Privacy Policy

Clinical and medical research is founded upon the collection and analysis of confidential information about people. Merritt Island Medical Research (MIMR) recognizes that when we handle information about any individual, we must do so responsibly, with respect to individual privacy, complying with laws on data privacy, laws on data privacy, and confidentiality. MIMR is committed to safeguarding your privacy. MIMR has enacted internal policies, procedures, and training programs designed to support compliance with these laws and this Privacy Notice (“Notice”). This Notice describes the main types of Personal Information we process within our organization, how that information is used and disclosed, and our commitments to the individuals whose information we handle. This Notice explains in general terms how we seek to comply with data privacy laws and regulations, including the but not limited to, national laws implementing the European Union (“EU”) Data Protection Directive 95/46/EC (“Directive”), replaced effective May 25, 2018 by the General Data Protection Regulation (“GDPR”), the Health Insurance Portability and Accountability Act (“HIPPA”), state security breach laws in the United States, data protection legislation adopted by an increasing number of other jurisdictions globally, and the privacy and confidentiality requirements of ICH Good Clinical Practice (“GCP”). The Notice does not cover any affiliate of MIMR that has its own Privacy Notice or Policy. You can visit most pages on our website or call our office without giving us any information about yourself. But sometimes, we do need additional information about you in order to provide the information or services you are requesting. This Notice explains data collection and use in those situations. We ask that you to read this Notice completely.

Definitions

“Data Subject” – The person whose personal information is being held or processed by MIMR for the purpose of managing clinical trials or contacting individuals about future clinical trial opportunities.

“Personal Data” – Information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier – for example, name, unique identifier, contact details and/or email address.

“Sponsor” refers to a third-party entity financing or organizing the clinical trial.

What Types of Personal Information Do We Handle and How Do We Use It?

MIMR may collect the following types of personally identifiable information (“Personal Information”) including but not limited to: name, title, contact details, including email address, address, and telephone numbers provided by you. MIMR conducts clinical research. For these purposes, we need to collect and use certain information about individuals on behalf of Sponsors for the purpose of managing clinical trials and/or on its own behalf for the purpose of contacting individuals for future clinical trial opportunities. MIMR may also collect, host, or analyze health data relating to Data Subjects on behalf of our Sponsors. To enhance privacy, consistent with GCP, Data Subjects’ names and other direct identifiers are not attached to records or samples collected by MIMR for research purposes. Instead, Data Subjects are identified by a code. Only study doctors and authorized personnel, including but not limited to study monitors and MIMR auditors, may access named Data Subject records. In cases where local law allows and in limited circumstances, MIMR may also collect full date of birth attached to study records.

 Employee and Human Resource Data

MIMR collects Personal Data from applicants seeking employment with MIR, including private contact details, professional qualifications, and previous employment history to inform employment decisions. Once employed, MIMR collects information on staff for human resource, performance, payroll, and tax purposes. MIMR will collect and record employee level information in various company systems, consistent with standard business operations. MIMR processes similar information relating to consultants, contractors, and other third parties engaged by MIMR to provide products or services to it.

How Does MIMR Collect Your Information?

MIMR may collect information about visitors to a company website where this is voluntarily provided to meet a request from those individuals, for example when someone is interested in participating in a clinical trial, or where someone wants to apply for a vacant position with the company. Certain information is collected by most browsers or automatically through your device, such as your media access control (MAC) address, computer operating system (Windows or MacOS), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version, the name and version of the websites you are using, and your “IP Address”. Your “IP Address” is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP Address may be identified and logged automatically in our server log files whenever you access the sites, along with the time of the visit and the page(s) that you visited. Collecting IP Addresses is standard practice and is done automatically by many websites, applications, and other services. MIMR may IP Addresses to calculate usage levels of its websites, help diagnose problems with its servers, administer the websites, and monitoring the regions from which you navigate to MIMR’s websites. Through the use of cookie-based technologies, MIMR may collect information and data linked to virtual identities allocated to visitors when they access our websites. MIMR may also collect Personal Data from you offline, such as when you attend one of our events, during phone calls with our representatives or experts, or when you contact us.

Will MIMR Share Personal Data?

Personal Data about our users is an integral part of MIMR business. Personal Data will be shared within MIMR and third parties only on a “need to know” basis to meet stated legitimate business purposes. MIMR does not trade or sell Personal Data. Under some circumstances, MIMR may be required to disclose your Personal Data (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates, and (f) as part of investigations or for litigation purposes. Access to databases and folders containing Personal Data is restricted to appropriate employees, agents, consultants, and service providers with whom MIMR contractually requires to maintain the privacy, confidentiality and security of the Personal Data.

Notice and Consent

At the point of data collection, MIMR will provide notice to individuals in a clear and conspicuous language about how their information will be used, disclosed and transferred; what choices they have in relation to how their data are handled; what informational rights they have under data privacy law or under this Notice; and who to contact with any questions or complaints. These privacy notices are tailored to specific situations of data collection. In providing such notice, MIMR meets its obligations to be transparent and fair with individuals as is required by many data privacy laws. Dependent on the medium, notice may be given in person, by email, post, telephone, or by posting on our website. Consistent with GCP, laws on confidentiality and data privacy regulations, MIMR will collect necessary informed consents of Data Subjects on behalf of its clients.

Your Rights to Your Information

In jurisdictions with data privacy laws, and where contractual commitments require, MIMR ensures that individuals can exercise all relevant informational rights with respect to their Personal Data processed by the company, including but not limited to the right of access and correction, to withdraw consent at any time, object to data processing, request data deletion, restrict aspects of data processing, and request transmission of personal data in a common digital format (e.g., pdf) to themselves or another organization. In all other respects, where no overriding interest prevails, MIMR will endeavor to allow the following informational rights under this Notice as a matter of good practice:

• to allow access to copies of Personal Data within a reasonable timeframe;
• to correct Personal Data where inaccurate;
• to allow study investigators to opt out of future solicitations to participate in studies, by contacting MIMR at info@mimresearch.com
• to withdraw a previously provided consent to processing of Personal Data.

 Information Security

We have implemented organizational, technical, and administrative measures in an effort to protect Personal Data within our organization, including security controls that are intended to prevent unauthorized access to our systems, including standard operating procedures and restricted access. While we take these reasonable steps to secure your Personal Data from loss, misuse, interference and unauthorized access, modification and disclosure, you should be aware no security procedures or protocols are ever guaranteed to completely secure from intrusion or hacking, and there is therefore always some risk to sharing Personal Data online. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us at info@mimresearch.com. Consistent with regulatory requirements, particularly under U.S. state law and GDPR, MIMR also maintains a policy, which establishes a procedural response to dealing with any breach of Personal Data, including making any necessary notifications to, as applicable, individuals or governmental authorities.

Online Cookies

A cookie is a data file that is placed by a website operator on the hard drive of a visitor to their site. Cookies with the following functions may be enabled to the computers of visitors to MIMR websites: to allow the site to deliver the service requested by the visitor; to remember repeat visitors; to improve the user experience of the site; to allow the company to perform site analytics. Your online relationship with MIMR may be managed by using settings available on most internet browsers. For example, most browsers will allow a visitor to choose which cookies can be placed on his/her computer, to delete or disable cookies, and to set Do Not Track as a function. Please note that disabling cookies may prevent a visitor from using certain features on MIMR websites.

Children’s Online Privacy Protection

MIMR does not knowingly or specifically collect information about minors under the age of 18, and believe that children of any age should get their parents’ or legal guardians’ consent before providing any Personal Data. No part of our online presence is directed to anyone less than 18 years. If you believe that we have mistakenly or unintentionally collected such information, please notify us at info@mimresearch.com so that we may delete the information from our servers.

Third Party Sites

Our websites may permit you to link to other websites on the internet through direct links or through applications such as “share” or “Like” buttons, and other websites likewise may contain links to MIMR’s websites. The information practices or content of such other websites is governed by the privacy statements of those websites and not by this Notice. We encourage you to review the privacy policies found on such other websites, services, and applications to understand how your information may be collected and used. Similarly, please note that we are not responsible for the collection, use and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Apple, Google, Microsoft, LinkedIn, social media platform providers, operating system providers, wireless service providers, or device manufacturers, including any Personal Data you disclose to other organizations through or in connection with your use of the Apps or the Social Media Pages.

Inquiries, Complaints and Requests to Exercise Rights

Communications, queries or requests to exercise informational rights (e.g., access, correct, amend, remove, or limit the use or disclosure of your Personal Data) or complaints can be emailed to info@mimresearch.com  For purposes of compliance with GDPR, the Research Advisor is the nominated Data Protection Officer and may be contacted through the email address above. For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will respond to your request within 30 days. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such access, change or deletion. Within the EU, individuals have the right in law to complain about how their information is handled to a supervisory authority that is responsible for regulating compliance with GDPR. A list of all EU supervisory authorities is available on the European Commission website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm .

Legal Status of Notice and Notice Changes

This Notice is not a contract, and it does not create any legal rights or obligations. MIMR reserves the right to modify or amend this Notice. For instance, the Notice may need to change as new legislation is introduced or as it is amended. MIMR will regularly assess and evaluate its methods and performance in relation to handling Personal Data. This Notice will be updated as necessary to reflect best practice in data management, security and control. This Notice was last updated on the Effective Date.

Questions, Concerns, or Complaints

Your privacy is important to us. If you have any questions, concerns, or complaints regarding the way we collect and handle your information, please contact us by email at info@mimresearch.com or by mail at 60 Fortenberry Rd, Merritt Island, FL 32955 – ATTN: Data Protection Officer. Because email communications are not always secure, please do not include Sensitive Data in your emails to us. MIMR will take any privacy complaint seriously and any complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

Effective Date 05-Jan-2022