Home » PatientGO Privacy Policy – Turkish

PatientGO Privacy Policy – Turkish

PatientGO - Gizlilik politikası

Illingworth Research Group Limited has been asked by the clinical trial sponsor/appointee third party to facilitate your clinical trial (Clinical Trial) travel, accommodation and/or expenses for the Clinical Trial. To do this, we need to collect, store and share your personal information and act as a "data processor". This means that we have and use personal data about you.

This policy sets out how we collect and use personal information about you for the purpose of facilitating the travel, accommodation and expense reimbursement Service (also known as PatientGO) in accordance with the General Data Protection Regulation (GDPR) and data protection legislation. This policy applies only to participants who will use the Service. The personal data provided to us during your use of the Application is within the knowledge of the Clinical Study sponsor/their designated third party and is separate and independent from the Clinical Trial data as stated in your consent documents.

Please read the following carefully to understand our practices regarding your personal data, how we will use it within the scope of the App, and your use of the Service.

It happens for the installation of the application

Under data protection laws, we are required to provide you with certain information about who we are, how and for what purpose we process your personal data, and your rights in relation to your personal data.

By installing the App, you consent to our processing of your personal and Special Categories of data (e.g., name, contact details, passport details, financial and medical information) as set out in this policy.

How to withdraw your consent

You can change your mind and withdraw your consent at any time by contacting us at PatientGO@illingworthresearch.com; However, this will not affect the lawfulness of any processing that was carried out before you withdrew your consent. Please note that if you withdraw your consent, it may affect your ability to fulfil any requests you have made in the App, such as reimbursements.

Entrance

This policy (together with our end user license agreement (EULA) set forth in https://illingworthresearch.com/patientgo-terms) and any additional terms of use incorporated by reference into the EULA (collectively, our Terms of Use) apply to your use of:

  • PatientGO Version 1 mobile application software (App) available on both Google Play and Apple Store. When you download or use a copy of the App on your mobile phone or mobile device (the Device).
  • The PatientGO service, accessible through the App, available on the App Site or other sites owned by us (Service Sites) (the (Services). This policy sets out the basis on which we will process the personal data (including Special Categories of data) that we collect from you or that you provide to us.
  • This App is not intended for use by children (anyone under the age of 18 is considered a "Child"), and in the event that the Clinical Trial participant is a Child who wishes to use the App and Service, the App and Services are provided only on the condition that the person fulfilling the responsibility of being the Child's parent is the User of the App. Please read the following carefully to understand our practices in relation to your personal data (including Special Categories of Data) and how we will process it.

Important information and who we are

Illingworth Research Group Limited is the controller and is responsible for your personal data (collectively referred to as "Illingworth", "we", "us" or "our" in this policy).

If you have any questions about this privacy policy, please contact us using the details set out below.

Contact Information

All our information is as follows:

  • Full name of legal entity: Illingworth Research Group Limited
  • E-posta adresi: PatientGO@illingworthresearch.com
  • Postal address: 1 Pinehurst Road, Farnborough GU14 7BF

You have the right to lodge a complaint at any time with the Information Commissioner's Office (ICO), the UK supervisory authority, for data protection issues or, if the App has been downloaded outside the UK, with another competent supervisory authority of an EU member state.

Changes to the privacy policy and your duty to notify us of the changes

We review our privacy policy regularly. This version was last updated on June 23, 2020.

We reserve the right to update this Privacy Policy at any time and without prior notice. We advise you to check the Privacy Policy regularly for any changes.

It is important that the personal and Special Quality data we hold about you is accurate and up-to-date. Please let us know if there are any changes during the time we are involved with you.

Data we collect about you

We may collect, use, store and transfer different types of personal data about you, such as:

  • Identity Data.
  • Contact Data.
  • Financial Data.
  • Transaction Data.
  • Device Data.
  • Content Data.
  • Profile Data.
  • Usage Data.
  • Special Categories of Data.

Special Categories of data

We collect Special Categories of Personal Data about you (which may include your race or ethnicity, religious or philosophical beliefs, and information about your health). We collect Special Categories of Data only when it is specifically necessary to fulfill any request you make using the App, such as travel or accommodation arrangements.

How is your personal data collected?

We collect and process the following data about you:

  • Information you give us. This is information (including Identity, Contact Data, and Financial Data) that you agree to provide to us about you by filling in forms on the App Site and Service Sites (collectively, our Sites) or by contacting us (for example, via email or chat). This includes information you provide when you register to use the App Site, download or register the App, subscribe to our Service, search for an App or Service, and use the App to facilitate travel and lodging requests, reimburse expenses, report a problem with the App, our Services, or one of our Sites. When you contact us, we keep a record of the relevant correspondence.
  • Information we collect about you and your device. Each time you visit one of our Sites or use one of our Apps, we automatically collect personal data, such as Device, Content, and Usage Data. We collect this data through the use of cookies and other similar technologies.
  • Information we receive from other sources, such as third parties and publicly available sources. We receive personal data about you from various third parties, as set out below:
  • Identity and Contact Data obtained from the work sponsor or their appointed third party, which may be located in the EU OR outside the EU.

Cookies

We use cookies and/or other tracking technologies to distinguish you from other users of the App, App Site, distribution platform (App Store) or Service Sites and to remember your preferences. This helps us to provide you with a good experience when you use the App or browse one of our Sites, and also allows us to improve the App and our Sites. For detailed information about the cookies we use, what we use them for and how you can manage your preferences regarding our use of cookies, send an email to PatientGO@illingworthresearch.com.

Kişisel ve Özel Nitelikli verilerinizi nasıl kullanırız

Kişisel verilerinizi yalnızca yasaların izin verdiği durumlarda kullanırız. Kişisel verilerinizi en yaygın olarak aşağıdaki durumlarda kullanırız:

  • İşlemeden önce bize olur verdiğiniz durumlarda.
  • Sizinle imzalamak üzere veya imzalamış olduğumuz bir sözleşmeyi yerine getirmemiz gereken durumlarda.
  • Meşru çıkarlarımız (veya üçüncü tarafın çıkarları) için gerekli olan ve sizin çıkarlarınızın ve temel haklarınızın bu çıkarlarla çakışmadığı durumlarda.
  • Yasal veya düzenleyici bir yükümlülük ile uygunluk sağlanması gereken durumlarda.

Kişisel ve Özel Nitelikli verilerinizi kullanacağımız amaçlar

Amaç/işlem Veri türleri İşleme için yasal dayanak
Installation of the App and registration as a new App user Identity
Contact
Financial
Device		 Your
consent A contract has been concluded with you It is
necessary for our legitimate interests (reimbursement of your costs)
Provision of the Services, including processing in-app requests and managing travel/accommodation requests and fulfilling refund requests. Identity
, Contact,
Financial
Transaction
, Device, Location

, Special Quality data

 Your
consent A contract has been concluded with you It is
necessary for our legitimate interests (reimbursement of your costs)
Managing the relationship between us, including notifying you about the App or any Services Identity
Contact
Financial
Profile		 Your

consent is required for our legitimate interests (keeping records up to date and analysing how customers use our Services)
Necessary for compliance with legal obligations (being notified of changes to our terms and conditions)
Managing and protecting our business and this Application, including troubleshooting, data analysis, and system testing Identity
Communication
Device		 Necessary for our legitimate interests (running our business, providing administration and IT services, network security)

Disclosure of your personal data

When you give us your consent to provide your Personal and Special Categories of Data to us, we will also ask for your consent to share your personal data with the following third parties for the purposes set out in the table below:

  • Internal Third Parties as specified in the Glossary section.
  • External Third Parties as specified in the Glossary.
  • Third parties with whom we may choose to sell, transfer, or merge parts of our business or assets. Alternatively, we may wish to acquire or merge with other businesses. If there is a change in our business, the new owners may use your personal and Special Subject Data as set out in this privacy policy.

International transfers

Most of our external third parties are located outside the EEA; therefore, the processing of your personal data may involve a transfer of data outside the EEA.

When we transfer your personal data outside of the EEA, we ensure that a similar level of security is maintained by ensuring that at least one of the following safeguards is in place:

  • We will only transfer your personal data to countries that have been deemed by the European Commission to provide an adequate level of protection for the protection of personal data. For more information, see: European Commission: Adequacy for the protection of personal data in countries outside the EU.
  • Where we use certain service providers, we may make use of certain contracts approved by the European Commission that provide the same level of protection for personal data as in Europe. For more information, see: European Commission: Model contracts for the transfer of personal data to third countries.
  • Where we use providers located in the U.S., we transfer data to those parties if they are covered by the Privacy Shield, which requires them to provide a similar level of protection for personal data shared between Europe and the U.S. For more information, see: European Commission: EU-US Privacy Shield.

If you would like to know more about the specific mechanisms we use when transferring your personal data outside of the EEA, please contact us.

Data security

All information you provide to us is stored on our secure servers. Information stored in a "rest" state on our secure servers is protected using industry-standard data encryption. Where we have given you (or you have chosen) a password that allows you to access certain parts of our Sites, you are responsible for keeping that password confidential. We ask that you do not share your password with anyone.

Once we have received your information, we will use strict procedures and security measures to try to prevent accidental loss, unauthorised use of, or access to your personal data. Data transmitted between you as a user (End User) and Illingworth as part of the Service is protected using industry-standard encryption methods. Data stored on our servers is protected using encryption at rest and the latest firewalls to prevent unauthorized access.

No personally identifiable data is stored on the End User's device. Two encrypted tokens are stored on the End User's device to facilitate sign-in.

We have established procedures to deal with any suspected personal data breach situation; We will notify you and all relevant regulatory parties where we are legally required to do so.

Data retention

We are required by law to retain basic information about you (including Contact, Identity, Transaction Data, and Financial Data) for financial audit purposes for seven years after completing the Clinical Trial.

In some cases, you can ask us to delete your data: see Your legal rights below for more information.

In some cases, we will anonymize your personal data for research or statistical purposes (so that the data can no longer be associated with you); therefore, we may use this information indefinitely without further notice to you.

Your legal rights

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data.

  • Request access to your personal data (commonly known as a "data subject access request")
  • Request correction of the personal data we have about you
  • Request deletion of your personal data
  • Object to the processing of your personal data when we are pursuing legitimate interests (or the legitimate interests of a third party) and in your case you would like to object to the processing because you feel it affects your fundamental rights and freedoms
  • Want to limit the processing of your personal data
  • Request that your personal data be transferred to you or to a third party
  • Withdraw your consent at any time where we need to obtain consent to process your personal data

You may exercise any of these rights at any time by contacting us at 1 Pinehurst Road, Farnborough GU14 7BF OR PatientGO@illingworthresearch.com

Glossary

Legal basis

Consent means the processing of your personal data where you confirm your acceptance by a declaration or where you choose to give your consent for a specific purpose. Consent is only valid if it is freely given, specific, informed, and your request is unambiguously clear. You can withdraw your consent at any time by contacting us.

EEA stands for European Economic Area.

Legitimate Interest means our business's interest in conducting and managing our business so that we can provide you with the best service/product and the best and safest experience. Before we process your personal data for our legitimate interests, we consider and balance any potential effects (positive and negative) on you and your rights. Where our interests outweigh the impact on you, we will not use your personal data for processing (unless you have given your consent or are otherwise required or permitted by law). You can find out more about how we consider our legitimate interests in the potential impact you may experience in relation to certain transactions by contacting us.

Performance of Contract means the processing of your data in order to carry out processing where it is necessary for the performance of the contract to which you are a party or at your request prior to becoming a party to such a contract.

Compliance with a legal obligation means the processing of your personal data where it is necessary to comply with a legal obligation to which we are subject.

Third parties

Internal third parties

Other companies of the Illingworth Group that serve as joint controllers or processors and are located in Spain, France, Italy, Australia and the United States, providing IT and systems administration services and providing leadership reporting.

External third parties

Service providers that provide IT and system administration services, serve as processors.

Specialist advisors who provide consultancy, banking, insurance, accounting services and legal services, acting as processors or joint controllers, such as lawyers, bankers, auditors and insurers.

Service providers who provide travel, accommodation and transportation services to you as part of the Services and act as processors.

The UK Revenue and Customs, regulatory authorities and other competent authorities acting as processors or joint controllers located in the UK, which require the reporting of processing operations in certain circumstances.

Your legal rights

You have the right to:

  • Request access to your personal data (commonly known as a "data subject access request"). With this right, you can obtain a copy of the personal data we have about you and check whether we are lawfully processing it.
  • Request correction of the personal data we have about you. With this right, you can enable us to correct any incomplete or inaccurate data we have about you; However, we may need to verify the accuracy of the new data you provide to us.
  • Request deletion of your personal data. With this right, you can ask us to delete or remove personal data that does not make sense for us to continue processing. Where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we need to delete your personal data for compliance with local law, you also have the right to ask us to delete or remove your personal data. However, we may not always be able to comply with your deletion request for specific legal reasons; Where applicable, these reasons will be communicated to you when your request is received.
  • Object to the processing of your personal data when we are pursuing legitimate interests (or the legitimate interests of a third party) and in your case you would like to object to the processing because you feel it affects your fundamental rights and freedoms. In some cases, we may demonstrate that we have legitimate reasons for processing your information that override your rights and freedoms.
  • Kişisel verilerinizin işlenmesini sınırlandırmak isteme. Bu hak ile aşağıdaki senaryolarda kişisel verilerinizin işlenmesini askıya almamızı isteyebilirsiniz:

(a)         verilerin doğruluğunu kanıtlamamızı istediğinizde;

(b)         verileri yasaya uygun olmayan bir şekilde kullandığımızda ancak siz verileri silmemizi istemediğinizde;

(c)          yasal hak talebinde bulunmak, yasal haklarınızı kullanmak veya savunmak için tarafımızca artık ihtiyaç duyulmadığı halde verileri tutmamızı istediğinizde veya

(d)         verilerinizi kullanmamıza itiraz ettiğiniz ancak bizim bu verileri kullanmak için üstün gelen meşru nedenlerimiz olup olmadığını doğrulamamız gereken durumlarda.

  • Kişisel verilerinizin size veya bir üçüncü tarafa aktarılmasını isteme. Kişisel verilerinizi size veya seçmiş olduğunuz bir üçüncü tarafa yapılandırılmış, yaygın olarak kullanılan ve makinede okunabilir bir biçimde sağlarız. Bu hakkın yalnızca başlangıçta bize kullanmamız için olur sağladığınız otomatik bilgiler için ve bilgileri sizinle olan sözleşmemizi yerine getirmek için kullandığımız durumlarda geçerli olduğunu unutmayın.
  • Kişisel verilerinizi işlemek için olur almamız gereken durumlarda dilediğiniz zaman olurunuzu geri çekme. Ancak bu durum, siz olurunuzu geri çekmeden önce gerçekleştirilmiş olan herhangi bir işlemin yasallığını etkilemeyecektir. Olurunuzu geri çekerseniz, size belirli ürünleri veya hizmetleri sağlayamayabiliriz. Olurunuzu geri çektiğinizde böyle bir bu durum söz konusu olursa sizi bilgilendireceğiz.

Kişisel veri kategorilerinin açıklaması

  • Kimlik Verileri: Ad, soyad, kızlık soyadı, kullanıcı adı veya benzer bir tanımlayıcı, medeni hal, unvan, doğum tarihi, cinsiyet; numarası, adı, düzenlendiği ülke ve son geçerlilik tarihi dahil olmak üzere pasaport bilgileri.
  • İletişim Verileri: Ev adresi, e-posta adresi, telefon numaraları ve acil durumda iletişime geçilecek ilgi kişinin bilgileri.
  • Finansal Veriler: Banka hesabı bilgileri ve ödeme kartı bilgileri.
  • İşlem Verileri: Size yapılan ödemeler ve Uygulama içi istekler hakkında ayrıntılı bilgiler içerir.
  • Cihaz Verileri: Kullandığınız mobil cihaz türünü, benzersiz cihaz tanımlayıcısını (örneğin; Cihazınızın IMEI numarası, Cihazın kablosuz ağ arayüzünün MAC adresi veya Cihaz tarafından kullanılan mobil telefon numarası), mobil ağ bilgilerini, mobil işletim sisteminizi, kullandığınız mobil tarayıcı türünü ve saat dilimi ayarı bilgilerini içerir.
  • İçerik Verileri: Fotoğraflar, videolar veya diğer dijital içerikler gibi Cihazınızda saklanan bilgileri içerir;
  • Profil Verileri: Kullanıcı adınızı ve parolanızı, Uygulama içi istek geçmişinizi, tercihlerinizi ve geri bildirimlerinizi içerir.
  • Kullanım Verileri: Kendi faturalandırma amaçlarımız için veya başka amaçlarla gerekli olabilecek trafik verileri ve diğer iletişim verileri ile eriştiğiniz kaynaklar dahil ancak bunlarla sınırlı olmamak üzere, Uygulamalarımızdan herhangi birini kullanımınız veya Sitelerimizden herhangi birine ziyaretleriniz hakkında ayrıntı bilgileri içerir.

Özel Nitelikli veriler

Bunlara özellikle Uygulamayı kullanarak bulunduğunuz bir istek (ulaşım veya konaklama isteği gibi) ile ilgili bize sağladığınız bilgiler dahildir; ırkınız veya etnik kökeniniz, dini veya felsefi inançlarınız ve sağlığınızla ilgili bilgileri içerebilir.