VitalTrax, LLC, d/b/a PatientWing, together with its subsidiaries, affiliates, and related entities (hereinafter referred to as “PatientWing,” “us,” “we,” “our,” or “Company”) have created this Privacy Policy to apply to all users of this website, mobile applications, and all digital assets contained or offered therein (collectively, our “Services”). This Privacy Policy describes, among other things, the types of information we collect from you when you use our Services, how we use it, and how you can access your information. The Company will at times collect, maintain, use, and share your information as is necessary to provide services to you, meet certain business needs and functions, and comply with laws and regulations. This Privacy Policy is integrated into our Terms & Conditions.
If you are based in the European Union (EU), the European Economic Area (“EEA”), which includes all EU countries, or the United Kingdom (UK), this Privacy Policy serves as notice of how we process your Personal Data (defined below) for which we are a Controller (defined below). Please see the Notice to Individuals in the European Economic Area and the UK below for your EU privacy rights, which supplements the Privacy Policy as to users located in the EU, EEA, or UK only. If we require your consent, we will request it formally, in adherence to applicable data protection laws.
By using the Services and providing us with your Information (defined below), you agree to the practices described in this Privacy Policy and Terms and Conditions referenced below and to the updates to these policies posted here from time to time. By using our Services, you consent to these policies. If you have any privacy or data use concerns, please contact us as set out below in the Contact Us section.
I. WHO WE ARE AND WHAT WE DO Clinical trials are a fundamental part of medical research that look at new ways to prevent, detect, or treat disease. Participating in clinical research helps doctors and researchers learn more about disease and improve health care for people in the future. PatientWing provides a platform that connects clinical trial candidates and users to researchers and doctors who are running clinical trials to help discover new treatments for diseases and to advance medicine. This site is a clinical trial site that we provide on behalf of the Clinical Research Sites and sponsors that we work with. While PatientWing connects you with the Clinical Research Sites running clinical trials, we do not host or run any clinical trials ourselves.
II. INFORMATION WE COLLECT ABOUT YOU We may collect the following types of Information, which are described in more detail below: (A) information you provide to us, (B) information we automatically collect, and (C) information we receive from third parties. All of the information listed in (A)–(C) above, is detailed below, and hereinafter referred to as “Information.”
A. Information You Provide to Us: In using our Services, you may provide us with Information, including, without limitation: 1. Your contact information including name, email address, postal address, and telephone number(s); 2. Account information and log in credentials, including unique identifiers such as username and password; 3. Location information; 4. A photograph of you if you provide one; 5. Any affiliation you have with a clinical research organization (CRO), research or pharmaceutical company, including your position, for example study coordinator or investigator; 6. Health information, including any conditions you may have, details of clinical trials you have participated in the past, and Information in medical release forms you authorize us to share; 7. Date of birth, gender, and race; and/or 8. Additional Information as otherwise described to you at the point of collection or pursuant to your consent.
B. Information We May Automatically Collect About You: Our Services may automatically collect certain Information about you. This Information is used by PatientWing for the operation of the Services, to maintain the quality of the Services, and to provide general statistics regarding use of the Services. This Information may include 1. IP address, which is the number associated with the service through which you access the Internet, like your ISP (Internet service provider); 2. Date and time of your visit or use of our Services; 3. Domain server from which you are using our Services; 4. Type of computer, web browsers, search engine used, operating system, or platform you use; 5. Data identifying the web pages you visited prior to and after visiting our website or use of our Services; 6. Your movement and activity within the website, which is aggregated with other information; and/or 7. Mobile device information, including the type of device you use, operating system version, and the device identifier (or “UDID”).
C. Cookies and Other Tracking Technologies We collect this Information directly and through the use of third parties by using certain technologies such as cookies, web beacons, and other technologies. Third-party service providers, advertisers, and/or partners may also view, edit, or set their own cookies or place web beacons to collect similar or identical Information. The use of these technologies by such third parties is subject to their own privacy policies and is not covered by this Privacy Policy, except as required by law.
1. Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. Most web browsers automatically accept cookies. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Services.
2. Flash Cookies. We may use local shared objects, also known as Flash cookies, to store your preferences such as volume control or display content based upon what you view on our site to personalize your visit. Third parties, with whom we partner to provide certain features or to display advertising based upon your browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.
3. Web Beacons. Pages of our website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). We also use these technical methods to analyze the traffic patterns, such as the frequency with which our users visit various parts of the Services. These technical methods may involve the transmission of Information either directly to us or to a third party authorized by us to collect Information on our behalf. Our Services use retargeting pixels from Google, Facebook, and other ad networks. We also use web beacons in HTML emails that we send to determine whether the recipients have opened those emails and/or clicked on links in those emails.
4. Analytics. Analytics are tools we use, such as Google Analytics and Hotjar, to help provide us with information about traffic to our website and use of our Services, which Google may share with other services and websites who use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having your activity on the Services made available to Google Analytics by installing the Google Analytics opt-out browser add-on (https://tools.google.com/dlpage/gaoptout) for your web browser.
You can opt-out of having your activity tracked by Hotjar by following the instructions at https://www.hotjar.com/policies/do-not-track/.
5. Mobile Device Technologies. If you access our Services through a mobile device, we may automatically collect Information about your device, your phone number, and your physical location. You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.
6. Opting Out of Direct Marketing. We, or third-party service providers with whom we collaborate or contract with to perform services on our behalf, may deploy cookies and may use your Information to text, email, or contact or share with you Information that we believe may be useful to you, such as Information about products or services provided by or through us through permissible targeted advertisements or related to our Services. You affirmatively consent to receive these communications. To help exercise choices regarding the marketing Information you receive, you may also review the following links:
You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.
D. Information We May Receive from Third Parties We may collect additional Information about you from third party websites, social media platforms such as, but not limited to, Twitter, Instagram, and Facebook (“Social Media Platforms”), Research Sites, Clinical Research Organizations (“CROs”), and/or sources providing publicly available information (e.g., from the U.S. postal service) to help us provide services to you, help prevent fraud, and for marketing and advertising purposes.
The Information we collect is covered by this Privacy Policy, and the Information the third-party website or Social Media Platform collects is subject to the third-party website or platform’s privacy practices. We encourage you to be aware when you leave our sites or applications and to read the privacy policies of other sites that may collect your Information.
Information we may access about you, with your consent, may include, but is not limited to, your basic Social Media Platform information, your location data, your list of contacts, friends or followers, and certain information about your activities on the Social Media Platform. Please keep in mind that when you provide Information to us on a third-party website or platform (for example, via our applications), the Information you provide may be separately collected by the third-party website or the Social Media Platform.
This Privacy Policy only applies to Information collected by our Services. We are not responsible for the privacy and security practices of those other websites or Social Media Platforms or the Information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, Social Media Platform, and/or content.
III. HOW WE USE YOUR INFORMATION A. Use and Purpose of Processing Your Information We use and process your Information above for things that may include, but are not limited to, the following: 1. To provide the services, including providing our newsletter, content updates and clinical research opportunities we share with you; 2. To respond to your inquiries and provide you with requested Information and other communications, including by email or text message; 3. To verify your identity; 4. To verify your ability to participate in clinical trials we or our partners offer; 5. To contact you about clinical trials in which you are or desire to be enrolled, or clinical trials that we or our partners offer for which you or someone you know may be eligible, through phone call, mail or electronic message, including but not limited to email or text message; 6. For marketing and advertising purposes, including sending you promotional material or special offers on our behalf or on behalf of our marketing partners and/or their respective affiliates and subsidiaries and other third parties, provided that you have not already opted-out of receiving such communications; 7. To manage, improve, and foster relationships with third-party service providers, including vendors, suppliers, and parents, affiliates, subsidiaries, and business partners; 8. To maintain, improve, customize, or administer our Services, perform business analyses, or other internal purposes to improve the quality of our business, the Services, to resolve technical problems, or to improve security or develop other products and services; 9. To comply with our Terms & Conditions; 10. To fulfill contracts we have with you; 11. For analytics for business purposes and business intelligence; 12. To comply with any applicable laws and regulations and respond to lawful requests; and/or 13. For any other purposes disclosed to you at the time we collect your Information;
We may also use Information that has been de-identified and/or aggregated for purposes not otherwise listed above.
B. Sharing Your Information We may share your Information as disclosed at the time you provide your Information, as set forth in the Privacy Policy and in the following circumstances:
1. Third-Party Service Providers.
We may share your Information with third-party service providers or data processors that perform certain functions or services on our behalf (such as to host the Services, provide services, store, or manage the data, perform analyses, process payments, provide customer service, or send communications for us). These third-party service providers will process this data only for purposes specified by us. In some instances, we may aggregate Information we collect so third parties do not have access to your identifiable Information to identify you individually.
2. Clinical Research Sites.
PatientWing helps match users with Clinical Research Sites conducting clinical trials. We may share your Information with the Clinical Research Site to help determine whether you are eligible for a study the Clinical Research Site is conducting, and to help enroll you in their study. While PatientWing connects you with the Clinical Research Site running clinical trials, we do not host or run any trials ourselves. If you choose to provide your Information directly to the Clinical Research Site, their policies will apply to their collection and use of your Information.
3. Healthcare Providers.
When receiving our Services, you may instruct us to submit medical release forms or other information to your healthcare providers to help you participate in a clinical trial. When you authorize us, we will share your medical release form, which may contain your Information, with any healthcare providers you identify. This policy governs how PatientWing uses your Information. We are not responsible for how the healthcare provider uses your Information or the healthcare provider’s privacy and security practices.
4. Disclosure of Customer Information for Legal and Administrative Reasons.
We may disclose your Information without notice: (i) when required by law or to comply with a court order, subpoena, search warrant, or other legal process; (ii) to cooperate or undertake an internal or external investigation or audit; (iii) to comply with legal, regulatory, or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Information); (iv) to protect and defend the rights, property or safety of us, our subsidiaries and affiliates, and any of their officers, directors, employees, attorneys, agents, contractors, and partners, and the website service users; (v) to enforce or apply our Terms & Conditions; and (vi) to verify the identity of the user of our Services.
5. Information Shared with our Subsidiaries and Affiliates. We may share your Information with our subsidiaries and affiliates. “Affiliates” means any entity controlled by, controlling, or under common control with us. Our affiliates will use and distribute your Information in accordance with the terms of this Privacy Policy. If you do not want us to share your Information with our subsidiaries and affiliates, please contact us via the Contact Us section.
6. Business Transfers. Your Information may be transferred, sold, or otherwise conveyed (“Conveyed”) to a third party where we: (i) merge with or are acquired by another business entity; (ii) sell all or substantially all of our assets; (iii) are adjudicated bankrupt; or (iv) are liquidated or otherwise reorganize. You consent to any and all such Conveyances of your Information.
7. Online Communications. If you chose to share comments with us, post a review, participate in a survey, or provide a testimonial, or other Information, you consent and agree that we may make your Information available generally to the public and it will not be returned to you unless we receive such a request in writing from you and determine, in our sole discretion, to honor such request.
8. De-Identified or Aggregated Data. We may share your Information on an aggregated basis for any purpose in which your specific personal Information is blinded, masked, or otherwise not identifiable.
9. With Your Consent. We may share Information consistent with this Privacy Policy with your consent.
We do not sell your Information.
IV. LINKS TO OTHER WEBSITES Our Services may contain links to other websites or services that are not owned or controlled by us, including links to Social Media Platforms, or may redirect you off our Services to other websites for information, other services, to receive special offers, or for transactions or purchases. We are not responsible for the privacy and security practices of those websites or the information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other party’s website or content do not constitute or imply an endorsement or recommendation by us of the linked website and/or content. We also have no control over websites that link to our Services.
V. INFORMATION SECURITY AND DATA RETENTION We use commercially reasonable measures to protect Information we receive from misuse, acquisition, deletion, or unauthorized access or disclosure. We have controls in place designed to secure and safeguard such Information, however, you should assume that no data transmitted over the Internet or stored or maintained by us or our third-party service providers can be 100% secure. Therefore, although we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved, we do not promise or guarantee, and you should not expect, that your Information or private communications will always remain private or secure. We do not guarantee that your Information will not be misused by third parties. We are not responsible for the circumvention of any privacy settings or security features. You agree that we will not have any liability for misuse, access, acquisition, deletion, or disclosure of your Information.
If you believe that your Information has been accessed or acquired by an unauthorized person, you must promptly Contact Us so that necessary measures can quickly be taken.
VI. DATA RETENTION We will retain your Information for as long as needed to provide you with the Services. If you wish to request that we no longer use your Information to provide you with the Services, please contact us at privacy@patientwing.com. We will retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain Information you have submitted to us. We are under no obligation to store such Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Information.
VII. CONSENT By submitting your Information to us, you agree that we may collect, use, and disclose such Information as set forth in this Privacy Policy and as permitted or required by law. If you wish to withdraw consent, please see the Contact Us section below.
VIII. HOW WE WILL CONTACT YOU You agree that we, our affiliates, and/or our third-party service providers with whom we collaborate and contract, may communicate with you via telephone or electronic messages, including email or text message, for example, to send you Information relating to our or our Partners’ products and services for which we are contracted that we think may be of interest to you, communicate with you about upcoming events, relevant clinical trials, information, and other news about services or products offered by us or our partners.
IX. YOUR CHOICES A. Telephone By using our Services, you agree that we may contact you by telephone as set forth herein. If you do not want to receive phone calls, you may Contact Us.
B. Email By using our Services, you agree that we may contact you by email as set forth herein. If you do not want to receive marketing emails from us, you may click on the “unsubscribe” link in the email to unsubscribe and opt-out of marketing email communications or Contact Us.
C. Text Messages By using our Services, you agree to be reached by text message or SMS message. If you no longer want to receive text messages from us, reply STOP (or as otherwise instructed) in the text message or Contact Us.
D. Other By using our services, you agree to be reached through another method of communication deemed relevant or helpful, such as other electronic communications or physical mail. If you do not want to receive Other communications, you may Contact Us.
E. Location Choices You may be able to change the privacy settings of your mobile device at any time to turn off the sharing of this location Information with our Services. If you choose to turn off location services, this could affect certain features of our Services. If you have specific questions about the privacy settings of your device, we suggest you contact the manufacturer of your device or your mobile service provider for help.
F. To Limit Sharing You may have the right, under applicable law, to limit some but not all of the sharing of your Information.
1. Marketing Communications. By using our Services, you agree that we may contact you by email as set forth herein. If you do not want to receive marketing and promotional emails from us, you may click on the “unsubscribe” link in the email to unsubscribe and opt-out of marketing email communications or see the Contact Us section below for more information.
2. Location Choices. You can change the privacy settings of your device at any time to turn off the sharing of location Information with our Services. If you choose to turn off location services, this could affect certain features of our Services. If you have specific questions about the privacy settings of your device, we suggest you contact the manufacturer of your device or your mobile service provider for help.
3. Cookies. If you want to delete any cookies that are already on your computer, please refer to your file management software to locate the file or directory that stores cookies. Other information on deleting or controlling cookies is available at www.allaboutcookies.org. Please note that by deleting cookies or disabling future cookies, you may not be able to access certain areas or features of our Services.
4. Opting Out of Direct Marketing by Third Parties. To exercise choices regarding the marketing Information you receive, you may also review the following links:
• You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices. • You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool available at http://optout.networkadvertising.org/?c=1 or visiting About Ads at http://optout.aboutads.info. • You can opt-out of having your activity on our Services made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: https://tools.google.com/dlpage/gaoptout for your web browser.
X. ACCESSING, CORRECTING OR DELETING YOUR INFORMATION To the extent other state laws provide users with additional data subject rights, those rights may be honored by the Company following proper authentication and verification. Please see the Contact Us section below for more information.
XI. CHILDREN’S INFORMATION
Our Services are intended only for users over the age of thirteen (13). By using our Services, you agree that you are thirteen (13) years or older. If we have actual knowledge that a user is under thirteen (13) (or a higher age threshold where applicable) and has provided us with Information, we will take steps to comply with any applicable legal requirement to remove such Information. Contact us if you believe that we have mistakenly or unintentionally collected Information from a child under the age of thirteen (13).
XII. NOTICE TO INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA AND THE UK
This section applies only to individuals coming to our Services from within the European Union (EU), the European Economic Area (EEA), and the UK, and only if we collect through the Services any Information from you that is considered “Personal Data,” as defined in the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.
Personal Data includes any information relating to an identified or identifiable natural person, who could be identified either directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (which may include some or all your Information as defined in this Privacy Policy).
A. Identity and Contact Details of PatientWing Contact Details: Email: privacy@patientwing.com Call us: 610-589-0515 Write us: VitalTrax, LLC Attn: Data Protection Officer 3675 Market St. PatientWing – Suite 200 Philadelphia, PA 19104
B. Your Data Protection Rights To the extent the GDPR and Data Protection Act 2018 apply, and we hold your Information, you may request that we: • Restrict the way that we process and share your Information; • Transfer your Information to a third party; • Provide you with access to your Information; • Remove your Information if no longer necessary for the purposes collected; • Update your Information so it is correct and not out of date; and/or • Object to our processing of your Information.
You may also revoke your consent for processing of your Information. If you wish to object to the use and processing of your Information or withdraw consent to this Privacy Policy, you can contact us in the following ways: Email: privacy@patientwing.com Call us: 610-589-0515 Write us: VitalTrax, LLC Attn: Data Protection Officer 3675 Market St. PatientWing – Suite 200 Philadelphia, PA 19104
The requests above will be considered and responded to in the time-period stated by applicable law. Note, certain Information may be exempt from such requests. We may require additional Information from you to confirm your identity in responding to such requests.
You have the right to lodge a complaint with the supervisory authorities applicable to you and your situation, although we invite you to contact us with any concern as we would be happy to try and resolve it directly. Please contact us at: Email: privacy@patientwing.com Call us: 610-589-0515 Write us: VitalTrax, LLC Attn: Data Protection Officer 3675 Market St. PatientWing – Suite 200 Philadelphia, PA 19104
C. Lawful Basis for Processing Your Information The lawful basis for our processing of your Personal Data will depend on the purposes of the processing. For most Personal Data processing activities covered by this Privacy Policy, the lawful basis is that the processing is necessary for our legitimate business interests. Where we process Personal Data in relation to a contract, or a potential contract, with you, the lawful basis is that the processing is necessary for the performance of our contract with you or to take steps at your request prior to entering into a contract. If we are required to share Personal Data with law enforcement agencies or other governmental bodies, we do so on the basis that we are under a legal obligation to do so. We will also use consent as the legal basis where we deem appropriate or to the extent required by applicable law, for example, before we collect precise location data from your mobile device.
Depending on what Personal Data we collect from you and how we collect it, we may also rely on various grounds for processing your Personal Data, including the following reasons:
• Processing on the basis of legitimate business interests. When we process Personal Data on the basis that the processing is necessary for our legitimate business interests, such interests include: (i) providing, improving, and promoting our Services, apps, and products and services; (ii) communicating with current and potential customers, other business partners, and their individual points of contact; (iii) managing our relationships with our customers and other business partners, and their individual points of contact; (iv) other business development purposes; (v) sharing information within the Company, as well as with service providers and other third parties; and (vi) maintaining the safety and security of our products, services and employees, including fraud protection.
• Processing on the basis of performance of a contract. Examples of situations in which we process Personal Data as necessary for performance of a contract include fulfilling our contractual obligations to provide you with the Services.
• Processing on the basis of consent. Examples of processing activities for which we may use consent as its legal basis include: (i) collecting and processing precise location information from your mobile device; and (ii) processing Personal Data on Services through cookies and similar technologies when consent is required by applicable law.
• Processing because we are under a legal obligation to do so. Examples of situations in which we must processes Personal Data to comply with our legal obligations include: (i) providing your Personal Data to law enforcement agencies and other governmental bodies when required by applicable laws; (ii) retaining business records required to be retained by applicable laws; and (iii) complying with court orders or other legal process.
If the processing of your Information is based on your consent, the GDPR and Data Protection Act 2018 also allows users the right to access, revoke or modify your consent at any time. Please see the CONTACT US section below to review or modify your consents.
D. Consent to Transfer We are operated in the United States, and we may use service providers based in the United States to operate our business and our relationship with you. Please be aware that Information, including your Personal Data, that we collect will be transferred to, stored, and processed in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen. We maintain measures to address the transfer of your Personal Data between our group companies and between us and our third-party providers in accordance with applicable data protection laws and regulations.
E. Retention We will retain your Information for as long as needed for the purposes described in this Privacy Policy. More specifically, the time we maintain your Information depends on the following factors:
• Whether we need the Information to provide the Services. We will maintain any data needed to provide you with the Services for as long as needed for us to provide you with the Services, respond to your questions and requests, and/or administer your account (if applicable).
• Whether we need the Information to comply with our legal obligations. We may have legal obligations to maintain your Information where a legal or regulatory body may ask for it in the future, for example in response to a data subject request or complaint. This information may include contact information and location information.
• Whether we need the Information for a legitimate business interest: We may store Information like contact information, cookies, and location information in order to perform analytics, troubleshoot errors, or improve our Services. In any event, we delete the Information when it is no longer needed for our legitimate interest.
Regardless of our reason for retaining your information, we delete all Information in accordance with our routine record keeping policies.
XIII. CHANGES TO THIS PRIVACY POLICY We reserve the right to change, modify, or amend this Privacy Policy at any time to reflect changes in our products and service offerings, accommodate new technologies, regulatory requirements, or other purposes. If we modify our Privacy Policy, we will update the “Effective Date” and such changes will be effective upon posting. It is your obligation to check our current Privacy Policy for any changes.
XIV. CONTACT US If you have any questions about this Privacy Policy or the Information, we have collected about you, please contact us at the following: Email: privacy@patientwing.com Call us: 610-589-0515 Write us: VitalTrax, LLC Attn: Data Protection Officer 3675 Market St. PatientWing – Suite 200 Philadelphia, PA 19104