Privacy Policy

TARGET PharmaSolutions, Inc. Privacy Policy

Last Updated October 6, 2017

INFORMATION WE COLLECT ON THE WEBSITE AND HOW WE USE IT.

Browsing our website at https://www.targetpharmasolutions.com/ and any subdomains (the “Website”) does not require you to register for an account or actively provide any personally identifiable information to us, but as indicated below, we and third parties may use cookies and action tags to passively collect information from visitors to our Website.

TARGET PharmaSolutions, Inc. is a real-world clinical data company that provides pharmaceutical and biotechnology partners a more efficient way to generate data that can be used to better understand the natural history of diseases, current treatment paradigms, and patient outcomes in the real-world setting. As indicated herein, this Privacy Policy describes how we, TARGET PharmaSolutions, Inc. (“TARGET”, “we”, “us”, or “our”) handle information that we collect on the Website. In addition, with respect to information relating to an identified or identifiable natural person transferred to the United States from the European Union (including Switzerland) or the European Economic Area, this Privacy Policy applies not only to information that we collect on the Website but also to information collected through other online and offline channels in connection with your interaction with our clinical data business (including, without limitation, research studies) ( the “Business”). For clarification but not limitation, with respect to our U.S. clinical data operations, this Privacy Policy only applies to information collected through the Website and does not apply to information collected through offline and other online channels from research subjects and others in connection with our U.S. clinical data operations. You should carefully read this Privacy Policy. By using the Website, you are signifying your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you are not permitted to use the Website.

As used in this Privacy Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing, and transferring information within our organization or among our affiliates within the United States or internationally.

As described in further detail below, TARGET complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information (as defined below) transferred from the European Union and Switzerland, respectively, to the United States. As used herein, “personal information” means information relating to an identified or identifiable natural person transferred to the United States from the European Union (including Switzerland) or the European Economic Area. With respect to such personal information, TARGET has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

WHAT INFORMATION ABOUT ME IS COLLECTED THROUGH THE WEBSITE?

Depending on your use of Website, we may collect two types of information: personally identifiable information and non-personally identifiable information.

Personally Identifiable Information

Personally identifiable information is information that identifies you or can be used to identify or contact you. The categories of personally identifiable information that may be collected through the Website include but are not limited to your name, email address, and telephone number.

Non-Personally Identifiable Information

Non-personally identifiable information is information, any single item of which, by itself, cannot be used to identify or contact you. The categories of non-personally identifiable information that may be collected through the Website include but are not limited to demographic information (such as age, profession, gender, location, zip code, birth date, or year of birth), responses to survey questions, queries, IP addresses, browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the pages you view, the date and time of your visit, domain names, and other statistical data involving use of the Website. Certain non-personally identifiable information may be considered a part of your personally identifiable information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-personally identifiable information when they are taken alone or combined only with other non-personally identifiable information (for example, your viewing preferences).

WHERE AND WHEN IS INFORMATION COLLECTED THROUGH THE WEBSITE, INCLUDING THROUGH THE USE OF COOKIES AND ACTION TAGS?

Information provided by you

We will collect personally identifiable and non-personally identifiable that you submit to us. As an example, we may obtain your personally identifiable and other information from you if you identify yourself to us by sending us questions or comments or if you choose to complete a Patient Reported Outcome (PRO) or other survey.

Cookies and Action Tags

We may collect non-personally identifiable information passively using “cookies” and “action tags.” By using cookies and action tags together, we are able to gain valuable information to improve the Website.

“Cookies” are small text files that can be placed on your computer or mobile device in order to identify your Web browser and the activities of your computer on the Website and other websites. Cookies can be used to personalize your experience on the Website, to assist you in using the Website, and to allow us to statistically monitor how you are using the Website to help us improve the Website. We also may use cookies to determine the popularity of certain content. In addition to cookies that we place on your computer or mobile device, cookies may also be placed on your computer or mobile device by third parties, including third parties providing analytical and other services related to the Website. In the course of providing services, such third parties could place or recognize unique cookies on your browser. You do not have to accept cookies to use the Website. Even if you initially agree to accept cookies, you can change your preferences at any time. Although most browsers are initially set to accept cookies, you may reset your browser to notify you when you receive a cookie or to reject all or some cookies. Most browsers offer instructions on how to do so in the "Help" section of the toolbar. However, if you reject cookies, certain features or resources of the Website may not work properly or at all and you may experience some loss of convenience.

For the avoidance of doubt, this Website may use third-party service platforms. These third-party service platforms may place cookies on your computer or mobile device. If you would like to disable "third party" cookies, you may be able to turn them off by going to the third party's website.

We may use the following cookies:

  • Session: This is a cookie that is set when you visit the Website. This cookie only lasts until you leave the Website.

  • CloudFlare__cfduid: This is a cookie that is set by the CloudFlare service to identify trusted web traffic. It does not correspond to any user id in the web application, nor does the cookie store any personally identifiable information. This cookie may last for 10 years.

    Here is a link to the main third-party platforms we use: https://www.cloudflare.com/security-policy/.

    The cookie-related information is not used to identify you personally. These cookies are not used for any purpose other than those described here.

    “Action tags,” also known as web beacons or gif tags, are a web technology used to help track website usage information, such as how many times a specific page has been viewed. Action tags are invisible to you, and any portion of the Website or email sent on our behalf may contain action tags.

Finally, you should be aware that third parties may use their own cookies or action tags when you click on a link to their websites or services on or from the Website. This Privacy Policy does not govern the use of cookies or action tags or the use of your information by such third-party websites or services.

Log Files

We also collect non-personally identifiable information through our Internet log files, which record data such as user IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Website. This information may be used to analyze trends, to administer the Website, to monitor the use of the Website, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing your experience on the Website and evaluating the Website in general.

DOES TARGET COLLECT INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE THROUGH THE WEBSITE?

We are committed to protecting the privacy of children. The Website is not designed for or directed to children under the age of 13. We do not collect personally identifiable information through the Website from any person we actually know is under the age of 13.

FOR WHAT PURPOSES IS THE INFORMATION COLLECTED THROUGH THE WEBSITE?

In general, we use the information collected through our Website to conduct our Business, to help us understand who uses the Website, to improve the Website, for internal operations, and, if you request information or request that we contact you, to respond to your requests. In addition, if you identify yourself to us by sending us an email with questions or comments, we may file your questions or comments (with your personally identifiable information) for future reference. We may also use the information gathered through the Website (including your personally identifiable information) to perform statistical analysis of user behavior or to evaluate and improve the Website and our Business. We may link some of this information to personally identifiable information for internal purposes.

WHEN, AND TO WHAT TYPES OF THIRD PARTIES, DOES TARGET DISCLOSE INFORMATION COLLECTED THROUGH THE WEBSITE?

We generally disclose information we gather from you through the Website to the following types of third parties and as otherwise set forth in this Privacy Policy and as specifically authorized by you (including without limitation through any consent you may sign in connection with a research study or otherwise),.

Laws and Legal Rights

Your information (including your personally identifiable information) may be disclosed upon a good faith belief that disclosure is required in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. Your information may be disclosed in special circumstances upon a reasonable belief that disclosing this information is necessary to identify, contact, or bring legal action against someone, to detect fraud, or to protect our rights or property or the safety and/or security of our Website, our Business or the general public.

Agencies and Others Responsible For Research Oversight and Payers

Your information (including your personally identifiable information) may be disclosed to relevant agencies, ethics committees and competent authorities, including without limitation in connection with regulatory documentation and submissions and responding to audit and inspection requests. Your information also may be disclosed to payers, such as health insurance companies or state agencies.

Research Study Physicians and Staff

Your information (including personally identifiable information) may be disclosed to the physicians and other staff associated with our research studies.

Third Parties Generally

With respect to our Website, your non-personally identifiable information may be provided to third parties, including where such information is combined with similar information of other users of the Website. In addition to the above, when individuals use our Website, third parties (including without limitation third-party analytics and other service providers) may directly collect information about our Website visitors, including about our visitors’ online activities over time and across different websites. The third parties to which information may be provided, or who may directly collect information, may include analytics and other service providers, vendors and website tracking services, affiliates, actual or potential commercial partners, licensees, researchers, and other similar parties.

Third Parties in Connection with Research Studies

With respect to our research studies, your information (including personally identifiable information) may be disclosed to a variety of third parties, including third parties that purchase a research study database and third parties with which we have contracted to provide access to our databases, including research study databases. Your information also may be disclosed to third parties such as pharmaceutical companies, steering committee members, and patient advocacy members for research and other purposes. Other types of third parties to which your information (including personally identifiable information) may be provided include our clients, vendors, affiliates, actual or potential commercial partners, licensees, researchers, and other similar parties. The results of our research studies also may be presented at meetings or in publications, but your identity will not be disclosed in those presentations or publications.

Outside Contractors

We may employ independent contractors, vendors, and suppliers (collectively, “Outside Contractors”) to provide specific services and products related to the Website and/or our Business, including hosting, maintenance, auditing, monitoring, and other services. In the course of providing products or services to us, these Outside Contractors may have access to your information (including personally identifiable information). We use reasonable efforts to ascertain that these Outside Contractors are capable of protecting the privacy of your personally identifiable information.

Sale of Business or Bankruptcy

Your information (including personally identifiable information) may be transferred to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of TARGET or any of its Corporate Affiliates (as defined below), or any portion of TARGET or any of its Corporate Affiliates, or in the event that we discontinue our business, or in the event that we file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.

Affiliates

Your information (including personally identifiable information) may be disclosed to our Corporate Affiliates. For purposes of this Privacy Policy, “Corporate Affiliate” means any person or entity which directly or indirectly controls, is controlled by or is under common control with TARGET, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information identifying you that is provided to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

Transborder Hosting and Transfer of Information

Personally identifiable information collected on the Website may be transferred from time to time to TARGET offices or personnel, or to third parties, located throughout the world, including offices located outside the European Union and the European Economic Area, and the Website may be viewed and hosted anywhere in the world, including countries (such as the United States) that may not have laws of general applicability regulating the use and transfer of such data. By using the Website and submitting such information on it, you voluntarily consent to such transborder transfer and hosting of such information. For specific information regarding how we handle personal information transferred to the United States from the European Union and the European Economic Area, please see the section below titled “Additional Provisions For Personal Information Received From The European Union (Including Switzerland) And The European Economic Area”.

DOES THIS PRIVACY POLICY APPLY WHEN I LINK TO OTHER WEBSITES OR SERVICES?

Our Website may provide you with access to other websites and services. Please be aware that we are not responsible for the privacy practices of any websites or services other than the Website. We encourage you to read the privacy policies or statements of each and every such website and service. This Privacy Policy does not apply to any websites or services other than the Website.

IS THE INFORMATION COLLECTED THROUGH THE WEBSITE SECURE?

We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with industry standards and to employ administrative, physical, and electronic measures designed to protect your personally identifiable information from loss, misuse, and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved and the nature of the information. Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information, both over the Internet and through other online and offline channels. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.

WHAT CHOICES DO I HAVE REGARDING THE COLLECTION, DISCLOSURE AND DISTRIBUTION OF PERSONALLY IDENTIFIABLE INFORMATION COLLECTED THROUGH THE WEBSITE?

We generally use personally identifiable information collected through the Website as described in this Privacy Policy or as authorized by you (including without limitation through any consent you may sign in connection with a research study or otherwise) or as otherwise disclosed at the time we request such information from you. You generally must “opt in” and give us permission to use your personally identifiable information collected through the Website for other purposes. You may also change your preference and “opt out” of receiving communications from us by following the directions provided in association with the communication, or by contacting [email protected].

DO NOT TRACK

The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to Do Not Track requests.

CAN I UPDATE OR CORRECT MY PERSONALLY IDENTIFIABLE INFORMATION COLLECTED THROUGH THE WEBSITE?

You have the right to request the restriction of certain uses and disclosures of personally identifiable information collected through the Website as follows. You can contact us in order to (subject to the following paragraph) (1) update or correct your personally identifiable information or (2) change your preferences with respect to communications and other information you receive from us by contacting [email protected] Such updates, corrections, and changes will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, or change. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it is not technologically possible to update or change each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, or change, as appropriate, all personally identifiable information collected through the Website and stored in databases we actively use and other readily searchable media, as appropriate, as soon as and to the extent reasonably practicable.

Without limitation of any other provision contained herein, access to personal information associated with research studies may be limited if necessary to maintain the integrity of the research effort.

HOW WILL I KNOW IF THERE ARE ANY CHANGES TO THIS PRIVACY POLICY?

You should be aware that we may revise this Privacy Policy from time to time. For clarification but not limitation: we may make non-significant changes to this Privacy Policy that generally will not significantly affect our use of your personally identifiable information, without providing an “opt-outoption; and your continued use of the Website following the posting of non-significant changes to this Privacy Policy constitutes your acceptance of those changes. We encourage you to check this page periodically for any changes. If any changes to this Privacy Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Website.

ADDITIONAL PROVISIONS FOR PERSONAL INFORMATION RECEIVED FROM THE EUROPEAN UNION (INCLUDING SWITZERLAND) AND THE EUROPEAN ECONOMIC AREA.

In addition to the other provisions of this Privacy Policy, with respect to personal information received from the European Union (including Switzerland) and the European Economic Area, the following provisions apply:

Types of Personal Information Collected

As described above, personal information is information relating to an identified or identifiable natural person transferred to the United States from the European Union or European Economic Area. While the types of personal information collected vary, the following types of information generally are collected from the following categories of individuals:

Study Participants The information collected from individuals participating in our research studies (“Participants”) is collected with written consent of the Participant, redacted at the respective research study site, and typically transferred as a data set in key-coded form as described in Privacy Shield Supplemental Principle 14 Pharmaceutical and Medical Products, subsection (g) “Key-coded Data”, and therefore does not constitute a transfer that would be subject to the Privacy Shield Principles. To the extent that such information is not key-coded, the types of personal information generally collected from individuals participating in our research studies include demographic information (such as year of birth, gender, race, ethnicity, country of birth); vital signs; information from Participants’ medical records; dates of service related to health care; information regarding medications, lifestyle, and health conditions; biopsy reports; results of tests, treatments, and procedures (such as transplants, blood tests, MRIs, and X-rays); medicines and the effects of medicines on Participants’ physical, mental, and social health and side effects.

Research Study Site Staff, Vendors, and Contractors The types of personal information collected from research study site staff, vendors, and contractors generally include name, e-mail address, phone number, business or home address, and curriculum vitae.

Website Visitors The types of personal information collected from visitors to our Website may generally include name, email address, telephone number, demographic information (such as age, profession, gender, location, zip code, birth date, or year of birth), IP addresses, browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the pages you view, the date and time of your visit, domain names, and other statistical data involving use of the Website.

General Inquirers, Advisors, and Representatives of Our Business Partners and Clients The types of personal information collected from individuals inquiring about our clinical data business and our research studies, from our advisors, and from individuals who represent our business partners and clients generally include name and contact information and queries.

Purposes for Which Personal Information is Collected and Used

Purposes of Information Collected From Study Participants Personal information generally is collected from the Participant and used for the purposes of: contacting the Participant; conducting research studies; regulatory documentation and submissions to relevant agencies, ethics committees and competent authorities; responding to audit and inspection requests by relevant agencies, ethics committees, and competent authorities; community building and data analytics; and presenting and sharing the results and data from research studies. As examples, non-identifiable data associated with Participants is used as part of publications in medical journals in the form of summary statistics; figures included may show individual data points in scatter plots or non-identifiable Participant data may be presented in the form of a case study displaying key highlights of the patient record (such as medication, lab values, comorbidities over time, etc.). In addition to the above, personal information may be used in the future for new scientific, medical, and pharmaceutical research activities, including activities that are unanticipated. These activities may include, but are not limited to, periodic follow-up or related studies.

Purposes of Information Collected From Research Study Site Staff, Vendors, and Contractors - Personal information generally is collected from research study site staff, vendors, and contractors and used for the purposes of contacting such individuals; conducting research studies; ensuring appropriate qualifications and training; administering the receipt of services from such individuals; regulatory documentation and submissions to relevant agencies, ethics committees, and competent authorities; responding to audit and inspection requests by relevant agencies, ethics committees, and competent authorities; community building and data analytics; and presenting and sharing the results and data from research studies. In addition to the above, personal information may be used in the future for new scientific, medical, and pharmaceutical research activities, including activities that are unanticipated. These activities may include, but are not limited to, periodic follow-up and related studies.

Purposes of Information Collected Through Website - In general, the personal information collected through our Website is used to conduct and improve our Business, to help us understand who uses the Website, to improve the Website, for internal operations, and, if you request information or request that we contact you, to respond to your requests. We may also use the information gathered through the Website (including personal information) to perform statistical analysis of user behavior or to evaluate and improve the Website and our Business.

Some of this information may be linked to personal information and personally identifiable information for internal purposes.

Purposes of Information Collected From General Inquirers, Advisors, and Representatives of Our Business Partners and Clients Personal information generally is collected from inquirers, advisors, and representatives of our business partners and clients in order to respond to the relevant inquiry, to conduct our and improve our Business (including conducting research studies), to carry out our relationships with our business partners and clients, and for internal operations.

Types of Third Parties To Which Personal Information Is Disclosed

In connection with the purposes described above, personal information may be shared with the following types of third parties:

Laws and Legal Rights

Your personal information may be disclosed upon a good faith belief that disclosure is required in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. Personal information may be disclosed in special circumstances upon a reasonable belief that disclosing this information is necessary to identify, contact, or bring legal action against someone, to detect fraud, or to protect our rights or property or the safety and/or security of our Website, our Business or the general public.

Agencies and Others Responsible For Research Oversight and Payers

Your personal information may be disclosed to relevant agencies, ethics committees and competent authorities, including without limitation in connection with regulatory documentation and submissions and responding to audit and inspection requests. Your personal information also may be disclosed to payers, such as health insurance companies or state agencies.

Research Study Physicians and Staff

Personal information may be disclosed to the physicians and other staff associated with our research studies.

Third Parties Generally

With respect to our Website, your non-personally identifiable information may be provided to third parties, including where such information is combined with similar information of other users of the Website. In addition to the above, when individuals use our Website, third parties (including without limitation third-party analytics and other service providers) may directly collect information about our Website visitors, including about our visitors’ online activities over time and across different websites. The third parties to which information may be provided or who may directly collect information may include analytics and other service providers, vendors and website tracking services, affiliates, actual or potential commercial partners, licensees, researchers, and other similar parties.

Third Parties in Connection with Research Studies

With respect to our research studies, your personal information may be disclosed to a variety of third parties, including third parties that purchase a research study database and third parties with which we have contracted to provide access to our databases, including research study databases. Your personal information also may be disclosed to third parties such as pharmaceutical companies, steering committee members, and patient advocacy members for research and other purposes. Other types of third parties to which your personal information may be provided include our clients, vendors, affiliates, actual or potential commercial partners, licensees, researchers, and other similar parties. The results of our research studies also may be presented at meetings or in publications, but your identity will not be disclosed in those presentations or publications.

Outside Contractors

We may employ independent contractors, vendors, and suppliers (collectively, “Outside Contractors”) to provide specific services and products related to the Website and/or our Business, including hosting, maintenance, auditing, monitoring, and other services. In the course of providing products or services to us, these Outside Contractors may have access to your personal information. We require that these Outside Contractors agree to (1) protect the privacy of your personal information, and (2) not use or disclose your personal information for any purpose other than providing us with the products or services for which we contracted or as required by law.

Sale of Business or Bankruptcy

Your personal information may be transferred to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of TARGET or any of its Corporate Affiliates (as defined below), or any portion of TARGET or any of its Corporate Affiliates, or in the event that we discontinue our business, or in the event that we file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.

Affiliates

Your information (including personal information) may be disclosed to our Corporate Affiliates. For purposes of this Privacy Policy, “Corporate Affiliate” means any person or entity which directly or indirectly controls, is controlled by or is under common control with TARGET, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information identifying you that is provided to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

Choice

If you no longer wish to have your personal information disclosed to third parties, you may choose to "opt out" by notifying us. To do so, send an email to [email protected]. Please be aware that your personal information may have been previously disclosed to third parties. Also, TARGET will provide you with notice before using your personal information for a purpose other than that for which it was originally collected or subsequently authorized by you, and you may choose to “opt out” of such use by following the directions provided in the notice. However, even after any “opt-out”, your personal information may be used and disclosed to a third party upon a good faith belief that such disclosure is required in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. Without limitation of any other provision contained herein, following your “opt out”, your information that already has been gathered may continue to be used and to be disclosed to third parties, provided that such information will be anonymized in order to ensure that you cannot be identified anymore.

Sensitive Information

If information is collected from you specifying medical or health conditions, racial or ethnic origin, political opinions, religious, ideological, or philosophical beliefs, trade union membership, information on social security measures or administrative or criminal proceedings or sanctions (which are treated outside pending proceedings), or information with respect to personal sexuality (“Sensitive Information”), such Sensitive Information will not be (a) disclosed to a third party or (b) used for a purpose other than those for which it was originally collected or subsequently authorized by you without obtaining your affirmative “opt-in” (unless there is a good faith belief that such disclosure or use is required in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process). In addition, TARGET will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.

Onward Transfer

Before we disclose any of your personal information to a third party we will require that such third party provide the same level of privacy protection as is required by the Privacy Shield Principles. TARGET’s accountability for personal information that it receives under the Privacy Shield and transfers to a third party is outlined in the Privacy Shield Principles. In particular, TARGET remains liable under the Privacy Shield Principles if third-party agents that it retains to process personal information on TARGET’s behalf process such personal information in a manner inconsistent with the Privacy Shield Principles, unless TARGET can prove that it is not responsible for the event giving rise to the damage.

Data Integrity and Purpose Limitation

Except as may be authorized by you, we use your personal information in a way that is compatible with and relevant for the purpose for which it was collected. To the extent necessary for these purposes, we take reasonable steps to ensure that personal information is accurate, complete, current, and reliable for its intended use.

Access

You have the right to access your personal information held by us and you may correct, amend, or delete such personal information, to the extent that it is inaccurate or has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question or where the rights of persons other than the individual would be violated or as otherwise described in the Privacy Shield Principles. If you wish to access your personal information, please contact us in either of the ways described below (under the section titled Recourse, Enforcement, and Liability).

Without limitation of any other provision contained herein, access to personal information associated with research studies may be limited if necessary to maintain the integrity of the research effort.

Recourse, Enforcement, and Liability

TARGET uses the self-assessment method to verify the attestations and assertions made herein and to ensure that its privacy practices have been implemented as presented herein. Any questions, complaints, or concerns regarding this Privacy Policy should be directed to TARGET at the e-mail or postal/courier address referenced in the section below titled “Who Do I Contact If I Have Any Privacy Questions?”. TARGET will investigate and attempt to resolve any disputes/complaints, including correcting any personal information, using personal information consistent with the Privacy Shield Principles, reversing or correcting the effects of noncompliance, and assuring that future processing of personal information will be in conformity with this Policy, including the Privacy Shield Principles.

For any complaints that cannot be resolved by TARGET directly, TARGET commits to cooperate with the panel established by the EU Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (Commissioner), as applicable, to investigate unresolved disputes/complaints and comply with the advice given by the panel and/or Commissioner. With respect to the Privacy Shield Principles, the panel established by the DPAs and/or the Commissioner, as applicable, is the independent dispute resolution body designed to address complaints and provide appropriate recourse to you free of charge.

As further described in the Privacy Shield Principles, a binding arbitration option will be made available to you in order to address residual complaints that have not been resolved by other means. See Section C of Annex I to the Privacy Shield Principles at https://www.privacyshield.gov/article?id=C-Pre-Arbitration- Requirements and http://trade.gov/td/services/odsi/swiss-us-privacyshield-framework.pdf . The Federal Trade Commission has jurisdiction over TARGET’s compliance with the Privacy Shield.

Adherence by TARGET to the Privacy Shield Principles and the above-set forth provisions may be limited (a) to the extent necessary to meet national security, public interest or law enforcement requirements; (b) by statute, government regulation, or case law that creates conflicting obligations or explicit authorizations; or (c) if the effect of the EU Data Protection Directive 95/46/EC or Member State law is to allow exceptions or derogations, provided that such exceptions or derogations are applied in comparable contexts.

WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?

If you have any questions or comments about this Privacy Policy or feel that we are not abiding by the terms of this Privacy Policy, please contact us in either of the following ways:

By email: [email protected] By postal mail or courier:

TARGET PharmaSolutions, Inc. 1450 Raleigh Road
Suite 212
Chapel Hill, North Carolina 27517 USA

Attn: Legal Department

CONSENT

BY USING THE WEBSITE, YOU SIGNIFY YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU SHOULD NOT USE THE WEBSITE. CONTINUED USE OF THE WEBSITE, FOLLOWING THE POSTING OF CHANGES TO THIS PRIVACY POLICY THAT DO NOT SIGNIFICANTLY AFFECT THE USE OR DISCLOSURE OF YOUR PERSONALLY IDENTIFIABLE INFORMATION, MEANS THAT YOU ACCEPT THOSE CHANGES.