Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include sensitive information, such as health information and genetic information, that you provide to us.
We are a for-profit social enterprise that matches you with clinical trials based on certain attributes that are derived from information which you provide to us through the HealthMatch Platform. We provide de-identified attributes (i.e. information about your medical conditions) to clinical trial providers to determine your suitability for participation in clinical trials. With your consent, we may also provide your personal information to clinical trial providers (including clinical trial sites). We receive a fee from clinical trial providers each time we refer a potential trial participant.
By using the HealthMatch Platform, you will be able to control and manage the personal data you input into the Platform in various ways. For example, you will be able to:
Where you use the Platform on behalf of someone else (i.e. a patient), you must ensure you have that person's express consent and authorization to provide us with their personal information.
We will never sell your sensitive health information to target ads or marketing to you and we will not use your sensitive health information for these purposes without your consent.
Some personal information we collect may constitute protected health information under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). If you are matched to a clinical trial, your match will provide you with a Notice of Privacy Practices describing their collection and use of your health information to the extent they are required by HIPAA, not HealthMatch. We will only collect and use protected health information for the purposes of providing our services and we only collect the minimum amount necessary to fully perform and provide the services on the Platform. Protected health information will not be used for any other purpose, including marketing, without your consent.
In order to match you with clinical trials, we provide your profile to clinical trial providers such as pharmaceutical companies, clinical trial sites connected to hospitals or other health service providers, and contract research organisations. Where we provide such information, it is in a de-identified format. Clinical trial providers use this information to confirm your suitability to participate in clinical trials, and may also use this information on an aggregated basis for research and development purposes.
We may provide aggregate de-identified information derived from personal and sensitive information to carefully selected non-profit disease-specific advocacy groups for research purposes and to assist in promoting awareness of the Platform, clinical trials and medical developments.
We may also undertake data analytics on de-identified data related to your use of our Platform, in order to improve the functionality of the Platform.
We do not seek to collect information relating to your results as part of a clinical trial that you are matched with through use of our Platform.
We may collect the following types of personal information and sensitive information:
We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:
In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks), from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. Workplace privacy laws in certain jurisdictions may contain certain exemptions regarding certain acts undertaken in relation to employee records. Where appropriate, we make use of relevant exemptions under applicable workplace privacy laws.
We may collect, hold, use and disclose your personal information for the following purposes:
When you use our Platform, we may:
We engage third party service providers to assist us with delivering direct marketing via various channels, including through social media and other digital platforms. We take all reasonable steps to ensure that your personal information is protected when disclosing information to such third parties.
You can always opt-out of receiving direct marketing communications by contacting us using the details set out below, by using an unsubscribe link or by telling us through your profile settings via our Platform.
If you are not yet a registered user of our Platform, then we may market our services to you generally – including via social media, advertising through our website or through third party websites and other digital or non-digital platforms. We will always do this in accordance with our legal requirements and if we use a third party to do so, we will only do so with our trusted partners.
For California residents, we do not provide your information to third parties for their direct marketing purposes. However, we may share aggregate or other information that no longer personally identifies you with other parties for our business purposes, marketing, analytics, or other uses.
We seek your consent before providing your name and contact details to a clinical trial provider (or to a clinical trial site that has been contracted by the relevant clinical trial provider), so that they can contact you to participate in a trial.
This consent is requested generically in our questionnaire, which allows us to share you details with trials that you match to automatically. You can revoke this consent for specific trials. You can still use the Platform without providing this consent, and can provide consent for each individual trial.
We may disclose your personal information outside of the country in which you reside or of which you are a citizen to our third party service providers located in Australia, the United States and Japan. In addition, your personal information may be processed in the country in which it was collected and in other countries, where laws regarding processing of personal information may be less stringent than the laws in your country. By providing your data, you consent to such transfer. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the privacy laws of your country.
We may disclose de-identified information to international clinical trial providers, including in the United States, China, Singapore, New Zealand and Europe (including the European Union), for the purposes of matching you with clinical trials. We will always seek your consent before providing your name and contact details to any such clinical trial provider so that you can participate in a trial.
We may collect personal information about you when you use and access our website or Platform.
While we do not use browsing information to identify you personally, we may record certain information about your use of our website and Platform, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.
We may also use 'cookies' or other similar tracking technologies on our website and Platform that help us track your website or Platform usage and remember your preferences. These include:
Marketing cookies are used to deliver ads that are relevant to you and your interests, or to limit the number of times you see the same ad on a website. These types of cookies are also used to help measure the efficiency of an advertising campaign. These cookies can be used to remember what you looked at when you visited a website. We use this information to provide you with personalized content recommendations and for marketing communications. We may combine the information collected by these cookies with other information that you have provided to us.
If you decide at any time that you no longer wish to accept cookies from the Platform for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. Please consult your browser’s technical information. If you do not accept cookies, however, you may not be able to use all portions of the Platform or all functionality of the Platform.
If you are a Facebook user, you can control whether ads based on your behaviour should appear on Facebook and other websites that use Facebook's advertising services in <fbLink>Facebook's advertising settings</fbLink>.
Our Platform does not currently recognize “Do Not Track” signals sent by some browsers.
We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, we:
We also restrict access to personal information within our organisation to those personnel who need it to operate our service.
However, we cannot guarantee the security of your personal information. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform.
Our Platform is not designed nor intended to be used or accessed by children under the age of 18. No one under age 18 may provide any information to or through Platform. We do not intentionally collect personal information from children through the Platform. If you are under age 18, do not use or provide any information on or through Platform, including, but not limited to, your name, address, telephone number, e-mail address, user name or other. If we learn we have collected or received personal information from a child under age 18 without verification or parental consent, we will delete that information. If you believe that we may have collected any information, including personal information from or about a child under age 18, please contact us immediately at firstname.lastname@example.org.
You can access and update the personal information we hold about you by logging into your profile on our Platform.
Where we hold other personal information about you, you can contact us using the information below or the contact us function on our website to access or correct this information.
Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information. If you contact us about inaccurate information, we will take reasonable steps to ensure that it is corrected.
The General Data Protection Regulation (“GDPR”) took effect on May 25, 2018, and is intended to protect the data of European Union (EU) citizens.
If you are a resident of the European Economic Area (EEA), or are accessing our Platform from within the EEA, you may have certain rights with respect to your data.
We may process Personal Information (as defined in the GDPR) under the following conditions:
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The laws of certain jurisdictions may provide data subjects with various rights in connection with the processing of personal information, including:
Where we are deemed a data controller under the laws of certain jurisdictions, we will take steps to help ensure that you are able to exercise your rights regarding personal information about you in accordance with applicable law. To do so, you may contact us at email@example.com. Please note these rights may be limited in certain circumstances as provided by applicable law. We will promptly review all such requests in accordance with applicable laws. Depending on where you live, you may also have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning personal information about you. We encourage you to first reach out to us at firstname.lastname@example.org, so we have an opportunity to address your concerns directly before you do so.
If you think we have breached any applicable privacy laws, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below or the contact us function on our website. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.
Last Updated: October 29, 2021