This article outlines answers to the common questions users ask about how we use data uploaded to CoLoop. CoLoop is built specifically for market research agencies and ships with a range of privacy and security features built in. These are designed to make it easy for researchers to secure, manage, minimise and delete data as and when they need to.

Raw File Storage

  • When users create a project in CoLoop they asked to pick a region to securely store raw uploaded files
  • This region can be EEA; UK or US.
  • Any uploaded raw data e.g. Audio, Video, Excel, Transcripts etc. are then stored on encrypted AWS servers within that region.

Processing and storage of data

Data Onboarding

  • Audio and video files are sent to a fully SOCII and GDPR compliant US transcription provider
  • Files are held temporarily (typically for a few minutes) while they are transcribed
  • The resulting textual information, now of a lower classification is retained securely on AWS / GCP servers operated by CoLoop in the US.
  • High classification raw data is completely wiped and the only remaining copy stored on AWS servers in the selected country of origin by CoLoop.
  • No data of any kind is retained by the transcription provider after this processing step.

During Analysis

  • Once processed and stored, further features are extracted from textual data and stored in order to be queried Features are extracted using a range of 3rd party APIs listed here.
  • During the analysis stage when users query the data derived features are processed securely by 3rd party APIs.
  • All 3rd parties we work with are vetted and where appropriate bound by strict DPAs to prevent retention of or training on any data sent to them.

CoLoop Data Retention

  • Users of the CoLoop platform remain in control of the uploaded data at all times.
  • Specific resources or entire projects can be deleted immediately and permanently in a single click through the platform or within 7 days of an email to support.
  • Data is not automatically removed by CoLoop after a certain period and will remain securely stored unless otherwise instructed by the platform user in the manner outlined above.