This Privacy Notice explains how TruSamp Limited ("TruSamp", "we", "us", "our") collects, uses, stores, and discloses personal data when you use the Friskr™ platform ("Platform"). We are committed to handling your personal data in accordance with applicable data protection laws. Please read this notice carefully.
TruSamp Limited is the data controller responsible for the Friskr™ platform. TruSamp provides survey integrity software, respondent fraud detection services, and research quality management tools to market research professionals, panel providers, and data buyers worldwide.
Registered company: TruSamp Limited. These Privacy Notice disputes are subject to the exclusive jurisdiction of the courts of Singapore and governed by the laws of Singapore, unless mandatory local law requires otherwise. For all privacy-related correspondence, contact us at privacy@friskr.app.
When you register for the Platform, we collect your full name, company name, business email address, country, account type, and the service tier you select. We also generate and assign a unique Primary Client ID (PRI-XXXXXXXX) to your account.
We collect login credentials (email and hashed password), session tokens, login timestamps, IP addresses used at login, and device information used to authenticate sessions. We do not store plain-text passwords.
As you use the Platform, we collect information about the projects you create, screener configurations, deployment settings, panel management actions, and audit trail events. This includes project names, methodology types, sample targets, cost-per-interview values, and date ranges associated with your studies.
When the Platform processes survey respondents on your behalf, we collect pseudonymised respondent signals including device fingerprints, IP addresses, geolocation data, response speed metrics, and behavioural patterns used for fraud detection. This data is processed in real-time and is not linked to individually identifiable natural persons within our systems. Respondent data is processed as a data processor on your behalf; you remain the data controller for your respondents.
If you add secondary clients (SEC- IDs) or tertiary vendors (TER- IDs) to your account, we collect the names, email addresses, company names, countries, and roles of those individuals as entered by you.
Payment processing is handled by our third-party payment processor. We do not store full payment card numbers on our systems. We retain billing contact information, invoice records, and transaction references.
If you contact us by email or through the Platform, we retain records of that correspondence including the content of your messages and any attachments.
We collect server logs, API call logs, error logs, and aggregate platform usage metrics. These are used for system stability, security monitoring, and product improvement.
We use personal data for the following purposes:
We process personal data under the following legal bases:
TruSamp does not sell, rent, or trade your personal data to any third party for marketing or commercial purposes.
We share data with carefully selected third-party processors who provide infrastructure and supporting services, including cloud hosting providers, payment processors, email delivery services, and error monitoring tools. All processors are bound by data processing agreements and are required to process data only on our documented instructions.
Data associated with your primary account may be accessible to secondary client users (SEC- IDs) you have added to your account, subject to the role-based access controls you configure within the Platform.
We may disclose personal data where required to do so by law, court order, or competent regulatory authority, or where we reasonably believe disclosure is necessary to protect our legal rights, prevent fraud, or protect the safety of any person.
In the event of a merger, acquisition, or sale of all or a portion of our business assets, personal data held by TruSamp may be transferred as part of that transaction. We will notify affected users by email or a prominent notice on the Platform before data is transferred and becomes subject to a different privacy policy.
TruSamp operates globally, and your personal data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home country.
Where we transfer personal data from the European Economic Area (EEA), United Kingdom, or other jurisdictions with transfer restrictions, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the relevant authorities, or we rely on adequacy decisions where applicable.
Depending on your jurisdiction, you may have the following rights in relation to your personal data:
To exercise any of these rights, please contact us at privacy@friskr.app. We will respond within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before processing your request.
TruSamp implements appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These measures include 256-bit encryption in transit and at rest, access controls and role-based permissions, secure development practices, regular security assessments, and incident response procedures.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.
The Friskr™ Platform is a business-to-business service intended solely for use by professionals aged 18 and over. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data of a minor has been collected, we will take steps to delete it promptly. If you believe we have inadvertently collected such data, please contact us at privacy@friskr.app.
Any dispute arising out of or in connection with this Privacy Notice shall be subject to the exclusive jurisdiction of the courts of Singapore, governed by the laws of Singapore, save where mandatory local data protection law requires otherwise. The jurisdiction-specific provisions below set out additional rights and obligations under local law that supplement this general position.
For users located in the EEA, TruSamp processes personal data in accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation, "GDPR"). The legal bases for processing are set out in Section 4 above. You have the right to lodge a complaint with your national data protection supervisory authority. A list of EEA supervisory authorities is available at edpb.europa.eu.
For users located in the United Kingdom, TruSamp processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The Information Commissioner's Office (ICO) is the relevant supervisory authority. You may contact the ICO at ico.org.uk or by telephone on 0303 123 1113.
For users located in Ireland, the Data Protection Commission (DPC) is the supervisory authority. You may contact the DPC at dataprotection.ie. Where TruSamp's principal establishment is located in Ireland, the DPC may act as the lead supervisory authority for cross-border processing activities within the EEA.
For users located in the United States, data protection obligations vary by state. California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete, the right to opt out of sale or sharing, and the right to non-discrimination. TruSamp does not sell or share personal information as defined under California law. To exercise your California privacy rights, contact us at privacy@friskr.app. Virginia residents have rights under the Consumer Data Protection Act (CDPA). Colorado, Connecticut, Texas, and other states with comprehensive privacy laws: residents of those states have similar access, deletion, and opt-out rights, which you may exercise by contacting us at the email above.
For users located in Canada, TruSamp processes personal data in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. You have the right to access your personal information and to challenge its accuracy. To exercise these rights, contact us at privacy@friskr.app. You may also contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.
For users located in Australia, TruSamp processes personal data in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You have the right to access and correct personal information we hold about you. If you are not satisfied with our handling of a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
For users located in India, TruSamp processes personal data in accordance with the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and the Digital Personal Data Protection Act 2023 (DPDPA) to the extent it is in force. You have the right to access, correct, and erase your personal data, and to nominate a person to exercise these rights on your behalf. For privacy queries, contact privacy@friskr.app.
For users located in Brazil, TruSamp processes personal data in accordance with the Lei Geral de Proteção de Dados (LGPD) — Law No. 13,709/2018. You have the right to confirm the existence of processing, access your data, correct incomplete or inaccurate data, request anonymisation or deletion, request portability, and be informed about the consequences of refusing consent. The national supervisory authority is the Autoridade Nacional de Proteção de Dados (ANPD). For enquiries, contact privacy@friskr.app.
For users located in Japan, TruSamp processes personal data in accordance with the Act on Protection of Personal Information (APPI) as amended in 2022. You have the right to request disclosure, correction, addition, deletion, and cessation of use of your personal information held by TruSamp. Requests should be directed to privacy@friskr.app. The relevant supervisory authority is the Personal Information Protection Commission (PPC) at ppc.go.jp.
For users located in the Republic of Korea, TruSamp processes personal data in accordance with the Personal Information Protection Act (PIPA) as amended in 2023. You have the right to access, correct, delete, and suspend processing of your personal information. TruSamp will obtain your consent for the collection and use of personal information as required by PIPA. The relevant supervisory authority is the Personal Information Protection Commission (PIPC). For privacy enquiries, contact privacy@friskr.app.
For users located in Singapore, TruSamp processes personal data in accordance with the Personal Data Protection Act 2012 (PDPA) as amended. You have the right to access and correct your personal data held by TruSamp. You may also withdraw consent for the collection, use, or disclosure of your personal data, subject to legal or contractual restrictions. The relevant authority is the Personal Data Protection Commission (PDPC) at pdpc.gov.sg. Contact us at privacy@friskr.app to exercise your rights.
For users located in South Africa, TruSamp processes personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA), which came into full effect on 1 July 2021. You have the right to be notified of the processing of your personal information, to access it, to request its correction or deletion, and to object to its processing. The Information Regulator of South Africa is the relevant supervisory authority, reachable at inforegulator.org.za. Contact us at privacy@friskr.app.
For users located in Switzerland, TruSamp processes personal data in accordance with the revised Federal Act on Data Protection (nFADP / revDSG), which entered into force on 1 September 2023. Switzerland is not a member of the EEA; however, its data protection framework is recognised as providing adequate protection. You have the right to access, rectify, and request deletion of your personal data. The Federal Data Protection and Information Commissioner (FDPIC) is the relevant supervisory authority at edoeb.admin.ch.
For users located in New Zealand, TruSamp processes personal information in accordance with the Privacy Act 2020. You have the right to access and correct personal information TruSamp holds about you, and to make a complaint to the Office of the Privacy Commissioner (OPC) if you believe your privacy rights have been breached. The OPC can be contacted at privacy.org.nz. Contact us at privacy@friskr.app.
For users located in the United Arab Emirates, TruSamp processes personal data in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and its implementing regulations. You have the right to access, correct, and request deletion of your personal data. The UAE Data Office is the relevant regulatory authority. For enquiries, contact privacy@friskr.app. Note that certain UAE free zones, including the Dubai International Financial Centre (DIFC) and Abu Dhabi Global Market (ADGM), operate their own data protection frameworks; if you are subject to those frameworks, please contact us to discuss applicable protections.
For users located in Mexico, TruSamp processes personal data in accordance with the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) and its regulations. You have the right to access, rectify, cancel, and oppose (ARCO rights) the processing of your personal data. To exercise these rights, contact privacy@friskr.app. The Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) is the relevant supervisory authority at home.inai.org.mx.
For users located in Argentina, TruSamp processes personal data in accordance with Law No. 25,326 on the Protection of Personal Data (LPDP) and its regulatory Decree No. 1558/2001. Argentina is recognised by the European Commission as providing adequate protection for personal data. You have the right to access, rectify, and delete your personal data. The Agencia de Acceso a la Información Pública (AAIP) is the relevant supervisory authority at argentina.gob.ar/aaip. Contact us at privacy@friskr.app.
For users located in Indonesia, TruSamp processes personal data in accordance with Law No. 27 of 2022 on Personal Data Protection (UU PDP). You have the right to receive information about the processing of your personal data, to access it, to correct inaccurate data, and to request its deletion. The Ministry of Communication and Digital Affairs (Komdigi) is the relevant regulatory authority. For privacy enquiries, contact privacy@friskr.app.
For users located in Turkey, TruSamp processes personal data in accordance with the Law on Protection of Personal Data No. 6698 (KVKK) and the regulations issued by the Personal Data Protection Authority (KVKK Board). You have the right to learn whether your personal data is being processed, to access it, to request correction or deletion, and to object to processing. The Personal Data Protection Authority (Kişisel Verileri Koruma Kurumu) is the relevant supervisory authority at kvkk.gov.tr. Contact us at privacy@friskr.app.
For users located in Saudi Arabia, TruSamp processes personal data in accordance with the Personal Data Protection Law (PDPL) issued by Royal Decree No. M/19 dated 9/2/1443H (2021), as amended, and its implementing regulations. You have the right to access your personal data, request its correction or deletion, and withdraw consent where processing is based on consent. The Saudi Data and Artificial Intelligence Authority (SDAIA) and the National Data Management Office (NDMO) are the relevant regulatory authorities. Contact us at privacy@friskr.app.
For users located in Israel, TruSamp processes personal data in accordance with the Privacy Protection Law 5741-1981 and the Privacy Protection Regulations (Data Security) 5777-2017. Israel is recognised by the European Commission as providing an adequate level of data protection. You have the right to access and correct personal data held about you, and to object to its processing for direct marketing purposes. The Privacy Protection Authority (PPA) is the relevant supervisory authority at gov.il. Contact us at privacy@friskr.app.
For users located in Kenya, TruSamp processes personal data in accordance with the Data Protection Act No. 24 of 2019 and the regulations made thereunder, including the Data Protection (General) Regulations 2021. You have the right to access your personal data, correct inaccuracies, and object to processing in certain circumstances. The Office of the Data Protection Commissioner (ODPC) is the relevant supervisory authority at odpc.go.ke. Contact us at privacy@friskr.app.
For users located in Nigeria, TruSamp processes personal data in accordance with the Nigeria Data Protection Act 2023 (NDPA) and, where applicable, the Nigeria Data Protection Regulation 2019 (NDPR) issued by the National Information Technology Development Agency (NITDA). You have rights of access, rectification, erasure, objection, and data portability under the NDPA. The Nigeria Data Protection Commission (NDPC) is the relevant supervisory authority. Contact us at privacy@friskr.app.
For users located in Egypt, TruSamp processes personal data in accordance with the Personal Data Protection Law No. 151 of 2020 and its implementing regulations. You have the right to access, correct, and request deletion of your personal data. The Authority for Personal Data Protection is the relevant regulatory body. Contact us at privacy@friskr.app to exercise your rights.
For users located in Malaysia, TruSamp processes personal data in accordance with the Personal Data Protection Act 2010 (PDPA) and its 2024 amendments. You have the right to access and correct your personal data, and to withdraw consent for processing where consent is the legal basis. The Personal Data Protection Commissioner is the relevant authority. Contact us at privacy@friskr.app to exercise your rights.
For users located in Thailand, TruSamp processes personal data in accordance with the Personal Data Protection Act B.E. 2562 (2019) (PDPA), which came into full force in June 2022. You have the right to access, correct, delete, and object to the processing of your personal data, and to withdraw consent where applicable. The Personal Data Protection Committee (PDPC) is the relevant authority. Contact us at privacy@friskr.app.
For users located in the Philippines, TruSamp processes personal data in accordance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations. You have the right to be informed, to access, to correct, to erase, and to object to the processing of your personal data, as well as the right to data portability. The National Privacy Commission (NPC) is the relevant supervisory authority at privacy.gov.ph. Contact us at privacy@friskr.app.
For users located in Taiwan, TruSamp processes personal data in accordance with the Personal Data Protection Act (PDPA) (個人資料保護法) and its implementing regulations. You have the right to enquire about, access, correct, copy, delete, and cease the processing of your personal data. The relevant competent authority depends on the industry sector. Contact us at privacy@friskr.app to exercise your rights.
For users located in Pakistan, TruSamp processes personal data having regard to the Prevention of Electronic Crimes Act 2016 (PECA) and applicable data protection requirements. Pakistan is in the process of enacting comprehensive personal data protection legislation; TruSamp will update this Notice upon the enactment and commencement of such legislation. For privacy enquiries, contact privacy@friskr.app.
For users located in Chile, TruSamp processes personal data in accordance with Law No. 19,628 on the Protection of Private Life and, upon its enactment and commencement, the new Personal Data Protection Law currently in legislative process. You have rights of access, rectification, cancellation, and opposition under applicable Chilean law. Contact us at privacy@friskr.app to exercise your rights.
For users located in Colombia, TruSamp processes personal data in accordance with Law 1581 of 2012 on Personal Data Protection, Decree 1377 of 2013, and related regulations issued by the Superintendency of Industry and Commerce (SIC). You have rights of access, rectification, cancellation, opposition, and revocation (ARCO rights) under Colombian law. The SIC is the relevant supervisory authority at sic.gov.co. Contact us at privacy@friskr.app.
For users located in Peru, TruSamp processes personal data in accordance with Law No. 29,733 on Personal Data Protection and its implementing regulations (Supreme Decree No. 003-2013-JUS). You have rights of access, rectification, cancellation, and opposition (ARCO rights). The National Authority for the Protection of Personal Data (ANPD), under the Ministry of Justice, is the relevant supervisory authority. Contact us at privacy@friskr.app.
We may update this Privacy Notice from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify registered users by email and/or by displaying a prominent notice on the Platform at least 14 days before the changes take effect. The "Last updated" date at the top of this notice indicates when it was last revised. Your continued use of the Platform after the effective date of any changes constitutes your acknowledgement of the updated notice.
For any questions, concerns, or requests relating to this Privacy Notice or our privacy practices, please contact our privacy team:
TruSamp Limited
Privacy Team
Email: privacy@friskr.app
We aim to respond to all privacy-related enquiries within 5 business days, and to exercise-of-rights requests within the timeframe required by the applicable law in your jurisdiction.