Effective Date: September 28, 2016
“Personal Information” means information that alone or when in combination with other information may be used to readily identify, contact, or locate you, such as: name, address, email address, or phone number. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual.
Comprehend provides its customers with services and tools that allow them to analyze and report on clinical data pulled from multiple, disparate data sources through a single interface. These tools and services are not a part of our corporate website. Comprehend serves as a data processor for the customers who use these tools and services. More specifically, Comprehend does not own the information that is submitted to us through our services and tools. The information that is submitted through our client services relationships will be held subject to the requirements specified by our customers.
U.S. – Swiss Safe Harbor Framework
Comprehend complies with the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. Comprehend has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Comprehend certification, please visit https://safeharbor.export.gov/swisslist.aspx.
Privacy Shield Certification and Processing of EU Data
Comprehend participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Comprehend is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/list.
Comprehend is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Comprehend complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Comprehend is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Comprehend may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Collection and Use of Personal Information Through Comprehend Client Services and Website
You may visit the websites of Comprehend without revealing any Personal Information. However, in some instances, Comprehend may require certain Personal Information, such as business contact information, email address, or phone number, to respond to your inquiries or provide you with requested information.
We also collect information provided by our customers to provide services to those customers. This information may include Personal Information about individuals, including health information collected as part of clinical trials. Comprehend will use this information as directed by its customers and for service-related purposes.
Comprehend collects information under the direction of its Clients, and has no direct relationship with the individuals whose personal data it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
“If a Client adds a user to their business or enterprise account, we will ask the Client for the user’s name and email address. We will automatically send the Client’s user a one-time email inviting him or her to visit this site. Comprehend does not store this information, except to the extent permitted by law, and will only use it for the specific reason for which it was provided. If a person believes that a Client has provided us with your personal information and you would like to request that it be removed from our database, please contact us at Privacy@comprehend.com.”
Because of the nature of its services, Comprehend operates as a data processor for its customers. Comprehend’s customers act as data controllers. Individuals involved in clinical studies may interact directly with Comprehend’s customers rather than with Comprehend. Comprehend maintains only that Personal Information its customers have asked Comprehend to process. It is the Comprehend customer’s responsibility to ensure that the data the customer collects can be legally collected in the country of origin. The Comprehend customer is responsible for giving its employees and customers the appropriate level of notification that Personal Information is being collected and maintained.
We may anonymize and aggregate data collected through the website, tools, and services, and use it for any purpose.
Comprehend may automatically receive and record certain non-Personal Information from website users and the users of its tools and services. Comprehend may use this information to provide certain functionality, improve the tools and services, and monitor the use of the tools and services.
Information Sharing and Disclosure
Comprehend may disclose Personal Information to its agents and partners who assist the Company in providing services to customers. We will share Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. If you do not want us to share your personal information with these companies, you may contact us at: firstname.lastname@example.org.
Comprehend may otherwise disclose Personal Information when:
- we have express consent to share the information for a specified purpose;
- required to disclose personal data in response to lawful requests by public authorities, including to meet national security, subpoenas, court orders, law enforcement requests, or such other legal process;
- we need to protect the personal safety of the users of our systems or defend the rights or property of Comprehend; or
- we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider.
We are a global corporation with operations in several countries. We have developed global data practices designed to assure Personal Information is appropriately protected. While our primary data centers are in the United States, we may transfer Personal Information to Comprehend offices outside of the United States now or in the future. In addition, we may employ other companies and individuals to perform functions on our behalf. If we disclose Personal Information to a third party or to Comprehend employees outside of the United States, we will ensure that such party has agreed to abide by the Privacy Shield principles, or can otherwise assure adequate protection of such Personal Information.
Cookies and Other Tracking technologies
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
You may sign-up to receive [email or newsletter or other communications from us]. If you would like to discontinue receiving this information, you may update your email preferences by [using the “Unsubscribe” link found in emails we send to you or at your member profile on our website or by contacting us at email@example.com.
Comprehend’s collection, use, and disclosure of information is generally governed by service agreements with our business customers. Information relied upon to provide these services to our business customers is retained only for as long as we have a valid business purpose and in accordance with applicable law.
Upon request Comprehend will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by contacting us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe.
In most cases, when Comprehend obtains Personal Information, it does so on behalf of another company (as an agent or data processor). Comprehend acknowledges that you have the right to access your personal information. Comprehend has no direct relationship with the individuals whose personal data it processes. To request access to, correction, amendment, or deletion of this Personal Information, a customer or end user should contact the company to which the data was provided. If requested to remove data we will respond within a reasonable timeframe. For other inquiries, please contact us at email@example.com.
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. Comprehend will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Any questions, comments, or complaints about the data practices of a customer for which Comprehend processes data should be directed to that customer (including, without limitation, compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement), although Comprehend will make reasonable efforts to comply or assist with such requests. If Comprehend and its customers are unable to resolve your complaint, Comprehend has agreed to cooperate with the European Union Data Protection Authorities to resolve any privacy complaints related to Personal Information.
No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. Once we receive your transmission, we take steps to ensure security on our systems. Please note this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such safeguards.
Comprehend has adopted appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal Information we process. Comprehend strives to protect the privacy of the Personal Information it processes, and to avoid inadvertent disclosure.
If Comprehend learns of a security system’s breach, Comprehend maintains an incident response policy that includes notifications consistent with applicable law.
By using this website or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
Changes and Updates
Postal Mail Address:
2010 Broadway St.
Redwood City, CA 94063
We can be reached via e-mail at email@example.com or you can reach us by telephone at (650)521-5449.