Privacy Policy
At the Center for Information & Study on Clinical Research Participation, Inc. (CISCRP) we are committed to protecting your privacy. CISCRP is responsible for controlling and processing the personal information it obtains through this website and online services we operate. We take this matter very seriously and have instituted policies and procedures to safeguard the privacy of your personal information in accordance with jurisdictional law and policy. This privacy policy is designed to help you understand how we collect, use, share, protect and otherwise handle your personal information, as well as explain your rights to control and review your personal information. For purposes of this privacy policy “personal information” means information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
We encourage you to read our privacy policy so that you better understand our commitment to your privacy.
What information do we collect and when do we collect it?
The personal information we collect and how we collect it depends on the context of your interactions with us.
We will collect certain personal information that you provide directly to us when inquiring, ordering, or registering for services on our website, subscribing to a newsletter, filling out an online form, applying to participate in a clinical research study as a study volunteer, or when participating in an online survey or entering a drawing. Depending on the type of interaction with us you may be asked to enter your name, email address, mailing address, phone number, credit card information, medical conditions, or other details to help you with your experience. You may choose not to provide personal information, but in not doing so, we may be unable to complete your request, or you may not be able to participate in a particular online feature or service.
We may also collect certain information automatically when you visit our website, online services or participate in a survey, including (i) anonymized IP address of the enquiring computer; (ii) data and time of access; (iii) browser used and your computer’s operating system; and (iv) name and URL from the retrieved file. The temporary storage of this information by the system is necessary to enable the website to be delivered to your computer as well as to ensure the functionality and optimization of our website and to ensure the security of the information technology systems. The information is deleted as soon as it is no longer necessary for achieving the purpose of its collection.
We may use cookies, pixel tags, and similar tracking technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs”, that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. We may use cookies to help us provide online services and to help collect information that we use to administer the online services, to analyze your use of the website or the online services, and to assist with our promotional and marketing efforts. We may also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
Cookies can only identify the workstation computer used, but not your personal identity.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
You can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
How do we use the information we collect?
We may use the information we collect from you for a variety of purposes, including:
- To process your transactions with us or to maintain or administer any online services
- To send you newsletters or other communications and mailings that you have requested (via email, text or mail)
- To respond to your inquiries (via live chat, email or phone)
- To contact you if you won a drawing that you voluntarily entered following completion of a survey
- To customize and personalize your use of the website or online services
- As otherwise described to you at the point of collection or pursuant to your consent
In addition, we may also use aggregated information to help us understand the preferences and experiences of users of our website or online services and to enhance our services and the website.
You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
How Do We Protect the Information We Collect?
We are committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. All transactions are processed through a gateway provider and are not stored or processed on our servers.
In addition, our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our website as safe as possible. We also use regular malware scanning.
Despite our efforts to protect your personal information, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your personal information over the Internet may be intercepted. Your use of the website constitutes an acceptance of such risk.
How do we share the information we collect with third parties?
Information about you is an important part of our business, and we are not in the business of selling it to others. We do not sell or casually share personal information gathered in the course of our business operations to third parties. However, we may share your personal information under the following conditions:
- We may share your personal information with third-party service providers or vendors that provide certain functions or services on our behalf, such as processing of credit card transactions, sending communications for us or performing transcription services. We will only provide those third-party service providers and vendors with the minimum information they need to deliver the requested services.
- We may share your personal information if required to do so by applicable law or in the good-faith belief that such action is necessary to: (a) comply with lawful court orders or to respond to subpoenas or warrants served on us or in connection with any legal investigation; (b) investigate or assist in preventing any violation of this privacy policy, our terms of use or other similar agreements; (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect and defend the rights, property and safety of CISCRP, our users and others.
- We may share or transfer your information in connection with, and during negotiations of, a sale of all or substantially all of our assets or ownership interests, a merger, financing or other business combinations or reorganizations.
If our sharing practices change at any time in the future, we will post the policy changes to the website so that you may opt out of the new sharing practices. We suggest that you check the website periodically if you are concerned about how your information is shared.
We do not include or offer third-party products or services on our website.
Children Online Privacy Protection Act (COPPA)
Neither this website nor the online services within the scope of this privacy policy are designed or directed toward anyone under the age of 13. We do not knowingly collect or solicit personal information from anyone under the age of 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.
California Online Privacy Protection Act (CalOPPA)
If you are a California resident you have certain additional rights regarding your personal information.
According to CalOPPA, we agree to the following:
You can visit our website anonymously.
This privacy policy can be found via a link to it on our home page or as a minimum, on the first significant page after entering our website. This privacy policy link includes the word ‘Privacy’ and can easily be found on the page specified above.
You will be notified of any privacy policy changes on our privacy policy page.
You can change your personal information by emailing us at the email address set forth below.
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
It’s also important to note that we do not allow third-party behavioral tracking.
General Data Protection Regulation (GDPR) and other regulations concerning personal information collection
We appreciate the privacy concerns of our international user-base and we strive to respect and protect your privacy of those who submit personal information to us. With regard to the General Data Protection Regulation (GDPR) recently adopted by the European Union (EU), the federal Personal Information Protection and Electronic Documents Act (PIPEDA) adopted by Canada and other such privacy and data protection regulations, we will make a good-faith attempt to understand and comply with such regulations with respect to our international user-base, when and where possible.
However, it should be understood that we must collect and maintain your personal information in order to conduct normal business operations and that by participating in or requesting or purchasing services from us, you are agreeing to that collection and storage of personal information.
According to the GDPR you have the following additional rights regarding your personal information:
You have the right:
- to request information about your personal information processed by us. Notably you may request information about the processing purposes, the category of personal information, the categories of recipients to whom your personal information has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to complain, the origin of your personal information if it have not been collected by us and the existence of automated decision-making, including profiling and, if applicable, meaningful information on their details.
- to immediately request the correction of incorrect or complete personal information stored by us.
- to request the deletion of your personal information stored by us unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
- to restrict the processing of your personal information if you dispute the accuracy of the information, if the processing is unlawful but you refuse the deletion of the information and we no longer need the information, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing.
- to receive your personal information that you have provided to us in a structured, current and machine-readable format or to request its transfer to another controller. If you request the direct transfer of the information to another controller, this will only take place if it is technically feasible.
- to revoke the consent given to us at any time. As a result, this means that we will no longer be allowed to continue processing information based on this consent in the future.
- to complain to a regulatory authority. You can usually contact the regulatory authority at your usual place of residence or workplace.
Revoking your consent to data processing
Many data processing procedures are only possible with your explicit consent. You can revoke your consent at any time. All you need to do is send an informal message by email to the email address set forth below. The legality of data processing until revocation remains unaffected by the revocation.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal information that is stored as well as its origin, the recipient, and the purpose for which it has been processed. You also have the right to have this information corrected, blocked, or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal information.
Data protection officer
We have appointed a data protection officer for CISCRP. You can contact the data protection officer using the contact information set forth below.
Legal basis for processing personal information
If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this privacy policy depends on the personal information we collect and the specific context in which we collect it.
We may process your personal information for the following reasons:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it’s not overridden by your rights
- For payment processing purposes
- For the secure provision and functionality of our website and a user-friendly Internet presence
- To comply with the law
Duration for which the personal information is stored
Personal Information shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:
- Personal Information collected for purposes related to the participation in a research study or survey shall be retained until such research study or survey has been fully performed.
- Personal Information collected for the purposes of our legitimate interests shall be retained as long as needed to fulfill such purposes. You may find specific information regarding the legitimate interests pursued by us within the relevant sections of this privacy policy or by contacting us.
We may be allowed to retain Personal Information for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Information for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to Information portability cannot be enforced after expiration of the retention period.
How to exercise these rights
Any requests to exercise your rights can be directed to the data protection officer through the contact details set forth below. These requests can be exercised free of charge and will be addressed by the data protection officer as early as possible and always within one month.
- You are entitled to see the information we hold about you. You can also request changes to be made to incorrect information. You can ask for information to be deleted or blocked if you think that we shouldn’t be processing that information, or are processing it incorrectly. It is your responsibility to keep your personal information up to date so that accurate records can be maintained.
- We will limit the personal information we collect to that which is necessary to deliver the products and services that we have outlined above.
- We will retain your personal information for the length of time necessary for fulfilling the purposes for the use of your personal information as described in this privacy policy or for a longer time period as required by the relevant laws. In general, we will retain your personal information in accordance with the relevant law’s statutes of limitations or in accordance with the directives of regulations that apply to us, in as much as they require that we retain information for longer time periods.
- We have a data protection officer who is responsible for our privacy policies. Our data protection officer will be happy to provide you with information about the privacy policy, deal with any opt out requests or corrections to your information or deal with any complaints. Our data protection officer can be reached at the address set forth below. We seek to ensure that our privacy policy meets your concerns and responds to your needs. If you are unhappy with the results of any such inquiries, you may complain to the Office of the Federal Privacy Commissioner, 112 Kent Street, Ottawa, Ontario, K1A 1H3 or to provincial privacy commissioner located in the province in which you reside.
- This privacy policy is available to all our internationally based-users. If you have any additional questions with respect to our privacy policies and practices relating to the management of your personal information, please contact our data protection officer.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third-party email marketing services for compliance, if one is used
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Transfer of data
Your personal information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
Your consent to this privacy policy followed by your submission of such information represents your agreement to that transfer.
We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this privacy policy and no transfer of your personal information will take place to an organization or a country unless there are adequate controls in place including the security of your personal information.
Jurisdictional issues
Our website is controlled and operating by us from the United States and is not intended to subject us to the laws or jurisdiction of any state country or territory other than that of the United States.
Modifications to this privacy policy
We reserve the right to modify this privacy policy at any time without prior notice to you. When we do, we will also revise the “last edited” date at the bottom of the privacy policy. Please refer back to this page periodically for the latest version. Any changes will become effective when we post the revised privacy policy on our website.
Contacting us
If you have questions regarding this privacy policy, the practices of CISCRP, or your use of this website or if you wish to request deletion of, or corrections or changes to, your personal information, please contact us by email, postal mail, or phone at.
CISCRP
Attn: Data Protection Officer
One Liberty Square, Suite 1100
Boston, Massachusetts 02109 US
Email: Rborghi@ciscrp.org
Telephone: 617-725-2750