Skip to content Skip to footer
Linkedin
Close

Privacy Policy

What is this privacy policy for?

This policy explains when, why, and how GaeaOÜ (“Gaea”) collects personal information (data) about individuals who visit the website and contact Gaea via the website or otherwise; are affiliates of Gaea; are work applicants; and anyone who does not relate to staff or is a patient involved in a clinical trial.

Staff, which are part of Gaea’s internal governance, are referred to the contractual privacy notice.

Participants who are part of a Gaea-managed clinical trial will receive a privacy statement when signing the consent for the trial.

This privacy policy describes how Gaea uses the information, the conditions under which it may disclose information to others, and how it is kept secure. Furthermore, it describes all data subject rights and contacts for further information about how Gaea uses your data.

Gaea will update this policy from time to time, so please check this page occasionally to ensure that you’re aware of any changes that may apply to you.

Any questions regarding this policy and Gaea’s privacy practices can be directed via email to our Data Protection Officer at [email protected].

What is GaeaOÜ?

GaeaOÜ is a clinical research organisation, which means it is organising and managing clinical trials.

Contact information:

GaeaOÜ
working address
Kiriku 6
10130/Tallinn/Estonia

CEO of Gaea
Nigel Goodman
[email protected]

Data Protection Officer (DPO)
Steffi Besselink
[email protected]

How does Gaea collect information?

Gaea can obtain information about you when you use the website and complete the contact form. Gaea also collects your employment information when you apply for our employment posts.

Cookies

Gaea also may collect cookies when you make use of the website. These are necessary for the functionality of the website.

Gaea does not monitor or track your behaviour on our website.

You can change your cookie preferences at any moment via the settings in the corner of your browser.

What type of information is collected?

The personal information Gaea collects via the message tab on our websites includes your name and email. Personal information from job applicants includes, furthermore, all information you provide via your CV.

If we have connected with you in seminars or via online platforms like LinkedIn, we may have stored the name and email of your legal entity in a secure data repository to contact you again in the future for collaboration in clinical trials.

How is the information you provided on our website contact form used?

Gaea may use your information to:

  • Progress a request you have submitted and send you information directly.
  • Seek your views or comments on the services Gaea provides.
  • Send you communications which you have requested.
  • Contacting you related to your message concerning an employment or contractor application.

How long do we keep your data?

Gaea reviews the retention periods for personal information on a regular basis, at least annually.

Gaea is legally required to hold some types of information to fulfil its statutory obligations related to conducting clinical trials.

Personal data related to job applications, such as CVs, shall only be kept based on your consent for a duration of one year (if there was no current vacancy for the applicant).

Where do we store your data?

Personal data processed by Gaea OÜ is processed and securely digitally stored in the European Union.

However, due to the global nature of clinical trials, it may be that other processors and controllers, related to projects outside the European Union, force Gaea to store personal data outside the European Union. If such is the case, Gaea makes sure this is only done under contractual obligations and security protocols, following Chapter V of the EU Regulation (GDPR).

Who has access to your information?

We do not sell your information to any third parties.

We do not share your information with third parties for marketing purposes.

Only entities contractually affiliated to us due to a project or trial shall have access to your data for a specific purpose and under stringent data protection rules.

How you can access and update your information

The accuracy of your information is important to Gaea. You have the right to request a copy of the information we hold about you so that you can ensure its accuracy.

The right to erasure (“to be forgotten”)

You have the right to instruct Gaea to erase the information held about you. You can do this by contacting Gaea’s Data Protection Officer by email via [email protected]

The right to object or restrict processing.

Under the General Data Protection Regulation (EU) 2016/679, you have the right to object to or restrict processing of your personal data. If you wish to execute this right, please contact Gaea’s Data Protection Officer. We will try to comply to the best of our ability if the conditions allow us to do so. Contact [email protected]

Security precautions in place to protect the loss, misuse, or alteration of your information.

When you provide personal information, we take steps to ensure that it’s treated securely.

Non-sensitive details (your email address, etc.) may be transmitted normally over the internet, and despite standard security, this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we apply industry standards as our best effort to ensure its security. If we have given a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

If a personal data breach occurs, we will take immediate steps. Breaches which, in the opinion of the DPO, impose a high risk on the rights and freedoms of data subjects will be reported to the Supervisory Data Protection Authority in Estonia, to be found at www.aki.ee.

Review of this Policy

Gaea keeps this Policy under regular review. This Policy was last updated in May 2026 (v 7.0)

Do you have any questions?

If you have any questions or complaints or wish to exercise any of your data subject rights, please send an email to [email protected].

If you feel Gaea has insufficiently processed your data protection complaint, you may contact the Data Protection Authority in Estonia.

Linkedin
Leave a request or contact us in any convenient way for you.