Effective July 14, 2023
Section 1 of this policy is intended to serve as a clear overview and help you identify the CDS privacy practices and Privacy Statements which apply to your use of any CDS websites or applications. Use the outline linked here to skip to any section:
1.1 CDS’s Privacy Principles
CDS is committed to:
- Protecting the privacy of its customers and their end users, whether you are a patient, a study participant, or a professional user of CDS products.
- Informing you of the types of personal data CDS collects;
- Informing you of the ways in which CDS can use the personal data we collect;
- Informing you with whom CDS may share your personal data, and why;
- Complying will all applicable laws which help protect your privacy;
- Making ourselves available to answer any additional questions you have about our use, maintenance, or disclosure of your personal data.
1.2 CDS as a Data Processor
As a technology solution provider, CDS provides its customers with applications and platform solutions enabling our Customers to interact with their patients and study participants more effectively. In such instances, CDS acts as a data processor working on behalf of the customer. Because each trial or study is different, our Customers who will collect and use information gathered through the CDS solutions will provide a privacy statement specific to their use of personal data for that respective study or trial. If you participate in a study or trial, please see the privacy statements in Your specific study or trial for more information, or contact Your study sponsor or investigator for assistance.
1.3 CDS as a Data Controller
CDS also acts as the data controller for information you provide to us as part of your interaction with our websites, participation in our sales and marketing activities (including events), when you apply for a job at CDS, if you are an employee of CDS, or if your personal data is provided to CDS in your role as a supplier or a customer.
2. Contact Information
CDS Corporate Headquarters
18124 Wedge Parkway
Reno, NV 89511
CDS’s Article 27 Representative for the European Union
Maetzler Rechtsanwalts GmbH & Co KG
CDS’s Article 27 Representative for the United Kingdom
Prighter Ltd (UK)
20 Mortlake Mortlake High Street
London SW14 8JN
3. CDS Privacy Statement
This Privacy Statement applies to your use of the crucialdatasolutions.com websites and applications (the “Sites”) as well as certain CDS Services (the “Services”).
If You participate(d) in a study or trial, please see the privacy statements in Your specific study or trial for more information or contact Your study sponsor or investigator for assistance.
Please note that some CDS Applications are subject to their own specific Privacy Statements, which are linked either in the Application or the applicable app store. This Privacy Statement is designed to inform you of the information we gather as part of your use of the Sites and Services where CDS is the data controller. If you have any questions or concerns regarding this Statement, or wish to exercise an access, data portability, or deletion right, please see the section “Exercising Access, Data Portability, and Deletion Rights” below for more information.
By accessing or using the Sites or Services, you acknowledge your acceptance of the practices described in this Privacy Statement and consent to our processing of your information as set forth in this Privacy Statement.
3.1 Changes to this Privacy Statement
Crucial Data Solutions, Inc. (“CDS” or “We”) may modify this Privacy Statement from time to time. The date of any revisions will be displayed at the top of this Privacy Statement.
3.2 CDS’s Platform, Customized Applications, and Services
Please note that CDS supplies its Customers with Applications and Services, particularly for purposes of clinical trials and healthcare research. When you use CDS Services as part of your engagement with a CDS Customer, you will be subject to a Privacy Statement issued by that CDS Customer. In such instances, CDS acts as a data processor, working on behalf of that CDS Customer (the data controller).
3.3 Types of Information CDS Collects
As part of your use of the Sites and Services, We may collect:
- Information you submit to us (including contact information, demographic information, location information etc. which you supply via a web form or other input method);Non-Personal Data regarding your use of the Sites and Services – for example, your “click-path” or how you navigate our Sites or Services, the duration of time you spend on a given webpage, how often you visit or use the Sites or Services, information about your browser or device from which you access the Sites and Services, pseudonymous IDs including information linked to DIIs (Device-Identified Information) such as Cookies, MAID (Mobile Advertising IDs), Statistical IDs, IP Addresses and other third-party identifiers which do not, by themselves, identify a specific individual);
- Payment information (including name, address, and payment method) if you make a purchase from CDS using the Sites or Services;
- Geolocation data (such as the location from which you access the Sites and Services);
- Log and event data related to the performance of the Sites and Services
3.4 How CDS Uses Personal Information
Personal Data which we collect via the Sites and Services for a particular purpose will only be retained and used for that purpose, unless you have agreed to allow us to use it for additional purposes as described in this Privacy Statement.
Generally, We will use Personal Data and other information we collect from you to:
- Provide you with technical support, customer service, and account maintenance;
- Fulfill the reason for which you provided us information;
- Tailor your experience using the Sites and Services;
- Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections where applicable;
- Improve our Sites and Services, including for testing, research, and product development purposes;
- Send e-mails to our customers and users who want to receive e-mail from us;
- Protect the security of your account and our business;
- Prevent or detect fraud or abuses of our Sites and Services;
- Comply with applicable law;
- Provide, operate, and maintain the Sites and Services;
- Authenticate and verify user identities;
- Direct you to localized versions of the Sites and Services (which may include language optimized versions or versions which comply with the laws of a specific jurisdiction); and
- Communicate with you about services, features, surveys, newsletters, offers, promotions, and events, and to provide other news or information about us and our select partners.
3.5 CDS Surveys
Online surveys provide CDS information about users’ experiences with our products and services. We occasionally invite users to take optional surveys in studies we host for our customers to learn more about their experience with CDS’s products. CDS does not ask users to provide any sensitive personally identifiable information, such as passwords, social security numbers, driver’s license, and medical records. If you receive a CDS survey requesting such information, please immediately forward it to the following email address:
3.6 How CDS Shares Personal Information with Others
When you have provided Personal Data to us for a particular purpose, we may disclose your information to other companies that we have engaged to assist us in fulfilling your request. This may include, but is not limited to fulfillment houses, billing services, transaction managers, credit verification services, and other third-party service providers. We may also disclose any of your Personal Data to law enforcement or other appropriate third parties in connection with criminal investigations, investigation of fraud, infringement of intellectual property rights, or
other suspected illegal activities, or as otherwise may be required by applicable law, or, as we deem necessary in our sole discretion, in order to protect the legitimate legal and business interests of Company. We sometimes share general, demographic, or aggregated (non-identifiable)
information with third parties about our user base, but that information does not include any Personal Data.
Your Personal Data may also be disclosed if Company assigns all of its rights and obligations regarding the use of your Personal Data at the time of a bankruptcy, merger, acquisition, sale of all or substantially all of Company’s assets to a subsequent owner or operator, or similar event.
To the extent we collect any aggregated anonymous information, we may share that information and information derived from the aggregated anonymous information with our business partners.
3.7 How CDS Secures Personal Information
CDS implements physical, administrative, and technical safeguards designed to protect your personal information from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. We contractually require that our suppliers implement similar measures designed to protect personal information from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. No online service can ever be 100% secure, and as a result we do not guarantee the security of any personal information you provide.
3.8 Retention of Personal Data
CDS retains your personal data for as long as reasonably necessary or as permitted in accordance with the purpose(s) outlined in this Privacy Statement. The criteria used to determine our retention periods include the length of time we have an ongoing relationship with you, contractual requirements, or whether there is a legal obligation to which we are subject.
The CDS Sites, and some services and advertisements on the Sites, may contain “cookies.” A cookie is a piece of data that is sent to your browser, which will store the cookie on your computer if your browser is enabled to accept cookies.
Most internet browsers will allow you to erase cookies from your computer hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You should refer to your browser instructions or “Help” screen to learn more about how to manage cookies. Please note, however, that if you block cookies, some portions of the Site and services may not function properly.
We do collect general, aggregated, demographic, and non-Personal Data using cookies and automated means (this includes technical information about your session with our website, such as your browser version and IP address, as well as information about your use of our website, such as how you navigate it and how long you spend viewing it). We will not seek to identify you through cookies or other means without your consent. This type of anonymous, aggregated profiling and session data may also include information that you have provided to usthrough surveys, polls, etc., but will not be tied to any Personal Data, without your consent.
You can manage your preferences in relation to Cookies and Automated Tracking on the sites by clicking on the icon on the bottom left of the public website, crucialdatasolutions.com.
3.10 Children’s Personal Information
The Sites and Services are not intended for anyone under the age of eighteen. CDS does not knowingly collect information from children under the age of eighteen unless we have obtained consent from a parent or guardian, or such collection is subject to a separate agreement with us which specifically provides for us to obtain such information. If you believe your child’s personal information has been collected by CDS in error, please submit your request to the following email address: firstname.lastname@example.org
3.11 Do Not Track
The Website does not support Do Not Track at this time. Do Not Track (DNT) is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For all the details, including how to turn on Do Not Track, visit donottrack.us.
3.12 Special Notice to California Residents – Your California Privacy Rights
The California Consumer Privacy Act (the “CCPA”) provides California residents the right, once a year, to receive information about third parties with whom CDS has shared information about you for its marketing purposes during the previous calendar year, and a description of the categories of personal information shared. To make such a request, please submit here. CDS will respond to you within thirty days of receiving such a request.
3.12.1 CDS does not sell consumer data for monetary or other valuable consideration.
If you are a California Resident, you may have additional rights under the California Consumer Privacy Act (the “CCPA”). These include:
- The right to request that CDS disclose certain information to you about our collection and use of your personal information over the past 12
- The right to know the categories of personal information that we collect, and the categories of sources from which we obtained that information.
- The right to know our business or commercial purpose for collecting or selling personal information.
- The right to know the categories of third parties with whom we share personal information.
- The right to object to the sale of personal data.
- The right to access your own personal information collected by CDS (also called a data portability request).
- The right to equal service and price, even for consumers who exercisetheir privacy rights.
3.13 Special Notice to UK and EU Residents
Residents of the EU and UK may be entitled to additional privacy rights consistent with the General Data Protection Regulation (GDPR). These include:
- The right of access.
- The right to data portability.
- The right to rectification.
- The right to erasure.
- The right to object or restrict processing.
Please submit here with any questions or concerns regarding the processing of your personal data.
If CDS’s processing of your personal data is covered by UK or EU law, you can also lodge a complaint with the corresponding data protection supervisory authority in your country of residence. You can find the relevant EU supervisory authority name and contact details under http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm and the UK supervisory authority contact details under https://ico.org.uk/global/contact-us/.
3.13.1 International Transfers, Processing and Storage of Personal Information.
Your Personal Data may be collected, transferred to, and stored by us in the United States and by our affiliates and third parties that are based in
other countries. This means that your Personal Data may be processed outside your jurisdiction, and in countries that are not subject to an
adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction, such as the EEA. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate data processing agreements and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or another applicable regulator. Where required by applicable law, we will only share, transfer, or store your Personal Data outside of your jurisdiction with your prior consent.
3.13.2 Exercising Personal Data Access, Portability, and Deletion Rights.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us here (Or connect via one of the alternative methods listed in the “CONTACT US” section below).
To fulfill your request, please:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot complete your request or provide you with personal information if we cannot verify your identity or authority to make the
request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account
with us. We will only use personal information provided in a request to verify the requestor’s identity and/or authority to make the request. We may refuse to act on requests that are insufficiently substantiated, unfounded, or excessive.