(a) how we may use, store, and transfer the personal data you provide to us when using our Site; and
(b) how you can exercise any rights you have pursuant to privacy laws.
This page was last updated on 27 April 2020.
Who We Are
For the purposes of the Data Protection Act 2018 (“DPA”) and the General Data Protection Regulation 2016/679 (“GDPR”) the data controller is Perspectum Ltd, a company incorporated and registered in the United Kingdom under number 08219473, our registered office address is Gemini One, John Smith Drive, Oxford Business Park South, OX4 2LL, England.
Personal Data We Collect
We will use the personal data you provide to us by contacting us by telephone or email to assess your eligibility for our COVERSCAN study.
The personal data we use may include your name, email address, telephone number, and such other details you provide. If you provide us with personal data relating to another person, you agree that you have obtained their consent to the disclosure, and to our use of it in accordance with this Policy.
We will keep your details to correspond with you for the purposes of your enrolment in the COVERSCAN study. Once you have enrolled your will be provided with a Participant Information Leaflet which will explain how your information will be used thereafter.
If you no longer want us to correspond with you or the purpose of communication has been met, we will delete your personal data, unless we need to retain it for legal purposes.
The lawful basis of our use of your Personal Data is our legitimate interests in communicating with you to address your correspondence, pursuant to Article 6(1)(f) of the GDPR.
Our Use of Personal Data
We shall use your personal data to correspond with you.
Sharing Your Personal Data
We may share your personal data with service providers as necessary for us to correspond with you. Our service providers may include:
· Our hosting service providers in relation to the Site, who may in the course of hosting come into possession of technical information regarding your visit to and use of the Site – they will not be able to identify you;
· Microsoft, Inc., who provide us with their cloud-based Microsoft 365 service as well at their cloud-based Dynamics customer relationship management (CRM) service. Microsoft will host our emails as well as various of our internal documents on its servers, and their CRM service is used by us to keep track of our correspondence and contact with our clients and commercial prospects.
· Ciwit B.V, trading as Castor, who provide us with an electronic data capture solution for the storage of participant contact details.
Each service provider may provide your personal data to their service providers who provide necessary support functions (for instance, the third parties who host their servers). However, such disclosure will only be for the purpose of providing the relevant services.
We may also disclose your personal information:
· to any prospective acquirer of all or part of our business or assets (in which case our accumulated data, including your personal data, may be comprised in our business or assets);
· if we are under a duty to disclose or share your personal data to comply with any legal obligation or to protect our rights, property, and safety or those of our customers or others.
Otherwise, we will not provide your personal data to any third parties. We do not provide your personal data to third parties for marketing purposes.
We may also collect, retain and use certain technical information regarding your visit to the Site. This may include the Internet Protocol (IP) address from which you visit the Site (which we will never combine with your contact details) and other non-identifying information regarding your usage of the Site (including browsing on the Site, selecting links, your chosen browser, and your internet service provider).
Where Your Personal Data Is Stored
Your personal data may be transferred to and stored outside the European Economic Area (EEA) and processed by individuals outside the EEA by our service providers, or sub-contractors. We will only transfer information outside of the EEA to locations in the United Kingdom and USA and such transfers are subject to the European Commission’s standard contractual clauses and appropriate technical and organisational measures to ensure the security of your personal data.
Although we do our best to ensure the security of personal data provided to us (and to use only reputable service providers), any transmission of data via the Internet is by its nature insecure and we cannot guarantee the security of any personal data you provide to us. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access or disclosure.
Under the DPA and GDPR you have rights, which include:
· the right to be informed about the collection and use of your personal data;
· the right to rectify personal data we hold about you;
· the right to restrict personal data we hold about you;
· the right to access personal data held by us about you;
· the right to ask us to stop processing your personal data; and
· the right to raise concerns with us.
If you wish to exercise your rights or have any questions about this Policy please contact firstname.lastname@example.org and title your correspondence ‘Privacy Rights’. You may also address concerns to the data protection regulator, the Information Commissioner’s Office, and find more information about your rights on its website.