Effective August 21, 2018
- Information we collect and how we collect it
- How we use the information that we collect
- How we may share information with third parties
- The security of your information
User Consent and Incorporation.
Information We Collect and How we Collect It.
What We Collect Online
- Personally Identifiable Information We collect certain personal information about you when you provide it to us while using the Services. For example, you may provide us with this information in order to verify your identity, post a new research study, set up a participant profile, apply to be a participant in a research study, or respond to a survey. “Personal information” includes:
- contact information (such as your name, address, email address and telephone number)
- demographic information (such as age, date of birth, gender, marital status, ethnicity and sexual orientation)
- health information (such as diagnosis, health status, prior treatment regimens, smoking and drug use)
- specific information collected on behalf of a research study in which you are participating
- financial information necessary to enable direct deposits of funds you may receive for participating in a research study or referring a friend, and
- other information necessary for or related to your activities with us (such as research studies you are conducting or in which you are participating, the location and/or IP address of the computer you use to access the Services, education and employment history and identification numbers).
Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that we collect as part of providing the Services may be considered “protected health information” or “PHI.” HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. To the extent HIPAA is applicable, we may only use and disclose your PHI in the ways permitted by HIPAA.
You have the right to revoke this consent at any time by sending an email to email@example.com, however, please note that the revocation will not apply to the extent that we have already released your information to researchers based on this consent. It will take effect as soon as it is received."
- Non-Personally Identifiable Information We also collect non-personally identifiable information about visitors’ web activity and equipment. This information includes the operating system a visitor is using, the date and time the user visited a website or mobile app, referring URLs (what website the visitor came from), Internet service provider, browser type, device identifier, and information on the pages that visitors access or visit. Most non-personally identifiable information is collected via cookies or other analysis technologies, and is discussed in greater detail below.
What We Collect Offline
We may also obtain information about you when you interact with us outside of our website, such as in person, over the phone or by email. Further, we may collect information about you from third parties. For example, we use a third-party verification service provider to verify a user’s identity. Moreover, if you apply to become a research study participant, we may obtain personal information about you from the researcher conducting the study, such as whether your application was accepted, whether the study was conducted, and whether you actually participated in the study.
We may combine information that we collect online with information we receive about you from offline sources.
- Cookies, Web Beacons and Embedded Scripts When you use or access our Services, we may send one or more “cookies” to your computer or other device. A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that website to recognize your browser. We also may use “web beacons,” which are small graphic files that allow us to monitor the use of our Services. A web beacon is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies. We also may use “embedded scripts,” programming code that is designed to collect information about your interactions with the Services, such as the links on which you click. The code is temporarily downloaded onto your computer or mobile device from our web server or a third-party service provider, is active only while you are connected to the Services, and is deactivated or deleted thereafter.
You can set your browser to refuse all cookies or to indicate when a cookie is being sent. To learn more about cookies and interest-based advertising, or to opt out of cookies, visit the opt-out services of the National Advertising Initiative or visit the Digital Advertising Alliance's Self Regulatory Program and follow the simple opt-out process. However, if you decline cookies, some features of the Services may not function properly.
How Information Is Used
We may use the information we collect, in an aggregated or individualized manner, for any of the following purposes: 1. To customize and provide the Services to you; 2. To check and verify personal information with third parties as necessary; 3. To process payments to and from users; 4. To operate, improve and personalize the products and services we offer, and to give each user a more consistent and personalized experience when interacting with us online and offline; 5. For customer service, security, to detect fraud or illegal activities, and/or for archival and backup purposes in connection with the provision of the Services; 6. To send marketing materials and communications to you about products and services we think may be of interest to you; 7. To communicate with you, including through email; 8. To administer and improve the Services; 9. For research and analysis; 10. To enforce our Terms of Service or other applicable policies; 11. To permit potential research participants to search for and identify research studies in which they might want to participate; and 12. To otherwise conduct business, as described when the information is collected.
Sharing of Information
We may share and disclose information as described at the time information is collected or as follows:
- To Perform the Services
- Researcher and Research Study Information We may disclose personal information to third parties in order to perform the Services attendant to publicizing a research study and determining whether a potential participant meets a study’s eligibility requirements. Certain personal information will be used to verify the identity of each Researcher who creates an account for our Services. At the direction of a researcher, we will publicly post the information provided regarding a research study that is scheduled to be conducted and is in need of additional participants.
- Research Participant Information We may disclose personal information to third parties in order to perform the Services available for potential and actual research study participants. Certain personal information may be used to verify the identity of a potential research participant who creates an account for our Services. At the direction of a potential or actual research study participant, we will disclose information to the researcher conducting a research study.
- With Third Party Service Providers Performing Services on Our Behalf We share information, including personal information, with our service providers to perform the functions for which we engage them (such as hosting and data analyses). We may share information as needed to operate other related services.
- For Legal Purposes We also may share information that we collect from users, as needed, to enforce our rights, protect our property or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions. We will disclose information, including personal information, as we deem necessary to respond to a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process. We may also share information as required to pursue available remedies or limit damages we may sustain.
- Corporate Changes We may transfer information, including personal information, in connection with a merger, sale, acquisition or other change of ownership or control by or of us or any affiliated company (in each case whether in whole or in part).
- To Users of the Services We will make available to you, and anyone who you explicitly give us permission to share your information with, all of the personal information that you share with us directly when you use the Services. You can delete, revise, or otherwise manage that information by logging into your account.
The Security of Your Information.
The security of information transmitted through the internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of the Services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our Services. In order to protect you and your data, we may suspend your use of any of the Services, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure areas of any of the Services are restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
- Children We do not knowingly collect or maintain personal information from any person under the age of thirteen. No parts of our Services are directed to or designed to attract anyone under the age of thirteen.
- Your California Privacy Rights Under California’s “Shine the Light” law, California residents who provide personal information to us in obtaining products or services for personal, family or household use are entitled to request and obtain from us once a calendar year information about certain types of information we may share with other businesses for their own direct marketing uses. To make such a request, please send an email to firstname.lastname@example.org and include the phrase “California Privacy Request” in the participant line, and provide us with your name, address and email address. We will respond to you within 30 days of receiving such a request. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.
- Do Not Track We do not support Do Not Track with respect to the Services at this time. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For all the details, including how to turn on Do Not Track, visit Do Not Track.