix is not responsible for any errors by individuals in submitting personally identifiable information to us.

Age limits

This website is primarily intended for users who are aged 16 or over. We are concerned about protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you access our website or provide any of your Personal Data to us.

Accessing and updating your information

The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please email us at:

Your co-operation in any of our research is voluntary at all times, and we are always thankful for your help. You are entitled to access the personal information we hold about you (which is known as a subject access request) and you have the right to update any incorrect information.

You also have the right to withdraw consent you gave for participation in our research at any time and have your personal details erased. To do this, please submit your request in writing to the following email address:

Your rights

Under Data Protection Law you have a number of important rights free of charge. In summary, those include rights to: 

  • Access your Personal Data and to receive certain supplementary information about how we use or share it
  • Require us to correct any mistakes in your Personal Data which we hold
  • Require the erasure of your Personal Data in certain situations 
  • Object at any time to processing of your Personal Data for direct marketing 
  • Object in certain other situations to our continued processing of your Personal Data 
  • Otherwise restrict our processing of your Personal Data in certain circumstances. 

If you wish to exercise any of the rights set out above, please email us at: describing which right you want to exercise.  We are entitled to ask for further information to clarify your request or verify your identity before we can proceed.   

If you believe that we have not handled your Personal Data in accordance with Data Protection Law or we have not complied with your request when you exercise the above rights, you have the right to make a complaint to the Information Commissioner’s Office (‘ICO’), the UK regulator for data protection issues ( We would, however, appreciate the chance to deal with your concerns in the first instance.

Links to other websites

This website may contain links to other websites run by other organisations. This privacy policy applies only to this website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.  In addition, if you linked to this website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.

International transfers 

Countries outside of the United Kingdom or European Economic Area (EEA) do not always offer the same levels of protection to your Personal Data as you enjoy here, so Data Protection Law generally restricts the transfer of personal data outside the UK (and EU/EEA) unless the destination country’s own laws protect personal data to standards approved under UK/EU law or there are other appropriate safeguards in place to protect such data. 

Your Personal Data will usually only be processed by us in the UK. If, in exceptional circumstances, we do send your Personal Data outside the UK or EEA, this will only be done with your consent or if there’s an applicable legal exemption. Otherwise, we will take appropriate measures to ensure that any personal data we send overseas is duly protected in accordance with Data Protection Law.

Queries and review of this privacy policy

We may change this privacy policy from time to time so please check this page occasionally to ensure that you’re happy with it.

If you have any questions concerning this privacy policy, our website or our research, or you wish to make a further request relating to how we use your Personal Data as described above, please contact:

Helix keeps this privacy policy under regular review. This privacy policy was last updated in February 2023.

© Copyright 2018-2024 Helix Research & Evaluation
Registered in England: 12414193
Registered office: 24 Chosen View Road, Cheltenham, England, GL51 9LT