How we collect your data

Submitted by admin on Fri, 08/16/2019 - 11:59

When you take part in this study you will give consent for us to request your loyalty card data from high street retailers who agreed to support our research.


Here is what will happen once you take part (See Figure 1 below):

  1. Once we receive consents and surveys, we need to verify the identity of the participants who participated online to ensure they are who they say they are using the encrypted ID verification system that is in place in line with your GDPR right to request your data from organisations.
  2. If you provided your ID verification documents for us, we can verify your details. If you have not we will send you two email reminders to complete this. We will destroy data immediately from individuals whose ID cannot be verified.
  3. Once we verify your details, we will put together separate spreadsheets for the high street retailers containing your loyalty card number specifically for that retailer with your name and your unique study ID and barcode.
  4. Your survey data will be entered and stored separately on a different spreadsheet with your unique ID. The high street retailer will not view any information collected from the survey.
  5. We will share spreadsheets containing consents for each specific retailer to request your data on your behalf using a secure encrypted file transfer system.
  6. High street retailers will check information to verify that the card details from the consent forms matches their data on you (e.g. your name and card number). They will not know about your health status or any other information you have given us.
  7. If their information does not match the information you have provided and you have consented for us to re-contact you, we will contact you requesting clarification of your card number. Otherwise, if we cannot contact you again, there will be no way to confirm your information, and we cannot receive your data.
  8. They will collate your data and all the other participants’ data into one file and transfer back to us using our secure filer transfer.
  9. Once we receive the data, we will permanently delete the two documents provided for ID verification in line with General Data Protection Regulation (GDPR) and Data Protection Act 2018.
  10. We will then store this data in our secure encrypted enclave for our analyses (See how is the data kept safe?).
  11. We will merge all the spreadsheets together using your unique study ID, remove potential identifiers to ensure that the final dataset cannot be linked back to you and analyse it in our secure enclave.
  12. We will produce outcomes such as tables and figures for the overall population (n=1000). Individual data will not be extracted from our dataset for dissemination of the outcomes.
Figure 1
Figure 1 CLOCS data flowchart