abstract hex image

Privacy Policy

Last updated: November 2022

Definitive Media Corp., doing business as THREAD and THREAD Research LTD Ireland, is committed to international compliance with data protection laws as part of our commitment to conducting our business ethically and to observing applicable laws, rules, and regulations.

This policy refers to the company as THREAD, “we” or “us.” This policy only applies to THREAD’s processing of personal data. This policy does not address our affiliates,’ Modus Outcomes and inVibe’s, processing of personal data. Information about Modus Outcomes and InVibe’s handling of personal information is available on their respective websites.

What we do.

THREAD is a virtual research platform offering a range of applications and tools for our customers to conduct decentralized clinical trials, maintain disease or patient registries, collect consumer data, gather feedback about the performance of medical devices, and other remote health-related projects.

We process personal data or personal information (“Data”) on behalf of our Customers. Our customers include clinical study sponsors, researchers, clinical research organizations, disease registries, medical device manufacturers, and consumer goods companies (“Customers”).

Our Customers determine the nature and scope of the Data it collects when using our products. The Customer decides how the Data will be used. Our Customers are known as the “Controller” under data protection laws. THREAD is a “Processor” under data protection laws.

There are limited instances where THREAD directly controls how Data is processed. Some of these instances include when THREAD is marketing its business, interacting with Customers, and acting as an employer.

This policy addresses how THREAD processes Data in its role as a Processor and as a Controller.

How to find the information that applies to your situation.

On this page we aim to explain everything you need to know about privacy at THREAD. If you have any questions that have not been answered here, contact us at privacy@threadresearch.com.

THREAD’s processing of Data is dependent on which application you are using or how you engage with THREAD.

To find the section of this privacy policy most relevant to you, determine which of these describe your interactions with THREAD and click on the highlighted link:

You are participating in a research project and are using a THREAD application or platform to submit information to a study sponsor, clinical research organization, or to a disease or patient registry, or are submitting clinical or health outcomes, or are submitting information to be considered as a participant in a study or other research;

You are using functions such as Patient Registration or providing Consent (also including "eConsent";

You are supporting a study admin, site clinician, or are supporting a site or clinician’s office;

You are an individual engaged in clinical research support, e.g., a clinical research organization;

You have made a direct submission to THREAD, such as signed-up to receive news, requested a demo or product support, applied for a job, contacted our help desk, or attend one of our events;

You are a THREAD employee, contractor, or a prospective employee or contractor.

You work for a THREAD customer or prospective customer, or an entity providing services to THREAD.

The Information We Collect and How We Use It

In this section we explain the type of Data processed when you interact with our website, THREAD’s cloud-based suite of technologies, our helpdesk, or through social media. This section also explains how we use the data from these applications.

The THREAD Informational Website

Data collected from the website or when you engage with us on social media.

When you register at the THREAD website, we collect contact information from you. We may use this information for sales or marketing, or to otherwise familiarize ourselves with your business. You may also engage with us directly via social media, such a LinkedIn. The Data processed may include:

  • Name
  • Email address
  • The name of your company
  • The content of your message
  • Non-specific information about your company, e.g., business focus, industry sector, etc.
  • information regarding your requests for product or services information. 

You may submit a resume to us when applying for a job. We use a third-party job bank to process this information on our behalf. In this instance, we will process all the information you submit to us to consider your application and engage with you.

If you communicate with us on social media, we may collect any information you have submitted to the social media platform and chose to share with us, including contact details and any other information shared during an exchange between us.

We collect analytics from visitors to the Website. Review the “Cookies and Tracking Technologies” section below for the details of what data is collected.

How we use and share Data collected from the website or social media.

THREAD uses Data collected on the THREAD website or from social media to:

  • allow you to contact us,
  • respond to a demonstration request,
  • respond to a help desk request,
  • identify and engage with prospects,
  • provide a portal for jobseekers to submit an application
  • enable and enhance site functionality, including single sign-on functions,
  • accurately analyze site usage,

THREAD maintains this information only for so long as we have a legitimate business need.

THREAD Registration sites

Data collected from a registration site

Customers engage THREAD to pre-screen prospective candidates to participate in a clinical research study. This is known as a registration site, or sometimes a recruitment site. The study sponsor or other member of the study team determines the content on their registration site. THREAD maintains these sites on behalf of the study sponsor and collects Data on their behalf. THREAD acts as a processor of this Data.

THREAD and the Customer have entered into a legal agreement that addresses the handling of your Data. The Customer enters into contracts with the clinical site to ensure the appropriate handling of your Data by the site.THREAD is not responsible for how your Data is managed at a clinical or treatment site and does not have any responsibility for a clinical or treatment site’s responses to access or erasure requests.

On behalf of our Customer, THREAD collects Data necessary to determine whether you qualify for the study.You submit this Data in response to the questions asked on the registration website.The study team determines what Data it needs to qualify candidates and the questions to be asked.

THREAD uses a knowledge-based authentication (KBA) service to verify the identity of a prospective candidate. The KBA asks the prospective candidate to select questions and answers that are used to verify that she is who she says she is and is authorized to use the participant web.

Unless you are otherwise notified during the recruiting process, THREAD does not share the questions provided to the KBA service, or the prospective candidates answers. THREAD only processes the fact of whether the prospective candidate has passed the verification.

Further questions are asked to determine if the potential candidate satisfies other qualification criteria. These criteria are specified by the study sponsor. THREAD may provide the study team and sponsor with the results of the registration process and the Data of qualifying individuals.The information that may be collected includes, but is not necessarily limited to: name, pass or fail outcome to the verification questions, and responses to qualification criteria determined by the study team. This Data is used by the study team to place prospective participants in research studies.

Once qualified, you may be asked to provide contact information in order to ship study supplies or devices to you. This information may include, but is not necessarily limited to: your name, mailing address, phone number, and email address.

How We Use and share Data collected from a registration site

Data collected on a registration site is processed and made available for the principal investigator to place prospective participants in research studies.

We are committed to sharing Data only when needed for legitimate business or legal purposes, and then only with recipients who will protect it. We share Data in these instances:

  • When you ask us to share it, for example, in order to make your application available to a primary investigator or sponsor
  • When THREAD hires a service provider to help operate our business, we may need to give them access to information to provide their services
  • When THREAD needs to share Data to satisfy a legal or regulatory requirement

THREAD maintains this information for the longer of: 1) only for so long as we have a legitimate business need for it or 2) for as long as the study team may require which may be as long as 25 years if you qualify as a participant. If you do not qualify as a participant, we retain this information for as long as instructed by the Customer.

The THREAD Participant Platform

The Data collected from the THREAD Participant Platform

THREAD hosts our software-as-a-service platform on behalf of Customers around the world for use in research. Third party researchers using the THREAD platforms may collect and share certain information as part of the research process, including information about or collected from, participants in a clinical research study. The THREAD participant platform may collect:

  • Information necessary to create a THREAD account or to help with password recovery, this is typically an email address
  • Name and address (only if required by our Customer or for shipping purposes)
  • Electronic consent
  • Electronic signatures (not in all instances)
  • Account log-in credentials
  • Participant responses
  • Survey responses from clinicians related to their observations of the study participants
  • Data generated or collected by wearable sensors and medical devices; and
  • Data generated or collected by a mobile device.

THREAD stores this Data in a de-identified form. De-identified means your identity is removed and a randomly generated number is substituted and encrypted. Account information is also tokenized prior to storage on our platform. De-identified data is available to Customers and to THREAD. Your site investigator can access Data in its identifiable form.

THREAD also requires that Customers, principal investigators and a Customer’s outsourced third parties provide an email address and phone number for login purposes and to retrieve a forgotten password. THREAD may use, store, share and disclose the participant email address in identifiable, non-tokenized form.

Account creation

We utilize Data to create an account. This may include name, email, physical address, username, and password. These identifiers are used to create a tokenized identity, retrieve a password, or ship devices to you.

Data collected from a Study Application (on a mobile device)

THREADS’ Customers, like a study sponsor or clinical research organization (the “study team”) may use the THREAD platform to create a study application for use by individuals participating in the study. On behalf of the Customer, THREAD maintains the applications and the databases used to process data.

Using our platform THREAD Customers will collect certain types of information, including, but not necessarily limited to:

  • Data generated or collected from mobile device sensors, including accelerometer, gyroscope, proximity sensor, ambient light sensor, camera, compass, and barometer
  • Data and information collected by the study application, such as a participant’s responses to survey questions; and
  • Data and information from a third-party FDA-listed medical device, consumer wearable device, health application or similar device, wearable or tool that collects data and information from the participant.

THREAD uses and stores Data collected through any device or application only in de-identified, tokenized form, and may share Data with the study team for purpose of carrying out the study. 

THREAD also requires that participants provide an email address for login purposes and to retrieve a forgotten password.

We also share application data in these instances, when instructed by the Customer:

  • When THREAD hires a service provider to help operate our business, we may need to give them access to information to provide their services; or
  • When THREAD needs to share data to satisfy a legal or regulatory requirement; or
  • THREAD maintains this information only for so long as we have a legitimate business need or for so long as a contract with a study sponsor requires. This may be as long as 25 years.

Study applications & Data about Children

Study applications are not intended for, nor designed to attract, individuals under the age of 18. However, THREAD recognizes that some Customers conduct research that is specific to a pediatric demographic. As a general rule, we do not collect Data from any person we know to be under the age of 18 without explicit consent from their parent or guardian unless local law provides a different age of majority, provides a different mechanism for obtaining consent, or unless circumstances warrant under local law for specific types of research.

How Data from the THREAD Platform is used and shared with third parties

THREAD uses data collected on the THREAD platform to:

  • Provide our clients and study sponsors with pseudoanonymized Data for their studies;
  • Develop anonymized data lakes for aggregated performance data and reports; and
  • Help us develop, deliver, and improve our products and services for you.

We may share this information with trusted third parties who assist us in performing our services, such as for hosting or tokenizing the collected data. However, THREAD otherwise will not sell distribute or otherwise release any personal information it collects to any third party unless instructed by the Customer or for legal or regulatory purposes.

THREAD monitors the Services for operational support, to detect and address threats to the functionality, security, integrity, and availability of the Services, and to detect and address illegal acts or violations of the Acceptable Use Policy.

THREAD may (1) compile statistical and other information related to the performance, operation and use of the platform, services, study applications and websites, and (2) use Data and metadata from the platform, services, study applications and websites in aggregated non-personally identifiable form for security and operations management, to create statistical analyses, and for research and development. Such usability insights do not include any study data, or any Data contained in the trial documents.

In addition, we share Data in these instances, when instructed by the Customer:

  • When THREAD hires a service provider to help operate our business, we may need to give them access to information to provide their services;

THREAD maintains this information only for so long as we have a legitimate business need or for so long as a contract with a study sponsor requires. This may be as long as 25 years.

The THREAD Help Desk

The Data collected through the THREAD help desk

THREAD’s Help Desk contains a ticketing system, which is an add-on service that facilitates technical support when you use the THREAD platform or study application. This ticketing system collects and stores your contact information. This contact information may include but not limited to:

  • Email address
  • Site number
  • Subject
  • Description of issue
  • Attachments
  • Other information shared by you, pertaining to your specific issue/request

The ticketing system also collects and stores a study ID that does not reveal the nature of the underlying study.

How Help Desk data is used and sharing with third parties

We share Data in these instances:

  • When you ask us to share it, for example, in order to respond to a request;
  • When a Customer or site needs to resolve a problem;
  • When THREAD hires a service provider to help operate our business, we may need to give them access to information to provide their services;
  • When THREAD needs to share Data to satisfy a legal or regulatory requirement.

THREAD maintains this information only for so long as we have a legitimate business need or for so long as a contract with a study sponsor requires. This may be as long as 25 years.

Customer activities and THREAD events

THREAD participates and sponsors many industry events. THREAD may also use Data from you if you are a current or prospective customer in relation to customer services. In either case, THREAD may in these situations process the following Data:

  • Contact information
  • Information about your business or event needs and interests

THREAD may use this information for the following purposes:

  • respond to a request for more information, or for a demonstration request
  • identify / engage with current and prospective customers
  • provide information and news about THREAD

THREAD maintains this information for only so long as we have a legitimate business need or if consent was obtained for as long as you have provided consent.

SERVICE PROVIDERS

THREAD engages third-party service providers to support its business. We treat your Data in accordance with the terms of the service contract between us. THREAD is responsible for onward transfers of your Data to third parties. THREAD contractually requires third-party service providers to protect Data as confidential information.

Here is a list of some of the third parties with whom we may share Data to provide our services.

Sub-processor

Type of service

Amazon

Cloud hosting

Rixon

Tokenization-as-a-Service

Datavant

Tokenization for real world datasets

Vonage (formerly TokBox)

Video chat services

Validic

Data collection for supported medical devices

TransPerfect

Translation services for support

Twilio (Formally SendGrid)

E-mail service

Zendesk

Support tickets

Lever

Intake of job prospect information

ZenQMS

Maintenance of employee information and CVs

Vimeo

Participant training

EMPLOYEES AND JOB APPLICANTS

If you are a THREAD employee or applicant, we collect Data you voluntarily provide to us. We use the Data collected for Human Resources purposes, such as to administer benefits to workers and screen applicants. Specifically, if you submit an application for employment to or are currently an employee of THREAD, we will collect Data obtained through your application for employment or continued employment with us, and your submission of employee related documents, including but not limited to data related to your employment. By providing personal information about family members or other individuals, you represent that you have their consent to provide this information to us for the purposes set forth in this notice.

THREAD may use employee Data to evaluate applications for employment and manage aspects of the employee-employer relationship.

CROSS-BORDER TRANSFERS AND WHERE WE STORE YOUR INFORMATION

THREAD may store, transfer, and process your Data on servers primarily located in the United States and in other locations that THREAD deems necessary or convenient to provide you with efficient and effective service. While such locations have protections for Data which may be different than that in your home country, THREAD operationally and contractually handles your Data with extreme care.

Some countries require the Data of its residents to be maintained within the country or origin. In that instance, THREAD obtains instructions from its Customers on where to implement servers to process Data in accordance with local laws.

THREAD follows local laws regarding the appropriate operational and contractual measures needed to ensure Data is transferred legally. For example, we have put in place between our own legal entities as well as sponsors and subprocesses the appropriate contracts to safeguard your Data after transfer. This includes data protection agreements and the updated European Commission and UK standard contractual clauses. Where it applies, we also rely on your consent prior to such transfers.

Our storage service providers and other sub-processors are only permitted to store your Data, and are not otherwise authorized to collect, use, or disclose your Data, except in accordance with the purposes set out in this privacy policy or as required by applicable law.

To obtain copy of our standard data processing agreement or Standard Contractual Clauses, contact us via privacy@threadresearch.com.

DATA SECURITY

To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, THREAD implements certain physical, electronic, and administrative policies and procedures to safeguard the information we collect. THREAD’s IT Security Program provides a baseline of IT security policies, standards, and guidelines, THREAD IT Security policies adhere to current corporate and industry standards and guidelines (e.g., 27001:27002, HIPAA). THREAD’s Information Security department provides direction to managers and senior executives regarding the management and protection of THREAD information systems. It also outlines policies relating to the management, operational, and technical controls necessary to support the confidentiality, integrity, availability, authenticity, and nonrepudiation of information and systems within THREAD IT infrastructure and operations.

THREAD, where possible, tokenizes Data in order to further protect against unauthorized access or disclosure of information in an identifiable format.

Notwithstanding these measures, no collection, storage, or transmission of information over the Internet on websites, mobile applications or otherwise is guaranteed to be 100% secure, and therefore we cannot ensure, warrant, or guarantee the security of such information.

In accordance with applicable laws, we will notify you of any breach of security safeguards involving your Data when required by applicable laws.

If you have any questions about security or would like to learn more about our practices and policies, you can send us an email at: privacy@threadresearch.com

DISCLOSURE TO PUBLIC AUTHORITIES

Governments, courts, law enforcement or regulatory agencies may be able to access your personal information in accordance with provisions of local law. Local laws may differ substantially from those in your own country. You may not have equivalent rights in your Data.

THREAD may be required, and reserves the right to, disclose Data to public authorities for security or law enforcement purposes when lawfully required to do so in response to appropriate legal mechanisms.

NOTIFICATIONS AND UNSUBSCRIBING TO EMAILS

From time to time, we may use your email address to send important notices related to the services we provide to you or to your account, or for our internal purposes such as auditing, data analysis and research. We may also, with your consent, use this information to send you announcements on the latest news, products, and updates from THREAD. If you do not wish to receive these announcements, you may opt out at any time by clicking on the “unsubscribe” link in the email or sending an email to privacy@threadreearch.comat any time indicating your desire not to receive these announcements. You may also contact us by mail at:

THREAD Privacy Team
2000 Centregreen Way, Suite 200
Cary, North Carolina 27513
United States

Please note that even if you opt out, we may still send you service-related announcements including, but not limited to, a registration email, emails related to your involvement in a research study, emails automatically triggered by actions you take on the THREAD platform, THREAD study app or THREAD website, critical update or user-actionable notices and email outlining material changes to this Privacy Policy or our End User License Agreement. Generally, you may not opt out of these communications, which are not promotional in nature. If you wish not to receive them, you have the option of deleting or de-activating your account.

EXTERNAL SITES

Our websites may contain links to external sites. If you follow a link to any of these external sites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. We are not responsible for the privacy policies or the content of such third-party sites.

COOKIES AND TRACKING TECHNOLOGIES

When you access the THREAD website, we may automatically collect information as you browse. This information is sometimes referred to as web analytics and/or clickstream data, and may include, but is not necessarily limited to:

  • the name of you Internet Service Provider (ISP);
  • browser type and version;
  • operating system and device type;
  • average time spent on our site(s);
  • pages viewed;
  • information accessed;
  • the Internet Protocol (IP) address used to connect your computer to the Internet; and
  • other relevant statistics.

We may combine this automatically collected log information with other information we collect about you. We do this to enhance the services we offer you, to improve marketing and analytics, and to support site functionality.

Technologies such as cookies, beacons, tags, and scripts are used by THREAD and our affiliates, analytics services and service that provide site features and functionality. These technologies are used to analyze trends, administer the site, track users’ movements around the site and gather demographic information about our user base as a whole. Companies providing these services may send THREAD reports generated by the use of these technologies on an individual as well as aggregated basis.

Most web browsers either alert you to the use of cookies or provide you with an option to refuse to accept cookies entirely. If you do not want us to deploy cookies to your browser, you can set your browser to reject cookies or to notify you when a website tries to put a cookie on your computer. Rejecting cookies may affect your ability to use the THREAD website.

The THREAD website currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

THREAD’s study and participant applications do not use cookies.

For more information about how cookies are used on the THREAD Website please visit our cookie policy.

EXERCISING YOUR RIGHTS IN YOUR DATA

HOW YOU CAN ACCESS, CORRECT, REMOVE OR WITHDRAW CONSENT TO USE OR REQUESTING RESTRICTION OR PORTABILITY OF YOUR DATA

For residents of the European Union, EEA, United Kingdom, and Brazil

The General Data Protection Regulation (GDPR), and the national equivalents in the EEA, Switzerland, and the United Kingdom, and Brazil’s Lei Geral da Protecao de Dados (LGPD) provide residents of those jurisdictions with certain rights in their Data. You have the right to access your Data, and in some circumstances to correct, erase, or port it.

If your Data was originally processed by a principal investigator on behalf of a study sponsor, then, in the first instance, you should contact the principal investigator or study sponsor to exercise your data rights. Others can request access to Data by contacting us at: privacy@threadresearch.com. Our EU representative for GDPR Article 27 purposes is Achieved Compliance Advocacy, Ltd. Contact our EU Representative at THREAD@gdprrepresentative.eu or at THREAD@privacyrep.co.uk. You may need to go through a verification process to ensure that we are providing the correct Data to you.

In some instances, because we store certain Data on a de-identified basis, we may not be able to associate particular Data to you. THREAD is unable to remove information that is de-identified or tokenized upon collection as THREAD will not re-identify the information for individual users.

EEA AND UK RESIDENTS RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

You have the right to lodge a complaint with a data protection authority in an EEA, EU, or UK. For more information, please contact your local data protection authority.

We respond to all requests from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

In the event we are unable to resolve any complaints you may have about our handling of your personal data, EU and UK residents have the right, under certain conditions, to invoke a binding arbitration. individuals may file a complaint with our designated, independent, alternative resolution provider: JAMS. Here is a link for more information about JAMS https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim

You may also lodge a complaint with your local data protection authority. Below is a list of information about various data protection authorities:

DATA PROTECTION AUTHORITIES IN VARIOUS COUNTRIES.

This is a partial list of data protection authorities (DPA) in various countries.

While we review the list annually, THREAD does not make any promises regarding the list’s completeness or accuracy.

Some countries do not have a data protection authority or a mechanism for filing a data privacy complaint. This may be the reason a particular country does not appear on this list. We welcome any additions or revisions that you may find. Please contact our Data Protection Officer at privacy@threadresearch.com.

For Residents in Other Jurisdictions

If the laws of your country are not mentioned above, you may also have rights under your home jurisdiction’s laws to access, erase, correct, and move your Data. For more information, please contact us at privacy@threadresearch.com if you wish to exercise your rights.

You may have rights to file a complaint with a regulator in your jurisdiction if we do not adequately address your requests or concerns. Here is a list of various data protection authorities who you may contact about enforcing your data rights.

[As of October 06, 2020]

Argentina Information on how to file a complaint is available here https://www.argentina.gob.ar/aaip/datospersonales/derechos

Australia Information on how to file a complaint is available here https://www.oaic.gov.au/privacy/privacy-complaints/

Austria Information on how to file a complaint is available here https://www.dsb.gv.at/at.gv.bka.liferay-app/web/datenschutzbehorde/dokumente

Belgium Information on how to file a complaint is available here https://www.dataprotectionauthority.be/citizen/actions/lodge-a-complaint 

Brazil As of the effective date of this list, Brazil has yet to establish a complaint procedure.

Bulgaria Information on how to file a complaint is available here https://www.cpdp.bg/?p=pages&aid=56

Canada Information on how to file a complaint is available here: https://www.priv.gc.ca/en/report-a-concern/file-a-formal-privacy-complaint/

China Information on how to file a complaint is available here: http://law.moj.gov.tw/Eng/LawClass/LawAll.aspx?PCode=I0050021

Chile Information on how to file a complaint is available here: https://extranet.consejotransparencia.cl/Web_SCL2/PaginasP/Login.aspx

Colombia Information on how to file a complaint is available here https://www.sic.gov.co/tema/proteccion-de-datos-personales

Croatia Information on how to file a complaint is available here https://azop.hr/prava-ispitanika/zahtjev-zastita-prava

Czech, Republic Information on how to file a complaint is available here: https://www.uoou.cz/en/vismo/zobraz_dok.asp?id_org=200156&id_ktg=1265&archiv=0&p1=1095

Denmark Information on how to file a complaint is available here https://www.datatilsynet.dk/generelt-om-databeskyttelse/ofte-stillede-spoergsmaal

Estonia Information on how to file a complaint is available here: https://www.aki.ee/et/eraelu-kaitse/kusimus-vastus

Finland Information on how to file a complaint is available here: https://tietosuoja.fi/en/have-your-data-protection-rights-been-infringed

France Information on how to file a complaint is available here: https://edps.europa.eu/data-protection/our-role-supervisor/complaints_en

Germany A data privacy compliant must be filed through the data protection authority in the jurisdiction in which you are resident.

Greece Information on how to file a complaint is available here: https://www.dpa.gr/portal/page?_pageid=33,43321&_dad=portal&_schema=PORTAL

Guernsey Information on how to file a complaint is available here: https://odpa.gg/online-enquiry/#/

Hong Kong Information on how to file a complaint is available here: http://www.pcpd.org.hk/

Hungary Information on how to file a complaint is available here: https://www.naih.hu/

Iceland Information on how to file a complaint is available here: https://www.personuvernd.is/personuvernd/

Ireland (Northern) Information on how to file a complaint is available here: https://ico.org.uk/global/privacy-notice/making-a-complaint/

Ireland (Republic) Information on how to file a complaint is available here: https://www.dataprotection.ie/en/individuals/complaints-handling-investigations-and-enforcement-individuals

Israel Information on how to file a complaint is available here: https://www.gov.il/en/Departments/General/guidelines_ppa 

Italy Information on how to file a complaint is available here: https://www.garanteprivacy.it/home

Japan Information on how to file a complaint is available here: https://www.ppc.go.jp/en/contactus/piinquiry/

Lativa Information on how to file a complaint is available here: https://www.dvi.gov.lv/en/personal-data-protection-2/for-natural-persons/

Liechenstein Information on how to file a complaint is available here: https://www.datenschutzstelle.li/datenschutz/fuer-buergerinnen-und-buerger

Lithuania Information on how to file a complaint is available here: https://vdai.lrv.lt/en/services

Luxembourg Information on how to file a complaint is available here: https://cnpd.public.lu/fr/support/protection-des-donnees.html

Malaysia To lodge your personal data complaint, call 03-8911 5000 / 7901 or email jpdp@kpkk.gov.my https://www.mcmc.gov.my/en/home

Malta Information on how to file a complaint is available here: https://idpc.org.mt/

Mexico Information on how to file a complaint is available here: http://inicio.inai.org.mx/SitePages/Como-ejercer-tu-derecho-a-proteccion-de-datos.aspx?a=m3

Netherlands Information on how to file a complaint is available here: https://autoriteitpersoonsgegevens.nl/

Norway Information on how to file a complaint is available here: https://www.datatilsynet.no/om-datatilsynet/kontakt-oss/hvordan-kan-jeg-klage-til-datatilsynet/

Philippines Information on how to file a complaint is available here: https://www.privacy.gov.ph/

Poland Information on how to file a complaint is available here: https://uodo.gov.pl/pl/83/153

Portugal Information on how to file a complaint is available here: https://www.cnpd.pt/Duvidas/Duvida_participacao.aspx

Romania Information on how to file a complaint is available here: https://www.dataprotection.ro/

Russia Information on how to file a complaint is available here: http://rkn.gov.ru/treatments/

Singapore Information on how to file a complaint is available here: https://www.pdpc.gov.sg/Complaints-and-Reviews

Slovenia Information on how to file a complaint is available here: https://www.ip-rs.si/en/

South Korea Information on how to file a complaint is available here: https://www.mois.go.kr/eng/sub/a03/EGovernment/screen.do

Spain Information on how to file a complaint is available here: https://sedeagpd.gob.es/sede-electronica-web/vistas/infoSede/listadoFAQ.jsf;jsessionid=h0oU0oy-RZreXjUJ0lssWQiR_1mIpneWR4aJtBqr.agpdsedred01n_tmp?categoria=15

Sweden Information on how to file a complaint is available here: https://www.datainspektionen.se/vagledningar/for-dig-som-privatperson/klagomal-och-tips/

Switzerland Information on how to file a complaint is available here: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html

Taiwan Information on how to file a complaint is available here: https://www.moj.gov.tw/

Turkey Information on how to file a complaint is available here: https://www.kvkk.gov.tr/Icerik/6659/Complaint-to-the-Board

Ukraine Information on how to file a complaint is available here: http://www.ombudsman.gov.ua/en/page/secretariat/

United Kingdom Information on how to file a complaint is available here: https://ico.org.uk/global/privacy-notice/making-a-complaint/

Uruguay Information on how to file a complaint is available here: https://www.gub.uy/unidad-reguladora-control-datos-personales/

FOR CALIFORNIA RESIDENTS

We are currently required to comply with the California Consumer Protection Act or CCPA. Nonetheless, on a discretionary basis, THREAD aims to respond to California residents regarding their data. In general, California residents have:

The right to know the categories of data we have collected and the categories of sources

The right to know the business purposes for sharing the data

The right to know the categories of third parties with whom we have shared data

The right to access the specific pieces of data we process and the right to delete your data.

In the year Sept 2021to Sept 2022 (“Relevant Year”), THREAD did not receive any requests for access or deletion of personal data from Californian residents. THREAD did not receive any requests to opt-out of the processing of personal data during the Relevant Year.

FOR NEVADA RESIDENTS

Nevada residents have the right to access and/or correct their personal information, or opt out of the sale of personal information

If you are a Nevada resident and would like to review, correct, or update your personal information, you or your authorized representative may submit your request to privacy@threadresearch.com. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.

We generally do not disclose or share personal information for profit. Under Nevada law, residents have the right to direct us to not sell or license your personal information to third parties. To exercise this right, if applicable, you or your authorized representative may submit a request to privacy@threadresearch.com. We will respond to your verified request as soon as reasonably practicable, but no later than sixty (60) days after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response.

THIRD-PARTY MOBILE APPLICATIONS AND SERVICES

The THREAD platform, study applications, products and services may contain links or references to third-party mobile applications, products, or services. Information collected by third parties is governed by their privacy practices, and we encourage you to learn about the privacy practices of those third parties.

CHANGES TO OUR BUSINESS

We reserve the right to transfer information to a third party in the event of a sale, merger, dissolution, or other transfer of all or substantially all of the assets of THREAD, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Statement.

ENFORCEMENT

THREAD uses third-party audit and a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the principles. We encourage interested persons to contact us via the contact information provided to raise concerns about our data practices. We will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of personal information in accordance with the principles.

CHANGES AND UPDATES

We may revise this privacy policy at any time, without notice to you.We may, however, choose to notify you of a material change to this privacy policy by announcing the change on our website.Your continued use of the website constitutes your consent to the contents of any updated policy. 

When we make significant changes to this privacy policy, we will notify you directly of the changes by sending you an email informing you of the changes. Your continued use of the THREAD website, Platform, or Study Application indicates your acceptance to such changes in the privacy policy.Significant changes include using your personal information for a new purpose not anticipated originally or a new disclosure of your personal information to a third party for a purpose other than processing that is integral to the delivery of a service.

privacy@threadresearch.com

How to Contact Us

Should you have other questions or concerns about these privacy policies or procedures, or any other privacy related concerns or complaints, or if you'd like to contact our Data Protection Officer, please email us at: privacy@threadresearch.com

You may also contact us by mail at:

THREAD Research

2000 Centregreen Way

Suite 300

Cary, NC 27513

This Privacy Policy was last updated on 02 November 2022 and is effective as of that date.

If you are in the EU, then you may contact our representative in Europe at: thread@gdprrepresentative.eu.

California and Nevada residents may contact our DPO, as above, or email us at: privacy@threadresearch.com.

VersionDateAuthorNotes
3.0November 22, 2022Melise BlakesleeMinor updates.
2.0December 20, 2020Melise BlakesleeMinor updates.
1.0September 20, 2020Melise BlakesleeInitial version.
View the Participant Notice