1. Introduction and Purpose
2. Definitions
3. Privacy Principles
4. Personal data that we collect
5. How we protect your personal data
6. Your rights as a Data Subject
7. How long we retain your personal data
8. Information about our online practices
9. Cookie Policy
10. Additional information for residents of California
11. Data Privacy Framework Statement
12. Changes and Updates
13. How to Contact Us
The mission of the Data Privacy department is to ensure that Worldwide Clinical Trials and its corporate affiliates (“Worldwide”) complies with all legal, regulatory, ethical, and contractual obligations related to the protection of personal data; meets or exceeds customer expectations with industry-leading privacy processes; and protects the rights and freedoms of participants in clinical trials.
The purpose of this Global Privacy Policy (the “Policy”) is to demonstrate our commitment to the Seven Principles of Data Privacy by employing a program of accountability and continuous improvement, and to provide adequate notice and transparency of our privacy practices to data subjects. Worldwide adheres to the principles of “privacy by design and by default”, in line with Article 5 of the GDPR, which requires that personal data be: (a) processed lawfully, fairly and in a transparent manner in relation to the data subject; and (b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Consent: freely given, specific, informed, and unambiguous indication of your wishes by which you signify agreement with the processing of personal data relating to you.
Data Protection Officer (“DPO”): a person or entity, officially appointed to monitor and advise on a company’s compliance with the GDPR and other applicable data protection laws.
Data Subject: an identified or identifiable natural person whose personal data are processed.
GDPR: The General Data Protection Regulation, European Regulation 2016/679 of 27 April 2016 (“on the protection of natural persons with regard to the processing of personal data and the free movement of such data”). For the purposes of this Policy, “GDPR” also applies to comparable privacy laws in the United Kingdom, Switzerland, and Serbia to the extent that they have the same or substantially similar provisions.
IP Address: a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP).
Personal Data: any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Process or Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We abide by the Seven Principles of Privacy Protection. These Principles are:
Alignment with the Principles is built into how we operate and how we interact with data subjects. We believe in data privacy by design and by default, and ensure that all of our systems and processes take the Principles into account.
Category of Data Subject | Types of Data Collected | Sensitive Data Collected | Purpose of the Processing | Legal Basis for Processing | Transfer to third parties |
---|---|---|---|---|---|
Clinical Trial Participants | Pseudonymized (coded) health data, date of birth, initials, demographic data, race/ethnicity, gender | Yes | Conducting a clinical trial, compliance with legal, ethical, and safety requirements | Legitimate Interest of the sponsor of the clinical trial Legal obligation imposed on the sponsor of the clinical trial Public Interest Consent | Yes, to vendors or the sponsor as required to carry out the clinical trial or to submit trial results to ethical, regulatory or safety authorities |
Prospective Clinical Trial Participants | Pseudonymized (coded) health data, date of birth, initials, demographic data, race/ethnicity, gender | Yes | To determine eligibility to participate in a clinical trial | Legitimate Interest of the sponsor of the clinical trial Public Interest Consent | Yes, as required for ethical, regulatory or safety authorities |
Clinical Trial Site Staff | Name, contact information, CV/resume, financial information for payment | No | To provide a list of potential sites/investigators to Sponsors To determine ability to conduct the clinical trial To manage the clinical trial, including payment as applicable To include investigator’s data in Worldwide databases | Legitimate Interest of Worldwide Legitimate Interest of the sponsor of the clinical trial Legal obligation imposed on the sponsor of the clinical trial Consent Fulfillment of a legal or regulatory obligation Fulfillment of a contract | Yes, to vendors or the sponsor as required to carry out the clinical trial or to submit trial results to ethical, regulatory or safety authorities |
Business Partners | Name, contact information, financial information for payment | No | Conducting business operations, ensuring compliance with legal, ethical, and safety requirements | Consent Fulfillment of a legal or regulatory obligation Fulfillment of a contract | Study-related vendors: Yes, to Worldwide staff in the US for payment or management purposes, to other vendors or the sponsor as required to carry out the clinical trial or to submit trial results to ethical, regulatory or safety authorities Corporate vendors: Yes, Worldwide staff in the United States for payment or management purposes, or to legal or governmental authorities as required by applicable law. |
Job Applicants | Name, contact information, CV/resume | No | To determine ability to fulfill the requirements of a job posting | Consent Fulfillment of a legal or regulatory obligation (only in jurisidictions where this is required by law) | Yes, to vendors who confirm eligibility and qualifications |
Employees & Former employees, including current or former consultants and contractors | Name, contact information, CV/resume, educational background and transcripts, background check information (only if permitted by law), job performance information, race/ethnicity (only if required by law), date of birth (only if required by law), current and previous salary information, financial and bank account information, vaccination status, information required to provide health care or other social benefits, information required to administer medical or family leave (to the extent required by law), trade union membership (only if required by law). | Yes | To ensure a qualified workforce To administer employee payroll and benefits To fulfill legal requirements under applicable employment or other applicable laws To ensure a safe and healthy workplace | Consent Fulfillment of a legal or regulatory obligation (only in jurisidictions where this is required by law) Fulfillment of a legal or regulatory obligation Legitimate Interest of Worldwide | Yes, to vendors who provide services to Worldwide, including payroll, benefits, and other services, or to legal or governmental authorities as required by applicable law. Also to Worldwide staff in the US for payment or management purposes, to other vendors or the sponsor as required to carry out the clinical trial or to submit trial results to ethical, regulatory or safety authorities |
Information of children under 16 | N/A (except when a child is a clinical trial participant or potential clinical trial participant with the consent of a parent or legal representative) Worldwide does not intend for children under 16 to use this website and does not knowingly solicit or retain any personal information of children under the age of 16. | N/A | N/A | N/A | N/A |
We will inform you of our privacy practices, including the purposes for which we collect and use your Personal Data, the people or types of people who will have access to it, including the types of third parties who may have access to your Personal Data, and the choices and means, if any, you have for limiting the use and disclosure of your Personal Data.
When we are Processing Personal Data as a data processor (for example, as a CRO on behalf of client or sponsor), we will only use your Personal Data according to the privacy notices and instructions issued by those entities who determine the purpose and means of the Processing.
When required or permitted by applicable law, we obtain your consent before the collection, use or disclosure of your Personal Data. To the extent we can under applicable law, we will respect your choices and requests to limit the collection, use, transfer or other Processing of your Personal Data.
If we are processing your Personal Data based on your consent, you have the right to withdraw your consent at any time and no additional Personal Data will be collected from you. We may be able to retain and continue to use your Personal Data under certain circumstances, such as to demonstrate the safety or efficacy of the investigational drug in a clinical trial, for legal or regulatory purposes, to defend ourselves in a legal claim, or for other reasons permitted under applicable data privacy laws.
We will only carry out international transfers of Personal Data within or outside of our group of affiliated companies and agents, when we have implemented adequate safeguards and reasonable privacy controls for such information in compliance with applicable laws.
We may be required under applicable law to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We have analysed the risks of transferring data to our various affiliates, and have committed to ensuring adequate safeguards and supplementary measures are in place to ensure Personal Data remains protected.
We may transfer Personal Data to our third-party agents or service providers who perform functions on our behalf. We take reasonable and appropriate steps, including execution of written contracts, to require third-party agents and service providers to only process Personal Data in accordance with applicable law and the principles contained in this Global Privacy Policy. We will provide a summary or representative copy of relevant privacy provisions of our contracts with a third party upon request.
We implement appropriate administrative, physical, and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We evaluate any potential security incident/personal data breach, and report any unauthorized disclosure of Personal Data as required by and in accordance with applicable laws.
We will ensure that Personal Data is accurate, complete and relevant for its intended use. We will take all reasonable steps to destroy or amend inaccurate or out-of-date Personal Data.
When we are processing Personal Data on behalf of a data controller (for example, as a CRO on behalf of client or sponsor), we will act according to the instructions of and contractual terms in place with the data controller to support the data controller’s obligations under the Data Use, Integrity & Retention principle.
We will only collect and Process Personal Data that is relevant and necessary to fulfill the purpose for which it was collected.
We will retain Personal Data only as long as necessary or required to fulfil the purpose of the collection. Clinical trial participant data will be retained according to applicable clinical trial regulations, which may as long as 25 years in some jurisdictions.
When we Process Personal Data on behalf of a data controller (for example, as a CRO on behalf of client or sponsor), we will act according to the instructions of and contractual terms in place with the data controller to support the data controller’s obligations under the Purpose Limitation principle.
Any questions or concerns regarding the use or disclosure of Personal Data should be directed to the our Data Protection Officer at any of the locations or addresses listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy and requirements under applicable law.
Data subjects are also eligible to seek recourse and enforcement by contacting the data protection authorities in your country of residence. More information can be found below.
Right | Full Applicability | Partial/Limited Applicability |
---|---|---|
To be Informed | Clinical Trial Staff, Job Candidates, Employees & Former employees, including current or former consultants and contractors | Clinical Trial Participants (enrolled or prospective) |
Access | Clinical Trial Staff, Job Candidates, Employees & Former employees, including current or former consultants and contractors | Clinical Trial Participants (enrolled or prospective) |
Rectification and Correction | Clinical Trial Staff, Job Candidates, Employees & Former employees, including current or former consultants and contractors | Clinical Trial Participants (enrolled and prospective) (subject to applicable legal requirements) |
Erasure | Job Candidates | Clinical Trial Staff, Clinical Trial Participants (enrolled and prospective), Employees & Former employees, including current or former consultants and contractors (subject to applicable legal requirements) |
Restriction of Processing | Job Candidates | Clinical Trial Staff, Clinical Trial Participants (enrolled and prospective), Employees & Former employees, including current or former consultants and contractors (subject to applicable legal requirements) |
Data Portability | Clinical Trial Staff (subject to applicable legal requirements) | Job Candidates, Employees & Former employees, including current or former consultants and contractors (subject to applicable confidentiality requirements), Clinical Trial Participants (enrolled and prospective) (subject to applicable legal requirements) |
To Object to Processing | Job Candidates | Clinical Trial Staff, Clinical Trial Participants (enrolled and prospective), Employees & Former employees, including current or former consultants and contractors (subject to applicable legal requirements) |
To Object to Automated Decisionmaking | Clinical Trial Staff, Clinical Trial Participants (enrolled or prospective), Job Candidates, Employees & Former employees, including current or former consultants and contractors | N/A |
The Personal Data of clinical trial participants will be retained according to applicable clinical trial laws, which in many cases will be for 25 years after the conclusion of the trial. The study doctor and the informed consent form will provide you with more information about the retention of study records which contain your Personal Data.
All other types of Personal Data retained by Worldwide will be maintained according to our data retention policies.
We may collect information when you visit our website, such as your media access control (MAC) address, computer operating system (Windows or MacOS), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version, the name and version of the Sites you are using, and your IP Address.
Your IP Address may be automatically identified and logged in our server log files whenever you access our websites, along with the time of the visit and the page(s) that you visited. We use IP Addresses to calculate usage levels of the Sites, help diagnose problems with its servers, administer the websites, and monitoring the regions from which you navigate to our websites.
Where permitted by law, we use web analytics services, which currently include Google Analytics and Crazy Egg Analysis Service.
Google Analytics is a web analytics service provided by Google Inc. (“Google“). Google Analytics uses cookies and similar technologies to analyze how users use the domains. The information generated about domain usage (including your shortened IP Address) is transmitted to Google in the U.S. This information is used to evaluate visitors’ use of the domain, compile statistical reports on domain activity, and provide other services related to the Site and Internet use. Google may also collect information about domain visitors’ use of other websites. For more information about Google Analytics, or to opt out of Google Analytics, please go to: www.analytics.google.com. Crazy Egg’s Analysis Service is a web analytics service that gives us data about where users are clicking on our site. You can visit Crazy Egg’s privacy policy at: www.crazyegg.com/privacy and their opt-out feature at: www.crazyegg.com/opt-out.
Do Not Track: Worldwide does not recognize automated browser signals regarding tracking mechanisms, which may include ‘do not track’ instructions.
A cookie is a small text file that is placed on your hard drive by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies will always be used.
We and our marketing partners, affiliates, and analytics and service providers use cookies and other technologies to ensure everyone who uses the websites has the best possible experience.
When you visit our websites, we may place a number of cookies in your browser. These are known as First Party Cookies and are required to enable to hold session information as you navigate from page to page within the website. For example, we use cookies on our websites to understand visitor and user preferences, improve their experience, and track and analyze usage, navigational and other statistical information. You can control the use of cookies at the individual browser level. If you elect not to activate the cookie or to later disable cookies, you may still visit our websites, but your ability to use some features or areas of the websites may be limited.
If you want to learn more about cookies, or how to control, disable or delete them, please visit www.aboutcookies.org for detailed guidance. In addition, certain third party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here: www.adssettings.google.com/authenticated
This section applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”) and any terms defined in the CCPA or CPRA have the same meaning when used in this Privacy Statement.
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information“).
Publicly available information from government records, deidentified or aggregated consumer information, information excluded from the CCPA’s scope, including health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data.
In particular, we may have collected the following categories of personal information from consumers within the last twelve (12) months:
We obtain the categories of personal information listed above from the following categories of sources:
We may use or disclose the personal information we collect for the purposes described in the Global Privacy Statement and Online Privacy Statement. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed personal information for a business purpose to the categories of third parties: Worldwide corporate affiliates, agents/service providers, clients and business partners, regulatory or enforcement authorities, to protect our legal rights or comply with legal requirements or to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, third-party advertisers as described in our Online Privacy Statement, or other third parties with your prior consent.
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
To exercise your rights to know or delete described above, please submit a request by either:
We will not discriminate against you for exercising any of your CCPA or CPRA rights. Unless permitted by the CCPA or CPRA, we will not deny you services, charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of services, suggest that you may receive a different price or rate for services or a different level or quality of services.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us as described above in this section.
This Privacy Statement does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals. Any such processing shall be subject to a separate employee privacy notice as applicable.
Name of the operator: LIMITED LIABILITY COMPANY “WORLDWIDE CLINICAL TRIALS” (LLC “VKT”)
Operator’s address:
Location and Postal address: 188645, Leningrad Region, Vsevolozhsky District, Vsevolozhsk Gorod, Koltushskoe Shosse, 298, apt. 106
Contact information of the operator: Eduard.maximov@worldwide.com
Regions: Leningrad region; Moscow; St. Petersburg
Pursuant to Art. 23, 24 of the Constitution of the Russian Federation, Art. 86-90 of the Labor Code of the Russian Federation, the Federal Law “On Personal Data”, the Charter of LLC “VKT”, the Regulations on the processing of personal data in LLC “VKT” The purpose of processing personal data for the purpose of formalizing labor relations, maintaining personnel, accounting and management accounting, issuing VHI policies, concluding and executing civil law contracts with counterparties
A person responsible for the organization of the processing of personal data has been appointed. Employees directly engaged in the processing of personal data are familiar with the provisions of the legislation of the Russian Federation on personal data, including the requirements for the protection of personal data, documents defining the organization’s policy regarding the processing of personal data, local acts on processing issues personal data. The recovery of personal data modified or destroyed due to unauthorized access to them is ensured. Rules for access to personal data processed in the personal data information system have been developed.
Anti-virus information protection tools are used, personal passwords are assigned to each workplace (specific employee). Safes are installed to store personal files of employees and personal data of individuals, lockable metal cabinets, fire alarms are installed, offices are located in buildings where the security system operates
The places of storage of personal data (material carriers) have been determined. A list of persons processing personal data and having access to them has been defined. Separate storage of personal data (material carriers), the processing of which is carried out for various purposes, is ensured. Accounting of material carriers is ensured. The possibility of uncontrolled penetration or presence of unauthorized persons in the premises where work with personal data is carried out is excluded. The safety of personal data carriers and information protection means is ensured.
21.06.2005
Termination of the organization’s activities, as well as the conditions provided for by federal law No. 152.
Surname, name, patronymic; year of birth; month of birth; date of birth; place of birth; address; marital status; social status; property status; education; profession; income; special categories of personal data: state of health; biometric personal data (photos in corporate systems), e-mail address, phone number.
Applicants, employees, former employees, close relatives of employees (for registration of voluntary health insurance), counterparties or representatives of counterparties (for the conclusion and execution of contracts)
Any action (operation) or a set of actions (operations) performed with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data. The processing of the above personal data will be carried out by a variety of means, with the transfer through the internal network of a legal entity via the Internet.
Information on the location of the database of information containing personal data of citizens of the Russian Federation:
Location 1
Location 2
Used only when required
Eduard Maximov postal addresses: 195112, Russia, St. Petersburg, Malookhtinsky pr. 64
Contact phone numbers: +7 812 346 8247
E-mail Address: Eduard.Maximov@worldwide.com
The information in this section has been submitted to the information system of Roskomnadzor on 31 August 2022. If you would like to receive a copy of this notice in the Russian language, please contact us at the address above, or contact Data.Protection@Worldwide.com.
This Data Privacy Framework Statement (“Statement”) has been produced by Worldwide Clinical Trials Holdings, Inc., its subsidiaries and affiliates (“Worldwide”) in connection with the transfer and protection of personal data received from data subjects located in the European Economic Area (EEA), Switzerland, and the United Kingdom (UK). Worldwide is located at 600 Park Offices Dr #200, Research Triangle Park, Durham NC 27709.
For the purposes of this Statement, “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
To participate in the DPF program, Worldwide must publicly commit to comply with the DPF Principles. While the decision to self-certify to and participate in the DPF program is voluntary, effective compliance upon self-certification is compulsory. Once such an organization self-certifies to the ITA and publicly declares its commitment to adhere to the DPF Principles that commitment is enforceable under U.S. law. If there is any conflict between the terms in this Statement and the DPF Principles, the Principles shall govern.
To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit www.dataprivacyframework.gov/s/.
Worldwide provides global clinical trial services on behalf of clinical trial sponsors. In connection with providing these services to its customers, Worldwide processes personal data from individuals located in the EEA, UK, and Switzerland. This Statement applies to the collection, use, storage, transfer, and disclosure of personal data transferred from the EU, the UK, or Switzerland to Worldwide in the United States (“US”). Data subjects may include (i) clinical trial participants; (ii) clinical trial site staff; (iii) internet end users of Worldwide’s own websites and applications; or (iii) business contact information associated with our business customers and business partners such as vendors. Worldwide also adheres to the principles of the DPF with regard to the processing of its own employees’ and contractors’ personal data in its role as an employer.
We will inform data subjects of our privacy practices, including the purposes for which we collect and use their personal data, the people or categories of people who will have access to it, and the choices and means, if any, they have for limiting the use and disclosure of your personal data.
When we are processing personal data as a data processor (for example, as a CRO on behalf of client or sponsor), we will only use personal data according to the privacy notices and instructions issued by those entities who determine the purpose and means of the processing.
When required or permitted by applicable law, we obtain consent before the collection, use or disclosure of personal data. To the extent we can under applicable law, we will respect the choices and requests of data subjects to limit the collection, use, transfer or other processing of their personal data.
In EEA member states which prohibit us from relying on consent for the processing of clinical trial participant data, we will rely on an alternative legal basis permitted under EU or Member State law. Clinical trial participants will at all times be provided with complete and transparent information related to the processing of their personal data during the informed consent process prior to participation in the clinical trial.
If we are processing personal data based on consent, the data subject has the right to withdraw their consent at any time and no additional personal data will be.
We may be able to retain and continue to use certain personal data under specific circumstances, such as to demonstrate the safety or efficacy of the investigational drug in a clinical trial, for legal or regulatory purposes, to defend ourselves in a legal claim, or for other reasons permitted under applicable data privacy laws.
We will only carry out international transfers of personal data within or outside of our group of affiliated companies and agents, when the recipient is located in a country that is the recipient of an adequacy decision, or when we have implemented adequate safeguards and reasonable privacy controls for such information in compliance with applicable laws.
Worldwide does not sell or share personal data with third parties except as described in our Global Privacy Policy.
We may be required under applicable law to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may transfer personal data to our third-party agents or service providers who perform functions on our behalf. We take reasonable and appropriate steps, including execution of written contracts, to require third-party agents and service providers to only process personal data in accordance with applicable law and the principles contained in this Statement and our Global Privacy Policy. We will provide a summary or representative copy of relevant privacy provisions of our contracts with a third party upon request.
We implement appropriate administrative, physical, and technical safeguards to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We evaluate any potential security incident or personal data breach, and report any unauthorized disclosure of personal data as required by and in accordance with applicable laws.
We will ensure that personal data is kept accurate, complete and relevant for its intended use. We will take all reasonable steps to destroy or amend inaccurate or out-of-date personal data.
When we are processing personal data on behalf of a data controller (for example, as a CRO on behalf of client or sponsor), we will act according to the instructions of and contractual terms in place with the data controller to support the data controller’s obligations under the Data Use, Integrity & Retention principle.
We will only collect and process personal data that is relevant and necessary to fulfill the purpose for which it was collected.
We will retain personal data only as long as necessary or required to fulfil the purpose of the collection. Clinical trial participant data will be retained according to applicable clinical trial regulations, which may as long as 25 years in some jurisdictions.
When we process personal data on behalf of a data controller (for example, as a CRO on behalf of client or sponsor), we will act according to the instructions of and contractual terms in place with the data controller to support the data controller’s obligations under the Purpose Limitation principle.
Worldwide has established internal mechanisms to verify its ongoing adherence to this Statement. Worldwide is subject to the investigatory and enforcement powers of the US federal government, including the Federal Trade Commission (FTC). Worldwide also encourages individuals covered by this Statement to raise any concerns about our processing of their personal data by contacting Worldwide’s Data Protection Officer at the address below. Worldwide will seek to resolve any concerns within thirty (30) days according to our internal SOPs.
Worldwide commits to cooperate with the panel established by the EEA data protection authorities (DPAs) and to comply with the advice given by the panel with regard to data transferred from the EEA. For personal data relating to Swiss individuals, Worldwide commits to cooperate with the Swiss Federal Data Protection and Information Commissioner (FDCIP) and to comply with the advice given by the FDCIP with regard to Swiss individual information transferred.
Worldwide commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and complies with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
Worldwide commits to periodically reviewing and verifying the accuracy of this Statement and its compliance with the Principles, and remedying any issues identified. All employees of Worldwide that have access to personal data covered by this Statement in the US are responsible for conducting themselves in accordance with this Statement and with Worldwide policies and procedures. Failure of an employee to comply with Worldwide policies related to personal data may result in disciplinary action up to and including termination.
Adherence to these Privacy Principles may be limited to the extent required to meet a legal, governmental, national security or public interest obligation.
In compliance with DPF Principles, Worldwide commits to resolve complaints about our collection or use of your personal data within thirty (30) days, to respond to requests made by individuals to access or to limit the use and disclosure of their personal data.
Worldwide has chosen a panel of EU DPAs to serve as the Independent Recourse Mechanism for any complaints.
To issue a complaint, make a request to access your personal data or to limit the use and disclosure of your personal data, or for any other questions or concerns, please contact Worldwide’s Data Protection Officer at DPO@worldwide.com.
You may contact us at any time using any of the following methods:
Mail: 600 Park Offices Dr #200, Research Triangle, NC 27709
Telephone (toll-free): 1 (855) 524 3133
Data Protection Officer: DPO@worldwide.com
General privacy and data protection inquiries: data.protection@worldwide.com
Worldwide’s Data Representative in the European Union: WCT Clinical Research Spain, S.L.U, Calle Príncipe De Vergara, 112 4 ª. 28002, Madrid, Spain
If you are currently a participant in a clinical trial who wants to exercise any of your rights under the applicable privacy laws, please reach out to the study doctor or the clinical trial site coordinator (as detailed further in the Informed Consent Form for your study).
This Policy shall remain in place indefinitely and shall not be retired or eliminated without replacement. We reserve the right to make changes or updates to this Policy from time to time without notice. All changes will be published with the current effective date.
You may contact us at any time using any of the following methods:
Mail: 600 Park Offices Dr #200, Research Triangle, NC 27709
Telephone (toll-free): 1 (855) 524 3133
Data Protection Officer: DPO@worldwide.com
All privacy and data protection inquiries: data.protection@worldwide.com
Serbian inquiries: DPO_Serbia@worldwide.com
WCT Clinical Research Spain, S.L.U, Calle Príncipe De Vergara, 112 4 ª. 28002, Madrid, Spain
If you are currently a participant in a clinical trial who wants to exercise any of your rights under the applicable privacy laws, please reach out to the study doctor or the clinical trial site coordinator (as detailed further in the Informed Consent Form for your study).
…
If you are a citizen of the European Union (EU), United Kingdom (UK), Serbia, or Switzerland, you may address any unresolved complaints with your respective data protection authority. For more information, access your local data protection authority at the following links:
EU Data Protection Authorities: edpb.europa.eu/about-edpb/board/members_en
UK Information Commissioner: ico.org.uk/make-a-complaint/
15, Bulevar kralja Aleksandra str, Belgrade 11120
Tel: +381 11 3408 900
Fax: +381 11 3343 379
Email: оffice@poverenik.rs
Feldeggweg 1
CH – 3003 Berne
Tel: +41 (0)58 462 43 95
Fax: +41 (0)58 465 99 96