PRIVACY POLICY

Pharmaspectra Privacy Policy
Effective January 1, 2016.

EU-U.S. Privacy Shield
Pharmaspectra complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Pharmaspctra has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/



SCOPE
This Policy applies to all personal information received by Pharmaspectra, LLC in the United States from the EEA in any format, including electronic, paper or verbal. Pharmaspectra respects individual privacy and values the confidence of its customers, employees, business partners and others. Pharmaspectra does not collect, use and disclose personal information. Pharmaspectra does not use any third party agencies to collect personal information. All information collected by Pharmaspectra comes from credible public sources available in public domain on the internet. Not only does Pharmaspectra comply with the laws of the countries in which it does business, but it also has a tradition of upholding the highest ethical standards in its business practices.

DEFINITIONS
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, Pharmaspectra or to which Pharmaspectra discloses personal information for use on Pharmaspectra’s behalf.
“Pharmaspectra” means its successors, subsidiaries, divisions and groups in the United States.
“Personal information” means any information or set of information that identifies or could be used by or on behalf of Pharmaspectra to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.
“Sensitive personal information” means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, views or activities, that concerns health or sex life, information about social security benefits, or information on criminal or administrative proceedings and sanctions other than in the context of pending proceedings. In addition, Pharmaspectra will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.

PRIVACY PRINCIPLES
The privacy principles in this Policy have been developed based on the Privacy Shield Principles.

  1. Pharmaspectra does not collect private information
  2. Pharmaspectra does not intentionally collect information from under 13’s
  3. Pharmaspectra does not conduct any internet financial transactions
  4. Any Private information that is collected unintentionally is deleted from Pharmaspectra’s databases as soon as such information is discovered through internal data audit.
  5. Any user information collected by Pharmaspectra will remain in Pharmaspectra’s database

NOTICE: In case Pharmaspectra were to collect personal information directly from individuals in the EEA, it will inform them about the purposes for which it collects and uses personal information about them, the types of non–agent third parties to which Pharmaspectra discloses that information, the choices and means, if any, Pharmaspectra offers individuals for limiting the use and disclosure of personal information about them, and how to contact Pharmaspectra. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Pharmaspectra, or as soon as practicable thereafter, and in any event before Pharmaspectra uses or discloses the information for a purpose other than that for which it was originally collected.

Where Pharmaspectra receives personal information from its subsidiaries, affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.

CHOICE: Pharmaspectra will offer individuals the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For sensitive personal information, Pharmaspectra will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Pharmaspectra will provide individuals with reasonable mechanisms to exercise their choices.

DATA INTEGRITY: Pharmaspectra will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Pharmaspectra will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.

TRANSFERS TO AGENTS: In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Pharmaspectra, LLC remains liable

Pharmaspectra will obtain assurances from its agents that they will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Privacy Shield Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Privacy Shield certification by the agent, or being subject to another European Commission or Swiss FDPIC adequacy finding (e.g., companies located in Canada). Where Pharmaspectra has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Pharmaspectra will take reasonable steps to prevent or stop the use or disclosure

ACCESS AND CORRECTION: Upon request, Pharmaspectra will grant individuals reasonable access to personal information that it holds about them. In addition, Pharmaspectra will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.

SECURITY: Pharmaspectra will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Pharmaspectra does not use cookies, only authorized users who have secure username and password are allowed to view the data.

ENFORCEMENT: Pharmaspectra will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Pharmaspectra determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.  Pharmaspectra is compliant to the investigatory and enforcement powers of the Federal Trade Commission (FTC)

DISPUTE RESOLUTION: Any questions or concerns regarding the use or disclosure of personal information should be directed to the Pharmaspectra Privacy Office at the address given below. Pharmaspectra will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information by reference to the principles contained in this Policy. For complaints that cannot be resolved between Pharmaspectra and the complainant, Pharmaspectra has agreed to participate in the following dispute resolution procedures in the investigation and resolution of complaints to resolve disputes pursuant to the Privacy
Shield Principles:

  1. for disputes involving all personal information received by Pharmaspectra from Switzerland, Pharmaspectra has agreed and to cooperate with the Swiss FDPIC;
  2.  for disputes involving employment-related personal information received by Pharmaspectra from the EEA, Pharmaspectra has agreed to cooperate with the data protection authorities in the EEA and to participate in the dispute resolution procedures of the panel established by the European data protection authorities;
  3. for disputes involving all other personal information received by Pharmaspectra from the EEA, Pharmaspectra has agreed to eTRUST dispute resolution. Individuals who submit a question or concern to Pharmaspectra and who do not receive acknowledgment from Pharmaspectra of the inquiry or who think their question or concern has not been satisfactorily addressed should then contact the eTRUST Privacy Shield Dispute Resolution Program on the Internet, by mail or by fax. Inquiries by mail or fax should identify Pharmaspectra as the company to which a concern or question has been submitted, and include a description of the privacy concern, the name of the individual submitting the inquiry, and whether eTRUST may share the details of the inquiry with Pharmaspectra. eTRUST will act as a liaison to Pharmaspectra to resolve these disputes.
  4. Fax: 1-212-725-5993
  5. Mail: Pharmaspectra LLC, 1359 Broadway, Suite 600 New York, NY 10018
  6. https://www.privacytrust.com/cert/397514.html
  7. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, you can also submit your complaint to Privacy Trust, an independent third party. Visit https://www.privacytrust.com/drs/pharmaspectra to file a complaint.
  8. Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

LIMITATION ON APPLICATION OF PRINCIPLES
Adherence by Pharmaspectra to these Privacy Shield Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

CONTACT INFORMATION
Questions or comments regarding this Policy should be submitted to the Pharmaspectra Corporate Office by mail as follows:

Pharmaspectra, LLC
1359 Broadway, Suite 600
New York, NY 10018

Attn: Data Privacy Officer/Privacy Shield

CHANGES TO THIS PRIVACY SHIELD PRIVACY POLICY
This Policy may be amended from time to time, consistent with the requirements of the Privacy Shield Principles. A notice will be posted on the Pharmaspectra web page (www.pharmaspectra.com) for 60 days whenever this Privacy Shield Privacy Policy is changed in a material way.

PRIVACY POLICY

This Policy explains how Pharmaspectra collects, holds, uses and discloses Personal Information, including Personal Information.

Pharmaspectra PRIVACY POLICY (THE “POLICY”):
SCOPE: This Policy applies to all Personal Information of Individuals, either in electronic or paper format, received by Pharmaspectra, including Personal Information of Company Personnel, healthcare professionals, clinical investigators, and users.
DEFINITIONS: For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that uses Personal Information provided to it by Pharmaspectra to perform tasks on behalf of and/or under the instructions of Pharmaspectra or to which Pharmaspectra discloses Personal Information for use on its behalf.
“European Economic Area” (EEA) means for the purposes of this Policy all countries within the European Union (EU) and Iceland, Liechtenstein, Norway.
“Individual” means any natural person.
“Personal Information” means any information or set of information about an identified or identifiable individual, including, but not limited to: (a) first name or initial and last name; (b) home or other physical address; (c) telephone number; (d) email address or online identifier associated with the individual; (e) Social Security number or other similar identifier; or (f) any other information relating to an individual that is combined with any of the above. The term “Personal Information” does not include non-identified information or information that is reported in the aggregate (provided that such aggregated information is not identifiable to a natural person).
“Personnel” includes, but is not limited to, any employee (permanent or temporary), director, officer, contractor, worker, temporary worker, job applicant, retiree of Pharmaspectra and any and all of their respective dependents.
“Pharmaspectra” means any entity that directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common control with Pharmaspectra, LLC. For purposes of this definition, “control” means the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of such entity, whether through the ownership of voting securities, by contract or otherwise.
“Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, genetic data, biometric data where processed to uniquely identify a person, any information that concerns medical or health conditions or sex life, or information relating to the commission of a criminal offense.
NOTICE
Where Pharmaspectra collects Personal Information directly from Individuals, it will explain the purposes for which it collects and uses Personal Information about the Individuals, the types of third parties to which Pharmaspectra discloses that information, and the choices and means, if any, Pharmaspectra offers Individuals options for limiting the use and disclosure of Personal Information about them. This explanation will be provided as soon as practicable and, in any event, before Pharmaspectra discloses the Personal Information or uses such information for a purpose materially different than that for which it was originally collected or processed.

Types of Personal Information collected, Purposes of Collection and Uses of Personal Information:
Research Studies-Related Information clinical investigators or other study personnel, and other consultants, contractors, managers, and agents (who are natural persons) of the study sponsor and its corporate affiliates, business partners and third-party service providers. Such data is collected for creating analytical reports.
Human Resources-Related Information. For Individuals who are Personnel, we will process Personal Information to carry out and support our human resources functions and activities, including but not limited to, employment opportunities, Personnel recruitment and onboarding, administration of Personnel participation in benefits, compensation and human resources plans and programs, management of Personnel performance, and implementation, investigation and reporting on compliance and discipline procedures and matters. Pharmaspectra may provide Personal Information to Agents to support Pharmaspectra in performance of these human resources-related activities.
Customers and Program Participant Information. For Individuals sharing Personal Information with Pharmaspectra in order to inquire about or otherwise make use of our services or purchase, receive or seek information, including about any health care products and services, opportunities to participate in clinical research, we will use such Personal Information in order to provide the requested information, products, and/or services. Such uses may include processing requested transactions, improving the quality of our services, sending communications about the products and services available through Pharmaspectra, and enabling our business partners and Agents to perform certain activities on our behalf.
Pharmaspectra may also use the Personal Information collected above to comply with our legal and regulatory obligations, policies and procedures, and for internal administrative purposes.

CHOICE
Pharmaspectra may offer Individuals the opportunity to choose whether their Personal Information is (a) to be disclosed to a third party, or (b) to be used for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by the Individual.
Pharmaspectra will not process Sensitive Personal Information about Individuals for purposes other than those for which the information was originally obtained or subsequently authorized by the Individual unless the Individual explicitly consents to the processing (“opt-in”), or as required or permitted, or where not prohibited by law or regulation.
In some cases, even if an Individual opts-out of disclosures of their Personal Information, Pharmaspectra may still disclose such Personal Information (i) if required to do so by law, (ii) if disclosure is required to be made to law enforcement authorities, or (iii) if we believe disclosure is necessary or appropriate to prevent physical harm to an individual or financial loss or in connection with an investigation of suspected or actual illegal activity. Pharmaspectra also may transfer Personal Information when a material event concerning its business operation(s), assets or shares, such as purchase, disposal, merger, joint venture or acquisition, is proposed or occurs. In such an event, Pharmaspectra will endeavor to direct the transferee to use Personal Information in a manner that is consistent with this Policy. Pharmaspectra will provide Individuals with reasonable mechanisms to exercise their choices to the extent required by applicable law.

ACCOUNTABILITY FOR ONWARD TRANSFER
In the performance of our services and business operations, Personal Information we collect or receive may be stored or transferred internationally throughout our worldwide organization and to our service providers or agents, including for hosting our databases or provision of data processing services, in accordance with applicable data privacy laws. Transfers to third parties are covered by the provisions in this Policy regarding notice and choice.
Pharmaspectra may also share an Individual’s Personal Information with Agents in connection with services that these individuals or entities perform for, or with Pharmaspectra. Pharmaspectra may, for example, provide an Individual’s Personal Information to Agents for hosting our databases, for data processing services, or to send to that Individual the information that he or she requested.
SECURITY
Pharmaspectra will employ reasonable and appropriate technical, administrative and physical safeguards designed to protect Personal Information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Information Pharmaspectra is processing. We have a privacy incident response program designed to promptly respond to and escalate all privacy-related questions, complaints, concerns, including any potential privacy or security incident.
DATA INTEGRITY AND PURPOSE LIMITATION
Pharmaspectra endeavors to use Personal Information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the Individual. Pharmaspectra will take reasonable steps designed to ensure that only Personal Information that is relevant to its intended use, accurate, complete, current, and otherwise reliable in relation to the purposes for which the information was obtained is used by Pharmaspectra for as long as Pharmaspectra retains possession of such information. Pharmaspectra’s Personnel have a responsibility to assist Pharmaspectra in maintaining accurate, complete and current Personal Information.
ACCESS/CORRECTION
Under laws in certain countries in which we operate, individuals have a right to access Personal Information about themselves, and to amend, correct or delete Personal Information that is inaccurate, incomplete or outdated. Pharmaspectra will, on request, provide an Individual with confirmation regarding whether Pharmaspectra is processing Personal Information about them, consistent with applicable law. In addition, upon request of an Individual, Pharmaspectra may take reasonable steps to correct, amend, or delete their Personal Information that is found to be inaccurate, incomplete or processed in a manner non-compliant with this Policy or applicable law, except where the burden or expense of providing access would be disproportionate to the risks to that Individual’s privacy, where the rights of persons other than the Individual would be violated or where doing so is otherwise consistent with applicable law. Unless prohibited by applicable law, Pharmaspectra reserves the right to charge a reasonable fee to cover costs for providing copies of Personal Information requested by Individuals.
RECOURSE, ENFORCEMENT AND LIABILITY
Pharmaspectra encourages Individuals covered by this Policy to raise questions about the processing of Personal Information about them by contacting Pharmaspectra through the contact information provided below. Any Personnel that Pharmaspectra determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment, where applicable.
Any questions or concerns regarding the use or disclosure of Personal Information should also be directed to Pharmaspectra through the contact information given below. Pharmaspectra will undertake reasonable efforts to investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the principles contained in this Policy.
CONTACT INFORMATION: Questions, comments, concerns or complaints regarding this Policy or Pharmaspectra processing of Personal Information should be submitted to Pharmaspectra by emailing us at info@pharmaspectra.com

RESERVATION OF RIGHTS: Pharmaspectra reserves the right to share an Individual’s Personal Information and contracts with Agents as required or authorized by law or regulation or in response to duly authorized information requests of government authorities.
CHANGES TO THE PRIVACY POLICY: This Policy may be reviewed and amended from time to time, without advance notice, to ensure that an appropriate level of protection for Personal Information is maintained. All amendments will be posted on this website. Please check back periodically for updates to this Policy.
Pharmaspectra ADDITIONAL PRIVACY POLICY EFFECTIVE DATE: May 24, 2018

ONLINE PRIVACY POLICY

To protect your privacy, we provide this notice explaining our website data collection practices.

Online Privacy Policy
At Pharmaspectra, we are strongly committed to protecting your privacy. You can navigate the majority of our Website without giving us any personal information about yourself. However, sometimes we need additional information about you in order to provide the information or services you are requesting.
Your privacy is important to us. To protect your privacy, we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used.

What information do we collect about you?
1. We may collect the following types of personally identifiable information through this Website: name, title, contact details including e-mail address, and telephone numbers. We also may collect additional information when you register to access services.
2. On some pages, you may opt to provide us information about yourself for example if you are interested in (a) an employment opportunity at Pharmaspectra; or (b) having Pharmaspectra participate at your event. The information requested from you will be based on your area of interest.
3. On occasion, Pharmaspectra may request that you voluntarily participate in a survey or poll such as feedback on website content or services. Your responses will be anonymous unless you opt in to being contacted by email to provide further information regarding the survey.
4. In order to improve the design and content of our Website and to enable us to better personalize your user experience, we may collect certain technical information about our visitors when you visit our Website pages, such as the IP address or the type of browser you are using, the type of operating system you are using, and the domain name of your Internet service provider.

The way we use your information
We use your information to enable you to receive access to our products and services on-line, obtain information about our products and services and receive updates, participate in surveys or questionnaires posted on our Website, provide you with opportunities to learn about our other products, programs, or services that we believe may be of interest to you, and to enable us to respond to your requests.

Do we share your information?
We do not share personally identifiable information with unrelated third parties who are not covered by this privacy statement without your prior permission, except to the extent reasonably necessary to: (i) correct technical problems and malfunctions; (ii) protect the security and integrity of our Website; (iii) protect our rights, interests and property and the rights, interests and property of others; (iv) comply with laws or to respond to judicial process; or (v) provide information to law enforcement agencies or for an investigation of a matter as applicable, or otherwise as required or permitted by law.

Our commitment to data security
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.

Cookies and log files
There are various ways, including one called “cookies”, which can be used to provide tailored information for you from a website. A cookie is a piece of data or file that a website can send to your browser, which may then store it on your computer system.
Usage of a cookie is in no way linked to any personally identifiable information while on our site. Pharmaspectra uses cookies on our Website in order to:
a) allow site visitors to personalize their experience by accessing information, products, and services relevant to their areas of interest, b) track a user session within our Website, and c) prevent duplication in voting or participation in surveys.
We receive IP addresses in the normal course of the operation of our Website. An IP address is a number assigned to you by your Internet service provider so you can access the Internet. Although we do receive IP addresses, we do not use them to identify you personally or disclose them to others.

Our commitment to children’s privacy
Protecting the privacy of the very young is especially important. For that reason, we do not intend to collect or maintain information at our Website from those we know are under 13 years of age, and no part of our Website is structured to attract anyone under 13.

Data retention
The information you provide to us may be archived or stored periodically by us according to backup processes and will only be retained for as long as is required for the purposes for which it was collected.

Other third-party websites
Our Website may contain links to other third-party websites. You should carefully review the privacy policies and practices of other websites, as we cannot control or be responsible for privacy policies or practices of third-party websites that are not Pharmaspectra’s Websites.
Marketing
We would be pleased to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.

Notification of changes
We keep our Privacy Statement under regular review and we will place any updates on this Web page.

How to contact us
If you wish to access, correct, update or request removal of any of your information you provided to us or if you have any questions regarding this statement or would like more information on our privacy practices, please contact us at: info@pharmaspectra.com

GDPR AT Pharmaspectra

Here you can find information related to the new data protection rules in the European Union (EU) known as the General Data Protection Regulation (GDPR) and the steps we are taking to ensure timely compliance with those rules.

GDPR at Pharmaspectra

For Pharmaspectra, data protection and privacy is critical to our business and a top priority for our organization. Our commitment to handling data meticulously and respecting privacy is core to our customer promise.

As you may be aware, new data protection rules in the European Union (EU) known as the General Data Protection Regulation (GDPR) will be in effect as of May 25, 2018. Focused on data privacy, GDPR is the new EU legal framework for the protection of personal data. It includes several key changes to existing EU data protection law, including data breach notification, accountability and enhanced individual rights. GDPR will affect all organizations and public bodies, wherever located, that handle data of persons in the EU. Over the past few years, we have been preparing for this and are taking steps to ensure timely compliance with those rules.

To ensure a seamless transition, we have mobilized an internal steering committee to assess the impacts on our customer offerings, including determining the necessary changes to our systems, processes and policies needed to comply with GDPR’s requirements. We are confident that our existing practices provide a strong foundation upon which to build our GDPR compliance activities.

For more information, please contact us at: info@pharmaspectra.com

1359 Broadway, Suite 600
New York, NY 10018
Ⓒ Pharmaspectra, LLC 2017. ALL RIGHTS RESERVED