Company Privacy & Data Security Policy
Effective Date: July 7, 2023
Sundance Clinical Research ("the Company") is committed to protecting the privacy and ensuring the security of personal information entrusted to us. This Company Privacy and Data Security Policy outlines our internal guidelines and procedures for handling personal data to maintain confidentiality, integrity, and compliance with applicable privacy and data protection laws.
Data Collection and Use
Collection of Personal Information
The Company may collect personal information from individuals through various means, such as contact forms on our website, Facebook, etc. The types of personal information we collect include:
First and last name
Purpose of Collection and Use
The personal information collected is used solely for the purposes of facilitating correspondence, responding to inquiries, improving services, conducting research, and complying with legal obligations. We ensure that personal information is only accessed and processed by authorized personnel on a need-to-know basis.
Use of Google Analytics
The Company does not sell, rent, or disclose personal information to third parties unless required by law or with explicit consent from the individual. Any sharing of personal information with third parties is done in compliance with applicable privacy laws and appropriate safeguards.
Safeguarding Personal Information
The Company implements reasonable technical, physical, and administrative measures to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include, but are not limited to, access controls, encryption, firewalls, secure storage, and employee training on data protection.
Personal information is retained for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law or legitimate business needs. When personal information is no longer needed, it is securely disposed of in accordance with applicable regulations.
All employees and personnel of the Company are responsible for understanding and adhering to this policy. Employees are trained on data privacy and security practices and are required to handle personal information in a confidential and responsible manner. Breaches of this policy may result in disciplinary action, up to and including termination of employment.
Data Breach Response
In the event of a data breach involving personal information, the Company will promptly investigate and take appropriate actions to mitigate the impact. This includes notifying affected individuals, regulatory authorities, and other parties as required by applicable laws and regulations.
The Company reserves the right to update, modify, or revise this Privacy and Data Security Policy as needed. Changes will be communicated to employees and posted on internal platforms. Employees are expected to stay informed about policy updates and comply with the most recent version.