Last revised and effective as of: July 2019
TARGET PharmaSolutions, Inc. (“TARGET”, “we”, “us”, “our”) is committed to transparency regarding the collection of your personal information and data. This policy relates to the information collection and use practices in connection with our website (www.targetpharmasolutions.com) as well as the services offered by TARGET.
Information collected about you
The amount and type of information we collect depends on how you use this website. We may collect information about you from a variety of sources, including (a) information you provide directly; (b) information we collect about you when you visit our Website, use our services, or; and (c) information we receive from other sources.
Information We Collect Directly From You. We may collect information directly from you when you visit our Website, choose to use services or participate in programs or otherwise provide information directly to us. Depending on your use of Website, we may collect two types of information: personally identifiable information and non-personally identifiable information.
Personally Identifiable Information: Personally identifiable information is information that identifies you or can be used to identify or contact you. The categories of personally identifiable information that may be collected through the Website include but are not limited to your name, email address, and telephone number.
Non-Personally Identifiable Information: Non-personally identifiable information is information, any single item of which, by itself, cannot be used to identify or contact you. The categories of non-personally identifiable information that may be collected through the Website include but are not limited to demographic information (such as age, profession, gender, location, zip code, birth date, or year of birth), responses to survey questions, queries, IP addresses, browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the pages you view, the date and time of your visit, domain names, and other statistical data involving use of the Website. Certain non-personally identifiable information may be considered a part of your personally identifiable information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-personally identifiable information when they are taken alone or combined only with other non-personally identifiable information (for example, your viewing preferences).
We may collect the following information about you:
- Technical information, including your IP address, browser type and version, browser plug-in types and versions, operating system and platform, and device-specific information, such as time zone setting and mobile network information (including location information); and
- Information about your visit, including, web pages you view, links you click, language preferences web sites you visited before coming to our Website, page response times, download errors, page interaction information (such as lengths of visits to certain pages, scrolling, clicks and mouse-overs), or your destination when you leave the Website.
How We Use This Information
In general, we use the information collected through our Website to conduct our Business, to help us understand who uses the Website, to improve the Website, for internal operations, and, if you request information or request that we contact you, to respond to your requests. In addition, if you identify yourself to us by sending us an email with questions or comments, we may file your questions or comments (with your personally identifiable information) for future reference. We may also use the information gathered through the Website (including your personally identifiable information) to perform statistical analysis of user behavior or to evaluate and improve the Website and our Business. We may link some of this information to personally identifiable information for internal purposes.
Protection Of Children
We are committed to protecting the privacy of children. The Website is not designed for or directed to children under the age of 13. We do not collect personally identifiable information through the Website from any person we actually know is under the age of 13.
Sharing Your Information
- Laws and Legal Rights- Your information (including your personally identifiable information) may be disclosed upon a good faith belief that disclosure is required in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. Your information may be disclosed in special circumstances upon a reasonable belief that disclosing this information is necessary to identify, contact, or bring legal action against someone, to detect fraud, or to protect our rights or property or the safety and/or security of our Website, our Business or the general public.
- Third Parties Generally- With respect to our Website, your non-personally identifiable information may be provided to third parties, including where such information is combined with similar information of other users of the Website. In addition to the above, when individuals use our Website, third parties (including without limitation third-party analytics and other service providers) may directly collect information about our Website visitors, including about our visitors’ online activities over time and across different websites. The third parties to which information may be provided, or who may directly collect information, may include analytics and other service providers, vendors and website tracking services, affiliates, actual or potential commercial partners, licensees, researchers, and other similar parties.
- Outside Contractors- We may employ independent contractors, vendors, and suppliers (collectively, “Outside Contractors”) to provide specific services and products related to the Website and/or our Business, including hosting, maintenance, auditing, monitoring, and other services. In the course of providing products or services to us, these Outside Contractors may have access to your information (including personally identifiable information). We use reasonable efforts to ascertain that these Outside Contractors are capable of protecting the privacy of your personally identifiable information.
Personally identifiable information collected on the Website may be transferred from time to time to TARGET offices or personnel, or to third parties, located throughout the world, including offices located outside the European Union and the European Economic Area, and the Website may be viewed and hosted anywhere in the world, including countries (such as the United States) that may not have laws of general applicability regulating the use and transfer of such data. Were this is the case, we will take reasonable steps to ensure that your information receives the necessary level of protection and comply with applicable law, including, but not limited to, the European Union General Data Protection Regulation (“GDPR”). By using the Website and submitting such information on it, you voluntarily consent to such transborder transfer and hosting of such information. For specific information regarding how we handle personal information and transfer data, please see the “Global Data Protection Policy.”
Is The Information Collected Through The Website Secure?
We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with industry standards and to employ administrative, physical, and electronic measures designed to protect your personally identifiable information from loss, misuse, and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved and the nature of the information. Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information, both over the Internet and through other online and offline channels. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.
What Choices Do I Have Regarding The Collection, Disclosure And Distribution Of Personally Identifiable Information Collected Through The Website?
Do Not Track
The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to Do Not Track requests.
Can I Update Or Correct My Personally Identifiable Information Collected Through The Website?
You should be aware that it is not technologically possible to update or change each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, or change, as appropriate, all personally identifiable information collected through the Website and stored in databases we actively use and other readily searchable media, as appropriate, as soon as and to the extent reasonably practicable.
Without limitation of any other provision contained herein, access to personal information associated with research studies may be limited if necessary to maintain the integrity of the research effort.
How Long Will My Personal Data Be Stored?
We will only retain your Personal Data for as long as necessary to fulfil the purpose for which they were collected or to comply with legal or regulatory requirements.
Global Data Protection Policy Statement
Last revised and effective as of: July 2019
TARGET PharmaSolutions, Inc. (“TARGET”, “we”, “us”, “our”), as a clinical data company, is a data controller, responsible for the processing of your personal information.
It is our policy to respect and protect personal information collected or maintained by or on behalf of TARGET—therefore, TARGET adheres to both the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and the EU-U.S. Privacy Shield Principles (“Privacy Shield”). In furtherance of this commitment, TARGET has certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce and the Federal Trade Commission (“FTC”). To learn more about Privacy Shield, and to view TARGET’s certification, please visit https://www.privacyshield.gov/participant?id=a2zt0000000TQHnAAO&status=Active.
This Statement describes the principles pursuant to which TARGET manages Personal Information received: (i) in the course of TARGET’s operations involving current, prospective and former strategic partners, clients, vendors and subcontractors (collectively, “Corporate Parties”); and (iI) physicians/investigators, health care professionals, and trial participants (collectively, “Clinical Parties”). In connection with TARGET’s operations, TARGET may now and/or in the future: (a) transfer Personal Information of Corporate Parties and/or Clinical Parties outside of the European Economic Area (“EEA”) to the United States; and/or (b) access Personal Information regarding Corporate Parties or Clinical Parties from the United States.
“Agent” or collectively, “Agents” means any third party that processes Personal Information pursuant to the instructions of, and solely for, TARGET or to which TARGET discloses Personal Information for use on its behalf.
“Citizen” or collectively, “Citizens” means a lawful citizen or citizens of any EEA country and includes Corporate and Clinical Parties.
“EEA” means the European Economic Area which is composed of the following thirty-one (31) countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Italy, Ireland, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and United Kingdom.
“Personal Information” means any information or set of information about an identified or identifiable Citizen, including, but not limited to: (a) first name or initial and last name; (b) home or other physical address; (c) telephone number; (d) email address or online identifier associated with the Citizen; (e) Social Security number or other similar identifier; (f) employment, financial or health information; or (g) any other information relating to a Citizen that is combined with any of the above. The term “Personal Information” does not include anonymized information or information that is reported in the aggregate (provided that such aggregated information is not identifiable to a natural person).
“Process” or “Processing” of Personal Information means any operation or set of operations which is performed upon Personal Information, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.
“Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, genetic data, biometric data where Processed to uniquely identify a person, any information that concerns medical or health conditions or sex life, or information relating to the commission of a criminal offense.
“Statement” means this Global Data Protection Policy Statement.
Article 5 of the GDPR sets out seven key principles for data protection which TARGET follows. Personal data shall be:
- processed lawfully, fairly and in a transparent manner in relation to individuals (‘lawfulness, fairness and transparency’);
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”
We will only use your personal information to the extent that the law allows us to do so. Pursuant to the GDPR we rely on the following legal bases for processing your personally identifiable information:
- where you have given consent to the processing of your personal data;
- where it is necessary to perform a contract we have entered into or are about to enter into with you; and/or
- where it is necessary for the purposes of our legitimate interests (or those of a third party) and your interests or fundamental rights and freedoms do not override those legitimate interests.
Privacy Shield Principles
The Privacy Shield Framework outlines the following seven “Privacy Shield Principles:”
- Notice: In the event that TARGET collects Personal Information from a Citizen, TARGET will furnish a notice to the Citizen that describes: (i) the types of Personal Information that it collects about such Citizens; (ii) the purposes for which it collects such information; (iii) the types of third parties to which it discloses such information, and the purposes for which it does so; and (iv) how to contact TARGET with any inquiries or complaints. Notice will be provided in clear and conspicuous language at the time of collection, or as soon as reasonably practicable thereafter. In any event, notice will be provided before TARGET discloses the Personal Information or uses such information for a purpose other than that for which the Personal Information was originally collected or processed.
- Choice: In the event that Personal Information is to be used for a new purpose that is materially different from the purpose(s) for which the Personal Information was originally collected or subsequently authorized, or transferred to a non-Agent third party, Citizens will be provided, where practical and appropriate, with an opportunity to decline to have their Personal Information so used or transferred. In the event that the Personal Information used for a purpose other than that for which it was originally collected or subsequently authorized or transferred to the control of a non-Agent third party is Sensitive Personal Information, the Citizen’s affirmative express consent will be obtained prior to the use or transfer of the Sensitive Personal Information or as otherwise permitted in accordance with the Privacy Shield Principles.
- Accountability for Onward Transfer: TARGET will endeavor to only transfer Personal Information to an Agent where such Agent has given assurances that it provides at least the same level of privacy protection as is required by the Privacy Shield Principles and this Statement and will notify TARGET if it makes a determination it can no longer meet this obligation. Where TARGET has knowledge that an Agent is using or sharing Personal Information in a way that is contrary to the Privacy Shield Principles and/or this Statement, we will take reasonable steps to prevent or stop such Processing.
- Security: TARGET takes reasonable and appropriate administrative, technical and physical precautions designed to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction, regardless of whether such Personal Information is in electronic or tangible, hard copy form.
- Data Integrity and Purpose Limitation: TARGET endeavors to limit the collection, usage, and retention of Personal Information to that which is relevant for the intended purposes of Processing, and takes reasonable steps designed to ensure that all Personal Information is reliable for its intended use, accurate, complete and current.
- Access: Citizens may seek confirmation regarding whether TARGET is Processing Personal Information about them, request access to their Personal Information and ask that the Company correct, amend or delete that information, where it is inaccurate or has been processed in violation of the Privacy Shield Principles. Although TARGET makes good faith efforts to provide Citizens with access to their Personal Information, we reserves the right to limit or deny such access where the burden or expense of providing access would be disproportionate to the risks to the Citizen’s privacy, where the rights of Citizens other than the subject Citizen would be violated, where the information is commercially proprietary or where doing so is otherwise consistent with the Privacy Shield Principles. If TARGET determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries.
- Recourse, Enforcement and Liability: TARGET has implemented mechanisms to verify its ongoing compliance with the Privacy Shield Principles and this Statement.
Limitation on Scope
Adherence to these GDPR and Privacy Shield Principles may be limited (i) to the extent required or allowed by applicable law, rule or regulation; (ii) to the extent necessary to respond to lawful requests by public authorities, including to meet national security, law enforcement, legal or governmental requirements; and/or (iii) to protect the health or safety of a Citizen.
If you have any concerns or questions about this Privacy Statement, and the privacy practices set forth herein, including your dealings with this Web Site, please contact us directly as follows:
TARGET PharmsSolutions, Inc.
2520 Meridian Parkway, Ste 105
Durham, NC 27713
Phone: (984) 234-0268
Attention: Allison Chandler, Director, Legal Affairs