Privacy Policy

Interviewing Service of America, LLC doing business, among other tradenames, as SoapBoxSample, MySoapBox, The Green Time, and DocThought (collectively, “SoapBoxSample”), is committed to protecting the privacy of all information we collect from our panel members, research participants, and visitors to our websites (the “Websites”). This policy applies to all personal data that we collect or use in the course of conducting our panel business, and covers all information and research participant data housed at any SoapBoxSample facility, stored on the SoapBoxSample network, or stored on any third party network at the direction of SoapBoxSample. The SoapBox trademark is owned by Calign, Inc. and is used under license. This policy does not apply to research activities SoapBoxSample conducts for or on behalf of its clients; the policy relating to those activities can be found here.

By accessing or browsing our Websites, registering for our survey panels, contacting us on social media, or otherwise providing your data to us, you confirm that you have read and understood the entirety of this privacy policy. You can also access our Terms and Conditions here. This policy also does not apply to information which we might collect from our employees, job applicants, or independent contractors.

Information We Collect From or About You

We are in the market research business. We generally collect information about you (a subset of which may be “personal data” or “personally identifiable information” as defined under applicable law) (i) in connection with developing and maintaining our research survey panels, (ii) as part of research and data collection activity we undertake for research companies, or (iii) as to certain of our panels, relating to your activities or behavior.

In connection with the development and maintenance of our general survey panels, we do not collect any personal data from any panelist unless the panelist voluntarily provides it to us. We invite users to register and opt-in as members of our panels for the purpose of taking market research surveys and other research activities. When a user signs up to become a panel member, the user is asked to submit certain personal data during registration; demographic information can be submitted during registration, and profile and other information can be supplied at a later time and may be asked during surveys for research purposes. As a panel member, a user has the option to participate in surveys, and survey responses are also captured and stored (sometimes, directly within client systems and network environments). Personal data collected in connection with panel registration could include, but is not limited to, first and last name, residential or work address, email address, telephone number, race, age, gender, and date of birth. Demographic information collected in connection with panel registration and participation could include, but is not limited to, income, disabilities, educational attainment, home ownership, employment status, hobbies, interests, product use/ownership, and geographic location. Our legal basis for collection and processing of panelist-supplied personal data is consent; we do not collect personal data without the affirmative consent of the panelist. Consent can be withdrawn at any time.

As to the information we collect about you in connection with client-specific panel development or data collection activity we undertake for research company clients, some of that data is information about you that a client may supply to us in connection with use in a specific study for that client or in connection with our development of a client-specific research panel for use in one or more specific studies conducted by that client. As to that information, our legal basis for processing of the information is our legitimate interest to perform our obligations under our contract with the research company client in question. Other information about you which we might collect in connection with data collection activity we undertake for research company clients (only a small subset of which may be “personal data” or “personally identifiable information” as defined under applicable law) is collected directly by us from you, and is information you voluntarily disclose to us in connection with our surveys and similar activity. Research participation is voluntary and participants always have the opportunity to decline involvement or to “opt out” of the research after agreeing to participate, as clearly identified in each survey. Sometimes, we may ask for your name and telephone number or email address for use in connection with executing the particular research activity we are undertaking. For example, if the survey involves an incentive or a contest, we may ask for your name and telephone number or email address to notify you if you are a winner. There is never an obligation to provide this information, but if you don’t provide it, you may not be able to participate in the survey or incentive program. Our legal basis for collection and processing of respondent-supplied personal data is consent; we do not collect personal data without the affirmative consent of the research participant, and consent can be withdrawn at any time.

As to some of our survey panels and research activity, we employ “passive metering” technology which tracks your activities and behavior. If you are invited to, and wish to participate in, a passive metering study, you will be asked to provide information about yourself including but not limited to demographics and contact information such as a phone number. In addition to opting in and providing this information, you will be asked to download an application to your mobile device which anonymously tracks your online digital behavior including, but not limited to, the websites you visit and applications you use, and that information may then be used as part of the study. Research participation is voluntary and participants always have the opportunity to decline involvement or to “opt out” of the research after agreeing to participate, as clearly identified in study invitation. Our legal basis for collection and processing of any personal data derived from our passive metering activities is consent; we do not collect any such data without the affirmative consent of the participant. Consent can be withdrawn at any time.

As to some surveys in which you choose to participate, a pixel tag or cookie may be employed, which would allow the research company conducting the study to correlate the responses you provide to the survey with existing data about you, such as demographic, interest, or behavioral information, available from third parties vendors and which the research company can purchase and append to your survey responses so that it can perform more robust analysis in connection with the study.

If you choose to use social media (for example, Facebook, Twitter, or LinkedIn) in order to contact us or find out about our services, we may collect your public-facing profile data, data relating to your interactions with us, and any data you post on message boards which are relevant to our business.

From time to time, we engage the services of technology infrastructure vendors, such as “chat” service providers, in connection with our Websites to improve our customer experience, and these vendors might collect limited systems and related information from Website visitors for the limited purposes for which we have engaged them. In addition, our servers may automatically collect certain non-personal, log-file information about your use of our Websites whenever you access our websites. Information collected may include, but is not limited to, your Internet browser, operating system, internet source such as PC, tablet, or mobile, the domain name of your ISP, your click areas on the Website, time and date visited, length of time on the Website, and the third-party web sites or advertisements linked to or from the website that you visited. When you use or visit the Websites, our servers log your IP address. Additionally, we employ software to identify certain systems-related information about panel members, including IP address, device and browser type, and geographic location, in order to detect fraudulent activity (e.g., bots), to protect the integrity of the research, and to optimize the survey experience. Currently, our systems do not respond to browser do-not-track signals, and do not treat such do-not-track signals as “do not sell” signals under CCPA (as defined below).

Also, when registering for our survey panels, you are automatically signed up for our newsletter and mailing list. If you wish to be removed from this list, please email us at

What We Do With Information We Collect

Depending on how we obtain your personal data (as described above), we may either be considered a “controller” or a “processor” under applicable law as to that data. If we are the processor, we will process the data in accordance with the instructions provided to us by the controller of that data.

We collect data for research purposes only, and our use of that information is limited to that purpose. Research participant information and answers are not used by any entity as an aid for sales. In many cases, this information is shared with the client commissioning studies, either directly to the client pursuant to our contract with that client or indirectly through intermediary exchange platforms. In some cases we may need to share personal data with third parties for ancillary services in support of a research project. In these cases, we require the third party to follow all of the same privacy protection regulations as followed by SoapBoxSample.

Any data we collect and process in connection with our business activity may be transferred between or among two or more countries (including from the EU or UK to the US), either within SoapBoxSample (including among different research panels maintained by SoapBoxSample) or between SoapBoxSample and a client or other third party described above. In all cases, we will take appropriate measures to ensure that the recipient protects any personal data so transferred adequately in accordance with this privacy policy. These measures include, in the case of transfers from the EU, the United Kingdom, and Switzerland to the US, adherence to the Privacy Principles described in the EU-US and Swiss-US Privacy Shield Frameworks (please see below for further details).

Systems information collected by our Websites (as described above) is used for the purposes of providing our services, including, without limitation, system administration, troubleshooting, user compliance with our terms of service, investigating security breaches, and compiling non-personal information such as how many visitors logged on to the Website. We also use this information for security purposes, such as to detect and to block security breaches, and to detect violations of our quality standards, for example, detecting multiple survey responses from the same user. Cookies are small text files stored on your computer by a website that assigns a numerical user ID and stores certain information about your online browsing. When we use cookies, we do so to help us recognize you as a prior user of this site and for survey resumption if you choose to suspend your survey to resume at a later date, or for tracking in connection with other research-related activities. The cookie file does not store your personal information. If you prefer not to receive cookies from our Websites you can disable their use in your browser settings. By doing so you may reduce the functionality of the web pages you view. Currently, our systems do not respond to browser do-not-track signals.

We do not sell personal data in the traditional sense, do not rent, sell or give personal data to any third party for the purpose of directly marketing any products or services, and have not done so in the preceding 12 months. However, you should be aware that certain laws to which we are subject, for example the California Consumer Privacy Act (the “CCPA”), define the terms “sell” and “sale” very broadly, such that some of our research-related activities—for example, offering you the opportunity to participate in a research study conducted by our client—might fall within the definition of “sale” under certain circumstances.

Under certain circumstances, we may be required to release personal data in response to a legal request from public authorities including to meet national security or law enforcement requirements, or in response to a subpoena or other legal process.

We do not discriminate financially between those who elect to supply their personal data to us and those who elect to not do so, provided, however, that to the extent a survey or other research study—the completion of which would result in the payment of a financial incentive or entry in a sweepstakes—involves the collection of data and you decline to consent to such collection, you would not be able to proceed to participate in the study.

In all cases, SoapBoxSample will take reasonable steps to ensure the personal data is accurate, complete, current and relevant and being used only for the intended purposes. We will not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.


Category of consumer personal information collected (non-HR) Source from which collected Purposes for which collected Categories of third parties with whom shared
Username, name, contact information, and demographics details –panel operations Supplied by person himself/herself To be included in research panel and be offered participation opportunities Client seeking sample for research study; technology infrastructure vendors
Websites visited; physical/geographic locations visited; activities on device Passive metering software on person’s device Research study involving passive metering which person has joined Client commissioning research study; technology infrastructure vendors
Name and contact information – website visitor Supplied by person himself/herself Marketing of ISA’s own services Technology infrastructure vendors
Name and contact information – client officer Supplied by person himself/herself Administration of business Technology infrastructure vendors
Systems details – visitors to Websites (IP/device ID, browser settings, similar) The computer or device of the person himself/herself Internal analytics; improvement of Website experience Technology infrastructure vendors

All information may also be shared among our affiliated group of companies solely for administrative and operations purposes.

Retention of Personal Data

We keep personal data for no longer than necessary for the purposes for which the personal data is collected or processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.

Information Security

We maintain physical, electronic and procedural security measures to help safeguard client and personal data which are consistent with industry standards and practice and in compliance with applicable law. Third parties that provide us with support or services and that may also receive client or personal data are required by us to maintain security measures similar to ours with respect to such information. We will take reasonable precaution, consistent with industry standards and practice, to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Links to Third-Party Websites

The Websites may contain links to information on other websites. We do not have any control over these other websites, and therefore we cannot be responsible for the protection and privacy of any information that you provide while visiting those sites. Those websites are not governed by this privacy policy, and if you have questions about how a website uses your information, consult that site's privacy statement.

Your Rights As to Your Personal Data

You have certain rights by law to know certain details regarding our data handling practices generally; this information is described above and elsewhere in this Privacy Policy. In addition, you have the right to request the following as to any personal data we have about you: that we provide access to any personal data we hold about you; that we update any of your personal data which is out of date or incorrect; where our basis for processing your personal data is consent, that your consent to further processing be withdrawn; where we received your personal data from a third party, inquire where the data originated; that we delete any personal data which we are holding about you; restrict the way that we process your personal data (including that we no longer “sell” your personal data as such term is defined in the CCPA); prevent the processing of your personal data for direct-marketing purposes; that we provide, or not provide, your personal data to a third party provider of services; that we provide you with a copy of any personal data which we hold about you; that we consider any valid objections which you have to our use of your personal data; and that you not be discriminated against for exercising any of your privacy rights. Under applicable law, certain personal data may be exempt from some of these requests in certain circumstances. Also, if you wish to request that we restrict processing of your personal data in a particular way which would be operationally difficult for us to execute, we reserve the right to terminate your membership as described below and remove your personal data from our systems.

If you would like further information about these rights or would like to exercise any of them, including to opt out of the “sale” of your information as defined in the CCPA, please leave us a voice message by calling (888) 914-9661 (PIN: 892698), or submit your question or request at

By law, as well as for your protection, if you request that we take certain actions as to personal data we have about you, we are required to take certain steps to verify your identity. If we are not able to verify your identity, we may not be able to respond to your request. To verify your identity, we request, at point of submission of your request, that you supply your basic contact information, as well as certain other non-personally identifiable information (e.g., information relating to your last interaction with us, such as subject matter and type of study), and we endeavor to match at least two pieces of this information with information in our possession. In addition, as to those rights permitted by law to be exercisable by an authorized agent on your behalf, in addition to verifying your identity as described above, we require the agent to also supply written authorization from you to act on your behalf, except where restricted by law.

Regarding our research survey panels, the panel member may terminate his or her membership by logging in to his or her account and following the instructions to delete one’s account. You may also send an email request to Once you have opted out, we will deactivate the membership account which will result in ending the delivery of survey invites and remove any points or rewards you have earned. Please allow a few weeks for existing invitations to expire.

Note, some of these rights may not be applicable to information which we might collect or process from or about you in your capacity as our employee, job applicant, or independent contractor; there are other laws applicable to those relationships which are not addressed in this Privacy Policy. If you have any questions, please contact the Legal Department.

Privacy Shield

SoapBoxSample complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework established by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States. SoapBoxSample has, through one of its affiliates Lieberman Research Worldwide, certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit We will not disclose information to a third party without applying the Notice and Choice Principles, as indicated by the Privacy Shield Principles and the EU-US and Swiss-US Privacy Shield frameworks. We may be liable for inappropriate onward transfer of personal information to third parties.


We operate in compliance with the Children’s Online Privacy Protection Act (“COPPA”), governed by the US Federal Trade Commission (“FTC”). We do not collect, use or disclose information from children under the age of 13 online without a statement of permission from a parent or guardian in the manner required by law. We also do not “sell” (as defined in CCPA) personal information of persons under 16 without affirmative authorization. For more information on COPPA, please visit

Compliance and Enforcement

SoapBoxSample is subject to the investigatory and enforcement authority of the FTC. Also, as members of the Insights Association and ESOMAR, we strive to model our policies according to guidelines promulgated by those organizations. We are available if you have questions about our Privacy Policy, or for processing a complaint. We also comply with the EU-US and Swiss-US Privacy Shield frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the United Kingdom, and Switzerland. If you are concerned about our use of personal or client information, please contact us as described above under the heading “Your Rights As to Your Personal Data.”

In compliance with the EU-US Privacy Shield and Swiss-US Privacy Shield Principles, SoapBoxSample commits to resolve complaints about your privacy and our collection or use of your personal data. European Union, British, and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact SoapBoxSample at the contact information listed above.

SoapBoxSample has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint.

Under limited circumstances, if your complaint is not resolved through these channels, a binding arbitration option may be available before a Privacy Shield Panel.

Finally, if required or permitted by law, you may also make a complaint to the data protection authority in the EU country where we may have operations or where we process personal data that relates to offering goods or service to you in the EU.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time by posting an amended version of the statement on one or more of our Websites. Please refer to this policy regularly.

Last update: April 30, 2021