At Privacy for Clinical Trials, privacy is what we do. Because of our focus on privacy, we take the protection of personally identifiable information (“Personal Data”) very seriously.
In the course of operating our business, we process Personal Data in a variety of ways. This Privacy Policy (the “Policy”) addresses the individuals (“Data Subjects”) whose Personal Data we may receive in the course of marketing and selling the services Privacy for Clinical Trials provides to its clients (“Services”), and Data Subjects whose Personal Data we receive in the course of our regulatory outreach activities, including our consultations with supervisory authorities or other regulatory agencies.
This Policy does not apply to Personal Data we process in other contexts, such as Personal Data we process in the course of providing our Services. This Policy also does not apply to the Personal Data of employees, prospective employees, contractors, prospective contractors, suppliers, business owners, directors, and officers of Privacy for Clinical Trials.
Within the scope of this Policy, Privacy for Clinical Trials acts as a data controller for the Personal Data we process. This means that we decide how and why Personal Data is collected and further processed.
We may process your Personal Data on the basis of:
Where we process your Personal Data based on your consent, you may withdraw your consent at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect our processing performed on other lawful grounds.
Where we receive your Personal Data as part of providing our Services to you based on a contract, we require certain Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the Services to you.
We may collect or otherwise receive your Personal Data when:
We may process the following categories of Personal Data:
We may process your Personal Data for the purposes of:
When the purposes of processing are satisfied, we will delete the related Personal Data within six months.
We may share Personal Data with our affiliates, business partners, and service providers who process Personal Data on our behalf, and who agree to use the Personal Data only to assist us in providing our Services, or as required by law. Our service providers provide:
If you have given us permission, we may share your information, including Personal Data, with our business partners for their own direct marketing purposes. Please note that messages delivered from a Privacy for Clinical Trials business partner are subject to the business partner's privacy policy.
Some of these third parties may be located in countries outside of the European Union (EU) or the European Economic Area (EEA). In some cases, the European Commission may not have determined that these countries' data protection laws provide a level of protection equivalent to European Union law. We will only transfer your Personal Data to third parties in these countries when there are appropriate safeguards in place. These may include the European Commission-approved standard contractual data protection clauses which are available from the European Commission.
We may disclose your Personal Data to the extent required by law or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by government or law enforcement officials or private parties). We may also disclose your Personal Data if we sell or transfer all or some of our company's business interests, assets, or both, or in connection with a corporate restructuring. We may, where you opt to serve as a reference for prospective clients, share your Personal Data with those prospective clients or, with your permission, publish your Personal Data in our marketing materials.
A “cookie” is a small file stored on your device that contains information about your device. For more information about the cookies we use, please refer to our Cookie Policy, which forms a part of this Policy.
We have implemented and will maintain technical, administrative, and physical security measures that are reasonably designed to help protect Personal Data from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction.
If we process your or your child's Personal Data, you may have the right to request access to (or to update, correct, or delete) such Personal Data. You may also have the right to ask that we limit our processing of such Personal Data, as well as the right to object to our processing of such Personal Data. You may also have the right to data portability with respect to such Personal Data.
You may have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. To submit these requests or raise any other questions, please contact us by using the information in the “Contact Us” section below.
The Services are not directed at, or intended for use by, children under the age of 14 or even minors under the age of 18.
If you are a Data Subject whose Personal Data we process, you may also have the right to lodge a complaint with a data protection regulator in one or more of the European Economic Area member states.
If we make any material change to this Policy, we will post the revised Policy to this web page. We will also update the “effective on” date.
If you have any questions about this Policy or our processing of your Personal Data, please write to us at contactdpo@privacyct.com. We will respond to legitimate inquiries within 30 days of receipt.