top of page

Two Igloos Privacy Policy

At Two Igloos, we take your privacy seriously and endeavour at all times to protect and respect your privacy. This policy contains important information about the personal information we collect, how we use this data, the conditions under which we might disclose data to other parties, and how data is secured. Please read this carefully and note that this policy may change over time. Please check this page to see any changes or updates.

We may be required to comply with requests for personal data from regulatory bodies and legislative authorities.

If you have any questions about our privacy policy, please email

We are committed to meeting the requirements of the following laws and codes:

  • The EU General Data Protection Regulation (GDPR)

  • Data Protection Act 1998 and the new Data Protection Act, which will enact GDPR requirements

  • Market Research Society's (MRS) Code of Conduct

  • ICC/ESOMAR (European Society for Opinion and Marketing Research) International Code on Market and Social Research.


It is not our aim to sell or promote anything. We conduct market research using applied methods, and we commit, in obtaining your co-operation, not to mislead you about the nature of the research or how the findings will be used. Your responses will be treated as confidential unless you consent to being identified.

Policy key definitions:

  • "I", "our", "us", or "we" refer to the business, [Two Igloos Ltd].

  • "you", "the user" refer to the person(s) using this website.

  • GDPR means General Data Protection Act.

  • PECR means Privacy & Electronic Communications Regulation.

  • ICO means Information Commissioner's Office.

  • Cookies mean small files stored on a user's computer or device.


This policy contains the following sections:

  • Who we are

  • Data Security

  • Market Research Information We Collect

  • Marketing Communications Information We Collect


Two Igloos conducts market research and provides business consulting services in the UK and across the globe. We are committed to conducting our business lawfully and to the highest professional industry standards.

Our registered office is: 119 Pancras Road, London, NW1 1UN


How we keep your personal information secure
We take great care to ensure our business information systems are protected against the potential for malicious intrusion for both stored and transmitted data. We use professional, reputable systems and suppliers and strong data encryption. In addition to data protection legislation (for example, the EU General Data Protection Regulation), we work to market research industry professional standards and best practices.


Sending EU citizens' data outside of the EU
We keep EU citizens' data within the European Union as standard. If we have a technical or business requirement for EU citizens' data to transfer beyond the EU, we obtain the individuals' permission.



Two Igloos collects and processes personal information as part of our business activity of conducting market research.


Two Igloos comply with data protection legislation as applicable to the rights of citizens in the geographic areas in which our research activities are conducted. In the EU, as of 25th May 2018, this is the General Data Protection Regulation (Regulation (EU) 2016/679), commonly known as GDPR, which replaces the 1995 Data Protection Directive (Directive 95/46/EC). This new GDPR ruling means that there is a single set of data protection rules across all EU member states to protect its citizens' personal data. This includes Rights for Individuals.


GDPR – Summary of Individual Rights

  • The right to be informed – right to be informed about the collection and use of personal data

  • The right of access – right to access their personal data and supplementary information

  • The right to rectification – right for individuals to have inaccurate personal data rectified or completed if it is incomplete

  • The right to erasure – right for individuals to have personal data erased in certain situations

  • The right to data portability – right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services

  • The right to object – right to restrict processing of their personal data in certain situations, for example, the right to object to the use of personal data for direct marketing purposes

  • Rights in relation to automated decision making and profiling – right to be informed about and object to automated processing of data which may produce a potentially damaging decision

  • The right to withdraw consent at any time – this applies where we rely on consent to process your personal data.


We will not mislead you about the nature of the research or how the data will be used. If you are invited to take part in research, it will be because:

  • You were selected due to holding a product with, following a recent purchase from, or visit to, one of the companies for whom we work

  • You were selected due to demographic information that you have consented to share with us

  • You have given permission for a company to supply your details to a third party for research purposes

  • You have taken part in previous research administered by Two Igloos and given us your permission to contact you in the future for research purposes.


If you have been contacted by Two Igloos and do not believe you have given your permission or just wish your name to be removed from the database, let us know. We will remove you from the contact list for that particular research project and inform the relevant organisation that supplied your details.


We never knowingly invite children under the age of 16 to participate in research studies without taking measures to ensure appropriate consent from a responsible adult.


Why we collect and process personal data
The definition of personal data is where an individual can be identified directly or indirectly by that data on its own or together with other data.
As part of our market research activities, we may collect and process personal data that helps us:

  • To know who to approach for participation in our research projects. This could be name, email address, telephone number, address. This may be from our clients if we are helping them assess their customers' views of their products and services or to conduct research amongst their employees. It may be from a professional supplier of potential market research participants, where such suppliers will have obtained prior informed consent from the individuals. We may collect information from public sources on who to approach for research. In all cases, we will obtain informed consent at the point of participation to proceed.

  • To control the design of the data collection.

  • For quality control purposes. For example, IP address is often used at this stage prior to anonymising the data collected from surveys.

  • To provide information for analysis.


In order to run our business to provide services to our clients and to comply with other legal obligations, we also process personal data, which includes:

  • Financial data – receiving and making payments

  • Transaction data – details of products and services you have purchased

  • Commercial data


We also collect, use, and share Aggregated Data as part of the delivery of our service to our clients. Aggregated data may be derived from your personal data but is not considered personal data in law as this does not directly or indirectly reveal your identity. If we combine or connect any aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be used in accordance with this privacy policy.


We may collect Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. This Special Category data is subject to even stricter rules than standard personal data and is only collected with your permission or where we have another specific legal ground to do so.


Collecting information from you
We collect personal information from people who take part in our market research-related activities including, surveys (online or face to face, telephone), focus group discussions, and other market research-related activities. We will always explain what we require and obtain consent before it is collected.


We collect information for market research by;

  • Web/internet surveys

  • Telephone surveys

  • Interviews by one of our interviewers either in-home or in a specific location (e.g., in a shopping centre, on a train station, at a venue) – this could be by using equipment such as a tablet or on paper forms

  • Self-completion surveys printed on paper forms – by post or in a specific location, site, or event

  • Focus groups

  • Technology-based solutions (e.g., tracking website usage, behavioural data including eye-tracking data and collecting skin-response data)

  • Digital social media/interactive web platforms – in accordance with contractual terms and conditions as specified by the provider and relevant legislation

  • Mobile devices in accordance with contractual terms and conditions as specified by the provider and relevant legislation


Sending personal information outside of Two Igloos

  • We will respond to requests for personal information in accordance with legislative and regulatory requirements.

  • We may use a research solution that requires personal information in order to proceed. For example, when we run online interactive research sessions or ask participants to undertake certain tasks using mobile apps. This would be explained at the point of participation to proceed. We undertake stringent scrutiny of such services to check data security. We use solutions that restrict data to the EU as standard. Contrary to this, we would obtain consent.

  • We may ask you to attend a focus group discussion or go somewhere to test a new product, and it is possible we would need to send your contact details to our organisers for this.

  • It may be beneficial to pass your answers to the client who has commissioned the research about their product or service. This would all be explained, and your permission sought before we would do this.

  • Your answers may be held on a database used by our clients to view and manipulate anonymised and aggregated research data via a website we have built for this purpose. We will gain your consent for any personal data or personally identifiable information that is available to be viewed by our clients.

  • We may use an approved research supplier to provide specialist services such as data collection, analysis, consultancy, digital production or research tools, specialist techniques such as biometric data collection and analysis.


Keeping your personal information
We only keep personal information for as long as required for the purposes of the research. Our data retention policy states that we will not keep personal information for longer than a year, except where previously agreed with our research participants.


Wherever possible, we work with data that does not have personal information in it. For example, we will detach personal information to make a data set that combines hundreds of completed surveys to produce statistical analysis. From focus groups and small-scale research, we mask participants' identity with labels such as 'Male, 25-34, London'.


Use of cookies as part of our market research activities
If the use of cookies is required, this will be explained at the time, and we will clarify how they will be used.


How we collect information from you
We collect, store and retain information about you in a variety of ways when visiting our website:


  • Registering to receive our marketing communications

  • Registering to download content from our website

  • Applying for vacancies listed on our websites

  • When you contact us via our enquiry email


The type of personal information we collect
By personal information we mean any information that you provide via our website that we have collected and may include (but not limited to): Forename, Surname, Postal address, Email address, Telephone number, Job title.


How we use your information
If you are (i) an existing client, (ii) interacting with our marketing communications, (iii) engaging with us through business development and potential future work (iv) have given express consent to us to use personal information for marketing purposes, Two Igloos may at times use your personal information to provide you with marketing communications related to products, services, and information pertaining to conferences and events.


Sending your personal information outside of Two Igloos Ltd
We may share information with our third-party service providers for services such as data analysis, website hosting, infrastructure provision, IT services, email delivery services, auditing services, business development, and lead generation, marketing services or to comply with legal or regulatory requirements.


Use of cookies on our website
Two Igloos do not use cookies on our website.


Unsubscribing from marketing communications
You have the right to withdraw consent to receiving direct marketing messages using your personal data at any point. If at any point you would like to opt-out from receiving any marketing communications, simply click on the unsubscribe link at the bottom of any emails you receive.


Links to other websites
The Two Igloos website will contain links to other websites. Please note that this Privacy Policy only applies to Two Igloos and our website. If you are taken to another website, please read their privacy policies. We do not control any third-party websites and are not responsible for their privacy policies. When you leave our website, you should read the privacy notice of every website that you visit.


Data Protection complaints
Individuals have the right to lodge complaints about data protection issues with their national supervisory authority of their EU Member State about alleged breaches of GDPR.

bottom of page