background

Privacy and Cookie Statement

This document was last updated on: 23 May 2018

Privacy Statement

Cardialysis B.V., hereinafter referred to as “Cardialysis”, “we” or “us”, strives to comply with applicable laws and regulations related to Personal Data protection in countries where we operate. This Policy explains how Cardialysis collects, holds, uses and discloses the Personal Data of consumers, health care professionals, patients, clinical trial subjects, clinical investigators, customers, suppliers, vendors, business partners, employees, interns, freelancers, temp workers, CEC and DSMB members, job applicants, shareholders, advisors and board members, either in electronic or paper format, and it explains your statutory rights.

Cardialysis intends that this Privacy Policy and our implementing standard practices and procedures will support timely compliance with all international privacy laws and regulations. This includes, but is not limited to, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

What is “Personal Data”?

“Personal Data” means any information that identifies you or could reasonably be used to identify you. Examples of Personal Data include your name, your e-mail address and your telephone number, but also your IP address, information regarding your health or an image of you. The term “Personal Data” does not include de-identified information or information that is reported in the aggregate (provided that such aggregated information is not identifiable to a natural person).

What information do we process and how is the information used?

The Personal Data that is provided to us is used for various purposes:

  • If you or your child are participating or have participated in a clinical trial being managed by Cardialysis as a CRO, including patients, their spouses/partners, care givers and relatives, Personal Data may be used in order to carry out the applicable trials and other trial–related services and/or pharmacovigilance to assess safety and efficacy of pharmaceutical compounds and medical devices. This may include the transfer of such Personal Data to the applicable trial sponsor, its corporate affiliates, business partners and third-party service providers performing services related to the trial (e.g. data management, monitoring services, safety monitoring and reporting, coronary image analysis, etc.). Cardialysis has no direct relationship with medical research subjects participating in a clinical trial and therefore you should direct your query to the relevant trial sponsor or investigator who has transferred the Personal Data to Cardialysis for processing. Please also refer to the Informed Consent Form that you were asked to sign before you entered into the clinical trial. This document explains which information was collected, to what purpose and with whom it has been shared.
  • If you are a Cardialysis employee, intern, temp worker or a freelancer/consultant hired by Cardialysis please refer to the Consent for use of Personal Data form that you have signed. This document provides you with a full overview of which Personal Data we process, for which purpose and where it is transferred to. If you feel that the Consent for Use of Personal Data form that you have signed does not provide you with this information please contact us via the contact information mentioned below. Additional Information is also available in the Employee Personal Data Protection Policy
  • If you are interested in applying for a job with Cardialysis and you wish to send us your contact details or CV, we will use the Personal Data that you provide us with for internal recruitment purposes only (including for identifying applicants, evaluating their applications, making hiring and employment decisions and contacting applicants by phone or in writing). Please note that Cardialysis may retain applicants information submitted to it for no longer than one year after receipt of the applicant information. This is done so we could re-consider applicants for other positions and opportunities at Cardialysis; so we could use their applicants information as reference for future applications submitted by them and in case the applicant is hired for additional employment and business purposes related to his/her work at Cardialysis. We will always ask you for permission to retain your applicant information for one year. If we do not wish to keep your applicant information on file, it will be deleted within four weeks. If you previously submitted your applicants information to Cardialysis, and now wish to access it, update it, or have it deleted from Cardialysis’ systems, please contact us via the contact information mentioned below.
  • If you are a member of a Clinical Trial Team (site), a Clinical Event Committee, or a Data Safety Monitoring Board in a clinical trial being managed by Cardialysis as a CRO, Personal Data may be used in order to carry out the applicable trials and other trial–related services and/or pharmacovigilance. This may include the transfer of such Personal Data to the applicably trial sponsor, its corporate affiliates, business partners and third-party service providers performing services related to the trial (e.g. data management, monitoring services, safety monitoring and reporting, coronary image analysis, etc.) Please refer to the Consent for use of Personal Data form that you have signed for a full overview of which Personal Data was processed by us, for which purpose and where it was transferred to. If you feel that the Consent for Use of Personal Data form that you have signed does not provide you with this information please contact us via the contact information mentioned below.
  • If you are a customer, vendor, business partner, health care professional (not involved in any of the clinical trials where Cardialysis is currently involved in, or has been involved in), or if you are a supplier we process certain personal data such as your name, address, email address, phone number, mobile phone number and fax number. This information is only collected when voluntarily submitted by you upon registration, offering your services or providing your services. Cardialysis also keeps contact information that is obtained via contracts, contact forms and surveys. For professional customers, consultants, suppliers or companies with whom Cardialysis agrees to supply services to or if any of these categories provide services to Cardialysis, the company data such as the VAT number, the coordinates of the legal entity’s contacts (name, function, telephone) as well as the business partners is also stored. Possible interests that Cardialysis can meet with its services and activities are also collected and processed.
  • If you use our website, the Personal Data that you provide to us, such as your name and email address, is used to send you information upon request, the execution of the agreement(s) with you, maintaining contacts with you, conduct market research, creation of- and automatic statistical analysis of profiles of our customers and to inform you about new developments within our company and our (new) products and services that fall within your area of interest.

For information on which cookies our website uses and which Personal Data is processed via these cookies, please read the Cookie Statement.

If you do not want to receive newsletters or information about our offerings and services, you can unsubscribe at any time without motivation. You can do this by clicking the unsubscribe link in the newsletter email. You can also contact us via the contact information below.

Cardialysis may also use the Personal Data as mentioned above to comply with legal and regulatory obligations, policies and procedures, and for internal administrative purposes.

Transfer of Personal Data

Cardialysis may store or transfer Personal Data throughout the European Economic Area and other countries worldwide, via providers which have been deemed to provide adequate protection by means approved by applicable data protection legislation.

Your rights in relation to your Personal Data

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking you have the following rights with regards to the Personal Data that we have collected from you: 

  • to request that we provide you with a copy of your Personal Data that we hold and you have the right to be informed of; (a) the source of your Personal Data; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entity to whom your Personal Data may be transferred;
  • to request that we cease processing your Personal data, in whole or in part, as you direct us, for any purpose, save to the extent it is lawful to do so without consent;
  • to request that we restrict the processing of your Personal data where: (a) the accuracy of the Personal data is contested; (b) the processing is unlawful but you object to the erasure of the Personal data; (c) we no longer require the Personal data for the purposes for which it was collected, but it is required for the establishment, exercise or defense of a legal claim;
  • to request that we erase your Personal data in limited circumstances where it is no longer necessary in relation to the purpose(s) for which it was collected or processed;
  • to challenge processing which we have justified on the basis of a legitimate interest;
  • to request that we change the manner in which we contact you for marketing purposes;
  • to request that we correct any errors in your Personal data;
  • to request that we update your Personal Data as required;
  • to lodge a complaint with your local supervisory authority for data protection.

 

Security

Cardialysis will employ reasonable and appropriate technical, administrative and physical safeguards designed to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data that Cardialysis is processing.

Cardialysis, together with its marketing, analytics and technology partners, uses certain monitoring and tracking technologies (such as cookies, beacons, pixels, tags and scripts). These technologies are used in order to maintain, provide and improve our Services on an ongoing basis, and in order to provide our Customers with a better experience. For example, thanks to these technologies, we are able to maintain and keep track of our Customers' preferences and authenticated sessions, to better secure our Services, to identify technical issues, user trends and effectiveness of campaigns, and to monitor and improve the overall performance of our Services.

Please note that Third Party Services placing cookies or utilizing other tracking technologies through our Services may have their own policies regarding how they collect and store information. Such practices are not covered by our Privacy Statement and we do not have any control over them.

Cookie statement

Cardialysis, together with its marketing, analytics and technology partners, uses certain monitoring and tracking technologies (such as cookies, beacons, pixels, tags and scripts). These technologies are used in order to maintain, provide and improve our Services on an ongoing basis, and in order to provide our Customers with a better experience. For example, thanks to these technologies, we are able to maintain and keep track of our Customers' preferences and authenticated sessions, to better secure our Services, to identify technical issues, user trends and effectiveness of campaigns, and to monitor and improve the overall performance of our Services.

Please note that Third Party Services placing cookies or utilizing other tracking technologies through our Services may have their own policies regarding how they collect and store information. Such practices are not covered by our Privacy Statement and we do not have any control over them.

Cookies

Our website uses cookies, pixel tags and other forms of identification and local storage (together referred to as “tags/files” hereunder) to distinguish you from other users of the website and of websites of our network. This helps us provide you with a good experience when you browse the website and websites of our network and also allows us to improve our website and our services.

In many cases, these tags/files lead to the use of your device’s processing or storage capabilities. Some of these tags/files are set by Cardialysis itself, others by third parties; some only last as long as your browser session, while others can stay active on your device for a longer period of time.

These tags/files can fall into several categories: (i) those that are necessary for functionality or services that you request or for the transmission of communications (functionality tags/files); (ii) those that we use to carry out website performance and audience metrics (analytics tags/files) and (iii) the rest (tracking across a network of other websites, advertising, etc.) (other tags/files).

Change your Browser Settings

Internet browsers allow you to change your cookie settings, for instance to block certain kinds of cookies or files. You can therefore block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies, you may not be able to access all or parts of the website, due to the fact that some may be functionality cookies. For further information about deleting or blocking cookies, please visit: http://www.allaboutcookies.org

Functionality and analytical tags/files do not require your consent. For analytical and other tags/files, however, we request your consent before placing them on your device. You can give your consent by allowing cookies in your browser settings, by continuing to use our website, or by clicking on the appropriate button on the banner displayed to you.

What types of cookies and other tracking technologies does the Cardialysis website use?

Cardialysis website uses “session” cookies. Session cookies are temporary bits of information that are erased once you exit your web browser window or otherwise turn your computer off. Session cookies are used, for example, to improve navigation on our website, block visitors from providing information where inappropriate (the site "remembers" previous entries of age or country of origin that were outside the specified parameters and blocks subsequent changes) and to collect aggregated statistical information.

The Cardialysis website may use “persistent” cookies.  Persistent cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie.  Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided, helping to determine what areas of the web site visitors find most valuable, and customizing the website based on your preferences on an on-going basis. 

The Cardialysis website may use “web beacons” (also known as internet tags, single-pixel GIFs, clear GIFs, and invisible GIFs)  A web beacon is a tiny graphic on a web page or in an e-mail message that is used to track pages viewed or messages opened.  Web beacons tell the web site server information such as the IP address and browser type related to the visitor's computer. Web beacons provide us with information on how many times a page is opened and which information is consulted.

Changes to Privacy- and cookie statement

Cardialysis reserves the right to make changes and/or updates to this Privacy- and cookie statement to reflect technological advancements, legal and regulatory changes and good business practices. 

If Cardialysis changes its privacy and cookie practices, an updated version will reflect those changes and we will notify you of such changes by updating the effective date at the top of this Privacy- and cookie statement. We encourage you to consult this webpage for the latest version, which can be identified by the date on the document.

How can I contact Cardialysis?

If you have questions about the your Personal Data or if you wish to enforce your rights as a Data Subject, or if you would like to opt out of future communications from Cardialysis, please contact us by clicking on the "Contact" link on the Cardialysis website (www.cardialysis.com) or by emailing us at dpo@cardialysis.nl. Alternatively, you may send a letter to the following address:

Cardialysis B.V.
Atn. Data Privacy Officer
PO Box 2125
3000 CC Rotterdam
e-mail: dpo@cardialysis.nl

In all communications to Cardialysis, please include your email address and a detailed explanation of your request. For requests relating to enforcement of your rights as a Data Subject, please note that we cannot process your request without proper identification ( a copy of your passport, driver’s license or personal ID, where your photo, BSN or social security number, and number of your identification document have been blacked out). We will reply to you within four weeks upon receipt of your request.