INTRODUCTION

This Privacy Policy sets out the commitment of Research Connect, 4 Millbank, Westminster, London, SW1P 3JA, UK, to the privacy of the visitors and users (collectively defined as “Users”) of the Research Connect websites (“Sites”), and governs Users’ rights regarding privacy and data protection.

The Sites are operated by Research Connect and Research Connect is the sole data controller. By using the Sites, or by registering as a User to the Services that we provide (“Services”), you confirm that you have read the terms of this Privacy Policy. We ask you to read this Privacy Policy carefully.

For the purpose of this Privacy Policy, “personal data” means any information which relates to an identifiable living individual.

LAWFUL COLLECTION AND DATA USE

Research Connect collects information in several ways from different parts of our Sites, our mobile application and other activities such as social media, apps and surveys. Examples of these activities are explained below and include:

Registration to our services: some personal data is gathered when you register for our Services, including when you fill out request forms on our Sites, such as name, email address, postal address, job title and mobile device ID.

Research Activities: personal data may also be collected from you when you participate in a survey or in a research activity proposed by Research Connect to the Users.

The main purposes for which we use your personal data are to:

• Contact you in relation to our Services via email, through mobile notifications or texts or any other proposed communication options you have consented to
• Inform you of updates to our Services, new features and details relevant to you
• Help you when you contact us
• Protect Research Connect from fraudulent behaviour
• Update, enrich and clean your data to better understand your needs and how we can improve our Services

We have set out below more detailed information about how we use your personal data. We are also required by law to explain the legal basis for processing your personal data. These legal bases are listed below and could be different for each use case:

• we have your consent for the use of your personal data
• we need to use your personal data in order to perform a contract with you
• we need to process your data to comply with a legal obligation
• we need to process your data in order to protect your vital interests or someone else
• the processing is necessary to perform a task in the public interest or
• the use of your personal data is necessary for our (or our clients’) legitimate interests (in which case we will explain what those interests are).

We will never misrepresent ourselves or what we are doing. If you receive an email that concerns you, purporting to be from us, please let us know by dialling the number provided.

We will not make your personal data available to anyone else without your agreement unless it is for research purposes or if required by law and/or by regulators or authorities. In these cases, the legal basis of our disclosure of your personal data is it is necessary to comply with a legal obligation. The data that we disclose may include your name and e-mail address.

Our third-party partners are all contractually bound to keep any information they collect and disclose to us, or that we collect and disclose to them, confidential and must protect it with security standards and practices that are equivalent to our own.

Where We Store Your Personal Data: For personal data subject to the GDPR and transferred to a country or territory outside the European Economic Area (EEA), we shall put adequate safeguards in place to ensure the transfer is made by a lawful method for the purposes of EU data protection law and secure. For personal data which is not subject to the GDPR, Research Connect shall strictly follow any other applicable data protection laws.

Research Connect’ data storage servers are in Europe and in the United States of America (USA) and are managed by third-party service providers in the cloud.

We take appropriate technological and organizational measures to protect your personal data, both during transmission and once we receive it. Our security procedures are consistent with generally accepted standards used to protect personal data.

All our employees are contractually obliged to follow our policies and procedures regarding confidentiality, security and privacy.

Your account information and personal data are password-protected so you and only you have access to your information. In order to keep your personal data safe, we recommend you do not divulge your password to anyone. Research Connect will never ask you for your password in an unsolicited phone call or in an unsolicited email.  Also, please remember to sign out of your Research Connect account (if any) and close your browser window when you have finished visiting our site. This is to ensure others cannot access your personal data and correspondence if you share a computer with someone else or are using a computer in a public place like a library or Internet cafe. Please change your password regularly.

Confidentiality and Industry Requirements

Whenever Research Connect handles personal data as described above, regardless of where this occurs, Research Connect takes steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, Research Connect cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, we will take reasonable steps to ensure our systems are secure.

Ultimately, you are solely responsible for maintaining the secrecy of your passwords and/or any account information. Please be careful and responsible whenever you’re online.

ACCURACY

We take reasonable steps to keep personal data in our possession or control accurate, complete and current, based on the most recent information made available to us by you and/or by our client.

We rely on you to help us keep your personal data accurate, complete and current by answering our questions honestly. You are responsible for ensuring that you notify us of any changes to your personal data.

CHILDREN'S DATA

Research Connect recognizes the need to provide further privacy protections with respect to personal data collected from children. Our Sites are not intended or designed to attract children under the age of 16. We do not knowingly collect personal information from or about any person under the age of 16. If you are under 16 years old and wish to ask a question or use this Site in any way which requires you to submit your personal information, please ask your parent or guardian to do so on your behalf.

RIGHTS OF INDIVIDUALS

To request access to personal data that we hold about you, you should submit your request in writing to the e-mail address provided.

You have the following rights in relation to your personal data:

• Right to change your mind and to withdraw your consent
• Right to access your personal data
• Right to rectify your personal data
• Right to erase your personal data from our systems, unless we have legitimate interest reasons for continuing to process the information
• Right to port your personal data (portability right)
• Right to restrict processing of your personal data
• Right to object to the processing of your personal data

We shall also notify third parties to whom we have transferred your personal data of any changes that we make on your request. Note that while Research Connect communicates to these third parties, Research Connect is not responsible for the actions taken by these third parties to answer your request. You may be able to access your personal data held by these third parties and correct, amend or delete it where it is inaccurate.

As required by ISO 27001, ISO 9001, ISO 20252 and in certain instances the law, our electronic systems are backed up and archived. These archives are retained for a defined period in a strictly controlled environment. Once expired, the data is deleted, and the physical media destroyed to ensure the data is erased completely.

DATA STORAGE AND RETENTION

Personal data will be retained only for such period as is appropriate for its intended and lawful use. Research Connect will retain your personal data for as long as you have not unsubscribed from our database. In case you unsubscribe from our database, we shall retain data for no longer than 3 months after you unsubscribe, unless otherwise required by law. Personal data that is no longer required will be disposed of in ways that ensure their confidential nature is not compromised.

As required by ISO 27001, ISO 9001, ISO 20252 and in certain instances the law, our electronic systems are backed up and archived. These archives are retained for a defined period in a strictly controlled environment. Once expired, the data is deleted and destroyed to ensure the data is erased completely.

NOTIFICATION OF MATERIAL CHANGE

We reserve the right to change, add to, or remove portions from this Privacy Policy at any time. You should read this page regularly to ensure you are updated as to any changes. However, if any material change is made to this Privacy Policy, we will notify you of that change. Non-material changes to this Privacy Policy will be announced through the Sites only. Your continued access to the Sites and Services after such changes conclusively demonstrates your consent to any changes. 

We will always display the most up-to-date privacy policy on this web page.

HOW TO CONTACT US

If you have any questions or concerns relating to your privacy or to Research Connect privacy practices, you can contact Research Connect:

• by email at: info@research-connectllc.com
• by post to: +1 917 415 0356

COMPLAINTS AND COUNTRY SPECIFIC DISCLOSURE

If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state or jurisdiction of your habitual residence, your place of work or the place of the alleged infringement.