Research Participant Privacy Policy

Home / Research Participant Privacy Policy

Last Revised: 3/4/22

Research Participant Privacy Policy

The information you provide Trinity (referred to here as “Trinity,” “we” or “us”) will be used to help us determine your eligibility to participate in research on behalf of our client[s]. If you are a patient, this may involve the collection of your health data and may cover other sensitive pieces of information such as your ethnicity or sexual activity if this is relevant to this research. Please confirm that you consent to our processing of your information for these purposes. You can withdraw this consent at any time. To find out more about how we and our clients use your data, or about your rights, you can review our Research Participant Privacy Policy below.

If you live within the United Kingdom (UK) or European Economic Area (EEA), you will be informed of the identity of our client[s] once the information will no longer bias our study. EEA residents may visit the section of the policy titled, “Non-US Residents: What rights do you have?” to learn more about their rights.

Residents of California can visit the section of the policy titled, “California Residents: The California Consumer Privacy Act and Your Personal Rights” to learn more about their rights under CCPA.

What does this policy cover?

Key points:

  • Trinity uses your personal data to determine your eligibility to participate in our research studies and, where you are accepted for a study, to carry out research processing.  
  • Trinity works as a controller with our end client in carrying out our research – we will identify this client to you at a later stage of the study if you live within the UK or EEA, in order to ensure our research is unbiased. Before providing information to our client, we ensure that we have anonymized the data you provide to the fullest extent possible. You will never be contacted by our end client, but they may be invited to listen to moderated interviews, view research via video streaming, or be given an audio or video recording or transcript of an interview – you will be informed before this takes place, and we take every possible precaution to ensure you remain anonymous.
  • Trinity may instruct another research organization to assist us in carrying out our research, particularly where this involves work in a non-English speaking country. This researcher will also be a controller for this data processing, and more details of how they handle your data can be confirmed in their privacy policy.
  • As Trinity’s research engagements typically require us to screen individuals to ensure they belong to a relevant patient group, we will necessarily need to collect certain health data for these purposes. We may also need to collect other special category information where this is relevant to our research, such as details of your ethnicity or sexual activity. We do this with your consent, which you may withdraw at any time.
  • We also use your data where we need to comply with legal obligations. We may share data with our service providers and advisors for these purposes.

What information do we collect from you?

Trinity collects and processes personal data about you where you submit responses to screening questions or participate in research studies we conduct for our clients. We process the information you provide to us.

If you are a Patient: Where you are a patient or caregiver this will typically involve information about your (or your care receiver’s) health, the impact of this on your personal life, and certain details of your home life that may be relevant to determine eligibility for research studies – such as information about whether you have children, your or your care receiver’s ethnicity, age and nationality and your availability for further research.

If you are a Health Care Professional (HCP): We will typically collect information about your role, background, and practice.

What information do we receive from third parties?

Sometimes, Trinity receives information about you from third parties. In particular, we may instruct another research organization to assist us in carrying out our research, particularly where this involves work in a non-English speaking country. This organization will also be a controller for this data processing, and more details of how they handle your data can be confirmed in their privacy policy.

We may use the information you provide us to validate your identity using checks against publicly available information.

Trinity may also obtain your information from paid recruiters – these recruiters will provide us with your contact details, other information you may have provided them to confirm your eligibility (which could include health, ethnicity or sexual activity data as appropriate if you are a patient) and details of any consent you may have given to pass this information to us.

If you are a HCP, your information may be given to us by another HCP of your acquaintance, by our clients, or be procured from publicly available lists.

How do we use this information, and what is the legal basis for this use?

Trinity processes this personal data for the following purposes:

  • As needed to conduct our business and pursue our (and our client’s) legitimate interests, in particular, protecting our legitimate business interests and legal rights. This includes, but is not limited to, use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and other ethics and compliance reporting requirements. 
  • To enter into and administer any contract associated with our research activities, including any payments made to you for your participation in our research, involving use of payment details and Tax ID or Social Security numbers as required;    

With your consent:

  • recruiting appropriate individuals for research, including verifying the identity of respondents;
  • contacting and carrying out research, and creating de-identified research products for our end client
  • in the case of our client, they carry out research and evaluate its results – you will never be contacted by our end client unless you have reported an adverse event (and have consented to be re-contacted), but they may be invited to listen to study calls, or be given audio recordings or transcripts of calls, or view live research. You will be informed before this takes place and Trinity will take every possible precaution to ensure you remain anonymous); and
  • where Trinity has separately obtained your consent, for any other purpose as described in that consent
  • For purposes which are required by law – for example, our client may contact you where you report an adverse event (with your consent).

Relying on our legitimate interests

We rely on legitimate interests as the legal basis for the processing of personal data. You can obtain more information by contacting us using the details set out later in this notice.

Withdrawing consent

Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above.

Who will we share this data with, where and when?

Trinity will share information with our partner research organizations where this is necessary to carry out research in your country or territory – particularly where this involves work in a non-English speaking country. As explained above, details of how they handle your data can be confirmed in their privacy policy.  

Trinity will share information with our end client, although we attempt to anonymize this to the fullest extent possible. You will never be contacted by our end client unless it is in relation to suspected adverse events, and you have given your consent to be contacted. If you live within the UK or EEA, you will be informed of the Data Controller(s) once there is no further risk of bias study.

We share personal data with government authorities and/or law enforcement officials if this is needed for the purposes above, if mandated by law or if required for the protection of our legitimate interests, in compliance with applicable laws.

We also share personal data with service providers, who process it on our behalf for the purposes above. In particular, we use third party providers for screening and recruitment, moderating, audio transcription, translation services, payment processing, and audio modification.

Trinity does not and will not sell your personal data.

How long will you retain my data?

Where we process your information in relation to your use of Trinity websites, we only retain this data as long as necessary for the given business purpose, contract, or legal requirement. Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.

Where we are required to process your data to meet legal requirements, we will hold information for as long as necessary for these purposes or as required by these laws, and will ensure your data is reviewed over time to ensure it is not held where no longer necessary.

Protection of Your Personal Data

We maintain physical, electronic, and procedural security measures that comply with applicable legal and regulatory standards to safeguard your personal data. Access to such information is restricted to those employees who are trained in the proper handling of personal information and have a legitimate business need to access that information. We follow generally accepted standards to protect the personal data you submit to us, whether that information is in transit or at rest. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.

International Transfers of Personal Data

We will process the data in our location. Where you are resident outside of the United States, this may involve the use of your data outside the country of your residence. When transferring your personal data to the US or other countries, we have implemented procedures to ensure that appropriate safeguards are in place to protect the personal data regardless of where it is being transferred to.

We may transfer personal data to a non-equivalent country (a country or territory other than (i) a member state of the EEA; or (ii) a country or territory which has at the relevant time been decided by the European Commission in accordance with EU law to ensure an adequate level of protection for personal data), in order to fulfill the purposes described in this Privacy Notice and in accordance with applicable law, rule or regulation, including where such transfer is a matter of contractual necessity to enter into, perform and administer agreements, and to implement requested pre-contractual measures. For information on the safeguards applied to such transfers, please contact us at Compliance@trinitypartners.com.

Non-US residents: What rights do you have?

Depending on your jurisdiction, you may have the right to ask us for a copy of your personal data; to correct it, erase it or restrict (stop any active) processing of your personal data; and to ask us to transfer some of this information to other organizations in a structured, machine-readable format.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement)

These rights may be limited in some situations, for example if fulfilling your request would reveal personal data about another person, where this would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the UK and EU GDPR and in applicable national legislation. We will inform you of relevant exemptions when responding to any request you make.

We hope that we can satisfy any queries you may have about the way we process your data. To exercise any of these rights, or to obtain other information you can get in touch with us using the details set out below. If you have unresolved concerns, you have the right to complain to a data protection authority where you live, work, or where you believe a breach may have occurred.  

California Residents: The California Consumer Privacy Act and Your Personal Rights.

The California Consumer Privacy Act (“CCPA”) requires us to make certain additional disclosures and provides California residents with the ability to request additional information about their personal data. If you are a California resident and it is determined that the CCPA applies to you, this section details those rights, how you may exercise them, and what Trinity will do in response.

Please note that the rights under the CCPA do not apply to personal data collected, processed, sold or disclosed pursuant to Gramm-Leach-Bliley Act (Public Law 106-102) and Fair Credit Reporting Act (12 CFR 1022).

If you are an individual who resides in California and whose personal data is collected and processed by Trinity, you may have the right to:

  • Request that we disclose, free of charge, the categories and specifics of the personal data we collect about California residents, the sources from which the personal data was collected (and/or, if applicable, sell or otherwise disclose to a third party), and the business purpose for collecting personal data.
  • Choose to opt-out of the sale of personal information. Currently, however, Trinity does not sell personal information.
  • Request that we delete the personal data we have collected. Following our verification of the request, we will comply with the request and delete any or all the personal data in our possession that we collected from the California resident and/or any or all such personal data in the possession of our service providers, unless otherwise restricted by law or regulation.

Non-Discrimination for Exercising Your PII Rights

We follow the requirements of California Civil Code §1798.125 and will not discriminate against any consumer who exercises the rights set forth in this privacy notice.

How do I get in touch with you?

You can get in touch at _compliance@trinitypartners.com or by writing to Compliance Officer Trinity,  230 Third Ave, Waltham, MA 02451.You may also call Trinity’s toll free number, 855-566-2229.

Verifying Your Identity

If you choose to contact us with a request, you will need to provide us with identifying information that matches the PII we currently have about you.

Authorized Agent

You have the right to appoint an authorized agent to exercise your rights on your behalf. If you would like to do so, please contact us at Compliance@trinitypartners.com or by writing to Compliance Officer Trinity 230 Third Ave, Waltham, MA 02451. You may also call Trinity’s toll free number, 855-566-2229.

Accessibility Information

For consumers with disabilities who need to access this policy in an alternative format, please contact us at Compliance@trinitypartners.com or write to Compliance Officer Trinity 230 Third Ave, Waltham, MA 02451. You may also call Trinity’s toll free number, 855-566-2229.

Changes to this Privacy Notice

From time to time we may update this privacy notice. If revisions are made to the privacy notice, we will update the statement with a new revision date.