EU-U.S. Privacy Shield Framework
Quality Data Services Inc. may collect the following personal data: Vendor and client personal data for the purpose of receiving or providing services in our role as a Clinical Research Organization providing project management, data collection, and analysis services for clinical trials. This information usually consists of non-sensitive contact information, such as name, email address, work address, company name, job title, and phone number. Clinical study staff personal data to meet legal and regulatory requirements and perform contracted services. This information usually consists of non-sensitive contact information, such as name, email address, work address, company name, job title, and phone number.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com.
As a data processing company, the personal information transferred or collected by QDS is usually obtained through expressed consent, or contractual obligation and may be required to be retained or transferred to meet legal or regulatory requirements. For these reasons opting out may not be available to the individual.
QDS may be required to transfer personal information to third party vendors providing services, such as; data backup and storage, data hosting, or communication services required for QDS to meet business requirements. QDS will ensure the third parties meet the principles of Privacy Shield or similar data and privacy protection guidelines.
QDS’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, QDS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless QDS proves that it is not responsible for the event giving rise to the damage.
QDS may be required by law to transfer personal data upon lawful request by public authorities for national security or law enforcement.
QDS shall employ reasonable methods to secure personal data and prevent unauthorized access or use from occurring.
Data Integrity and Purpose Limitation
QDS will take appropriate and reasonable measures to ensure data integrity and will limit the collection and processing of personal data to meet the minimums required to perform our contracted or regulated tasks.
Pursuant to the Privacy Shield Frameworks, EU and U.K individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Quality Data Services, Inc. commits to resolve complaints from EU and U.K. individuals about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. Individuals in the European Union or the United Kingdom with Privacy Shield inquiries or complaints should first contact Quality Data Services, Inc. at:
Quality Data Services Inc.
985 Old Eagle School Rd.
Wayne, PA 19087
Quality Data Services, Inc has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the EU in the context of the employment relationship, and QDS does not address it satisfactorily, QDS commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), as applicable and to comply with the advice given by the DPA panel, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
QDS uses a self-assessment approach to ensure compliance with the Privacy Shield Principals. The Federal Trade Commission has jurisdiction over Quality Data Services, Inc.’s compliance with Privacy Shield.