Effective January 19th, 2023
To view your personal data stored on PreludeEDC.com and request the alteration, anonymization or removal of said data, please visit Data Access Request.
This policy may be amended and updated from time to time in response to changes in the regulatory environment.
Personal Information – Any information relating to a natural person that can be used to identify that individual.
Sensitive Personal Information – Data pertaining to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation.
Data Controller – In the context of GDPR, a data controller determines the purposes and means of processing personal data.
Data Processor – In the context of GDPR, a data processor is responsible for processing personal data on behalf of a controller.
Personal Information – When you request additional information about Prelude, contact us via our website, or elect to sign up to receive electronic newsletters, Prelude may require you to provide us with contact information such as your name, company name, phone number and email address.
Prelude uses this information solely for the purpose of distributing electronic newsletters and marketing materials. This information is not shared with or sold to any third party. Individuals may opt-out of any marketing communications by using the “Unsubscribe” feature which is available in each electronic communication.
When you request technical support, Prelude may require you to provide us with contact information such as your name, email, and other information that will help Prelude identify and resolve the issue. Prelude uses this information solely for the purpose of providing support. This information is not shared with or sold to any third party.
Browser Data – When you visit our website, your browser sends information such as your IP address, access times and referring website addresses. The browser does this for every website you visit. This data does not comprise personal information and is used only for gathering high-level statistics about site usage which will be used to improve the quality of our site. It is not disclosed to any third party.
Cookies – Cookies are small pieces of data stored in text files on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).
Both websites and HTML emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted.
To find out more on how to manage and delete cookies, visit aboutcookies.org. For more details on your choices regarding use of your web browsing activity for interest-based advertising visit youronlinechoices.eu (EU based) or optout.aboutads.info (US based). On a mobile device, you may also be able to adjust your settings to limit ad tracking.
You can opt-out of Google Analytics by installing Google’s opt-out browser add-on.
You can view which marketing tags are running on the page you are viewing and what beacons are firing by installing InfoTrust’s Tag Explorer browser add-on.
Prelude has policies and procedures in place that support the protection of personal information and sensitive personal information in accordance with the GDPR. Prelude provides the Electronic Data Capture (EDC) and related products that are used by our clients to capture data during the conduct of clinical trials. In the context of GDPR, Prelude is a data processor acting on the explicit contractual direction of our clients who are data controllers. The Prelude system can be used to collect personal information as well as sensitive personal information as required for the clinical trial being conducted.
On 16 July 2020 the court of Justice of the European Union declared as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. Prelude implements within its standard MSA, privacy protections that require compliance with local laws; however, our customers that have or anticipate having EU participants in their trials may execute Standard Contractual Clauses as well as Data Processing Agreements to further ensure compliance with GDPR.
Individual Rights – Our clients are primarily responsible for complying with the individual rights required by the GDPR, and Prelude assists in fulfilling those requests as required. All requests must be responded to within one calendar month.
Prelude also serves the PreludeEDC.com website, accessible to anyone with a connection to the world wide web. These policies and procedures also apply to PreludeEDC.com and its elements, affording you the same level of protection of personal information.
Data Breaches – Every precaution is taken to safeguard the security of the data collected by Prelude. In the unlikely event that a data breach does occur, we will notify our clients within 72 hours. It is the responsibility of our clients to subsequently notify individuals of this breach.
Data Protection Requests – To report a concern about privacy or to exercise your individual rights under the GDPR, the first step is to contact the Sponsor of the clinical trial. In the event that this cannot be done, please contact our Data Protection Officer.
Attn: Data Protection Officer
5725 West Highway 290
Austin, Texas 78735
This section applies only to California consumers. It describes how we collect, use, and share California consumers’ Personal Information in our role as a business, and the rights applicable to such residents. For purposes of this section “Personal Information” has the meaning given in the California Consumer Privacy Act (“CCPA”). The California Consumer Privacy Act (“CCPA”), effective January 1, 2023, requires businesses to disclose whether they sell Personal Information. Prelude is a business and does not sell Personal Information. We may share Personal Information with third parties if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Information.
How we collect, use, and share your Personal Information
We have collected the following statutory categories of Personal Information in the past twelve (12) months:
Your California Rights
You have certain rights regarding the Personal Information we collect or maintain about you. Please note these rights are not absolute, and there may be cases when we decline your request as permitted by law.
Prelude does not sell Personal Information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199, also known as the California Consumer Privacy Act of 2018).
How to Exercise your California Rights
You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your Personal Information.
Please use the contact details below, if you would like to:
Attn: Data Protection Officer
5725 West Highway 290
Austin, Texas 78735