Phesi is subject to the regulatory and enforcement authority of the U.S. Federal Trade Commission.
Phesi processes contact information including, names, business addresses, work phone numbers, work email addresses, etc. of EU and Swiss clinical trial investigators (“Personal Data”).
Phesi collects and uses Personal Data for purposes of providing products and services to our customers, processing Personal Data on behalf of corporate customers, providing information on our services, and conducting related tasks for legitimate business purposes. Personal data will not be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized.
Phesi may disclose Personal Data to Agents, including but not limited to, providers of analytical, hosting, and other support services. Agents may have access to personal information if needed to perform their functions for Phesi. Phesi will inform individuals the type of Agents their Personal Data is disclosed to, as well as the purpose of the disclosure. Phesi does not transfer Personal Data to non-Agent third parties.
Phesi will require its Agents to safeguard personal information consistent with this Policy by contract obligating the agent to provide at least the same level of protection as is required by the EU-U.S. and Swiss-U.S. Data Privacy Framework Principles. Pursuant to the Data Privacy Framework Phesi remains liable for the onward transfer of EU and Swiss personal data unless we can prove we were not a party to the actions given rise to the damages.
Additionally, Phesi may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Phesi will offer EEA and Swiss individuals whose Personal Data has been transferred to us the opportunity to choose whether the Personal Data it has received is to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. An individual may opt-out of such uses of their Personal Data by contacting us at the address given below.
Phesi will not use sensitive personal information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless Phesi has received the individual’s affirmative and explicit consent (opt-in).
Access and Review
If you are an EU or Swiss Person about whom we hold personal data that has been transferred into the US, you have a right to request access to, and the opportunity to update, correct or delete, such information. To submit such requests or raise any other questions, please contact the business that provided your EU or Swiss Data to us. You can also contact us directly using the contact information below. We reserve the right to take appropriate steps to authenticate an applicant’s identity, and to assess potential impact to the privacy rights of other individuals or companies, in line with the Data Privacy Framework Principles.
Data Privacy Framework Contact
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Phesi commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact:
Pharmaceutical Pipeline Enhancement Strategies, LLC
PO Box 82, East Lyme, CT 06333 USA
Phesi has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf