Sponsoren af de kliniske test/deres udpegede tredjepart har bedt Illingworth Research Group Limited muliggøre din kliniske test (Klinisk Test) hvad angår rejse, overnatning og/eller udgifter i forbindelse med den Kliniske Test. For at kunne gøre det, skal vi indsamle, gemme og dele dine persondata, hvilket gør os til “databehandler”. Dette betyder, at vi opbevarer og bruger persondata om dig.

Denne politik beskriver, hvordan vi indsamler og bruger persondata om dig ved organisering af rejse, indkvartering og udgiftsgodtgørelse (også kendt som PatientGO) i overensstemmelse med dataforordningen (GDPR) samt lovgivningen om databeskyttelse. Denne politik gælder kun for deltagere, der anvender Tjenesten. De persondata, som vi modtager, når du bruger appen, er separate og uafhængige fra den data, der kommer fra den Kliniske Test, som angivet i dit samtykkedokument med sponsoren af den Kliniske Test/deres udpegede tredjepart.

Du bedes læse følgende grundigt igennem for at forstå vores fremgangsmåder angående dine persondata samt hvordan vi anvender dem i forbindelse med Appen og din brug af Tjenesten.

Samtykke til installation af Appen

Ifølge databeskyttelseslovgivningen, er det påkrævet, at vi giver dig visse oplysninger om, hvem vi er, hvordan vi behandler dine persondata og til hvilket formål såvel som dine rettigheder i forbindelse med dine persondata.

Ved at installere Appen angiver du dit samtykke til vores behandling af dine persondata og Særlige kategoridata (såsom dit navn, kontaktoplysninger, pasoplysninger, økonomiske og medicinske oplysninger for eksempel) som beskrevet i denne politik.

Hvordan du kan trække samtykke tilbage

Du kan til enhver tid skifte mening og trække samtykke tilbage ved at kontakte os PatientGO@illingworthresearch.com. Det vil dog ikke påvirke lovligheden af nogen behandling, der udføres, før du trækker dit samtykke tilbage. Bemærk, at tilbagetrækning af dit samtykke kan have indflydelse på vores evne til at udføre alle anmodninger, du har foretaget i
Appen, f.eks. udgiftsgodtgørelse.

Introduktion

Denne politik (sammen med vores licensaftale for slutbrugere, der findes på https://illingworthresearch.com/patientgo-terms-danish (EULA) og enhver anden brugsbetingelse indbefattet som reference i EULA sammen med vores Brugsbetingelser) gælder for brugen af:

• Softwaren til PatientGOs app til mobiltelefoner Version 1 (Appen), der er tilgængelig på både Google Play og Apple Store. Når du har downloadet eller streamet en kopi af Appen på din mobiltelefon eller håndholdte enhed (Enhed).
• PatientGO-tjenesten, der er tilgængelig gennem Appen, (Tjenester) er tilgængelig på App-webstedet eller andre af vores websteder (Tjenestewebsteder). Denne politik fastlægger det grundlag, hvorpå alle persondata (inklusive Særlige kategoridata), som vi indsamler fra dig eller som du giver os, vil blive behandlet af os.
• Appen har ikke til formål, at blive brugt af et barn (et “Barn” er enhver person under 18 år). I tilfælde af at deltageren i den Kliniske Test er et barn, som ønsker at bruge Appen og Tjenesterne, stilles Appen og Tjenesterne til rådighed for en person med forældremyndighed over det pågældende barn som bruger Appen. Du bedes læse følgende grundigt igennem for at forstå vores fremgangsmåder angående dine persondata (herunder data for Særlig Kategori) og hvordan vi behandler dem.

Illingworth Research Group Limited (referred to as "Illingworth", "we", "us" or "our" in this policy) is the data controller and is responsible for your personal data.

If you have any questions about this Privacy Policy, please contact us using the information below.

Contact

Our aggregate information is:

• Full name of legal entity: Illingworth Research Group Limited
• E-mailadresse: PatientGO@illingworthresearch.com
• Postal address: 1 Pinehurst Road, Farnborough GU14 7BF

You have the right to lodge a complaint at any time with the Information Commissioner's Office (ICO), which is the UK supervisory authority for data protection matters, or other competent supervisory authority in an EU member state, if the app is downloaded from outside the UK.

Changes to the Privacy Policy and Your Duty to Inform Us of Changes

We regularly evaluate our Privacy Policy. This version was last updated on June 23, 2020.

We reserve the right to update our Privacy Policy at any time and without prior notice. We encourage you to check the Privacy Policy periodically in case of changes.

It is important that the personal data and data for the Special Category we hold about you are accurate and current. Please inform us of any changes during our cooperation with you.

Vi kan indsamle, bruge, gemme og overføre forskellige slags persondata om dig, bl.a følgende:

• Identitetsdata.
• Kontaktdata.
• Økonomiske data.
• Transaktionsdata.
• Enhedsdata.
• Indholdsdata.
• Profildata.
• Anvendelsesdata.
• Særlig Kategori-data.

Særlig Kategori-data

Vi indsamler Særlig Kategori af Persondata om dig (dette kan omfatte oplysninger om din race eller etnicitet, religiøse eller filosofiske overbevisninger samt information om dit helbred). Vi indsamler udelukkende Særlig Kategori-data, når det specifikt er påkrævet for at imødekomme alle anmodninger, du fremsætter i Appen, såsom rejse- eller indkvarteringsarrangementer.

We collect and process the following data about you:

• Information you give us. This is information (including Identity, Contact and Financial Data) you agree to provide to us about you by filling in forms on the App Website and the Services Websites (collectively, Our Websites), or by corresponding to us (for example, via email or chat). This includes information that you provide when you register to use the App website, download or register an App, subscribe to our Service, search for an App or Service, and when you use the App to handle travel and accommodation requests, reimburse expenses, report a problem with the App, our Services or one of Our websites. If you contact us, we will keep a record of that correspondence.
• Information we collect about you and your device. Each time you visit one of Our Websites or use one of our Apps, we automatically collect personal data, including data about Device, Content and Usage. We collect this data using cookies and other similar technologies.
• Information we receive from other sources, such as third parties and publicly available sources. We receive personal data about you from various third parties as described below:
• Identity and Contact Data from test sponsors or their designated third parties that are either based in OR outside the EU.

Cookies

We use cookies and/or other tracking technologies to distinguish between you and other users of the App, App Site, distribution platform (Appstore) or Service Sites and to remember your preferences. This helps us to provide you with a good experience when you use the App or browse any of our Websites and also allows us to improve the App and Our Websites. For more information about the cookies we use, the purpose they serve and how you can exercise your choices regarding our use of your cookies, please email PatientGO@illingworthresearch.com.

We only use your personal data within the limits of the law. Generally, we use your personal data in the following circumstances:

• Where you have given consent prior to the processing.
• Where we need to perform a contract that we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests, and that elementary rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.

Purposes for which we use your personal data and Special Category data

Når du samtykker til at give os dine persondata samt data til den Særlige Kategori, beder vi dig også om samtykke til at dele dine persondata med tredjeparter, som beskrevet nedenfor med de formål, der er beskrevet i tabellen:

• Interne Tredjeparter som beskrevet i Ordforklaringen.
• Eksterne Tredjeparter som beskrevet i Ordforklaringen.
• Tredjeparter, som vi vælger at sælge, overføre eller fusionere dele af vores forretning eller vores aktiver til. Alternativt forsøger vi eventuelt at opkøbe andre forretninger eller fusionere med dem. Hvis der sker en ændring i vores forretning, kan de nye ejere benytte dine persondata samt data for Særlig Kategori på samme måde som beskrevet i denne Fortrolighedspolitik.

Many of our external third parties are based outside the EEA, so their processing of your personal data will involve a transfer of data outside the EEA.

When we transfer your personal data outside the EEA, we ensure that a similar level of protection applies by ensuring that one of the following safeguards is in place:

• We will only transfer your personal data to countries that have been assessed as having an adequate level of protection regarding personal data by the European Commission. For more information, please refer to the European Commission: Adequate protection of personal data in countries outside the EU.
• Where we use certain service providers, we may use contracts approved by the European Commission that provide personal data with the same protection as in Europe. For further information, please refer to the European Commission: Model contracts for the transfer of personal data to third countries.
• Where we use providers based in the United States, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protections for personal data shared between Europe and the United States. For more information, please refer to the European Commission: EU-US Privacy Shield.

Please contact us if you would like further information regarding the specific mechanism we use to transfer your personal data outside the EEA.

Alle de oplysninger, du giver os, gemmes på vores sikre servere. Oplysninger, der gemmes “i dvaletilstand” på vores sikre servere, er beskyttede vha. industristandardiseret datakryptering. Der, hvor vi har givet dig (eller der hvor du har valgt) en adgangskode, der giver adgang til visse dele af Vores websteder, er du ansvarlig for at opbevare adgangskoden fortroligt. Vi beder dig om ikke at dele adgangskoden med andre.

Når vi har modtaget dine oplysninger, følger vi strenge procedurer og sikkerhedsforanstaltninger for at forebygge, at dine persondata bliver tabt, misbrugt eller gjort tilgængelig på en uautoriseret måde. Data, der overføres mellem dig som Bruger (Slutbruger) og Illingworth, som del af Tjenesten, beskyttes vha. industristandardiserede krypteringsmetoder. Data, der gemmes på vores servere, er beskyttet vha. kryptering i hviletilstand og topmoderne firewalls for at forebygge uautoriseret adgang.

Ingen personlige, identificerbare data gemmes på Slutbrugerens enhed. To krypterede poletter gemmes på Slutbrugerens enhed for at gøre det lettere at logge på.

Vi har oprettet procedurer, der skal håndtere alle mistænkelige brud på persondata, og vi giver dig og enhver gældende tilsynsmyndighed besked herom, når loven kræver det.

Det er påkrævet af loven, at vi gemmer grundlæggende oplysninger om dig (herunder data angående Kontakt, Identitet, Økonomi og Transaktion) i syv år efter, at du har fuldført den Kliniske Test pga. finansielle revisionsformål.

Under visse omstændigheder kan du bede os slette dine data: se Dine juridiske rettigheder nedenfor for nærmere information.

Under visse omstændigheder vil vi gøre dine persondata anonyme (så de ikke længere kan associeres med dig) af hensyn til forsknings- eller statistikformål, så vi kan bruge denne information på ubestemt tid uden at give dig yderligere besked herom.

In certain circumstances, you have the following rights under data protection law in relation to your personal data.

• Request access to your personal data (commonly known as a "data subject access request")
• Request correction of your personal data that we hold about you
• Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that causes you to object to processing on that ground, as you feel it impacts on your fundamental rights and freedoms
• Request restriction of processing of your personal data
• Request deletion of your personal data
• Request the transfer of your personal data to you or to a third party
• Withdraw consent at any time where we rely on permission to process your personal data

You can exercise any of these rights at any time by contacting us at 1 Pinehurst Road, Farnborough GU14 7BF OR PatientGO@illingworthresearch.com

Legal basis

Consent means the processing of your personal data where you have indicated your consent by a statement or a clear opt-in to processing for a specific purpose. Consent will only be valid if it is given unforced, specific, qualified and by an unambiguous indication of what you want. You can withdraw your consent at any time by contacting us.

EEA stands for European Economic Area.

Legitimate interest means the interest of our business in the performance and management of our business so that we can provide you with the best service/product and the best and most secure user experience. We make sure that we consider and balance any potential impact on you (both positive and negative) and your rights before processing your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (except where we have obtained your consent or are required or permitted by law). For more information about how we assess our legitimate interests in relation to potential impacts on you in relation to specific activities, please contact us.

Performance of Contract means the processing of your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into such a contract.

Comply with a legal obligation means the processing of your personal data where it is necessary for compliance with a legal obligation to which we are subject.

Third parties

Internal third parties

Other companies in the Illingworth Group acting as joint controllers or processors based in Spain, France, Italy, Australia and the United States provide IT and administrative system services and provide management reporting.

External third parties

Service providers who act as processors and provide IT and administrative system services.

Professional advisors who act as processors or controllers of shared data, such as lawyers, bankers, accountants, and insurers, who provide services in the areas of consulting, banking, legal aid, insurance, and auditing.

Service providers who act as processors and who provide travel, accommodation and transportation to you as part of the Services.

HM Revenue and Customs, regulators and other authorities acting as processors or joint controllers based in the UK who require reporting of processing activities in certain circumstances.

legal-rights

Your legal rights

You have the right to:

• Request access to your personal data (commonly known as a "data subject access request"). This allows you to obtain a copy of your personal data that we hold about you and to check that we are lawfully processing it.
• Request correction of your personal data that we hold about you. This allows you to have any incomplete or inaccurate data that we hold on you corrected, although we may need to verify the accuracy of the new data you provide to us.
• Request deletion of your personal data. This allows you to ask us to delete or remove personal data in cases where there are no good reasons for us to continue processing it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised the right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data in accordance with local law. Please note, however, that we are not always able to comply with your request for deletion for specific legal reasons, which you will be notified of at the time of your request, if applicable.
•  Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that leads you to object to processing on that ground, as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds for processing your information, which overrides your rights and freedoms.
• Request restriction of processing of your personal data. This allows you to ask us to suspend the processing of your personal data in the following cases:
  • if you want us to clarify the accuracy of the data;
  • where our use of data is unlawful but you do not want us to delete it;
  • where you need us to retain data despite no longer claiming it, using it to prove legal claims; or
  • you have objected to our use of your data, but where we need to check whether we have overridden legitimate grounds for using it.
• Request the transfer of your personal data to you or to a third party. We will provide you or a third party you have chosen with your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you have initially consented to us using or where we used the information to perform a contract with you.
• Withdraw consent at any time where we are relying on permission to process your personal data. However, this will not affect the lawful processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will notify you if this is the case when you withdraw your consent.

• Identity Data: first name, last name, birth name, username or similar data name, marital status, title, date of birth, gender, passport information including number, name, country of issue and expiry date.
• Contact data: home address, email address, phone numbers and emergency call information.
• Financial data: bank account and payment card information.
• Transaction Data: includes information regarding payments made to you and information about requests in the App.
• Device Data: includes the type of mobile phone you use, a unique device identifier (e.g. your device's EMEI number, MAC address of your device's wireless network card, or mobile phone phone number used by your device), mobile phone network information, your mobile phone's operating system, the type of browser you use on your mobile phone, and time zone settings information.
• Content Data: includes information stored on your device such as photos, videos, or other digital content;
• Profile Data: includes your username and password, in-App request history, your preferences and feedback.
• Usage Data: includes information about your use of any of Our Apps or your visits to any of Our Websites including, but not limited to, traffic data and other communication data, whether required for our own billing purposes or otherwise, and the resources you access.

Special Category data

This will include any information you provide to us that is specifically related to a request you make in the App (such as a request for transportation or accommodation), and may include information about your race or ethnicity, religious or philosophical beliefs, and information about your health.