Privacy Policy Effective Aug 2019

Introduction
Quality Data Services, Inc. (QDS) is a clinical research organization dedicated to assisting companies in the life sciences with performing and clinical trials. To perform the tasks associated with our work, QDS may need to collect personal information from individuals in the US, EU, and UK. QDS respects the privacy of individuals, and the purpose of this privacy policy is to notify you of the type of personal information we may collect and the uses of that personal information, and how you may contact us to obtain, correct, or in some cases opt out of our use of your personal information. This policy may be modified or amended as required and will be posted to the QDS website at https://www.qdservices.com/.  

EU-U.S. Privacy Shield Framework
Quality Data Services, Inc. complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and the United Kingdom transferred to the United States pursuant to Privacy Shield. Quality Data Services, Inc. has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

Notice
Quality Data Services Inc. may collect the following personal data: Vendor and client personal data for the purpose of receiving or providing services in our role as a Clinical Research Organization providing project management, data collection, and analysis services for clinical trials. This information usually consists of non-sensitive contact information, such as name, email address, work address, company name, job title, and phone number. Clinical study staff personal data to meet legal and regulatory requirements and perform contracted services. This information usually consists of non-sensitive contact information, such as name, email address, work address, company name, job title, and phone number.

Key-coded clinical subject data to perform contracted clinical study services. This data usually contains sensitive personal data, but it is anonymized through key-coding by the clinical study staff. Cookies – Quality Data Services Inc. does not use cookies on our corporate web site (https://www.qdservices.com/) and does not obtain personal information through the site. Services provided through our web-based application require the use of a session cookie that expires at the end of the session, and the site collects and stores the IP address of the connection for security purposes.  

Choice
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to info@qdservices.com.

As a data processing company, the personal information transferred or collected by QDS is usually obtained through expressed consent, or contractual obligation and may be required to be retained or transferred to meet legal or regulatory requirements. For these reasons opting out may not be available to the individual.  

Onward Transfers
QDS may be required to transfer personal information to third party vendors providing services, such as; data backup and storage, data hosting, or communication services required for QDS to meet business requirements. QDS will ensure the third parties meet the principles of Privacy Shield or similar data and privacy protection guidelines.

QDS’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, QDS remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless QDS proves that it is not responsible for the event giving rise to the damage.

QDS may be required by law to transfer personal data upon lawful request by public authorities for national security or law enforcement.  

Security
QDS shall employ reasonable methods to secure personal data and prevent unauthorized access or use from occurring.  

Data Integrity and Purpose Limitation
QDS will take appropriate and reasonable measures to ensure data integrity and will limit the collection and processing of personal data to meet the minimums required to perform our contracted or regulated tasks.  

Access
Pursuant to the Privacy Shield Frameworks, EU and U.K individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to info@qdservices.com. If requested to remove data, we will respond within a reasonable timeframe.  

Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Quality Data Services, Inc. commits to resolve complaints from EU and U.K. individuals about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. Individuals in the European Union or the United Kingdom with Privacy Shield inquiries or complaints should first contact Quality Data Services, Inc. at:

info@qdservices.com
or
Privacy Policy
Quality Data Services Inc.
985 Old Eagle School Rd.
Suite 510
Wayne, PA 19087


Quality Data Services, Inc has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your complaint involves human resources data transferred to the United States from the EU in the context of the employment relationship, and QDS does not address it satisfactorily, QDS commits to cooperate with the panel established by the EU data protection authorities (DPA Panel), as applicable and to comply with the advice given by the DPA panel, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

QDS uses a self-assessment approach to ensure compliance with the Privacy Shield Principals. The Federal Trade Commission has jurisdiction over Quality Data Services, Inc.’s compliance with Privacy Shield.