Last updated: October 2, 2018.
This Policy describes our practices in connection with information we collect through our LaaS (logistics-as-a-service) software platform (“Platform”) on behalf of our Customers. It will notify you of the following:
1. Who this Policy applies to.
2. What personally identifiable information is collected from you through our Platform.
3. How information is used and with whom it may be shared.
4. Information regarding Links and Advertising.
5. Information regarding our Children’s Policy.
6. Reviewing, updating, and deleting your information.
7. The security procedures to protect the misuse of your information.
8. Information regarding how this Policy is enforced.
9. Our compliance with EU-U.S. and Swiss-U.S. Privacy Shield Framework
10. Changes to our Policy.
11. How to get in contact with us.
If you do not agree with our Policy, you may choose not to use our Platform.
CUSTOMERS AND CUSTOMER CONTACTS
This Policy applies to the following groups of individuals who interact with our Platform:
● Customers: “Customers” are individuals who are employees or associates of sponsors, contract research organizations, third party patient logistics companies, clinical research sites, hospitals, and similar organizations, including customer personnel who are assigned a login ID and are authorized to access and use our Platform pursuant to an active agreement.
● Customer Contacts: “Customer Contacts” are individuals who interact with our Customers or other Customer Contacts through our Platform, including Customer Contacts who are assigned a login ID and are authorized to access and use our Platform pursuant to an active agreement. Customer Contacts include our Customers’ clients, clinical site personnel, logistics supplier partners, other business contacts, and the patients and caregivers they support (for example, Customer Contacts include patients and caregivers that opt-in to our Customers’ service, clinical site coordinators, and logistics supplier partners who ultimately delivery services to patients) using our Platform.
CUSTOMER CONTACT DATA
In this section, we explain the information collected about Customer Contacts (collectively, “Customer Contact Data”).
Our Platform is flexible and allows our Customers to collect a variety of personal information from and about their Customer Contacts, including name, organization, title, address, e-mail address, telephone number, and other information including but not limited to gender, date of birth, passport number, travel dates, and other travel preferences (“Personal Information”).
We are the sole owners of the Customer Contact Data (which includes Personal Information) collected through our Platform. We only collect information that you voluntarily give our Customers permission to use. You may provide our Customers with information by phone, email, input directly into our Platform, or through applications that are integrated with our Platform.
We will not sell or rent Customer Contact Data to anyone.
HOW WE USE INFORMATION
We do not use Customer Contact Data for any purpose other than to provide services that our Customers have contracted us to provide through our Platform, as noted below, or as required by law.
Here are examples of situations in which we use Customer Contact Data:
Types of 3rd parties we share Customer Contact Data with: logistics suppliers who our Customer Contacts have opted-in to receive logistics services from – airlines, hotels, ground transportation companies, payment remittance companies, etc…
● If a Customer uses our Platform to request and track delivery of logistics services through multiple logistics supplier partners.
● Transfer of Customer Contact Data to a Customer’s logistics supplier partner for the sole purpose of booking travel on behalf of the patient and/or caregiver (for example, we may provide name, arrival and departure dates to a hotel for reservation purposes).
● When a Customer or Customer Contact uses our Platform to deliver logistics confirmation information related to travel and payments to other Customer Contacts including patients, caregivers, and/or coordinators.
● To deliver to a third party in the event of a merger, divestiture, restructuring, recapitalization, reorganization, dissolution or other sale or transfer of some or all of the Company’s assets, whether as a continuing operating business or as part of bankruptcy, liquidation or a similar proceeding, in which Customer Contact Data is among the assets transferred.
● As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to respond to requests from public and government authorities including public and government authorities outside your country of residence; and (c) to protect against or identify fraudulent transactions.
● For other purposes when Customers or Customer Contacts provide explicit consent.
● We aggregate and anonymize information about Customers and Customer Contacts, and the use of our Platform, in order to improve our Platform and create benchmark and other business intelligence products. None of the aggregated and anonymized information contain Personal Information (i.e., does not identify any individual).
LINKS AND ADVERTISING
You should also be aware that if you voluntarily disclose personally identifiable information in an email or other communications with any third party listed on our Platform or in other materials, such information, along with any other information disclosed in your communication, can be collected and correlated and used by such third parties and may cause you to receive unsolicited messages from other sources. Such collection, correlation, use and messages are beyond our control.
Our Platform is for general audiences and is not directed toward those under 18 years of age. We do not knowingly collect Personal Information from children under 13 without parental consent. If you become aware that a child has provided us with Personal Information, please contact our Privacy Officer at the email address in the Contact Information section below. If we become aware that a child under 13 has provided us with Personal Information, we will take steps to remove such information.
REVIEWING, UPDATING AND DELETING YOUR INFORMATION
All individuals have the right to access their Personal Information. We provide our Customers with the capability to review, update and delete your Personal Information. We require that our Customers receive your permission before any of your Personal Information is accessed, retrieved or made available to logistics supplier partners. In addition, we provide our Customers the ability to revoke permission to access your Personal Information. Contact your appropriate Customer representative to:
● See what data we have about you, if any.
● Change/correct any data we have about you.
● Have us delete any data we have about you.
● Express any concern you have about our use of your data.
Alternatively, you can reach us directly by emailing our Privacy Officer at the email listed in the Contact Information section below.
Steps we take to keep your information secure. The security of Customer Contact Data is important to us. We have put in place commercially reasonable physical, electronic, and managerial procedures to protect Customer Contact Data from unauthorized access.
Risks inherent in sharing information. Notwithstanding our commitment to protect Customer Contact Data, you should be aware that there is always some risk involved in transmitting information over the Internet. In addition to the risk that Customers’ employees, contractors and others subject to our agreements may fail to follow required procedures, there is also some risk that networks and/or security systems could be circumvented or breached, including by third parties who use our Platform in order to do so. As a result, while we strive to use commercially reasonable means to protect Customer Contact Data, we cannot ensure or warrant the security and privacy of your Customer Contact Data or any other information you transmit to us, or of any networks and/or security systems. If you have any questions regarding the security of our Platform you can contact our Privacy Officer at the email address set forth below.
We regularly review our compliance with this Policy. Please let us know of any questions or concerns you have regarding this Policy or our compliance with this Policy by contacting our Privacy Officer at the email address in the Contact Information section below. When we receive formal written complaints, it is our policy to contact the complaining party regarding his/her concerns. We will cooperate with the appropriate regulatory authorities to resolve any complaints regarding the transfer of Personal Information that cannot be resolved between the Company and any individual or entity.
FOR EU AND SWISS INDIVIDUALS: PRIVACY SHIELD NOTICE FOR PERSONAL DATA TRANSFERS TO THE UNITED STATES
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Block Clinical Inc is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com.
If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Block Clinical Inc’s, accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Block Clinical Inc remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Block Clinical Inc proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, the Company commits to resolve complaints about your privacy and our collection or use of your Personal Information. European Union and Swiss individuals with inquiries or complaints regarding this Policy should first contact the Company at:
Block Clinical Inc.
1100 Moraga Way
Moraga, CA 94556
Block Clinical Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
CHANGES TO THIS POLICY
We may revise this Policy from time to time. When we do so, we will revise the “updated” date at the top of this Policy. Any such revision will be effective immediately upon posting at www.blockclinical.com/privacy. You are responsible for checking this Policy for revisions.
If you have questions or comments regarding this Policy or our practices, please contact us at:
Block Clinical Inc
1100 Moraga Way
Moraga, CA 94556