Privacy Policy

Last updated: May 22, 2026

Why Not Society ("Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit whynotsociety.com (the "Site"), subscribe to communications, contact us, or participate in research panels and client studies (collectively, "Services"). This Policy applies to U.S. residents and international visitors to the Site, with additional rights described for California consumers.

1. Scope and Roles

For Site operations, marketing subscriptions, and sales inquiries, Why Not Society acts as a business controller (or "business" under California law). For certain custom research studies, we may process personal information on behalf of enterprise clients pursuant to data processing agreements; in those cases, client privacy notices may also apply and govern primary relationship questions.

This Policy does not cover third-party websites linked from the Site. Review their policies before providing personal information.

2. Categories of Information We Collect

2.1 Information You Provide

  • Contact and inquiry data: name, email, organization, job title, subject, and message contents submitted through contact forms;
  • Subscription data: email address and consent records for newsletters;
  • Unsubscribe requests: email and optional reason codes;
  • Business development data: proposal requirements, billing contacts, and contractual details for clients;
  • Panel enrollment data: demographics, contact information, eligibility answers, and incentive payment details collected through separate research consent flows;
  • Survey responses: attitudes, behaviors, and financial self-reports provided in research instruments.

2.2 Information Collected Automatically

  • Device and log data: IP address, browser type, operating system, referring URLs, pages viewed, and timestamps;
  • Cookies and similar technologies: session identifiers, preference flags, and analytics events as described in Section 8.

2.3 Information from Third Parties

We may receive referral information from partners, publicly available business contact data, or verification signals from fraud-prevention vendors for panel integrity. We do not purchase email lists for unsolicited marketing.

3. How We Use Personal Information

We use personal information for the following purposes, relying on consent, contract performance, legitimate interests, or legal obligations as applicable:

  • Operating and securing the Site;
  • Responding to inquiries and providing customer support;
  • Sending newsletters and marketing communications with consent;
  • Processing unsubscribe and preference requests;
  • Designing, fielding, and analyzing survey research;
  • Maintaining panels, paying incentives, and preventing fraud;
  • Delivering aggregated or de-identified research products to clients;
  • Complying with law, regulation, and legal process;
  • Enforcing terms, protecting rights, and detecting security incidents;
  • Improving Services through internal analytics.

We do not use Site contact form data to make automated decisions producing legal or similarly significant effects about individuals.

4. Aggregated and De-Identified Data

Research outputs typically consist of aggregated statistics and de-identified datasets stripped of direct identifiers before client delivery. We maintain technical and organizational measures designed to prevent re-identification using available means. Clients contractually agree to use data only for research and analytics purposes described in their agreements.

5. How We Disclose Information

We may disclose personal information to:

  • Service providers hosting the Site, delivering email, providing analytics, supporting incentive payments, or assisting survey programming—bound by confidentiality and processing terms;
  • Enterprise clients receiving custom study deliverables as directed by the study agreement, typically in de-identified form;
  • Professional advisors such as lawyers and accountants under confidentiality duties;
  • Authorities when required by law or to protect rights, safety, and security;
  • Successors in merger, acquisition, or asset sale events with notice where required by law.

We do not sell personal information for money. We do not share personal information for cross-context behavioral advertising as defined under California law.

6. Retention

We retain personal information only as long as necessary for the purposes described in this Policy, including legal, accounting, and reporting requirements. Illustrative periods (subject to change based on operational needs):

  • Marketing subscription records: until unsubscribe plus up to twenty-four (24) months for suppression logs;
  • Contact form records: up to thirty-six (36) months unless a client relationship continues;
  • Panelist account data: duration of panel membership plus up to twenty-four (24) months;
  • De-identified research archives: may be retained indefinitely for trend replication.

When retention ends, we delete or de-identify information using reasonable measures.

7. Security

We implement administrative, technical, and physical safeguards appropriate to the sensitivity of information processed, including encryption in transit, access controls, logging, and vendor review. No method of transmission or storage is completely secure; we cannot guarantee absolute security. Report suspected incidents to security@whynotsociety.com.

8. Cookies and Analytics

The Site may use cookies and similar technologies to enable core functionality, remember preferences, and understand aggregate usage patterns. You can control cookies through browser settings; disabling cookies may affect certain features.

Analytics events may include page views and referral sources in pseudonymous form. We configure analytics tools to avoid collecting unnecessary sensitive fields through Site forms.

9. Your Choices and Rights

9.1 Marketing Communications

You may unsubscribe from marketing emails via the Unsubscribe page or links in messages. Even after unsubscribe, you may receive transactional communications related to active contracts or legally required notices.

9.2 Access, Correction, and Deletion

You may request access to, correction of, or deletion of personal information we maintain about you, subject to applicable exceptions. Email privacy@whynotsociety.com with sufficient detail to verify your identity. We will respond within timelines required by law.

9.3 California Privacy Rights (CCPA/CPRA)

California residents may have the right to know categories of personal information collected, purposes, disclosures, and retention; to delete personal information; to correct inaccurate information; and to limit use of sensitive personal information where applicable. We will not discriminate against you for exercising privacy rights. Authorized agents may submit requests with proof of authority as required by law.

Shine the Light: California residents may request information about disclosure of personal information to third parties for their direct marketing purposes, if any, once per year.

9.4 Other U.S. State Rights

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights regarding access, deletion, correction, and opt-outs. Contact us to exercise rights applicable in your state.

9.5 EEA/UK Visitors

If you access the Site from the EEA or UK, you may have additional rights under GDPR, including objection, restriction, portability, and complaint to a supervisory authority. Our primary operations are U.S.-based; international transfers rely on appropriate safeguards where required.

10. Children's Privacy

The Site and general marketing lists are not directed to children under sixteen (16). We do not knowingly collect personal information from children under 16 through the Site. Research about household finances may reference children secondarily through parent respondents; such collection occurs only within governed studies with appropriate notices.

11. Panel Research Notices

Panelists receive just-in-time notices describing study purpose, approximate duration, incentive, confidentiality, and contact points before each study. Sensitive topics include self-reported financial stress, debt, and political attitudes in some waves. Participation is voluntary unless otherwise stated for employer-sponsored programs.

Identifiers linking survey responses to panel accounts are segregated from client deliverables except in rare client-specific studies with explicit consent and contractual controls.

12. International Transfers

We primarily store and process information in the United States. If information is transferred internationally, we implement safeguards such as standard contractual clauses or vendor certifications where required.

13. Do Not Track

Some browsers transmit "Do Not Track" signals. Because industry standards vary, we do not respond uniformly to all DNT signals; we continue to review evolving guidance.

14. Changes to This Policy

We may update this Privacy Policy periodically. The "Last updated" date reflects the latest revision. Material changes will be posted on the Site with prominent notice where appropriate.

15. Contact Us

Privacy inquiries and rights requests: privacy@whynotsociety.com
Security incidents: security@whynotsociety.com
General questions: info@whynotsociety.com

We do not provide privacy support via published telephone numbers or physical mailing addresses on this Site.