TRiNDS recognizes the importance of protecting privacy. As a contract research organization (CRO) TRiNDS provides solutions to pharmaceutical and biotechnology industries as well as academic investigators/groups for their neuromuscular and rare disease clinical study needs and works with multiple companies and organizations to support their conduct of clinical research.
This policy explains in general terms how we seek to comply with data privacy laws and regulations, including but not limited to national laws implementing the European Union (“EU”) Data Protection Regulation (GDPR) 2016/679 (“Regulation”), the Health Insurance Portability and Accountability Act (HIPAA) and state security breach laws in the United States, data protection legislation adopted by increasing numbers of other jurisdictions globally, and the privacy and confidentiality requirements of International Council on Harmonisation (ICH) Good Clinical Practice (GCP).
Information We Collect – Purposes of Processing
Research Studies-Related Information
TRiNDS collects personal information on clinical investigators, customer personnel suppliers as well as pseudonymized medical health and genetic information about the individuals who take part in clinical trials conducted by our clients, the study sponsors. Research participants are only identified by a code. Only study doctors and authorized personnel, may access named study participant records at the study site where the data is originally collected. Personal information collected in the course of a clinical trial or project may be used in order to:
This may include the transfer of such Personal Information to the applicable study sponsor, its corporate affiliates, health care professionals, business partners and third-party service providers performing services related to the study.
TRiNDS assumes that sponsors (as “Data Controllers”) have taken appropriate technical and organizational measures to comply with the GDPR and other privacy regulations.
Human Resources-Related Data
TRiNDS collects and processes personal information to carry out human resources related activities and functions including, but not limited to personnel recruitment and onboarding, administration of personnel, compensation, payroll management, and management of personnel performance. The information processed may include information such as job title, education information, professional qualifications, work experience, publications and scientific activities, professional networks, and programs or activities in which staff may have participated in. In the course of an application, TRiNDS may process further information, such as government issued identification number, tax status, bank account details, details of any known disability/workplace accessibility needs, background information, travel and expenses, performance management, emergency contact details, compensation, hours of work, holidays and benefits related information.
TRiNDS will keep this information confidential and in compliance with TRiNDS standard business operations.
Web Visitors-Related Data
TRiNDS collects and stores personal information that is provided on a voluntary basis, either when using TRiNDS website or when completing an online request and/or registration forms for contact follow-up. For contact follow-up, we may collect the following personal information: full name, e-mail address, and information from the inquiry. Visitors are responsible for providing accurate and complete information.
Through the use of cookie-based technologies, TRiNDS may collect various data linked to virtual identities allocated to visitors when they access our website.
Personal Data While Connected with Social Media Through Our Website
Certain TRiNDS website areas may link with social media platforms using social media plug-ins (e.g., Facebook, Twitter, Instagram, LinkedIn [collectively, “Social Media”]). When accessing our services through a Social Media account, TRiNDS may (depending on the applicable user privacy settings) automatically have access to information provided to or through the Social Media platform. TRiNDS may use this information for the purposes of providing information regarding its main areas of services solutions and further to focus on social awareness on neuromuscular and rare diseases.
If we intend to use your information for marketing purposes, we will inform you respectively. You have the right to object to personal information being used for the purposes of direct marketing and sending scientific information and newsletters. You can exercise the right at any time by contacting us as set out below.
Legal Basis of Processing
TRiNDS will process personal information by relying on one or more of the following conditions:
In this case TRiNDS will provide information to respective person(s) in a clear and plain language about how information will be used and disclosed; what choices are available in relation to how data are handled; what informational rights exist under data privacy laws or under this Policy and who to contact with any questions or complaints. These privacy notices may refer to specific situations of data collection.
TRiNDS will use and disclose personal information without consent where required by law and judicial order or:
TRiNDS does not undertake decisions based solely on automated processing, including profiling, of individuals, unless we explicitly inform you otherwise.
Transfers to Third Parties
To facilitate the purposes of clinical research and other study-related services personal data may be shared with third parties to whom TRiNDS has chosen to outsource work. Companies – third parties, working as vendors of TRiNDS are required to sign “processor” and/or confidentiality agreements whereby they will commit to only process personal information consistent with contracted purposes and to apply appropriate organizational and technical security safeguards. In certain circumstances, TRiNDS may remain responsible and liable if such third parties process the personal data in a manner inconsistent with the Data Privacy Laws and Regulations.
TRiNDS’ headquarters are in the United States. Personal information may be accessible to TRiNDS’ headquarters in the United States as well as to selected vendors and partners, established in the EU or globally. Any personal data supplied to TRiNDS when using our online platform are processed in accordance with national and European data protection laws and regulations including the GDPR when we interact and process personal information of individuals located in the EU.
We do pass on personal data to third parties or contractors who are not based in Switzerland nor an EU/EEA country. In this case, before passing on the data, we ensure that sufficient safeguards are in place to ensure that there is an adequate level of data protection in the recipient’s country.
TRiNDS will implement reasonable and appropriate legal as well as technical and organizational security measures to ensure the security of the processing and will also execute, where necessary, adequate data transfer mechanisms, in the form of standard contractual clauses, for any cross-border data transfers from Switzerland to controller or processors established in EU and third countries, as adopted and approved by the European Commission, or by the competent supervisory authorities, with the aim to achieve an adequate level of data protection of the personal information of those individuals.
TRiNDS retains personal information for no longer than is necessary for the processing purpose(s) for which the information was collected and any other permitted associated purposes. Information may be retained for a longer duration where applicable laws or regulations require or allow TRiNDS to do so. Personal information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed.
Under the laws in certain countries where TRiNDS operates individuals have certain rights with respect to the personal information collected themselves, including but not limited to the right of access and correction, to withdraw consent at any time, the right to object to data processing, the right to data deletion, the right to restrict aspects of data processing, and to request transmission of personal data to themselves or another organization. Exercise of the above-mentioned rights is subject, in certain cases, to specific conditions as is for example where it is necessary to safeguard the public interest and/or our own legitimate interests.
TRiNDS will, upon request, provide an individual confirmation on whether TRiNDS is processing personal information about them, consistent with applicable law. In addition, upon request TRiNDS may take reasonable steps to correct, amend, or delete personal information that is found to be inaccurate, incomplete, or processed in a manner not-compliant with this policy or applicable law, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy, where the rights of persons other than the individual would be violated or where by doing so is otherwise consistent with applicable law. Unless prohibited by applicable law, TRiNDS reserves the right to charge a reasonable fee to cover the costs for providing copies of personal information requested. TRiNDS, when acting as a CRO for a client sponsor, does not have a direct relationship with research participants in a clinical study and any such individuals who seek access, or who seek to correct, amend, or delete the personal information should direct their query to the relevant study sponsor and/or site where they were consented.
If an individual exercises any of these rights, TRiNDS may request to confirm their identity and in any case shall respond within a calendar month from receipt of such a request, unless there are valid grounds for extending the response periods, essentially due to the need to confirm the individual’s identity, to request additional information or to ask them to specify or limit the request, in case the request is too general or too complex to be handled within the initial deadline.
TRiNDS may not be able to comply with a request where personal information has been destroyed, erased, or made anonymous in accordance with applicable laws and regulations as well as with TRiNDS record retention obligations and practices. If TRiNDS cannot satisfy a request regarding an individual’s personal information, TRiNDS will endeavor to provide an explanation, subject to any legal or regulatory restrictions
TRiNDS will undertake reasonable efforts to investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy.
If an individual is not satisfied with how TRiNDS processes personal information or how TRiNDS has handled a request or complaint, they may contract the TRiNDS Privacy Office.
For EU residents: A list of all EU supervisory authorities, and their individual contact details, is available on the European Data Protection Board website at: https://edpb.europa.eu/about-edpb/board/members_en.
For Swiss residents: In Switzerland the competent data protection authority is the (FDPIC) Federal Data Protection and Information Commissioner [https://www.edoeb.admin.ch/edoeb/en/home.html], which can be contacted at the following contact details: Office of the Federal Data Protection and Information Commissioner FDPIC, Feldeggweg 1, CH – 3003 Berne, Telefon: +41 (0)58 462 43 95 , Telefax: +41 (0)58 465 99 96.
How to Contact Us
This Policy may be reviewed and amended from time to time, without advance notice, to ensure that an appropriate level of protection for personal information is maintained. All amendments will be posted on this website. Please check back periodically for updates to this Policy.