The Study Coordination Platform

Effective Date: 08/11/23

Privacy Commitment

Revise, LLC (“Revise” “We,” “our,” “us”), formerly Rebar Interactive, LLC, understands that privacy is important to you and is strongly committed to protecting and ensuring all personal data is protected. This Privacy Policy applies to all websites developed, maintained, and operated by Revise.

Revise is an innovative clinical trial solution provider that uses technology to engage, recruit, and retain patients in clinical trials. Clinical and medical research rely on the collection and analysis of the most confidential and personal data. The information that we collect about you from our websites will be maintained and used in accordance with this Privacy Policy and applicable laws, rules, and regulations. By accessing our websites, you agree to the terms and conditions set forth herein. If you do not agree to any of the terms or conditions in this Privacy Policy, please do not access or use any part of our websites.

We perform as a data “processor” that processes personal data on behalf of clinical trial sponsors, clinical research organizations (CROs), and clinical research sites. You are responsible for carefully reading this Privacy Policy in its entirety. This policy explains how we collect, use, and protect your personal data; and how we comply with laws on data privacy and confidentiality.

By providing us with your Personally Identifiable Information (“PII”) (as defined below), including Personal Health Information (“PHI”) (as defined below), you consent to the collection and use of any information you provide in accordance with this Privacy Policy.

Revise may share information among third parties working with or on behalf of Revise, and such information shall be protected in accordance with the terms of this Privacy Policy.

Revise complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Revise has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Revise has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

The Federal Trade Commission has jurisdiction over Revise’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Information We Collect

Revise collects all information you provide to us.

This includes but is not limited to information you provide when you subscribe to our newsletter, respond to a survey, or fill out a form. Our surveys or forms may ask you to enter your: name or e-mail address. You may, however, visit our site anonymously. We will only collect PII (as defined below) including PHI (as defined below) if you voluntarily provide such information to us.

We will collect information automatically through the use of Cookies, Beacons, Web Logs, and Similar Tracking Technologies, as described below.

Cookies

We collect non-identifiable web usage data about your use of our website through the use of Cookies. A Cookie is a small piece of information that our server sends to your web browser when you access our websites. Every computer that accesses our websites is assigned a different Cookie by Revise. Cookies are capable of storing many types of non-identifiable data. Cookies may be used to help us analyze usage of our websites, to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction (so that we can offer better site experiences and tools in the future), or to restrict underage use of the website.

We do not link basic data from Cookies to PII without your permission, and we do not use Cookies to collect or store PHI about you.

The Options/Settings section of most internet browsers will tell you how to manage cookies and other technologies that may be transferred to your device, including how to disable such technologies. You can disable our cookies or all cookies through your browser settings, but please note that disabling cookies may impact some of our service features and prevent the service from operating properly.

We may use or engage a third party that uses Local Stored Objects (LSOs), sometimes referred to as “Flash Cookies”, and other technologies to collect and store information about your use of our Service. A flash cookie is a small data file placed on your device using Adobe Flash technology. Flash cookies are different from the cookies described above because cookie management tools provided in your browser will not remove them. To limit the websites that can store information in flash cookies on your device, you must visit the Adobe website: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Web Beacons, IP Addresses, and Similar Tracking Technologies

When you visit our services, we may collect your IP address for certain purposes such as, for example, to monitor the regions from which you navigate our services. An IP address is a number assigned to you by your Internet service provider so you can access the Internet. Although we do receive IP addresses, we do not use them to identify you personally or disclose them to others. We may also use web beacons alone or in conjunction with cookies to compile information about your usage of our service and interaction with emails from us. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular site tied to the web beacon. We may use web beacons to operate and improve our Service.

Web Logs

Revise uses standard Web Logs that record basic data about your visit to our websites, such as the date and time of the visit, the pages viewed during the visit and the domain name of your Internet service provider.

We do not normally seek to identify individuals from Web Logs. However, we may use Web Logs to identify an individual whom we suspect tried to damage our websites or use them in an unauthorized way. We may share our Web Logs with law enforcement agencies if we believe there has been a violation of computer security or related laws or as otherwise required in order to comply with applicable law or legal process. In addition, we may share our Web Logs (which do not contain any PII) with our partners to assist them in better designing their websites for clinical research studies.

Device and Online Usage

We may collect information about your computer, browser, mobile or other device that you use to access our Service. We may use cookies, pixels, log files, and other techniques to collect such information, including IP address, time zone, device identifiers and other unique identifiers, browser type, browser language, operating system name and version, device name and model, version, referring and exit pages, dates and times of Service access, links clicked, features used, crash reports, and session identification information.

Third Party Automated Collection and Analytics Services

We may use certain third parties, including, but not limited to analytics service providers, to improve the functionality, features, or delivery of our services. We may also allow these third parties to place tags on our digital properties, and use these services to record mouse clicks, mouse movements, scrolling activity, as well as any text that you type into our service. For example, we use Google Analytics on our service to track user trends and usage. For more specific information on Google Analytics’ processing of your information as it relates to our services, please see the Google Analytics section below.

Google Analytics

Google, as a third-party vendor, uses cookies to serve ads on your site. Google’s use of the DART cookie enables it to serve ads to you based on your visit to our sites and other sites on the Internet. You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy.

Our websites may use Google Maps or Google Analytics, a web analytics service provided by Google, Inc. (“Google”), which uses cookies to help analyze how users use the sites. The information generated by the cookies about your use of the websites (including your IP address) will be transmitted to and stored by Google [on Revise’s behalf] under Google’s privacy policies:
Google: http://www.google.com/intl/en/analytics/privacyoverview.html

You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of our websites. By using our websites, you consent to the processing of your information by Google in the manner and for the purposes set out above.

Information we Collect from Other Sources

We may collect information about you from other sources or individuals. For example, we may collect information you submit to a blog, chat room, or social network. We may also collect information from other companies, clients, organizations, or third-party partners.

How we Use Your Information

Any of the information we collect from you may be used in one of the following ways:

To personalize your experience (your information helps us to better respond to your individual needs)
To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)
To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
To administer a contest, promotion, survey or other site feature
To send periodic emails (Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email). The email address you provide us will only be used for the purposes for which you provided it.

Use and Disclosure of PII and PHI

PII that may be collected via a clinical research study questionnaire is information that can be traced back to an individual. PHI is a combination of your PII with known health characteristics. For example, if you indicated that you have a certain disease or condition, when that information is combined with your name, it becomes PHI. Examples of PII include your name, home address, telephone number, email address, date of birth, and any other information that is linked to this identifying information.

You may voluntarily provide PII and/or PHI, and if you choose to do so, you consent to our collection and use of such information as described in this Privacy Policy. We will use your PII and PHI only for the reason you entered it on our website. You are responsible for ensuring the accuracy of the PII and PHI you submit to Revise. Inaccurate information will affect the quality and integrity of the purpose for which you are provided the information.

While you may view some of our websites without providing PII, this information will be required to determine eligibility to participate in a research study, among other necessary purposes.

We will not use or disclose PII or PHI of users of our clinical research study websites for any purpose other than those described in this Privacy Policy. If these uses change at any time, we will update the privacy policy on our websites. We use and disclose PII and PHI obtained from users in the following ways:

COMMUNICATION WITH REGARD TO STUDY REFERRAL PRE-QUALIFICATION AND/OR OTHER STUDY-RELATED PURPOSES

PII and PHI will be used by Revise to follow-up with the clinical study site about your pre-qualification for and participation in the study and may be shared with the clinical study site for its assessment of your qualification for and participation in a study.
AGENTS AND SERVICE PROVIDERS SUPPORTING STUDY RECRUITMENT EFFORTS

We sometimes employ web hosting companies to maintain our clinical study websites and data collected through those websites on our behalf in support of our study recruitment efforts. We may share your personal information, such as your name, disease or condition, home address, telephone number, email address, date of birth, and any other information that is linked to this identifying information, with these hosting companies so that they may perform such web hosting services for us. With respect to those companies and individuals with whom we share your personal information, we use commercially reasonable efforts to ensure that those companies and individuals adhere to this Privacy Policy or privacy practices similar to those indicated in this Privacy Policy.

We may also be required to disclose PII and PHI to comply with a law or regulation, in response to a search warrant, subpoena, court order, or other valid legal process, or in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In the event that we are legally compelled to disclose your PII or PHI to a third party, we will attempt to notify you, unless doing so would violate the law or be inconsistent with our legal obligations.

Disclosures may also be appropriate in any of the following circumstances:

(a) to protect our legal rights or the rights of users of our websites,
(b) to protect the security or integrity of our websites,
(c) to take precautions against liability,
(d) to enforce this Privacy Policy,
(e) if Revise undergoes any change in control, including by means of merger, acquisition or purchase of all or substantially all of its assets,
(f) to detect, prevent, or otherwise address fraud,
(g) pursuant to your explicit approval, or
(h) during emergencies if physical safety is believed to be at risk.

In cases of onward transfer to third parties of data of EU, United Kingdom and Swiss individuals received pursuant to the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Revise is liable unless we can prove we were not a party to the actions giving rise to the damages.

Children’s Privacy

We are committed to protecting the privacy of children. Neither Revise, nor any of its websites or services, are designed or intended to attract children under the age of 13. We do not collect, solicit, or use PHI or PII from any person we actually know is under the age of 13, unless we have the consent of the child’s parent or guardian. If we learn that we collected PII from any child under the age of 13 without the consent of the child’s parent or guardian, we will endeavor to delete that information as soon as possible. Please contact Revise at privacy@revisetrials.com or (888) 526-0867 if you have reason to suspect that we have collected the PHI or PII of any child under the age of 13.

Data Security

We maintain generally accepted industry standard technical, physical, and organizational procedures to safeguard PII and PHI against unauthorized or unlawful processing and against accidental loss, alteration, disclosure and access. Please note, however, that there are inherent risks in transmission of information over the Internet and electronic storage of information, and we cannot guarantee that unauthorized access or use of your PII or PHI will never occur.

Sharing Information with Third Parties

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may be required to disclose PII and PHI to comply with a law or regulation, or in response to a search warrant, subpoena, or court order. In the event that we are legally compelled to disclose your PII or PHI to a third party, we will attempt to notify you, unless doing so would violate the law or court order. Disclosures may also be appropriate to protect our legal rights, to protect the security or integrity of our websites, to take precautions against liability, or during emergencies if physical safety is believed to be at risk. These types of disclosures are unlikely to occur, but we want you to be aware that they are possible.

Advertisers

From time-to-time, we engage advertising services to assist us in advertising our brand and services based upon your interests and in order to display content that is relevant to you (“Interest-Based Advertising”). Those services may target advertisements on our website as well as third-party websites based on cookies or other information indicating previous interaction with our services. These third parties may collect information from your use of our services over time and that information may be combined with information collected about you across different websites and online services. These third-party advertisers may be participants in the Network Advertising Initiative and/or the Digital Advertising Alliance, which allow users to opt out of ad targeting from participating organizations. To learn more about interest-based advertising, or to opt out of having your information used by certain third parties for behavioral advertising purposes, go to www.aboutads.info/choices or https://www.networkadvertising.org/choices/.

Please note that when you opt out of receiving interest-based advertising, this does not mean you will no longer see advertisements from us.

Social Media, Ads, and Plug-Ins

We engage with guests on multiple social media platforms (e.g., Facebook and Instagram). If you contact us on one of our social media platforms, request guest service via social media, or otherwise direct us to communicate with you via social media, we may contact you via direct message or use other social media tools to interact with you. In these instances, your interactions with us are governed by this privacy policy as well as the privacy policy of the social media platform you use.

We may display targeted ads to you through social media platforms and other websites. These ads are sent to groups of people who share traits such as likely commercial interests and demographics.

Our online services may use social media plug-ins (e.g., the Facebook “Like” button, “Share to Twitter” button) to enable you to easily interact with certain social media websites (e.g., Facebook, Twitter, Instagram) and share information with others. When you visit our online services, the operators of the available social media plugins can place a cookie on your device enabling such operators to recognize individuals who have previously visited our online services. If you are logged into these social media websites while visiting our online services, the social media plugins allow the relevant social media websites to receive information that you have visited our online services or other information. The social media plugins also allow the applicable social media websites to share information about your activities on our online services with other users of the social media website. For example, Facebook Social Plugins allow Facebook to show your “Likes” and comments on our online services to your Facebook friends. Facebook Social Plugins also allow you to see your friends’ Facebook activity on our online services. We do not control any of the content from the social media plugins.

Links to Other Websites

Our websites may contain links to other websites. Please keep in mind when you access websites operated by other parties, whether through links on our website or otherwise, that we do not control what happens on those websites. You should always check the privacy policy of the website you are visiting in order to be sure you know how the operator of that website will collect information from you and what the operator of that website will do with the information.

Do Not Track Signals

We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services.

Aggregated or De-identified Information

To better serve our users, business partners, and to improve our services, we may conduct research on user demographics, interests, and behavior, or engage in other activities based on identifiable personal information and/or information that we aggregate or de-identify. Aggregated or de-identified information is not considered personal information and does not identify a user personally. We may share this aggregated or de-identified information with our affiliates, agents, business partners, and/or other third parties.

Internet Transmission Risks

We acknowledge that no internet transmission is ever 100% secure or error free. It is your responsibility to ensure that the computer you use is adequately secured and protected against malicious software, Trojan horses, computer viruses, and worm programs. Without adequate security measures on a computer, there is a risk that the information you provide could be disclosed to unauthorized third parties. Similarly, despite Revise’s efforts to protect your PII and PHI, as noted above, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your information over the internet may be intercepted.

Rights to Access, Amend, and Delete Information

Revise acknowledges the EU and Swiss individual’s right to access their personal data. We provide you with reasonable access to the PII and PHI that we maintain about you. Subject to any legal requirements, you are given a reasonable opportunity to correct, amend, or delete information that is inaccurate. You may do so by contacting the Privacy Contact as set forth below, and we will respond within a reasonable timeframe.

Change Notification

As privacy laws and regulations evolve, it may be necessary to revise or update our Privacy Policy without notice. You can determine if this Privacy Policy has been revised since your last visit by referring to the “Effective Date” of this policy. Your use of our websites constitutes your acceptance of the terms of the revised Privacy Policy, and you should therefore review the Privacy Policy regularly to ensure that you are aware of its terms.

Retention of PII and PHI

We will only maintain PII and PHI for as long as we are required to do so by applicable law(s), or for as long as necessary for the purpose(s) for which it was collected or processed. We will delete PII and PHI when such time period has ended.

International Transfer

We are committed to complying with applicable international laws, regulations, and mandatory government standards regarding the protection of personal data.

Since we are a global organization, personal data and any additional information submitted may be used globally in connection with patient recruitment, or communicating with CROs, clinical trial sponsors, clinical research sites, and other partners. Therefore, personal data may be transferred to such entities worldwide, where it will be processed in accordance with this Privacy Policy and laws that are applicable in each country. Countries where we process data may have laws which are different, and potentially not as protective, as the laws of your own country.

If we transfer your personal data out of your jurisdiction, we will implement suitable safeguards and rely on universally accepted mechanisms to lawfully transfer data across borders to ensure that your personal data is protected.

For EU Individuals: Your Rights under the General Data Protection Regulation

Revise performs as a data “processor” that processes personal data on behalf of its customers who include, but are not limited to, clinical trial sponsors, clinical research organizations, and research sites. If you are interested in participating in a research study or program that appears on one of our client clinical research websites, we will request that you opt-in to explicitly consent to our collection and processing of your personal data for purposes of recruitment for the relevant research study or program, prior to providing your personal data. Specifically, during the process of registration to be considered for participation in the research study or program (which includes completing a prequalification survey), you will have the opportunity to affirmatively indicate your consent to the processing of your personal data as described in this Privacy Policy and/or as described on our clinical research website during registration (as applicable).

Under the GDPR your rights are as follows.

The right to be informed – You have the right to request that we inform you about any recipient or categories of recipients of your data;
The right of access – You have the right to request copies of your personal data that we maintain (we may charge you a small fee for this service);
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete;
The right to erasure – You have the right to request that we erase your personal data, under certain conditions;
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions;
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions;
The right to object – You have the right to object to our processing of your personal data, under certain conditions; and,
The right to invoke binding arbitration - You have the right to invoke binding arbitration, under certain conditions.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Revise commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

You also have the right to voice concern or file a complaint to a supervisory authority in the EU Member State in which you are located if you feel there is a problem with the way we are handling your data. You can find a list of EU national data protection authorities here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Privacy Contact Information

Questions or comments regarding this Privacy Policy, or our practices should be submitted to:

Revise
Attn: Privacy Officer
1606 Headway Circle
Suite 9092
Austin, Texas 78754
USA
privacy@revisetrials.com

Reservation of Rights

Revise reserves the right to share an individual’s information as required by law or to duly authorized information requests of government authorities.