Privacy Policy

Data Privacy at Greenphire Inc.

At Greenphire Inc. (“Greenphire”) we are strongly committed to protecting your privacy.  This Privacy Policy is designed to answer your important questions about privacy including, what information we collect about you, how we intend to use your information, what choices you have regarding how your information is used, how we protect it, how you can access your information, and how to contact us regarding your information.

This Privacy Policy applies to: (i) all visitors to one of Greenphire’s websites (https://greenphire.com, https://clincard.com, https://myclincard.com, https://eclinicalgps.com, or any successor or allied site), (collectively the “Website” or “Site”); (ii) all users who register or are registered on the Website; and (iii) all information entrusted to us by our clients and business partners in the delivery of our core business services. This Privacy Policy also includes Greenphire’s Cookie Policy and its US-EU, UK and US-Swiss Privacy Shield Statement.

The Information We Collect

The personal data we collect about you (i.e., information which identifies you or from which you are identifiable) can be provided by you for several different reasons which are described below:

1. You have registered to receive information. The type of information that you can register to receive includes, for example:

  • Thought leadership (Articles, white papers, blogs), news (press releases and industry articles) and even information including trade show presentations.
  • Information in connection with your registration or your use of the Site or our products or services
  • Responses to your inquiries, comments, and suggestions
  • Invites to participate in brief surveys
  • Information in connection with the completion of any other transaction, you may perform

Each time you receive an automated email alert, you have the option of canceling your registration and removing your email address from our database by simply clicking on the unsubscribe link at the bottom of each email alert message.

The personal data collected when you register to receive this information on an automated, “alerts” basis may include your name, title, company name, address, contact telephone numbers, and email address.

2. You may opt to provide us information about yourself if you are interested in an employment opportunity at Greenphire. The information requested from you will be based on your area of interest.

3. You can register to request customized information or support assistance. This information is generally collected on “Contact Us” forms where you can ask questions or request information. The personal data you provide on these forms may include your name, title, company name, address, contact telephone numbers, and email address. The purpose of this processing is so that we can respond to your questions or enquiry.

4. Greenphire may also collect information as a processor from or on behalf of our clients and business partners in the delivery of our core business services. Personal data collected may include subject ID or name, date of birth, and address. Additional data may be collected based on need of study or election of patient including, for example: social security number, email, phone number, bank account details. We collect this data for the purpose of fulfilling the services for which we have been contracted. If you are a client or business partner, it is your responsibility to ensure that all personal data provided to Greenphire by or on your behalf is collected in compliance with all applicable law (including without limitation, data protection and privacy laws), including as required, providing the data subjects with information notices and obtaining their valid consent, approval and/or authorization.

5. Greenphire automatically collects information about your use of the Site through data collection tools such as cookies (see section on Cookies below for further information). Please note that our website does not respond to “Do Not Track” signals from your browser.

The Way We Use Information

If your personal data was provided to us by or on behalf of one of our clients, we will only use your personal data to provide the service for which our client has engaged us.

Where Greenphire has otherwise been provided with your personal data we will use your personal data to the extent necessary where in our legitimate interests:

  • to manage and maintain our relationship with you and for ongoing customer service;
  • to provide support and to respond to your requests and enquiries;
  • to personalize your visit to the Website and to assist you while you use the Website;
  • to improve the Website by helping us understand who uses the Website;
  • to protect the security and integrity of our Website and correct technical problems and malfunctions;
  • to monitor, maintain and improve the processes, information and data, technology and communications solutions and services we use;
  • to protect our rights and property and the rights and property of others or to take precautions against liability;
  • for fraud prevention and detection and to comply with applicable laws, regulations or codes of practice;
  • to the extent required or permitted by law, including in response to a court order, subpoena, search warrant, law or regulation, as applicable;
  • to share such personal data with third parties that acquire or are interested in acquiring all or part of our assets or shares, or that succeeds us in carrying on our business.

Greenphire will also use your personal data to contact you to tell you about product and/or services offered by us as well as other promotions and surveys, which we believe may interest you unless you advise us that you do not wish to receive marketing or market research communications from us. If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent.

Greenphire may use non-identifying and aggregate information about the use of our Website to improve the navigation, content, and design of our site. Aggregate data is information we collect about a group or category of services or users from which individual user identities is anonymous and is processed in a way which does not identify anyone. In other words, no personal data is included in aggregate data. This Privacy Policy in no way restricts or limits our collection and use of aggregate data, and we may share aggregate data about our users with third parties to help us better understand our customer needs and improve our services and for advertising and marketing purposes. This information may include, for example, the most and least requested pages and the number of users from the U.S. and other countries, among other things.

Sharing Your Information

Greenphire provides your personal data to third parties such as:

  • clients for whom we work,
  • bank affiliates to conduct due diligence,
  • vendors to provide us with services (i.e. payment card processing, reimbursement or payment, direct deposit, travel, 1099 services),
  • competent authorities, courts and bodies in response to a court order, summons or subpoena, regulatory requests, or as permitted or required by law when we reasonably believe it is necessary or appropriate to investigate, prevent or take action against illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, or
  • any third party that acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or part of our business.

Our Commitment to Data Security

The personal data you provide is stored in a secure electronic database that has access limited to only those who need to know your information. Greenphire employs reasonable precautions to prevent your personal data from loss, misuse, unauthorized access, disclosure, alteration or destruction. We also take all necessary steps to ensure your information is reliable for its intended use, accurate, complete and current. This is achieved by storing your information in a secure electronic database that has physical, electronic and supervisory procedures in place to protect your information. Greenphire also has a corporate policy in place that requires all personnel not to disclose personal data to any third party that is not entitled to have that information.

Retention of Information

We store the information you provide about yourself in a secure database in order to provide you with the information, products, and/or services you request or that Greenphire has been contracted to provide. The criteria used to determine the retention periods include: (i) how long the personal data is needed to provide the services and operate the business; (ii) the type of personal data collected; and (iii) whether we are subject to a legal, contractual or similar obligation to retain the data (e.g., a client contract – where we are acting as a processor, mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes).

Retention Period for ClinCard/eClinicalGPS/Travel Services:

Greenphire will retain: (a) transactional ClinCard data for at least 7 years from study close out, if no balance is available on the card and subject is not associated with any active cards; and (b) all eClinicalGPS transactional data for 2 years from study closeout. Travel profiles are deleted six months after Greenphire closes out the travel with our travel partners.

Cookies

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. Greenphire and our marketing partners, affiliates, and analytics or service providers use cookies and other technologies to ensure everyone who uses our Site has the best possible experience. When you use visit the Site, Greenphire or a third party may place a number of cookies in your browser. By clicking expressly on the button, you agree regarding with the policy of cookies.

Greenphire may use cookies on the Site in order (a) to allow site visitors to personalize their experience, (b) to track a user session within a subscribed product, (c) to track and report website traffic and (d) support our promotional activities and website development. Additionally, our Site may include third party social media features, such as the Facebook Like button and third party widgets, such as the ‘Share This’ button, or interactive mini-programs that run on our Site. These features may collect your IP address (A unique identifier assigned to your computer by your Internet Provider), which page you are visiting on our Site, and set a cookie to enable the feature to function properly. Your interaction with these features is governed by the privacy policy of the third party company providing it.

For example, the Site uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help analyze how users use the site. The information generated by the cookies about your use of the Website (including your IP address) will be transmitted to and stored by Google under its privacy policies: https://policies.google.com/privacy?hl=en

You can control and/or delete cookies as you wish. You may be able to modify your browser preferences to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose not to accept some or all cookies, certain Website features may not function properly. For example, you may not be able to use those functions of the Website that require registration. For details, see https://aboutcookies.org/ or contact us using the contact information below on “How to Contact Greenphire”.

The following is the tracking technologies details around each of the Tracker/Cookies used either on our marketing website (greenphire.com) or within our applications and what they are used for.

Hubspot: Marketing Automation
Google Analytics: Website Analytics
DoubleClick Analytics (now part of Google): Website Analytics
LinkedIn Analytics: LinkedIn page analytics
Facebook Connect: Facebook page analytics
Typekit by Adobe: Website Fonts
ShareThis: Widget sharing
NewRelic: Application and Session activity Monitoring

Your Privacy Choices

Access or Correct Your Information. You can exercise your rights to access your information at any time by contacting either (i) the medical staff from the study or (ii) Greenphire at notices@greenphire.com. To protect your privacy and security, we will also take reasonable steps to verify your identity before updating or removing your information. Please be aware that Greenphire may not be able to comply with a request to amend or remove information that was provided by or on behalf of a client as part of our core business, however, Greenphire will assist clients in so far as is possible, in their obligation to respond to requests.

Our Commitment to Children’s Privacy

Protecting the privacy of the very young is especially important. For that reason, if you are under the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the Children’s Online Privacy Protection Act (COPPA), we do not collect data from children under the age of 13 without the consent of the parent / legal guardian. If we learn that we have collected any such personal data to or through the Services without first receiving his or her parent’s verified consent, we will delete it in accordance with this Privacy Policy.

Links to Other Websites

The Website may contain links to other websites. You should carefully review the privacy policies and practices of other websites, as we cannot control or be responsible for their privacy practices.

California Privacy Rights

Under California Civil Code Section 1798.83 California residents may request certain information about our disclosure of personal data during the prior calendar year to third parties for their direct marketing purposes. We do not share your personal data with third parties or corporate affiliates for their direct marketing purposes.

European Data Protection Laws

For the purposes of European data protection laws, Greenphire is the controller of your personal data to the extent you are in the European Economic Area (“EEA”) or the UK and you are a visitor and/or user of our Website, or we send you direct marketing. Where your personal data has been entrusted to us by our clients or business partners in the delivery of our core business services, Greenphire is handling your personal data as a processor and the information contained in this Privacy Policy is for informational purposes only.

Additional Information for Users in Europe

Greenphire as well as some of the recipients to whom we share your personal data (see above) are located in countries outside of the EEA and the UK including in the U.S., and which are not considered by the European Commission or the UK’s Information Commissioner’s Office to provide an adequate level of data protection. Transfers to Greenphire from the EEA and the UK are made under the Privacy Shield (see below for further information) which offers protections for onward transfers.

Clinical Trial Participant:
If you are a clinical trial participant, Greenphire is processing your Personal Data as a processor on the instructions of our client.

Greenphire shall assist clients in so far as is possible, in their obligation to respond to requests from data subjects exercising their rights under European data protection laws. However, as Greenphire will be processing such personal data as a processor (i.e., on the instructions of the client), to the extent an individual makes such a request (e.g. to access their personal data), such a request will in the first instance be directed to the relevant client as the controller of such personal data.

If you are not a clinical trial participant (i.e., we have not been engaged to provide payment services by your study site and/or clinical trial sponsor), we are processing your Personal Data as a controller for purposes of European data protection laws and you have the following data subject rights (which may be subject to certain limitations):

The Right to Access Your Personal Data
You can ask us to provide copies of all the personal data we hold about you – along with the reason why we have your data, who we have disclosed your data to, how long your data will be stored and information about your rights regarding our use of your data


The Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.


The Right to Object to the Use of Your Personal Data

Where we rely on our legitimate interest to process your personal data, you can object to our processing in certain cases. If the purpose of the processing is for direct marketing, your right to object is absolute.


The Right to Have Your Personal Data Corrected

You can challenge the accuracy of your personal data and have it corrected. You can update the personal data that you give us at any time by contacting us directly at notices@greenphire.com. 


The Right to have Your Personal Data Deleted

You can ask us to delete your personal data under certain circumstances.


The Right to Data Portability

You can ask us for a copy of your personal data to be provided to you, or a third party.

All such requests should be made using the contact details set out below. We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by two months and we will tell you why. We may request proof of identification to verify your request. For more details in relation to your rights, including how to exercise them, please contact us using the contact details below.

You also have the right to lodge a complaint about the processing of your personal data with the data protection authority

Other Data Subject Rights

Individuals in Andorra, Argentina, Australia, California, Canada, Faroe Islands, Guernsey, Hong Kong, Israel, Isle of Man, Japan, Jersey, Mexico, New Zealand, Singapore, South Korea, Switzerland, Uruguay, and certain other jurisdictions have certain data subject rights. These rights vary but they may include the right to: (i) request access to and rectification or erasure of their personal data; (ii) obtain restriction of processing or to object to processing of their personal data; and (iii) the right to data portability. Individuals may also have the right to lodge a complaint about the processing of personal data with a data protection authority.

If you make a request related to information about you, you may be required to supply a valid means of identification as a security precaution. We will process your request within the time provided by applicable law.

Greenphire EU-US, Swiss-US and UK-US Privacy Shield Statement

Greenphire complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union (“EU”), the UK and Switzerland to the United States. Greenphire has self-certified to the Department of Commerce that it adheres to the Privacy Shield Principles (the “Principles”) and commits to subject all Personal Data received from the EU, the UK and Switzerland to the Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Greenphire shall remain liable under the Principles if third-party agents that it engages to process Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Greenphire proves that it is not responsible for the event giving rise to the damage.

If you have any inquiries or complaints, please contact us using the contact information set out below. Under the Privacy Shield, any unresolved privacy complaints can be referred to an independent dispute resolution mechanism. We use the International Centre for Dispute Resolution®/American Arbitration Association®. If you feel that we have not satisfactorily addressed your complaint, you can visit the ICRD/AAA website at https://apps.adr.org/webfile/ for more information on how to file a complaint. In some cases, you may be able to invoke binding arbitration. With respect to personal data transferred under the Privacy Shield, Greenphire is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Greenphire has further committed to cooperate with the panel established by the EU data protection authorities (DPAs), UK’s Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) regarding unresolved Privacy Shield complaints concerning data transferred from the EU, UK and Switzerland.

How to Contact Greenphire Regarding Privacy Issues

Greenphire commits to resolve complaints about our collection or use of your personal data. You can contact us to raise a concern about our processing of your personal data at any time. Individuals with questions, concerns, or complaints regarding this Privacy Policy or the handling of their personal data should submit inquiries to:

Greenphire, Inc.
1018 W. 9th Avenue, Suite 200
King of Prussia, PA 19406
Copy to: notices@greenphire.com or Greenphire’s European Representative: eurepresentative@chaucer.com

Changes to this Privacy Policy

This Privacy Policy may be amended from time to time. Changes to this Privacy Policy will be posted on the Website and we recommend that you periodically review this Privacy Policy to ensure you are aware of any changes made to it.

Effective Date

This Privacy Policy became effective on: 03 January 2010 and was last updated on 25 February 2019.