Privacy policy
MAC Research Limited, together with its affiliates and subsidiary companies (collectively “MAC,” “We,” “Us,” or “Our”), is committed to ensuring that We handle all individual information in a responsible and careful manner and in accordance with applicable data privacy and confidentiality laws in the UK and other countries.
This Privacy Policy (“Policy“) outlines and describes Our commitment as an organisation to the individuals whose data We manage, the key types of personal data We collect, process and how that information may be used or disclosed. The Policy explains in general terms how We strive to comply with data privacy laws, including without limitation the UK General Data Protection and the Data Protection Act 2018, EU General Data Protection Regulation, and any subsequent amendments to this regulation or local law equivalent that is later adopted, and any applicable local law (“Law(s)”) and the privacy and confidentiality requirements of ICH Good Clinical Practice.
Please read the following carefully to understand Our views and practices regarding personal data information and how We will treat it.
Types of Personal Information Managed by MAC
In our capacity as a Contract Research Organisation providing services for Sponsors, we host and analyse significant quantities of health data relating to clinical trial participants and individuals who have volunteered to be on a clinical trial and are assessed for eligibility to enter a clinical trial. MAC also collects, processes, and manages personal information about its employees, Clients and other service providers, during the course of its business operations. MAC also processes contact information provided by members of the public via its website.
MAC may be the data processor or the controller for different types of personal data, and the legal basis for this processing may differ for each activity, the specific arrangements for each type of personal information we process is described in detail below:
Employee and Human Resource Data
We collect and control personal information from applicants pursuing employment with MAC and MAC employees for its legitimate business-related purposes. Such professional or employment-related data includes private contact details, professional qualifications and previous employment history, DBS and professional disbarment checks to assist with the personnel recruitment, staff performance, payroll, security, safety of Our premises and tax purposes. MAC processes similar information relating to consultants, contractors and other third parties that We engage to deliver products or services.
4. Website Visitors Information
Generally anyone can visit the MAC website without revealing who they are and without disclosing any of their personal information. However, MAC collects names and contact details volunteered by visitors to Our company website when making an online enquiry via the site. This includes enquiries, for example by industry professionals regarding information about company services, or when members of the public are interested in volunteering to a clinical trial or applying for a job vacancy with the company. MAC may collect various data via cookie-based technologies, linked to virtual identities allocated to visitors when they access Our websites, such as browsing history, device ID, search history, IP address (Internet Protocol address), information on the visitors’ interaction with a website, device geolocation, application type and version, or advertisements placed and ad interactions. This information is used for website analytics and for first party marketing. These virtual identities are sometimes connected with real world identities of visitors when they submit named details. This enables MAC to personalise marketing messages to make them relevant to those visitors. MAC is the data controller of this information and processes it for legitimate business-related purposes in engaging with members of the public in the delivery of clinical research services, employment opportunities and business development.
5. Commercial Information:
MAC will collect and use commercial information such as records of products or services purchased or obtained, or correspondence received. MAC will also collect information for one or more of the following purposes: to fulfil or meet the reason for which the information is provided, including to process payments and other financial transactions; to provide information, products or services that are requested from Us; to provide electronic messages consisting of alerts, reminders, event registrations and other notices concerning Our products or services, appointments, events or news that may be of interest; to improve Our website and present its contents to visitors to the site; for testing, research, analysis and product or services’ development.
Internal and External Disclosures of Personal Information
Personal information is only shared on a “need to know” basis within MAC and its affiliates and subsidiaries and with relevant third parties (such as agents, contractors) to deliver stated legitimate business purposes and legal obligations. Any access to personal information contained within databases and binders is carefully restricted and only viewable by appropriate MAC staff for legitimate purposes. MAC does not trade or sell personal information.
Under some circumstances, MAC may be required by law enforcement agency, court, regulator, government authority, or judicial authorities or other third party to disclose certain personal information as part of investigations or for litigation purposes. Or, where We believe such disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect Our rights or the rights of any third party, including to identify or locate anyone for the prevention or detection of crime or the apprehension or prosecution of offenders. In such circumstances we expressly disclaim any liability from any claims resulting from such disclosures and from any actions taken as a consequence of investigations by either Us or law enforcement authorities.
MAC may disclose and transfer personal information to a third party in connection with the sale, assignment, or other transfer of Our business to which the information relates.
Any companies who work as third party contractors or agents for MAC are required to sign “data processing agreements” as a processor and/or confidentiality agreements whereby they commit to only process personal information consistent with contracted purposes and to ensure organisational and technical security safeguards for the data are in place prior to any processing of personal data.
We also share aggregate, non-personal information about website usage with affiliated and unaffiliated third parties.
We may, for example, provide visitors information to agents, contractors, or partners for hosting Our databases, for data processing services, or so that they can mail information to that visitor if requested.
Notice of Data Use and Consent
MAC will provide notice to individuals using clear and conspicuous language at the point of data collection, about how their information will be used and disclosed. We will make clear what choices are available in relation to how individual personal data is managed and what rights there are under data privacy Law or under this Policy and who to contact with any questions or complaints. MAC’s privacy notices are tailored according to specific data collection circumstances. In providing such notice, MAC meets its obligations to be transparent and fair with individuals as is required by General Data Protection Regulation. Dependent on the medium, notice may be given in person, by email, post, telephone, or by posting on Our website.
In accordance with data privacy Law and good practice, MAC will seek consent of individuals to collect, use, and disclose their data consistent with the relevant privacy notice. However, in certain cases where the law allows processing of personal data, in particular where the intended processing of the personal data is in MAC’s or Our Clients’ legitimate interests and the privacy risks are low, MAC will proceed to process personal information absent of consent, for example, where gaining consent from a person will involve a disproportionate effort. MAC will also use and disclose personal information without consent where required by law and judicial order to disclose information.
Your Rights
In accordance with data privacy Laws and contractual commitments, MAC ensures that individuals can exercise all relevant informational rights with respect to their personal information processed by the organisation. Where no overriding legal obligation or legitimate interest prevails to individuals requests, MAC will endeavour to allow the following informational rights under this Policy as a matter of good practice, these may include:
- to allow access to copies of personal information;
- to correct personal information where inaccurate;
- to erase personal information;
- to object to Our use of personal information;
- to restrict Our use of personal information;
- to withdraw a previously provided consent to processing of personal information;
- to receive personal information in a usable electronic format and transmit it to a third party (right to data portability); and
- to lodge a complaint with local data protection authority if one exists in the country where the personal data was collected.
If you wish to exercise any of these rights, please contact our Data Protection Officer using the details shown in the section titled “Inquiries, Complaints and Requests to Exercise Rights” below.
Information Security
MAC maintains wide-ranging information security policies to apply technical and organisational security measures appropriate to the risk to the personal information We process. This is to ensure We protect sensitive and personal information that participants provide to Us (particularly sensitive clinical data), against unauthorized access or loss. MAC’s security breach policy provides a procedural response for managing any breach of personal information, including making necessary notifications to individuals or governmental authorities.
Depending on which country personal data is collected or received from will decide which servers are used to store personal data. In the UK MAC stores information on its own servers or on third-party servers (which may be in a different country) and personal data is transferred and stored in accordance with applicable Laws. All data stored are downloaded by MAC personnel. MAC uses commercial measures to ensure that your data is kept safe and treated in accordance with this Policy and applicable data protection and privacy Laws.
Considerations When Online
The pages on MAC’s websites may contain links to external websites, i.e. outside of the company. These external websites are not controlled, maintained, or endorsed by MAC and may contain different information and/or different privacy policies from those of Our company. This Policy does not apply to linked websites outside the MAC organisation. MAC recommends that visitors review the privacy policy of each individually linked website before submitting any personal information. We do not accept any responsibility or liability for external/other websites’ privacy policies.
Our web pages also use cookies. A cookie is a data file that is placed by a website operator on the hard drive of a visitor to their website. MAC, and third parties with whom We work, may place cookies with the following functions on the computers of visitors to MAC websites: to allow the site to deliver the service requested by the visitor; to remember repeat visitors; to improve the user experience of the site; to allow the company to perform site analytics; and to serve and help tailor Our marketing messages on our websites and elsewhere on the internet, based on the visitor’s previous browsing activity.
The web browser and cookie settings on your electronic devices can be tailored to manage your online relationship with MAC. At this time, We do not respond to “do not track” signals, however most web browsers will allow users to choose which cookies can be placed on their electronic device and to delete or disable cookies. Visitors should be aware that disabling cookies may prevent them from using certain features on MAC websites. For more information, please see Our Cookie Policy.
The safety and security of information also depends on the individual providing the personal information:
If any individual chooses or are given a user identification code, password, or any other information as part of Our security procedures for one of the registration-only sections of the website, the individual is responsible for maintaining the confidentiality of their password and username for the website and the individual is responsible for all activities that are carried out under them. We will not be liable where the individual’s password or username is used by someone else. MAC requires that the individual must notify Us immediately, at the contact information provided below, of any unauthorised use of the individuals password or username as soon as they become aware of such unauthorised use. We have the right to disable any user identification code or password, whether chosen by the individual or allocated by Us, at any time to safeguard the individuals account and data. Please be aware that while We take appropriate steps to safeguard the security of personal information, the transmission of information over the Internet is not completely secure and therefore the individual that discloses personal information does this at their own risk.
Inquiries, Complaints and Requests to Exercise Rights
Communications, queries, requests to exercise informational rights (e.g., access to data) or complaints can be addressed for the attention of the Data Protection Officer, MAC Clinical Research Finance Limited, Kaman Court, 1 Faraday Way, Blackpool, Lancashire, FY2 0JH, United Kingdom, (“DPO”).
Within UK individuals have the right in law to complain about how their information is managed to a supervisory authority that is responsible for regulating compliance with the Regulation. The following URL links to the relevant authority https://ico.org.uk/make-a-complaint/your-personal-information-concerns/.
Legal Status of Policy and Policy Changes
This Policy is not a contract, and it does not create any legal rights or obligations. MAC reserves the right to modify or amend this Policy and may do so according to new or amended legislation. The updated Policy will be posted on: https://www.macplc.com/mac-privacy-policy and https://researchforyou.co.uk/privacy-policy/ (Last Updated: 21st May 2024). Changes and additions to this Policy are effective from the date on which they are posted. Please review the privacy Policy from time to time to check whether We have made any changes to the way in which We use personal information. You may request previous versions of the Privacy Policy from the DPO.
We reserve the right to take any appropriate legal action, including referral to law enforcement, for any illegal or unauthorised use of this website. We also reserve the right take any action to prevent the unauthorised use of Our intellectual property.