SCOPE

Your privacy is important to us. The following privacy policy explains our online information practices and the choices you can make about the way your information is collected, disclosed and used. The information herein pertains to THREAD. By accessing THREAD’s platform, services, study applications and websites you consent to this privacy policy.  If you do not agree with this privacy policy, you should not access or use the THREAD website, platform or study application.

THE INFORMATION WE COLLECT

THREAD collects a wide range of information depending on what product or service is involved and depending on the information needs. Here are the types of personal information we may collect and how we may use it.

Through the THREAD Website

The THREAD website is located at www.threadresearch.com.

Upon registration, we collect basic contact information from the THREAD website, such as contact name, email, company name, and message, as well as non-specific company information (general size and business focus, industry, etc.). We may use this information for sales or marketing purposes or otherwise familiarize ourselves with your business. We also collect information regarding requests for product or services information. 

Our navigation and monitoring tools help provide additional functionality to the site and help us analyze site usage more accurately. For instance, our site may set a password option that keeps you from needing to remember and then enter a password more than once during a visit to the site. 

Through the THREAD Participant Web

The THREAD participant web is a pre-screening website used by THREAD to pre-screen prospective candidates to be participants in a clinical research study. In order to verify the identity of a prospective candidate, the participant web utilizes a knowledge-based authentication (“KBA”) service. THREAD does not store the questions from the KBA service, nor the prospective candidate’s answers, only the result (pass/fail). The participant web also will ask a prospective candidate if they satisfy certain qualification criteria, as specified and customized by the study sponsor. THREAD does not have access to the prospective candidate’s answers; however, the principal investigator of the study can log in to the participant web and review those answers in order to select the participants for that study. The participant web may also collect shipping information of a participant, which includes name, mailing address, phone number, and/or e-mail address. THREAD has access to this shipping information solely for the purpose of shipping study materials to the participant. 

Through the THREAD Platform

THREAD hosts our software-as-a-service platform on behalf of third party researchers and companies around the world who use the platforms for market and medical research. Third party researchers utilizing the THREAD platforms may collect and share certain information as part of the research process, including data and information about, or collected from, the participants in a clinical research study. The THREAD platform collects: survey responses from the study participants, survey responses from clinicians related to their observations of the study participants, data generated or collected by wearable sensors and medical devices, and data generated or collected by a study participant’s mobile device. THREAD will use and store this data solely in de-identified form.  THREAD will only share and disclose this data to sponsors in de-identified form.Only a principal investigator for a specific study will have access to this data in identified form, and a principal investigator will not share this data with THREAD, unless required to do so in accordance with applicable law.

THREAD also requires a user e-mail address and phone number from a customer, principal investigator, or a customer’s outsourced third party for login purposes and in order to retrieve a forgotten password. THREAD may use, store, share and disclose the participant e-mail address in identifiable, non-tokenized form.

Through the Study Application

Customers who are granted access to and use of the THREAD platform may create a study application for use by the study’s participants.  The study application collects: survey responses from the study participants inputted from the study application, data generated or collected by wearable sensors and medical devices, and data generated or collected by a study participant’s mobile device. THREAD will use, store, share and disclose this data solely in de-identified, tokenized form. 

The data collected through the THREAD study application may include the following: (a) data collected from a Participant's mobile device sensors that may include: accelerometer, gyroscope, proximity sensor, ambient light sensor, camera, compass, and barometer; (b) data and information collected by the study application, such as a Participant's responses to questions; (c) data and information from a third party FDA-listed medical device, consumer wearable device, health application, or similar device, wearable or tool that collects data and information from the Participant.

THREAD also requires a user e-mail address from a participant for login purposes and in order to retrieve a forgotten password. THREAD may use, store, share and disclose the participant e-mail address in identifiable, non-tokenized form.

Participant information is typically retained for fifteen years, but can vary based on activity in the THREAD platform and obligations within research projects. Areas of our study applications that collect personal information use industry standard secure socket layer encryption (SSL); however, to take advantage of this your mobile device must support SSL encryption protection. Most modern mobile devices support this method natively. 

Our study applications are not intended for, or designed to attract, individuals under the age of 18.  We do not collect personally identifiable information from any person we actually know is an individual under the age of 18 without explicit parental or guardian consent. We require our customers to obtain such consent prior to the use of our study applications by individuals under the age of 18. Our Mobile Applications do not accept any electronic payments for any services rendered.

Through the THREAD Help Desk

THREAD’s Help Desk contains a ticketing system, which is an add-on service for technical support for you when you use the THREAD platform or study application. This ticketing system will collect and store minimal contact information of yours, which may include name, e-mail address, phone number, or identification number.  The ticketing system will also collect and store a study ID that does not reveal the nature of the underlying study.

THE WAY WE USE INFORMATION

The data collected on the THREAD website is used by THREAD to allow you to contact us and to request a demonstration of our products and services. The information provided to us through the THREAD website is not tokenized because it is used to contact you, respond to your request for a demonstration, or to provide you with news or updates about our product or service offerings. 

The data collected on our THREAD participant web is used by a principal investigator to place participants in research studies conducted on behalf of THREAD’s clients and study sponsors.

The data collected on our THREAD platform is used by THREAD to (1) provide our clients and study sponsors with de-identified data for their studies; and (2) help us develop, deliver, and improve our products and services for you. THREAD will not sell, distribute, or otherwise release any personal information it collects to any third party. We may, however, share this information with trusted third parties who assist us in performing our services, such as for hosting or tokenizing the collected data. THREAD continuously monitors the Services to facilitate operation of the Services, to assist support of the Services and to detect and address threats to the functionality, security, integrity, and availability of the Services; and to detect and address illegal acts or violations of the Acceptable Use Policy. All data collected on the THREAD platform is de-identified and tokenized. However, the principal investigator of the study has the ability to re-identify such data.  

THREAD may (i) compile statistical and other information related to the performance, operation and use of the platform, services, study applications and websites, and (ii) use data and metadata from the platform, services, study applications, and websites in aggregated non-personally identifiable form for security and operations management, to create statistical analyses, and for research and development purposes. Such usability insights do not include any data collected from study participants or any data contained in the trial documents. 

Although certain information collected, including usability insights, may be shared with our clients, THREAD will never release full contact information or otherwise sell, distribute or release such information without express permission from participants invited to join research events. Notwithstanding the foregoing, if it becomes necessary by applicable law or legal process for THREAD to disclose your personal information, we may do so upon the determination that such disclosure is legally necessary or appropriate. In addition, in the event of reorganization, merger, or sale, we may transfer any and all personal information to the relevant third party, in which case all active participants will be notified. 

NOTIFICATIONS AND EMAILS

From time to time, we may use your e-mail address to send important notices related to the services we provide to you or your account, or for our internal purposes such as auditing, data analysis and research. We may also, with your consent, use this information to send you announcements on the latest news, products, and updates from THREAD Research. If you do not wish to receive these periodic announcements, you may opt out at any time by clicking on the "unsubscribe" link in the email or sending an email to privacy@THREADresearch.com at any time indicating your desire to opt out. You may also contact us by mail at:

THREAD Privacy Team 
155 El Camino Real, Suite B
Tustin, California 92780
United States

Please note that even if you opt out, we may still send you service-related announcements including, but not limited to, a registration email, emails related to your involvement in a research study, emails automatically triggered by actions you took on the THREAD platform, THREAD study app or THREAD website, critical update or user actionable notices and emails outlining material changes to this Privacy Policy or our End User License Agreement. Generally, you may not opt-out of these communications, which are not promotional in nature. If you wish not to receive them, you have the option of deleting or deactivating your account.

COOKIES AND TRACKING TECHNOLOGIES

When accessing the THREAD website, we may automatically collect information as you browse, such as Internet Service Provider (ISP), browser type and version, operating system and device type, average time spent on our site(s), pages viewed, information accessed, the Internet Protocol (IP) address used to connect your computer to the Internet and other relevant statistics. Such information is sometimes referred to as web analytics and/or clickstream data.

We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, and to provide site functionality.

Technologies such as: cookies, beacons, tags and scripts are used by THREAD and our affiliates, analytics services and service to provide site features and functionality. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

cookieis a small, unique text file that a website can send to your computer when you visit a site. We may use session cookies, which terminate when a user closes his or her browser, and/or persistent cookies, which remain on the user's computer until manually deleted. Most web browsers can either alert you to the use of cookies or refuse to accept cookies entirely. If you do not want us to deploy cookies to your browser, you can set your browser to reject cookies or to notify you when a website tries to put a cookie on your computer. Rejecting cookies may affect your ability to use the THREAD website.

LOCATION OF INFORMATION

THREAD may store, transfer and process your information, including personal information, collected on servers located in the United States or, from time to time, in other locations that THREAD deems necessary or convenient in order to provide you with efficient and effective service.  As such, foreign governments, courts, law enforcement or regulatory agencies may be able to access your personal information under foreign laws.  Our storage service provider is only permitted to store your personal information, and is not otherwise authorized to collect, use or disclose your personal information, except in accordance with the purposes set out in this privacy policy or as required by applicable law.

OUR COMMITMENT TO DATA SECURITY

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place certain physical, electronic, and administrative policies and procedures to help safeguard the information we collect. THREAD’s IT Security Program provides a baseline of IT security policies, standards, and guidelines, THREAD IT Security policies adhere to Corporate and Industry standards and guidelines (e.g. 27001:27002, HIPAA). Information Security provides direction to managers and senior executives regarding the management and protection of the information systems. It also outlines policies relating to the management, operational, and technical controls that are necessary for providing confidentiality, integrity, availability, authenticity, and nonrepudiation within the THREAD IT infrastructure and operations. Notwithstanding these measures, no collection, storage or transmission of information over the Internet on websites, mobile applications or otherwise is guaranteed to be 100% secure, and therefore we cannot ensure, warrant or guarantee the security of such information.

Subject to applicable laws, we will notify you of any breach of security safeguards involving your personal information that may create a real risk of significant harm to you. 

If you have any questions about security or would like to learn more about our practices and policies, you can send us an email at: privacy@threadresearch.com

HOW YOU CAN ACCESS, CORRECT, REMOVE OR WITHDRAW CONSENT TO YOUR INFORMATION

You can request access to all your personally identifiable information that we collect by contacting us at: privacy@threadresearch.com.  

It is your responsibility to notify us of any changes to your personal information, including contact information, so we can contact you and inform you about updates to this policy and other relevant information with respect to your use of the THREAD platform, THREAD website and study application.

We will keep and retain your personal information in compliance with our legal obligations, and only as long as necessary for the purposes for which it was collected.  

You may withdraw your consent to the collection, use and disclosure of personal information obtained at the time of registration or request to remove all personal information we have about you at any time. Should you wish to withdraw consent or remove all personal information, please notify us at the same address: privacy@threadresearch.com.  Withdrawal of your consent or removal of all personal information may result in you being unable to continue use of the THREAD Website, THREAD Platform or study application. 

This pertains to the THREAD platform and THREAD website database. We will process your request within 45 days. If we are unable to process your request within 45 days, we will tell you when we are able to provide access. In the unlikely event that we are unable to grant you access, we will explain why we cannot do so.

THREAD is unable to remove information that is de-identified or tokenized upon collection, as THREAD will not re-identify the information for individual users.  However, given the de-identification process, this information will not in any way include any of your personal information in an identifiable form.

THIRD-PARTY MOBILE APPLICATIONS AND SERVICES

The THREAD platform, study applications, products and services may contain links or references to third-party mobile applications, products, or services. Information collected by third parties is governed by their privacy practices, and we encourage you to learn about the privacy practices of those third parties.

ENFORCEMENT

THREAD utilizes third party audit and a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of personal information in accordance with the principles.

CHANGES AND UPDATES

We may revise this privacy policy at any time, without notice to you.  We may, however, choose to notify you of a material change to this privacy policy by announcing the change on our website.  Your continued use of the website constitutes your consent to the contents of any updated policy. 

When we make significant changes to this privacy policy, we will notify you directly of the changes by sending you an email informing you of the changes. Your continued use of the THREAD website, Platform, or Study Application indicates your acceptance to such changes in the privacy policy.  Significant changes include using your personal information for a new purpose not anticipated originally or a new disclosure of your personal information to a third party for a purpose other than processing that is integral to the delivery of a service.

HOW TO CONTACT US

Should you have other questions or concerns about these privacy policies or procedures, or any other privacy related concerns or complaints, please email us at:
privacy@threadresearch.com

You may also contact us by mail at:
THREAD Research, 155 El Camino Real, Suite B in Tustin, California 92780

This Privacy Policy was last updated on February 18, 2019 and is effective as of that date.