PRIVACY POLICY

Effective Date: 1st May, 2023
  1. INTRODUCTION

This Privacy Policy explains how CliniContact LLC (“CliniContact” or “we” or “us”) collects and uses Personal Data through its Websites and electronic communications with you. CliniContact values your privacy and is committed to protecting it. This Privacy Policy complies with the EU General Data Protection Regulation (“GDPR”) and other applicable privacy laws.

CliniContact complies with the EU-U.S. Data Privacy Framework (DPF) principles, including notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability, for all personal data received from the European Union (EU), United Kingdom (UK), and Switzerland. CliniContact has self-certified to the U.S. Department of Commerce regarding its adherence to the DPF principles.

This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our websites at https://mainpage.clinicontact.com/ or https://www.clinicontact.com (each, a “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

It does not apply to information collected by:

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you should not use our Websites. By accessing or using these Websites, you agree to this Privacy Policy. This Privacy Policy may change from time to time, so please check this Privacy Policy periodically for updates.

  1. DATA CONTROLLER, DATA PROTECTION OFFICER, AND REPRESENTATIVE

CliniContact is the data controller of your Personal Data collected through the Websites. CliniContact has appointed a Data Protection Officer and a representative in compliance with the General Data Protection Regulation. If you have any questions about this Privacy Policy or your Personal Data, please contact CliniContact using the information set forth in the “Contact Information” Section below.

  1. CHILDREN UNDER THE AGE OF 13; CHILDREN OVER THE AGE OF 13 BUT UNDER THE AGE OF 16

Our Websites are not intended for children under the age of 13. If you are under 13, you must not use our Websites. If you are over the age of 13 but under the age of 16, your legal parent or guardian must provide the information on your behalf (you must not provide such information yourself).

We do not knowingly collect Personal Data directly from children under 13. If you are under 13, do not use or directly provide any information on our Websites or on or through any of its features, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data directly from a child under 13, we will delete that information. If you believe we might have any information directly from a child under 13, please contact us using the information set forth in the “Contact Information” Section below.

  1. INFORMATION WE COLLECT ABOUT YOU AND HOW IT IS COLLECTED

At CliniContact, we gather various types of information about you, including data that can identify you directly, information that pertains to you but doesn't personally identify you, and data that we combine with that of other users. This encompasses information collected directly from you or through automated collection technologies.

In General:

As part of our Website usage, we collect multiple types of information from users ("Personal Data"), which may include:

We collect this information:

Information You Provide to Us:

The information we collect on our Websites includes:

The Personal Data we collect from you is necessary for entering into a contract with CliniContact, for us to fulfill our contractual obligations, and to provide you with our products and services. Failure to provide such Personal Data or withdrawing your consent to our data processing may result in us being unable to enter into the contract or fulfill our obligations to you.

Information We Collect Through Automatic Data Collection Technologies:

While you navigate and interact with our Websites, we employ automatic data collection technologies to gather specific information about your browsing actions, device, and patterns. This includes:

The information collected automatically may include Personal Data, which we may maintain or associate with other Personal Data collected through different means or received from third parties. This helps us improve our Websites and deliver better, personalized services by enabling us to:

The technologies we use for automatic data collection include:

Additionally, we use the following technologies:

Third-Party Use of Cookies and Tracking Technologies:

Certain content or applications on our website may be provided by third parties, such as advertisers, ad networks, servers, content providers, or application providers. These third parties may use cookies or other tracking technologies in conjunction with web beacons to collect information about your online activities and offer interest-based (behavioral) advertising or targeted content. We do not control these third parties' tracking technologies or their usage. If you have questions about any advertisements or targeted content, please contact the responsible provider directly.

  1. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

We have lawful reasons for processing your Personal Data, which include processing based on our legitimate interests (taking into account your rights and freedoms), fulfilling contractual obligations, complying with the law, and obtaining your consent.

If you are located in the European Union, the processing of your Personal Data is only lawful if it complies with the applicable data protection laws. We have a lawful basis for each processing activity, except when an exception applies, as explained below:

  1. SPECIAL CATEGORIES OF INFORMATION

We may process sensitive Personal Data with your explicit consent or when necessary to fulfill our legal obligations or protect our legitimate interests.

Certain Personal Data processed by CliniContact may be considered sensitive, such as information revealing your racial or ethnic origin or health-related data. We process this information only with your explicit consent, or when necessary to fulfill our legal obligations or protect our legitimate interests.

  1. HOW WE USE YOUR INFORMATION

We use your Personal Data for various purposes, including providing our Websites to you, fulfilling your information requests, enforcing contractual rights, and notifying you about changes.

We use the information we collect about you or that you provide to us, including Personal Data, for the following purposes:

CliniContact processes personal data only for purposes consistent with the purposes for which it was collected, as outlined in this Privacy Policy, unless you provide explicit consent for additional uses.

  1. DISCLOSURE OF YOUR INFORMATION

We do not share, sell, or disclose your Personal Data for purposes other than those outlined in this Privacy Policy. However, we may share your Personal Data with specific third parties under certain circumstances.

We disclose your Personal Data to the following parties:

We do not share, sell, or disclose your Personal Data for purposes other than those outlined in this Privacy Policy. However, we may share aggregated information about our users without any restrictions.

We may disclose your Personal Data:

We may also disclose your Personal Data:

CliniContact ensures that any third parties processing personal data on our behalf adhere to the Data Privacy Framework principles or other legally recognized data protection measures. Contracts with such parties include provisions that require them to use personal data solely for the intended purposes and to protect it adequately.

  1. CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION

We provide options for you to opt out of certain activities, such as the use of tracking technology, disclosure of your Personal Data for third-party advertising, and receiving our promotional offers.

We do not control the collection and use of your information by third parties as described in the "Disclosure of Your Information" section. However, these organizations are contractually obligated to use the data solely for providing services to us and maintain its confidentiality. These third parties may aggregate the collected information with data from other customers for their own purposes.

Additionally, we strive to give you control over your Personal Data by offering the following mechanisms:

California residents may have additional rights and choices regarding their personal information. Please refer to the "Your California Privacy Rights" section for more details.

  1. YOUR RIGHTS AND ACCESS TO YOUR INFORMATION

You have certain rights under data protection laws, including the right to access and update your Personal Data, restrict its use, transfer it to another controller, withdraw your consent, and request the erasure of certain Personal Data. You also have the right to lodge a complaint with a supervisory authority regarding our handling of your Personal Data.

To exercise your rights, you can review and modify your Personal Data by contacting us using the provided Contact Information. If you notice any errors or changes in your Personal Data, you can inform us to ensure its accuracy and completeness. However, we may be unable to accommodate your request if it violates any legal requirements or results in incorrect information.

You have the right to restrict our processing of your Personal Data under certain circumstances, such as contesting its accuracy, if the processing is unlawful, or if we no longer need it but are permitted to retain it by law.

If you have provided your consent and your Personal Data is processed based on that consent, you can withdraw it at any time by closing your account. Please note that withdrawing your consent does not affect the lawfulness of processing based on your consent prior to its withdrawal, or processing based on other lawful bases.

You have the right to request the deletion of all your Personal Data. However, we can only delete your Personal Data by also deleting your user account, and we will do so when we no longer have a legal basis for processing your Personal Data or when it is determined to have been unlawfully processed. We may not delete information if it would violate any legal requirements or result in incorrect information. In some cases, certain data may remain in backups as per our disaster recovery policies.

You can also provide us with instructions regarding the storage, erasure, and sharing of your Personal Data after your death.

If you have concerns about your privacy, we encourage you to contact us directly before lodging a complaint with the supervisory authority. We will work with you to address your concerns.

If you exercise any of these rights, we may ask for additional information to verify your identity. We reserve the right to limit or deny your request if you fail to provide sufficient information or if it conflicts with legal or business requirements. Please note that making unfounded, repetitive, or excessive requests may result in a fee, as permitted by applicable law.

Under the Data Privacy Framework, individuals have the right to:

To exercise these rights, please contact us using the information provided in the 'Contact Information' section.

  1. STATE-SPECIFIC PRIVACY RIGHTS

Residents of certain states may have additional rights regarding the use of their Personal Information. To learn about any additional rights applicable to you as a resident of your state, please refer to the privacy addendum attached to this Privacy Policy.

YOUR CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have additional rights under the California Privacy Notice. California Civil Code Section 1798.83 (California's "Shine the Light" law) permits you to request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the provided Contact Information.

  1. DO NOT TRACK SIGNALS

We do not track your online activities across third-party websites or services, and we do not honor "do not track" signals sent by some browsers.

  1. DATA SECURITY

While we implement security measures to protect your Personal Data, transmitting information over the Internet is not completely secure. You can help protect your information by keeping your password confidential. We are not responsible for the circumvention of privacy settings or security measures on our Websites.

  1. CONSENT TO PROCESSING OF PERSONAL DATA IN OTHER COUNTRIES

Your Personal Data may be processed and stored outside your home country, including in the United States. We only do this when permitted by law and when appropriate safeguards are in place to protect your Personal Data.

If you are a resident of the European Economic Area (EEA), we may transfer and store your Personal Data outside the EEA, including in the United States. By using our Websites, you consent to the storage and processing of your Personal Data, acknowledging that it may be transferred to countries that may not provide an equivalent level of protection. We use Data Protection Agreements and, where applicable, Standard Contractual Clauses to ensure the protection of your Personal Data. You have the same rights under these Standard Contractual Clauses as if your data was not transferred. You can request a copy of the Data Protection Agreement by contacting us through the provided Contact Information.

  1. DATA RETENTION PERIODS

We retain your Personal Data as long as your account remains open. Even after account closure, we may retain your Personal Data for legal purposes, on our backup systems, and to protect our rights.

After closing your account, we may retain your Personal Data to comply with legal requirements, store it in our backup systems, protect our legal interests, pursue legal rights and remedies, and retain anonymized or aggregated data indefinitely.

  1. CHANGES TO OUR PRIVACY POLICY

We will notify you of any material changes to our Privacy Policy and invite you to review and accept the changes. It is your responsibility to keep your contact information up to date and regularly check our Websites and Privacy Policy for any updates.

CliniContact conducts annual reviews to verify its ongoing compliance with the Data Privacy Framework principles and renews its self-certification with the U.S. Department of Commerce.

  1. CONTACT INFORMATION

For any questions, concerns, complaints, or requests related to your Personal Data, please contact us through the provided Contact Information or the "Contact Us" page on our Websites.

For unresolved privacy complaints under the Data Privacy Framework, individuals may contact their local EU Data Protection Authority.
This service is provided free of charge.

To find the contact details for your local EU Data Protection Authority, please visit:
https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

  1. Independent Dispute Resolution

If an unresolved complaint cannot be addressed through the designated independent recourse mechanism, individuals may invoke binding arbitration under the Data Privacy Framework as a final resort. Details on this process are available at EU-U.S. and UK Extension DPF Program Binding Arbitration Mechanism | ICDR.org.

FULFILLMENT POLICY

1. Scope of Services
CliniContact provides clinical trial recruitment services to support academic institutions in identifying and engaging eligible participants for clinical trials. Services are rendered on a subscription basis, with recruitment activities launched monthly and billed accordingly.

2. Monthly Subscription Structure
Our services operate on a month-to-month basis, giving clients the flexibility to engage our services as needed. Recruitment efforts are customized to meet the specific requirements of each clinical trial, as outlined in the service agreement.

3. Payment Terms
Clients are required to make payment for the first month of services in full prior to the launch of any recruitment activities. Subsequent payments are due at the beginning of each monthly cycle. All payments must be made in accordance with the payment schedule outlined in the service agreement.

4. Cancellation Policy
Clients may cancel their subscription within 10 days of the end of the month providing written notice. Cancellations will take effect at the end of the current billing cycle, and no additional charges will be incurred beyond that period. If a cancellation notice is provided prior to the start of a new monthly cycle, services will not launch for that period, and no further payment will be required. Payments already made for ongoing or completed recruitment services are non-refundable.

5. Performance and Reporting
Throughout the engagement, CliniContact will provide regular updates and performance reports as agreed upon in the service agreement. Reports will outline recruitment progress, participant engagement metrics, and any challenges encountered during the recruitment process.

6. Modifications to the Policy
CliniContact reserves the right to update or modify this Fulfillment Policy at any time. Clients will be notified in writing of any changes at least 30 days prior to the implementation of the updated policy.