Privacy Policy
What is this privacy policy for?
This policy explains when, why, and how GaeaOÜ and Gaea Trial Acceleration OÜ (collectively “Gaea”) collect personal information ( data ) about individuals who visit the website, contact Gaea via the website or otherwise, affiliates of Gaea, work applicants, and anyone who does not relate to staff, or is a patient involved in a clinical trial.
If you relate to trial sites’ staff, regular staff, or affiliates, part of Gaea’s internal governance, we refer to a separate internal employee privacy notice.
Patients who are part of a Gaea-managed clinical trial will receive a privacy statement when signing the consent for the trial. If you are a patient in a Gaea managed trial and would like to request a another copy of thr privacy statement related to your trial, to ensure your confidentiality, we advise you to ask your trial site contact for another copy.
This privacy policy describes how Gaea uses the information, the conditions under which it may disclose information to others, and how it is kept secure. Furthermore, it describes all data subject rights and contact for further information about how Gaea uses your data.
Gaea may update this policy from time to time, so please check this page occasionally to ensure that you’re aware of any changes that may apply to you.
Any questions regarding this policy and Gaea’s privacy practices can be directed via email to our Data Protection Officer via: [email protected]
What is GaeaOÜ?
GaeaOÜ is a clinical research organisation which means it is organising and managing clinical trials, and Gaea Trial Acceleration (GTA) OÜ is involved in assisting trials run by other companies to improve their enrolment of patients.
Contact information:
GaeaOÜ/ Gaea Trial Acceleration OÜ
Palo Alto Club
Telliskivi 57
10412
Tallinn
Estonia
CEO of Gaea
Nigel Goodman
[email protected]
Data Protection Officer (DPO):
Steffi Besselink
[email protected]
How does Gaea collect information about you?
Gaea obtains information about you when you use the website and complete the contact form. Gaea also collects your employment information when you apply for our employment posts.
Cookies
Gaea also may collect cookies when you make use of the website. These are necessary for the functionality of the website.
Gaea does not monitor or track your behavior on our website. If Gaea decides to do so it shall request specific consent from you.
You can change your cookie preferences at any moment via the settings in the corner of your browser.
What type of information is collected?
The personal information Gaea collects via the message tab on our websites includes your name and email. Personal information from job applicants includes furthermore all information you provide via your CV.
If we have connected with you in seminars or via online platforms like LinkedIn, we may have stored the name and email of your legal entity in a secure data repository to contact you again in the future for collaboration in clinical trials.
How is the information you provided on our website contact form used?
Gaea may use your information to:
- Contact you regarding questions raised in the contact form.
- Progress a request you have submitted and send you information directly.
- Seek your views or comments on the services Gaea provides.
- Send you communications which you have requested.
- Contact you related to your message concerning an employment or contractor application.
How long do we keep your data?
Gaea reviews the retention periods for personal information on a regular basis, at least annually.
Gaea is legally required to hold some types of information to fulfil its statutory obligations, related to conducted clinical trials.
Personal data related to job applications, such as CVs, shall only be kept based on your consent for a duration of one year (if there was no current vacancy for the applicant). If you have not provided your consent, your application and related data shall be deleted within 90 days after the completion of the selection process.
Our offline secured file with partner data is reviewed regularly, at least annually. When we have not connected with partners for more than two years, either via a social network platform such as LinkedIn or in person, these data shall be deleted from that list.
Where do we store your data?
Personal data processed by Gaea OÜ is processed and securely digitally stored in the European Union.
However, due to the global nature of clinical trials, it may be that other processors and controllers, related to projects outside the European Union, force Gaea to store personal data outside the European Union. If such is the case, Gaea makes sure this is only done under contractual obligations and security protocols, following Chapter V of the EU Regulation (GDPR).
Who has access to your information?
We do not sell your information to any third parties.
We do not share your information with third parties for marketing purposes.
Only entities contractually affiliated to us due to a project or trial shall have access to your data for a specific purpose and under stringent data protection rules.
How you can access and update your information
The accuracy of your information is important to Gaea. You have the right to request a copy of the information we hold about you so that you can ensure its accuracy.
The right to erasure (“to be forgotten”)
You have the right to instruct Gaea to erase the information held about you. You can do this by contacting by email: Gaea’s Data Protection Officer, via [email protected]
The right to object or restrict processing.
Under the General Data Protection Regulation (EU) 2016/679 you have the right to object or restrict processing of your personal data. If you wish to execute this right, please contact Gaea’s Data Protection Officer. We will try to comply to the best of our ability and if the conditions allow us to do so. Contact [email protected]
Security precautions in place to protect the loss, misuse, or alteration of your information.
When you provide personal information, we take steps to ensure that it’s treated securely.
Non-sensitive details (your email address etc.) maybe transmitted normally over the internet, and despite standard security, this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we apply industry standards as our best effort to ensure its security. If we have given a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
If a personal data breach occurs, we will take immediate steps. Breaches which in the opinion of the DPO impose a high risk on the rights and freedoms of data subjects will be reported to the Supervisory Data Protection Authority in Estonia, to be found at www.aki.ee.
Review of this Policy
Gaea keeps this Policy under regular review. This Policy was last updated in May 2023 (v 6.0)
Do you have any questions?
If you have any questions, complaint or wish to exercise any of your data subject rights, please send and email to [email protected].
If you feel Gaea has insufficiently processed your data protection complaint, you may contact the Data Protection Authority in Estonia.