Company Privacy & Data Security Policy
Effective Date: July 7, 2023
Introduction
Sundance Clinical Research ("the Company") is committed to protecting the privacy and ensuring the security of personal information entrusted to us. This Company Privacy and Data Security Policy outlines our internal guidelines and procedures for handling personal data to maintain confidentiality, integrity, and compliance with applicable privacy and data protection laws.
​
Data Collection and Use
Collection of Personal Information
The Company may collect personal information from individuals through various means, such as contact forms on our website, Facebook, etc. The types of personal information we collect include:
-
First and last name
-
Phone number
-
Email address​
Purpose of Collection and Use
The personal information collected is used solely for the purposes of facilitating correspondence, responding to inquiries, improving services, conducting research, and complying with legal obligations. We ensure that personal information is only accessed and processed by authorized personnel on a need-to-know basis.
​
Use of Google Analytics
We utilize Google Analytics, a web analytics service provided by Google, Inc. ("Google"), which uses cookies and similar technologies to collect and analyze information about website usage. This data is used to understand website traffic patterns, user interactions, and improve our website's performance. Google Analytics may collect and process certain information about website visitors, including IP addresses and other device identifiers.
For more information about how Google Analytics collects and processes data, please refer to Google's Privacy Policy and Google Analytics' terms of service.
​​
Data Sharing
The Company does not sell, rent, or disclose personal information to third parties unless required by law or with explicit consent from the individual. Any sharing of personal information with third parties is done in compliance with applicable privacy laws and appropriate safeguards.
​
Data Security
Safeguarding Personal Information
The Company implements reasonable technical, physical, and administrative measures to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include, but are not limited to, access controls, encryption, firewalls, secure storage, and employee training on data protection.
​
Data Retention
Personal information is retained for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law or legitimate business needs. When personal information is no longer needed, it is securely disposed of in accordance with applicable regulations.
Employee Responsibilities
All employees and personnel of the Company are responsible for understanding and adhering to this policy. Employees are trained on data privacy and security practices and are required to handle personal information in a confidential and responsible manner. Breaches of this policy may result in disciplinary action, up to and including termination of employment.
Data Breach Response
In the event of a data breach involving personal information, the Company will promptly investigate and take appropriate actions to mitigate the impact. This includes notifying affected individuals, regulatory authorities, and other parties as required by applicable laws and regulations.
Policy Updates
The Company reserves the right to update, modify, or revise this Privacy and Data Security Policy as needed. Changes will be communicated to employees and posted on internal platforms. Employees are expected to stay informed about policy updates and comply with the most recent version.