Cookies

Introduction

The purpose of this Privacy Policy is to explain how we may collect, retain, process, share and transfer your Personal Data when you visit our Site or use our Services. This Privacy Policy will explain in detail the reasons that we collect data and the security measures implemented to ensure that your data are kept in a manner that protects your privacy.

In order for us to facilitate our Services, we collect information about our Business Customers (each a “Payor”), the Researchers from our Business Customers that use our Services, as well as Participants in their research projects (each a “Payee”) when they use our services and website at www.helloayda.com and www.particity.co.uk.

In this Privacy Policy we sometimes refer to You or Your. You mostly refers to Participants, however you may also refer to a Business Customer or Researcher that uses our services, a visitor to our website or a third party service provider – all of whom are subject to the Privacy Policy. We’ll do our best to clarify who we are referring to at various points in this policy.

While this is a Privacy Policy, it is also compliant with the requirements of the General Data Protection Regulation (“GDPR”), with specific sections related to the personal data of EU individuals included at the end of this Privacy Policy.

What Personal Information do we collect?

We collect Personal Data about you when you visit our Sites or use our Services. The majority of information we collect is to comply with Anti-Money Laundering regulations as well as various Know Your Customer requirements. In light of these regulations we need to verify the accuracy of the information provided which includes the following:

Registration and use information

When you register to use our Services by establishing a Participant Account, we will collect your data as necessary to offer and fulfil the Services. To register as a participant, you will need to provide us with details including your name, email address and telephone number. We require you to provide us with additional Personal Data as you use our Services including postal address and identification information.

When you register to use our Services by establishing a Business Account we will collect data as necessary to offer and fulfil the Services. To establish a Business Account, we require you to provide us with details including company name, telephone number, website URL, company registration number and registered business address.

Transaction and experience information

When Participants use our Services or access our Sites, for example to receive money, we collect information to facilitate the transaction, as well as other information associated with the transaction such as amount sent.

Participant and Researcher Personal Data

When Businesses use our Services or access our Sites, we collect Personal Data they provide us about the Researchers and Participants associated with the project and transaction.

Why do we collect it?

Participant Registration

The amount of Personal Data collected on our Participant registration form is kept to a minimum. As described below, all information collected is essential for the activity of our Site and is collected either:

• to ensure the proper management of a project, follow up and payment for taking part in research studies, compensation etc.
• for quality control purposes
• to comply with Anti-Money Laundering regulations

The Participant registration is divided into 2 steps:

Step 1

• Email address: your email address is needed so that we can create your Participant Account, and more specifically to send you notifications e.g. invitations to research session and status of your payment, to track your activity in the system, and allow you to create your Account and reset your password.
• First name and last name: your first name and last name are required so that we can identify you when we send compensation, and so that we can personalise any email communication to you regarding the research session(s) you will be attending.
• Telephone number: we ask you to provide a valid mobile phone number so that we can remind you and confirm the details of the research session that you will be attending. We will also SMS you when funds are available for you to transfer to your bank account. You will not be contacted by us on this number after you have completed the research study and we will not disclose it to third parties under any circumstances.
• Create and confirm your password: like most websites, we use email and password authentication to secure access to your Account. To enhance the security of your Account, your password must be made up of least 6 characters, including at least one lower-case letter (‘a-z’), least one upper-case letter (‘A-Z’), at least one number (‘0-9’); and contain at least one non-alphanumeric character.

Moreover, again for security reasons, we recommend that you renew your password at least every 12 months via the Ayda site. You can renew your password at any time by clicking the “forgotten password” link when you log into your Account (this link can be found under the Password field).

Storage of your password: Your password is encrypted to ensure confidentiality. Your password is not kept in plain text on our site but is automatically transformed by means of a cryptographic function. No one but you can access your password. Therefore, if you forget your password there is no point contacting our team. When you log into your Account, you will see the “forgotten password” link, allowing you to create a new password.

Step 2

• Date of birth and postal address: Date of birth and postal address – consisting of street number, street name, post code, city, country and county – are mandatory and are mandatory to comply with Anti-Money Laundering and Know Your Customer regulations, as set out above, and to confirm that you are participating in a study that concerns your age and geographical specifications. In addition, it must be noted that you must be aged 18 or over to become a participant on the Ayda site.
• Payment details: We require your bank details in order to facilitate the transfer of payment to you, after your participation in research.

Company Registration

When a business registers to use the Services of the Site a business representative is required to complete a Company Registration Form. The information on this form is required so that we can verify the identity of the organisation. Although it is not necessary for us to be regulated by the FCA to provide our Services we take security measures to comply with Anti-Money Laundering regulations as well as various Know Your Customer requirements. This requires that we have the following details:

• Company name
• Company website
• Company phone number
• Company registration number (Companies House number)
• Registered address and postcode

In order to access the Services on our Site it is necessary for a limited amount of Personal Data to be collected on the Researchers that will access the Business Account to use our Services. This information is essential for the activity of our Site to ensure that Researchers can:

• access their Business Account
• create and manage projects
• upload and manage Participants details
• manage Participant remuneration

Personal Data collected on Researchers includes:

• Email address: your company email address is needed to allow you to create your Account, access your Business Account and more specifically your projects, as well as to reset your password.
• First name and surname: Your first name and surname are required in order that we can personalise any email communication sent to you.

NB : If registration on our Site is not fully completed in time – by clicking on the confirmation link sent by email at the end of step 1 within 24 hours – or is not validated by Ayda trading as Particity Limited, then all the personal information entered during the process is immediately and automatically deleted.

Why do we retain personal data?

We only retain information as long as is necessary in relation to the purpose for which it was gathered. The information you provided when you registered on the Ayda website and any further information you provide, will be retained on the basis that it will allow us to continually assess you against the participant needs of clients for their projects, and it will be retained as long as you do not withdraw your consent. We may periodically contact you to ask you to check that your information is up to date.

Do we share personal data?

Ayda works with selected third-parties to enable us to effectively carry out our work. If any third-party processes your personal information on our behalf, we always make sure that they handle your data with the same levels of security, control and care that we do, and we will have thoroughly checked their suitability for such purpose before we partner with them. In the normal course of our business we will share your personal information with:

• the clients who have recruited you to take part in research;
• our electronic payment, data hosting and support service providers who process and store data on our behalf
• our professional advisors and consultants, insofar as the information is necessary for them in relation to their contractual relationship with Ayda.

In passing your personal information to a client in relation to a project, such information will be passed to them by us under defined terms and conditions that relate to their data privacy responsibilities under GDPR for processing your data as a data controller. Beyond these third parties that we deal with in the normal course of our business, we will not sell or pass on your personal information to any other parties.

Personal information may also be disclosed to entities based outside the European Economic Area (“EEA”), to third parties (as part of the information generally contained in business) in the event of a sale of the business, or a reorganisation of the business, or as otherwise required or permitted by law or applicable regulator.

Do we use your data for marketing?

Ayda does not sell or rent personal data to marketers or unaffiliated third parties. Where lawful to do so, and subject to your consent where required, we may communicate with you about our Services. If you wish to unsubscribe from receiving our e-mail marketing communications, please opt-out via the unsubscribe link included in such emails, and we will stop sending you communications.

How Do We Work with Other Services and Platforms?

A significant benefit and innovation of Ayda’s Services is that you can connect to your Participant Account using your social media account. For the purposes of this Privacy Policy, an “account connection” with such a third-party is a connection you authorise or enable between your Participant Account and a non-Ayda account or platform that you lawfully control or own.

If you choose to create an Account connection, we may receive information from the third-party about you and your use of the third-party’s service. For example, if you connect your Account to a social media account, we will receive Personal Data from the social media provider via the Account connection. We will use all such information that we receive from a third-party Account connection in a manner consistent with this Privacy Policy.

We will not share Participant Account information with a third-party based on an Account connection. Before authorising an account connection, you should review the privacy notice of any third-party that you authorised to have an account connection that will gain access to your Personal Data as part of the Account connection.

How Do We Use Cookies and Tracking Technologies?

When you visit our Sites, use our Services we may use cookies and other tracking technologies (collectively, “Cookies”) to recognise you as a User and to customise your online experiences and the Services you use; and to mitigate risk, prevent potential fraud, and promote trust and safety across our Sites and Services. Certain aspects and features of our Services and Sites are only available through the use of Cookies, so if you choose to disable or decline Cookies, your use of the Sites and Services may be limited or not possible. Please review our Cookie Policy to learn more about how we use Cookies.

How Do We Protect Your Personal Data?

We take reasonable steps to protect your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration information. While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current.

What Are Your User Rights Relating to EU Personal Data?

Subject to limitations set out in EEA data protection laws, you have certain rights in respect of your Personal Data. The specific provisions relating to EU personal data are described in this section.

Legal Bases for Data Processing

We have two bases for data processing of EU personal data:

• Contract where necessary to carry out payment services (Article 6(1)(b) of the GDPR); and
• Legal obligation to fulfil our compliance obligations and responsibilities (Article 6(1)(c) of the GDPR).

Your Rights

You may have some or all of the following rights available to you in respect of your personal data:

• Right to be informed: to receive information under this Privacy Policy;
• Right of access: to obtain a copy of the personal data we hold about You;
• Right to rectification: to rectify or correct inaccurate personal data about You, including the right to have incomplete personal data completed;
• Right to erasure: to erase Your personal data, in limited circumstances, such as where it is no longer necessary relative to the purposes for which it was collected or processed;
• Right to restrict processing: to limit the processing of your personal data under certain circumstances;
• Right to data portability: to obtain a copy of Your data to securely transfer and reuse elsewhere, in certain circumstances where we justify our processing on the basis of the performance of a contract with You;
• Right to object: to object to processing based on processing for purposes of scientific/historical research and statistics; and
• Rights related to automated decision-making, including profiling: to not be subject to a decision made in this way where it has legal or similarly significant effects on You, unless necessary for entry into or performance of a contract.

Please contact us if you wish to exercise these rights. Please note that we may request proof of identity. You are entitled to one copy of information free of charge; however, we may charge a reasonable fee if your request is manifestly unfounded or excessive, particularly if it is repetitive. We will endeavour to respond to your request within all applicable timeframes.

You also have the right to lodge a complaint with a supervisory authority for data protection to enforce your rights as specified above. You can find details on how to do this on the UK Information Commissioner’s Office (“ICO”) website at https://ico.org.uk/concerns/.

If you have an Account you generally can review and edit Personal Data in the Account by logging in and updating the information directly.

Contact Us

You may contact us here if you have general questions or concerns about this Privacy Policy and supplemental notices or the way in which we handle your Personal Data.

Definitions

• Account means Participant or Company Account.
• Anti-money laundering regulations means the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR 2017) that came into force on 26 June 2017 and which seeks to prevent new means of terrorist financing, including through e-money and prepaid cards.
• Business Customers means registered companies or independent practitioners that use our Services for the purpose of managing and compensating Participants in their research projects.
• Business Account means an Account related to a business that is using our Services.
• Cookies means small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser.
• Know Your Customer means the process of verifying the identity of clients and assessing potential risks of illegal intentions for the business relationship.
• Participants means a person who has been recruited to take part in research.
• Participant Account means an Account related to a Participant that is using our Services.
• Payee means the Participant to whom money is paid.
• Payor means the Business that provides funds to us in order to compensate Participants
• Personal Data is information that allows you to be identified directly or indirectly. Information that allows you to be identified directly is for example: your surname and first name, your email address, your telephone number, your date of birth (especially if it is associated with other information such as your postal code), your IP address etc.
• Information that allows you to be identified indirectly often takes the form of IDs, which are not personal but which make it possible to make a link with your account on the site and therefore personal data.
• Researchers means a person from a that is employed by a Business Customer and that uses our Services.
• Sites means the website or other online properties through which Ayda offers the Services and which has posted or linked to this Privacy Policy.
• Services means any products, services, content, features, technologies, or functions, and all related websites, applications and services offered to you by Ayda with an Account.
• User means an individual who uses the Services or accesses the Sites and has established a relationship with Ayda (for example, by opening an Account).

Last updated 20 March 2022