Effective 13 June 2014
“Non-personally identifiable information” is information that any single item of which, by itself, cannot be used to identify or contact You, such as demographic information (for example, age, profession, gender, current location and other geolocation information, zip code, birth date, or year of birth), Internet Protocol (IP) addresses, browser types, information relating to Your device, domain names, and other statistical data involving the use of the Service. Certain non-personally identifiable information may be considered a part of Your personally identifiable information if it is combined with other identifiers (for example, combining Your zip code with Your street address) in a way that enables You to be identified. But the same pieces of information are considered non-personally identifiable information when they are taken alone. With respect to location information, please note that We may use satellite, Wi-Fi, or other network-based location data, such as Your IP address. Use of assisted positioning methods may involve exchanging Your location data wireless network identifiers along with Your unique device or network service provider identifiers with a location server. Your device may connect to other service providers’ servers, which are not controlled and operated by BBK.
“Personally identifiable information” is any information that could be used to identify, contact, or locate the person to whom it relates (such as name, residence, telephone number, e-mail address, user names and passwords; Your consents, preferences and self-identifying feedback, certain information relating to Your device; or any other identifying information). Such personally identifiable information may be combined, directly or indirectly, with any health information about that person, including but not limited to, health information that BBK may receive from sources other than such person.
“Personal information” is information relating to an identified or identifiable natural person
“We, Us, Our” means BBK Worldwide, LLC and TCN Technologies, LLC.
SUMMARY OF POLICY: Except as provided herein or as authorized by You, Your personally identifiable information may be disclosed by Us only to the company sponsoring a research project, individuals and administrators involved in managing various aspects of the project, and regulatory and government entities. We use appropriate security measures to protect any personally identifiable information We transmit or store. BBK is certified to the Safe Harbor frameworks, as promulgated by the United States Department of Commerce to comply, respectively, with the European Union and Swiss privacy protection requirements (the “Safe Harbors”). BBK adheres to the U.S.-EU and U.S.-Swiss Safe Harbor Privacy Principles. To learn more about the Safe Harbors, please visit www.export.gov/safeharbor.
HOW INFORMATION IS COLLECTED
Submission by You and Third Parties We will collect personally identifiable and other information from You if You voluntarily submit the information to Us through any mechanism (including online and offline channels), such as when You register for an account, provide responses to questionnaires, or submit inquiries to Us. In addition, We may receive personally identifiable and other information about You from third parties.
Log Files We also may collect non-personally identifiable information through our Internet log files, which record data such as user IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Service. This information may be used to analyze trends, to administer the Service, to monitor the use of the Service, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing Your experience on the Service and evaluating the Service in general.
ACCESSING, REVIEWING, AND CHANGING YOUR PROFILE: Following registration, You can review and change the information that You submitted during the registration process. If You change Your password and e-mail address, We will retain a record of Your previous password(s) and e-mail address(es). You can also change Your information such as: name, address, city, state, ZIP/postal code, country, phone number, and e-mail. Upon Your notification that You wish to opt out of The BIO Notifier®, We will remove Your Profile from our active databases as soon as reasonably possible in accordance with Our policy and applicable law. We will retain in Our files information that You have requested be removed from Our active databases for certain purposes, such as to resolve disputes, troubleshoot problems, and enforce our Terms and Conditions. Further, such prior information may never be completely removed from Our databases due to technical and legal constraints, including stored “back up” systems. Therefore, You should not expect that all of Your personally identifiable information will be completely removed from our databases in response to any request that You may submit.
CONTROL OF YOUR PASSWORD: You are responsible for all actions taken with Your login information and password. Therefore, we do not recommend that You disclose Your BIO Notifier password or login information to any third party. If You choose to share this information with any third party, You are responsible for all actions taken with Your login information and password. If Your password has been compromised in any way, You should immediately change Your password.
DATA INTEGRITY: Except as otherwise stated in this Policy or as authorized by You, We use Your personal information in a way that is compatible with and relevant for the purpose for which it was collected. To the extent necessary for these purposes, We take reasonable steps to ensure that personal information is accurate, complete, current, and reliable for its intended use.
OPT-OUT CHOICES: If You no longer wish to have Your personal information disclosed to third parties, You may choose to “opt-out” by notifying Us to that effect. To do so, send an e-mail to email@example.com. Please be aware that Your personal information may have been disclosed to third parties prior to Our receipt of Your notification. Also, BBK will provide You with notice before using Your personal information for a purpose other than that for which it was originally collected or subsequently authorized by You, and You may choose to “opt-out” of such use by following the directions provided in the notice. However, even after any “opt-out” or removal of Your personal information, We reserve the right to disclose Your personal information to a third party when We believe in good faith that We are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process.
SENSITIVE INFORMATION: If We collect information from You specifying medical or health conditions; racial or ethnic origin; political opinions; religious, ideological, or philosophical beliefs; trade union membership; information on social security measures or administrative or criminal proceedings or sanctions (which are treated outside pending proceedings); or information with respect to personal sexuality (collectively, “Sensitive Information”), We will not (a) disclose such Sensitive Information to a third party or (b) use such Sensitive Information for a purpose other than those for which it was originally collected or subsequently authorized by You without obtaining Your affirmative “opt-in” (unless We believe in good faith that We are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process).
INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE: We are committed to protecting the privacy of children. The Service is not designed for or directed to children under the age of 13, and We do not collect personally identifiable information from any person We actually know is under the age of 13.
THIRD PARTIES GENERALLY: We may provide to third parties non-personally identifiable information, including where such information is combined with similar information of other users of the Service. For example, We might inform third parties regarding the number of unique users who use the Service, the demographic breakdown of Our users of the Service, or the products and/or services purchased using the Service and the vendors of such products and services. We may also provide to third parties personally identifiable information. For example, We might share our users’ responses to questionnaires, preferences, and e-mail addresses with third parties in order for third parties to assess a user’s qualification to participate in a research project. The third parties to which We may provide personally identifiable and non-personally identifiable information may include potential or actual advertisers, providers of advertising products or services (including vendors and website tracking services), merchants, affiliates, and other actual or potential commercial partners, sponsors, licensees, researchers, and other similar parties.
DATA SECURITY: Whenever We store or transmit personally identifiable information, We use a number of security procedures to prevent unauthorized access or disclosure. Our Service has security measures in place intended to protect the loss, misuse, and alteration of the information under Our control. We take reasonable steps to safeguard personal information We collect from unauthorized access or disclosure and accidental loss, misuse, alteration, or destruction. Notwithstanding the above commitments, be aware that there is always some risk involved in transmitting information over the Internet. There is also some risk that others could find a way to thwart Our security systems. As a result, while We strive to protect Your information, We cannot ensure or warrant the security or privacy of any information You transmit to Us, and You do so at Your own risk.
In connection with any research projects that We support, We use a web-based communication and database tool called TrialCentralNetSM, which serves as the repository for data collected in conjunction with the research project, including any personally identifiable information We receive. Any personally identifiable information transmitted to or from TrialCentralNet is encrypted using a 256-bit web server certificate designed to prevent unauthorized entry or interception. TrialCentralNet uses distinct user access levels so that access to information associated with the research project is limited and appropriate for the needs of different users including BBK staff, research sponsors, associated personnel, and You. In addition, TrialCentralNet access requires a unique username and password for every user to prevent unauthorized access. Sessions are also time-limited in order to reduce the risk of unauthorized access if a user forgets to log out. The TrialCentralNet database and codebase are staged on servers in a secure, limited-access building, allowing Us to completely control the operating environment and physical security of information stored within TrialCentralNet. This also helps Us implement immediate recovery procedures, if necessary.
DO NOT TRACK: The term “Do Not Track” refers to an HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to Do Not Track requests.
HIPAA COMPLIANCE: The Health Insurance Portability and Accountability Act (HIPAA) is the United States federal law that controls the use and disclosure of personally identifiable health information by health insurers and healthcare providers, called “covered entities” under the statute. We are not a covered entity under the statute, and HIPAA does not apply to the personally identifiable information that a person interested in participating in a research project has voluntarily provided to a call center or website We set up.
COMPLIANCE WITH INTERNATIONAL REQUIREMENTS: BBK is certified to the Safe Harbor frameworks, as promulgated by the United States Department of Commerce to comply, respectively, with the European Union and Swiss privacy protection requirements (the “Safe Harbors”). BBK adheres to the U.S.-EU and U.S.-Swiss Safe Harbor Privacy Principles. To learn more about the Safe Harbors, please visit www.export.gov/safeharbor.
BUSINESS TRANSITION: If We experience a business transition that affects the way personally identifiable information is treated in any material way, such changes will be included in an updated version of this Policy posted in the same locations as the previous version of this Policy. We encourage You to check such locations periodically for any changes.
ACCESSING OR CHANGING PERSONAL INFORMATION: Anyone wishing to review or change or correct (or delete, if inaccurate) his or her own personal information should contact Our privacy officer at BBK Worldwide, LLC, 117 Kendrick Street, Suite 600, Needham, MA 02494, +1 (617) 630-4477, firstname.lastname@example.org by mail, telephone, or e-mail. Notwithstanding the foregoing, We may be prevented by law from deleting an individual’s personal information if such information has been relied upon for purposes of completing clinical study research.
ENFORCEMENT, OTHER INQUIRIES, COMMENTS, OR COMPLAINTS: BBK uses the self-assessment method to verify the attestations and assertions made herein and to ensure that its privacy practices have been implemented as presented herein. If You have a question, concern, or complaint about Our handling of Your personal information, or if You believe Our response to an inquiry has not been satisfactory, please contact Our privacy officer at the address above. Our privacy officer will investigate and try to resolve in a timely manner any concern or complaint about Our use or disclosure of Your personal information in accordance with the principles contained in this Policy, including correcting any personal information, using personal information consistent with the U.S.-EU and U.S.-Swiss Safe Harbor Privacy Principles, reversing or correcting the effects of noncompliance, and assuring that future processing of personal information will be in conformity with this Policy, including the U.S.-EU and U.S.-Swiss Safe Harbor Privacy Principles. For any concern or complaint that cannot be resolved in this way, We have registered with and agreed to cooperate with the American Arbitration Association to resolve any disputes relating to this Policy. The American Arbitration Association can be contacted at www.adr.org or +1 (800) 778-7879.
Copyright © by BBK Worldwide, LLC. All rights reserved.