Privacy Statement for Spiral

Introduction

Welcome to Spiral's privacy statement. Spiral ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This statement outlines how we collect, use, disclose, and safeguard personal information when you interact with our software and services for managing clinical trials.

Scope of this Privacy Statement

This statement applies to all personal data collected and processed by Spiral in connection with our software products and services related to clinical trials. This includes data collected through our website, applications, and any other interactions you may have with us.

Data Collection

This statement applies to all personal data collected and processed by Spiral in connection with our software products and services related to clinical trials. This includes data collected through our website, applications, and any other interactions you may have with us.

1. Personal Data We Collect
Direct Interactions: We may collect personal data that you provide when you register for our services, request information, or communicate with us. This includes your name, email address, phone number, job title, and organisation.
Automated Technologies: We may collect technical data about your equipment, browsing actions, and usage patterns via cookies, server logs, and other similar technologies. This may include IP address, browser type, and usage data.
2. Data Collected Through Software Use
Clinical Trial Data: Our software may collect and process clinical trial data, which may include sensitive health information and participant details. We only collect such data as instructed by our clients and in compliance with applicable laws and ethical guidelines.

Purpose of Data Processing

We process personal data for the following purposes:
Service Delivery: To provide and maintain our software products and services.
Customer Support: To assist you with technical issues, inquiries, and service improvements.
Communication: To communicate updates, offers, and news about our products and services.
Compliance: To comply with legal and regulatory requirements applicable to our operations and services.

Legal Basis for Processing

We process personal data based on the following legal grounds:
Consent: Where you have given explicit consent for specific purposes.
Contractual Necessity: To fulfil our contractual obligations to provide our services.
Legitimate Interests: Where processing is necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests.
Legal Obligations: To comply with legal and regulatory obligations.

Data Sharing and Disclosure

We may share personal data with third parties only under the following circumstances:
Service Providers: We may share data with third-party service providers who assist us in delivering our services, such as IT support.
Legal Requirements: We may disclose data if required by law, regulatory authorities, or to protect our legal rights.
Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the business transaction.

Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. Our security practices include encryption, access controls, and regular security assessments.

Data Retention

We retain personal data only as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, or resolve disputes. The specific retention period depends on the nature of the data and the context in which it was collected.

Your Data Protection Rights

You have the following rights regarding your personal data:
Access: Request access to your personal data we hold.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data under certain conditions.
Objection: Object to the processing of your personal data based on legitimate interests.
Restriction: Request restriction of processing where the accuracy of the data is contested or processing is unlawful.
Portability: Request transfer of your data to another party where applicable.
To exercise these rights, please contact us using the information provided below.

Changes to this Privacy Statement

We may update this privacy statement periodically to reflect changes in our practices or regulatory requirements. We will notify you of any significant changes through our website or direct communication.

Contact Us

If you have any questions or concerns about this privacy statement or our data practices, please contact us at: Email: privacy@spiral.co.nzPhone: +64 21395316 This privacy statement is effective as of 1 June 2024 and is intended to comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

 Flexible Options To Fit Novel Trial Designs

The team behind Spinnaker tailor the software, database, forms and reports to give you maximum flexibility during design and setup.