DSG Inc. Privacy Policy

DSG, Inc. is committed to protecting your privacy. We value your trust, and make it a high priority to ensure the security and confidentiality of the personal information you provide to us. Please read this policy to learn about our privacy practices. This Privacy Policy describes the main types of personal information we may have access to and process within the organization, how we collect, use, disclose and otherwise process personal information in connection with our websites, and other services, and explains the rights and choices available to individuals with respect to their information.

This Privacy Policy defines our commitment to comply with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Principles for all personal information received from the EU and/or Switzerland in reliance on the Privacy Shield. In addition, this Privacy Policy also describes how we comply with data privacy laws and regulation including but not limited to the EU General Data Protection Regulation (Regulation (EU)2016/679) “(GDPR)” and other data privacy and confidently requirements.

By visiting this website, you are accepting the practices described herein.

Definitions

For the purposes of this Privacy Policy the following definitions apply:

Client”/”Sponsor”- Any individual, corporation, or other entity which contracts with DSG Inc. to perform services involving the transfer, processing, or reporting of personal information on behalf of and under the instruction of said “Client”/”Sponsor”.

Data Controller-The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Data Processer-A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Personal Information or personal information-Data that (1) pertains to a specific individuals; (2) can be uniquely linked to that individual (e.g. by name, social security number, driver’s license); (3) originated in an E.U Member State and (4) is provided in any form. Personal Information does not include information that is encoded, stripped of all personal identifiable information, or that is publicly available. References to “personal information” or information in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation and Privacy Shield.

Processing-Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Sensitive Personal Information or personal information-Data that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns the heath or sex life of an individual. DSG will also treat as Sensitive Personal Information any information received from Client/Sponsor where the Client/Sponsor treats and identifies the information as sensitive. References to “personal information” or “information” in this Privacy Policy are equivalent to “sensitive personal data” governed by European data protection legislation and Privacy Shield.

Third Party-Any individual, corporation, or other entity under written contract with DSG, Inc. to assist in fulfilling the responsibilities assigned by the Client/Sponsor or DSG Inc.

Customer Data

We act as a data processor when your personal information is entered into the eCaselink System. As part of our offered system and related data management services, our client/sponsors employees and authorized users may enter personal information from or about their authorized users, employees, and clinical trial subjects (collectively, “Customer Data”), into our servers. The client/sponsor is acting as a data controller and assumes responsibility for the handling of this data.

In regards to Customer Data, we act as a data processor and shall process personal information on behalf of the data controller in accordance with the client/sponsors instructions. Our use of “Customer Data” is subject to the written agreement between us and the client/sponsor. We are committed to ensuring that any customer data processed by us will be done so in full compliance with applicable laws on data privacy and confidentiality.

As a data processor we have no control or ownership of Customer Data. Please direct any inquires, complaints or questions regarding the collection, use, and retention of your personal information to the customer for which you work or which collected your information.

Types of Personal Information and How We Collect It

We collect personal information about you in the following ways:

Information You Give Us

We receive and store any information you enter on our website or give us in any other way. This includes information that can identify you (“personal information”), including your first and last name, telephone number, company name, email addresses, and billing information. We may also collect demographic information, such as your business or company information. Certain fields on the website are marked “optional” and you can choose not to provide information to us. Some information about you may be required in order for you to use the website, ask us a question, or initiate some of the transactions on our site.

We may ask you to provide information for various reasons, including when you:

  • Use our website;
  • Request quotes, services, support or information;
  • Place orders for services;
  • Participate in webinars;
  • Register for events;
  • Interact with us via social media;
  • Participate in surveys or other promotional activities;
  • Subscribe to newsletters, promotional emails or other materials; or
  • Contact us
Information Automatically Collected

We may collect information about your visits to our website, including the pages you view, the links you click, search terms you enter, and other actions you take in connection with our website and services. We may also collect certain information from the browser you used to come to our website, such as your Internet Protocol (IP) address, browser type (such as Firefox or Chrome) and language, device type, geographic location, access times, the Uniform Resource Locator (URL) of the website that referred you to our website and to which URL you browse away from our site if you click on a link on our site. We use third party (Google Analytics) embedded scripts which are bits of programming code included within our web pages. This information is collected to measure how you view or interact with our web pages. We use this information to send marketing emails.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page https://policies.google.com/privacy

Marketing Communications

Marketing emails are sent to the clients who have provided information during registration in the website. You may opt out of marketing-related emails by selecting the unsubscribe link within the marketing notification or by contacting us at info@dsg-us.com. You may continue to receive service-related and other non-marketing emails.

How We Use Your Personal Information

We use information about you for various general purposes and only for the purposes of which it’s collected, including: to provide you with the services you request; to assist with account management; to communicate with you in general; to respond to your questions and comments; to measure interest in and improve our services and website; to notify you about offers and services that may be of interest to you; to solicit information from you, including through surveys; to prevent potentially prohibited or illegal activities; to conduct research and measurement activities; to enforce our Terms of Use; and as otherwise described to you at the point of collection.

Where we act as a data controller; your information will only be used for the purpose of which it was originally collected and which you have consented to.

How We Disclose Your Personal Information

Except as described in this Privacy Policy, we do not share the personal information that you provide to us with other organizations. We may disclose personal information to third parties under the following circumstances:

  • Business Partners - We may disclose your personal information to carry out transactions you request with business partners that help us customize, analyze and/or improve our communication or relationship with you and/or provide our services to you. We may also provide this information to business partners with whom we may jointly offer products or services, or whose products or services may be of interest to you. Please note that while we will only disclose your information with business partners who share our commitment to protecting your personal information, we do not control the privacy practices of these third-party business partners
  • Service Providers/Professional Advisors - We also may disclose aggregate or anonymous information with third parties, including our marketing agencies and investors. For example, we may tell our marketing agency the number of visitors our website receives. This information does not contain any personal information and is used to develop content and services we hope you will find of interest
  • Compliance with Laws and Law Enforcement; Protection and Safety - We may disclose information about you 1) In response to lawful requests by public authorities, including to meet national security or law enforcement requirements; which enforcement authority has jurisdiction over the organization’s compliance with the Framework, and the organization’s liability in cases of onward transfer of data to third parties or in response to subpoenas, court orders, or other legal or regulatory process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us 2) When we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of our company or this website, our customers, or others; and in connection with our Terms of Use and other agreements 3) In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy
  • Affiliates - We may disclose your personal information with our corporate affiliates for them to use such information in the same manner as described in the Privacy Policy
Your Rights With Respect to Your Personal Information

According to the data protection and privacy regulation where you live, you may have certain rights with response to your personal information.

Your rights may include, under certain terms and conditions set in the Privacy Shield Principles, the EU General Data Protection Regulation (GDPR) or other applicable law

Should you wish to exercise any of these rights, please contact us at: dataprivacy@dsg-us.com

Where we act as a data processor of Customer Data, please direct any questions regarding your rights to the customer for which you work or which collected your information.

Choices with Respect to Your Personal Information

Your personal information is processed based on several legal bases, including your consent. You can withdraw your consent at any time by contacting us directly at info@dsg-us.com. Other legal bases, including statutory or contractual requirements that apply to you or our Customer might remain intact even following the withdrawal of your consent. You can also turn off the scripting functionality, such as JavaScript, within your browser or choose not to provide us with specific information when requested but please note that the website may not function properly or process your requested information.

Security and Data Retention

We want you to feel confident about using our website and services, and we are committed to protecting the personal information we collect. As part of this commitment, we have achieved ISO/IEC 27001:2013 –Information security management system certification. ISO/IEC 27001:2013 provides a standard for maintaining an information security management system (ISMS) including appropriate administrative, technical, and physical security procedures to help protect the personal information you provide to us. In addition, we use encryption (as applicable) when transmitting your personal information between your system and ours, and we employ firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to your information.

We retain personal information we collect for different periods, depending on the type of information, the period of our contract with our Customers, legal requirements regarding certain types of data, and other factors. Generally speaking we will retain your personal information for as long as necessary to fulfil the purposes of which we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Legal Bases for Processing

We are required to inform you of the legal bases of our processing of your personal information, which are described in the list below.

  • To provide a service - processing is necessary to perform the contract governing our provision of the services or to take steps that you request prior to signing up for the services.s
  • To communicate with you; to create anonymous data for analytics; and for compliance, fraud prevention and safety-These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
  • To comply with law- Processing is necessary to comply with our legal obligations
  • With your consent-Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime

If you have questions about the legal bases of how we process your personal information, contact us at dataprivacy@dsg-us.com

Privacy policies of other websites

If any part of this website links you to other sites, those sites do not operate under this Privacy Policy. We recommend you examine the privacy statements posted on those other websites to understand their procedures for collecting, using, and disclosing personal information.

Children’s Privacy

This is a general audience website and is not intended to or designed to neither attract children under aged 13, nor do we offer services directed to such children. We do not collect personal information from any person we actually know to be under the age of 13.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time and will do so in compliance with Privacy Shield. If we do update the Privacy Policy, we will revise the policy’s effective date, included at the end of policy. We encourage you to periodically review this statement to be informed of how we are protecting your personal information. In all cases, your continued use of the website and services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

International Transfer of Personal Information

If you are visiting our website or using our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated. We have put in place measures to ensure that adequate protection is provided to such data where legally mandated. Countries outside the European Union do not always gave strong data protection laws; however your personal information is protected in accordance with this Privacy Policy and applicable laws (including GDPR). By using our website and services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and/or Switzerland to the United States. We have certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit: https://www.privacyshield.gov/.

Our accountability for personal information that we receive under the Privacy Shield and subsequently transferred to a third party is described in the Privacy Shield Principles. In the context of an onward transfer, we have responsibility for the processing of personal information we receive under the Privacy Shield and subsequently transferred to a third party acting as an agent on our behalf. We remain liable under the principles if a third party that we engage to process personal information on our behalf does so in a manner inconsistent with the principles, unless we prove that we are not responsible for the event giving rise to the damage.

How You Can Contact Us

You can contact us at the below address if you have any inquires, complaints, or questions:

DSG Global Headquarters

325 Technology Drive

Malvern, PA 19355

Email address: dataprivacy@dsg-us.com

Dispute Resolution

In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. European Union and/or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at the above address or via email.

We commit to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by the panel and/or Commissioner, as applicable, with regard to data transferred from the EU and/or Switzerland. We have chosen the EU Data Protection Authorities (EU DPAs) through the United States Council for International Business USCIB acting as a trusted third party on behalf of the European Union (EU) Data Protection Authorities to serve as an independent recourse mechanism (IRM) for dispute resolution arising from collection, use, and retention of personal Information transferred from EU member countries to DSG. We have chosen the Swiss Federal Data Protection and Information Commissioner (FDPIC) to serve as an independent recourse mechanism (IRM) for dispute resolution arising from collection, use, and retention of personal Information transferred from Switzerland to DSG

Under certain conditions you may have the possibility to invoke binding arbitration for complaints regarding Privacy Shield compliance (EU-U.S. Privacy Shield and/or Swiss-U.S. Privacy Shield) not resolved by any of the other Privacy Shield mechanisms-see the following link for additional information- https://www.privacyshield.gov/article?id=ANNEX-I-introduction

This Privacy Policy is effective as of 08FEB2022.