Panacea Patient Recruitment Limited (PPRL) “Privacy” and “Special Category” Policy
This notice applies to all visitors to our patient recruitment websites and anyone who takes part in our recruitment process to be a volunteer in a clinical trial. It explains how our organisation collects, processes, stores, and passes your information to the clinical trial’s third-party organisation.
The Policy is written to meet applicable legal requirements globally, including in the UK, North America, Europe, Asia Pacific, and other jurisdictions.
We collect and process your name, address, email address, telephone numbers, date of birth, height, weight, and gender. We may also collect, store, and use more sensitive personal information referred to by the UK data protection regulator known as Information Commissioner’s Office (ICO) as “Special categories” information. Sensitive personal information requires higher levels of protection. The special categories of information we collect, and process is information about your health, including medical conditions, health, medications, and sickness records. We process special categories of personal information only with your explicit consent. You have the right to withdraw your consent to our processing your data, including special categories, at any time (see contact information provided below).
The data controller of your information will usually be the organiser or sponsor of the trial. If this happens, we will let you know the identity of the new data controller either now, if available or at the time when the identity becomes available.
How do we collect your data?
Most of the personal information we process is provided directly by you. For example, when you complete an online submission form, to establish your suitability for a clinical trial. The information you submit is imported onto our secure servers and encrypted in real-time. We may also receive additional personal information directly by telephoning you if required.
How will we use your data?
We use the information that you have given us to evaluate your note of interest by our qualified nurses. If the triage is satisfactory, your enquiry will be passed to one of our doctors to confirm and authorise your note of interest. Once approved, your data is shared securely with the clinical organisation running the clinical trial.
How do we store your data?
Your information is encrypted and securely stored in the cloud on servers in the UK. We keep personal information for three years. You will be asked if you wish your data removed securely.
Under data protection law, you have the following rights:
We use standard web logs that record primary data about people who visit our websites, such as the date and time of the visit, the website pages viewed during the visit and the type of web browser used to view our website. Web logs enable us to identify the IP (Internet Protocol) address of the computer used to visit the site. Computers automatically generate an IP address as they surf the internet. An IP address is a number assigned to you by your internet service provider so you can access the internet. IP addresses track new versus return visitors to the website or in connection with any questionnaire used on the website. We do not disclose IP addresses.
A cookie is a piece of data or a file a website can send to your internet browser, which may then be stored on your computer. Cookies store information such as the pages you visited, the website features you used, and the amount of time you visited a particular webpage. They are also a means of keeping track of a user’s preferences while visiting a website.
We store a unique identifier in a “temporary” or “session” cookie that only exists during the browser’s session with the website. When the user returns to the website, the identifier can be extracted from the session cookie and used to request detailed search information for that user from our database.
In addition, visitors clicking through to our website from third-party services such as Facebook, Twitter, Instagram, Google, Bing, or Yahoo! will have a cookie placed on their computer for 30 days. This cookie allows Facebook, Twitter, Instagram, Google, Bing, and Yahoo!, along with PPRL, to measure the effectiveness of digital advertising.
We may also collect certain information that your mobile device sends when you use our services or access our Website, like a device identifier, user settings and the operating system of your device. For example, information collected about your mobile device and internet connection may include the device’s unique device identifier, IMEI number, IP address, operating system, browser type, browser language, referring/exit pages and URLs, and mobile network information.
This website is hosted on dedicated cloud servers at the Equinix Centre in the United Kingdom. Accordingly, any personal information we receive through direct user input is stored on our servers located in the United Kingdom. By choosing to visit the website and provide information to us, you agree and consent to its storage in the UK. In addition, we can securely transfer the information you provide to clinical trials outside the UK.
Securely processing your information is essential to our business and your protection as a user. Maintaining a secure network and server system is in our users’ and research partners’ best interests. We process and store your information using industry-standard physical, technical, and administrative safeguards to secure such personal information against foreseeable risks such as unauthorised use, access, disclosure, destruction, and modification. Such security safeguards include encryption, password protection, and user authenticated access rights. While we will use reasonable efforts to create a secure, safe, and reliable Website, the confidentiality of any communication or material transmitted to or from the Website over the internet cannot be guaranteed.
By using the Website to supply your information, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the website. For example, if we learn of a security system breach, we may attempt to notify you electronically by posting a notice on the website or sending an email to you. In addition, you may have a legal right to receive this notice in writing.
The information you provide to us may be archived or stored according to backup processes. Your data will only be kept for as long as is required for the clinical trial to support your participation in the clinical trial. The data may also be required to resolve disputes, establish legal defences, conduct audits and to enforce our agreements and comply with applicable laws.
How to contact the appropriate authority.
United Kingdom (UK)
Under the UK, the Data Protection Act 2018, the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC), the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) and the European Union (Withdrawal) Act 2018; citizens of the UK may access, rectify, update, or delete/withdraw their personal information by post or by sending an email to:
Name: Panacea Patient Recruitment Limited
Address: First Floor, Swan Street, Manchester, United Kingdom, M4 5JW.
Phone Number: 0161 854 1322
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address is…
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
European Union (EU)
Under the GDPR; General Data Protection Regulation (EU) 2016/679, citizens of the EU may access, rectify, update, or delete/withdraw their personal information by sending an email to firstname.lastname@example.org.
If you are a resident of the European Union and feel that any request or complaint remains unresolved you may contact your national data protection authority for your EU Member State, which can be located through the following European Commission website: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.
The California Consumer Privacy Act (CCPA) 2018 permits users that are California residents to access, rectify, update, restrict processing, delete/withdraw their personal information, or opt out of services.
Additionally, California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
To make all such requests, please send an email to: email@example.com.
If you are a resident of California and feel that any request or complaint remains unresolved, you may contact your data protection authority by contacting 1-800-655-4555 or emailing CCPA@sce.com.