PRIVACY & COOKIE POLICY
Privacy Notice
This Privacy Notice (“Notice”) applies to personal data Pinnacle Clinical Research (collectively, “Pinnacle,” “we,” “us,” or “our”) collects. This Notice also covers rights and choices related to your personal data.
How We Protect and Retain Data
Third-Party Applications/Websites
Changes To This Privacy Notice
Additional Information For California Residents
Data We Collect
We collect data about you in different ways. For example, we collect data:
- Directly from you. This includes when you sign up for an exam, sign up to participate in a clinical trial or study, submit information on our website, or contact us.
- Automatically. This includes through cookies, server logs, and other tools on our website or apps.
- From other sources. These can include our affiliates, vendors, social media, publicly available sources, and other companies.
The following are a few examples of our collection and use of data:
| Context |
Types of Personal data |
Primary Purpose |
| Client Information |
We collect the name and contact information of our clients and their employees with whom we may interact. |
We have a legitimate interest in contacting our clients and communicating with them about business activities such as projects, services, and billing. |
| Your Use of Our Website |
We use technology (e.g., a cookie or a pixel) to learn how you engage with our websites. This may include which links you click or what you type into our online forms. We may also track your IP address, the website that referred you to us, and data about your device. |
We have a legitimate interest in making our website operate. We also use it to understand how you interact with our websites, gather analytics, improve our websites, and learn your preferences. We may also use this data to help detect and prevent fraud. Where required by law, we base the use of technologies upon consent.
|
| Technology on Our Website for Targeted Advertising |
We may let third parties place tracking technology on our websites (e.g., a cookie or a pixel). The third party might also collect data over time and across other websites. Among other things, they may use this data to serve ads tailored to your interests, which may include ads about our products or services. |
Where required by law, we base the use of third-party tracking technologies upon consent. Users should see our Cookie Preference Center << insert hyperlink to cookie preference center >> for more information. [GT1] |
| Email Interactions |
If you receive email from us, we use tools to capture when you open our message, click on links or banners in it, or make purchases after receiving an email. |
We have a legitimate interest in understanding how you engage with our messages. |
| Job Applicants |
If you apply for a job, we collect information needed to process your application. This may include your social security number. Providing this information is required for employment. |
In some contexts, we are required by law to collect data about applicants. We also have a legitimate interest in using data to evaluate your application or consider you for other positions. If you become an employee, you will be provided with a separate privacy notice that explains how we collect, use, and share additional data about our employees. |
| Feedback/Support |
If you provide feedback or contact us for support, we collect your name and email, as well as other content that you share to reply. |
We have a legitimate interest in receiving and acting upon feedback. |
| Health Related Information and Public Health and Safety |
We may collect health related information from you if you schedule an appointment or participate in our clinical trials or studies. This may include medical information, mental or physical condition or treatment, or health insurance information. We may also collect data from employees, guests, and others who access our facilities. This may include body temperature, symptoms of illness, and underlying health conditions. |
We use your health related information to provide our services. We also have a legitimate interest in protecting the health and safety of our employees and guests. In some jurisdictions we may be required by law, regulation, or government order to collect and retain data related to public health and safety. We have a legal obligation to comply in such jurisdictions. |
| Scheduling Appointments or Participating in Clinical Trials or Studies |
When you enter your information to schedule an appointment or participate in a clinical trial or study, we collect data about you such as your contact information. |
We have a legitimate interest in operating our clinics and scheduling appointments, trials, and/or clinics. In some contexts, we are also required by law to collect information about those that schedule appointments or participate in our trials/clinics. |
How We Use Data
We also use data to:
- Identify you when you visit our sites or locations.
- Complete transactions.
- Improve or create services and products.
- Conduct analytics.
- Connect with you (e.g., addressing your requests, inquiries, issues, or feedback).
- Market our products or services.
- Market the products or services of our business partners.
- Find and prevent malicious, deceptive, fraudulent, or illegal activity (e.g., activities that might harm the rights, property, or safety of our company, users, employees, or others).
- Find and prevent security incidents.
- Enforce our policies and agreements.
- Debug, find, and fix errors that impair our website and services.
- Comply with legal or regulatory obligations.
- Establish or exercise our rights and defend against legal claims.
- Serve administrative purposes and manage our relationships.
- For other reasons with your consent.
The sections above describe our main purposes in collecting your data, but often we have multiple purposes. For instance, if you schedule an appoint or participate in a clinical trial or study, we may collect your information to perform our contract with you. We also have a legitimate interest in maintaining that data so that we can easily address questions about our services or your experience. As a result, our collection and processing of your data is based in different contexts on your consent, our need to perform a contract, our legal obligations, and/or our legitimate interest in conducting our business.
To the extent we store and use deidentified personal data, we will not try to reidentify the information, except to test our deidentification methods.
How We Share Data
In addition to the specific situations discussed elsewhere in this Notice we may share personal data in the following situations:
- Affiliates and Acquisitions. We may share data with our affiliates ( e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If a company acquires or enters negotiations to acquire, our company, business, or assets, we may share data with that company.
- Other Disclosures without Your Consent. We may share data to cooperate with law enforcement, participate in a legal process, or for legal compliance. We may share your data to establish or exercise our rights, to defend against legal claims, to investigate, prevent, or act on possible illegal activities, threats to safety of person or property, or a violation of our policies. Your data may be shared to ship products to or provide services by a third-party agent.
- Service Providers. We may share your data with service providers. Service providers may help us to run our website, conduct surveys, provide technical support, process payments, fulfill orders, and more.
- Professional Services. We may share personal data with our professional service providers, such as auditors or lawyers.
- Other Disclosures with Your Consent. We may share your data with third parties when you consent or direct us to.
Some jurisdictions require us to disclose whether the following categories of personal data are collected, shared with third parties for a “business purpose,” or “sold,” or transferred for “valuable consideration.” The table below indicates the categories of personal data we collect and transfer in a variety of contexts. W e do not “sell” your personal data for money.
| Category of Personal Data |
Category of Recipients |
||
| Disclosures for a |
Sharing for Targeted Advertising |
Sales |
|
| Identifiers – this may include real name, alias, postal address, unique personal identifier, online identifier, email address, account name, or other similar identifiers. |
|
|
N/A |
| Government Issued Identification – this may include social security number, driver’s license number, or state issued identification number, passport number. |
|
|
|
| Financial Information – this may include bank account number, credit card number, debit card number, and other financial information. |
|
|
|
| Health Related Information – this may include medical information, mental or physical condition or treatment, or health insurance information. |
|
|
|
| Characteristics of protected classifications – this may include age, sex, race, ethnicity, physical, or mental handicap, etc. |
|
|
|
| Professional or employment-related information – this includes, for example, information submitted by job applicants. |
|
|
|
| Inferences drawn from any of the information listed above |
|
|
|
| Additional categories of personal data described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) – this may include signature, physical characteristics, or description, insurance policy number. |
|
|
|
Your Choices
Some jurisdictions give you a right to make the following choices about your personal data:
- Access. You may request access to your personal data or confirmation that we have data about you. In certain limited cases, you may ask to receive access to your data in a portable, machine-readable form.
- List of Third-Party Recipients. You may request a list of specific third parties to which we have disclosed personal information. Please note, some jurisdictions also allow you to obtain a list of the categories of third parties to which we have disclosed personal information. You can find that information in the table above under the “How We Share Data” section.
- Change. You may ask us to correct inaccurate or incomplete data. Note that we may keep historical data in our backup files as permitted by law.
- Deletion. You may ask us to delete your personal data. If required by law, we will grant such a request, but note that in many cases, we must keep your personal data to comply with legal obligations, resolve disputes, enforce agreements, or for other business purposes.
- Opt-out of Targeted Advertising. You may opt-out of online tracking based targeted advertising (e.g., cookies) by clicking the cookie settings link here or the “Do Not Share” link on our homepage.
- Objection to or Restriction of Certain Processing. In certain circumstances, you may object to the processing of your personal data, or ask that we restrict processing of your personal data. To do so, follow the instructions below.
- Online Tracking. We do not recognize the “Do Not Track” signal.
- Promotional Emails. You may choose to provide us with your email address to allow us to send newsletters, surveys, offers, or other promotional content , as well as targeted offers from third parties. You can stop receiving such emails by following the unsubscribe instructions at the bottom of those emails. If you choose not to receive such emails, we may still send you service-related communications.
- Promotional Text Messages. If you get a text message from us that has promotional content, you can opt-out of future text messages by replying “STOP.”
- Revocation Of Consent. Where we process your personal data based upon consent, you may revoke consent. Note, if you revoke consent for processing personal data, we may no longer be able to provide you some types of services.
Not all the rights above are absolute, and they do not apply in all circumstances. We may limit or deny some requests because the law permits or requires us to. We will not discriminate against individuals who exercise their privacy rights under applicable law.
Submitting Requests
You may exercise the above rights by contacting us via the contact information below. If you disagree with our denial of a request, you may appeal our decision by contacting us with the subject line “Appeal.”
As required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name or the date of your last appointment, clinical trial, or study. We may also ask you to share a signed declaration confirming your identity. Following a request, we will use reasonable efforts to supply, correct or delete personal data about you in our files.
In some circumstances, you may designate an authorized agent to exercise certain privacy rights on your behalf. If you are an authorized agent submitting a request on behalf of an individual, you must attach a copy of a completed Authorized Agent Designation Form which shows that you may act on another’s behalf.
How We Protect and Retain Data
No method of internet transmission or electronic storage is fully secure. While we use reasonable efforts to protect your personal data, we cannot guarantee its security. If we are required to inform you about a security incident, we will do so electronically, in writing, or by phone, as the law permits.
We keep your personal data for only as long as necessary to fulfil the purposes in this Notice unless a longer retention period is required or permitted by law. This includes the purposes of satisfying legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data. We also weigh the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we obtained the data and whether we can meet those purposes through other means, as well as applicable legal requirements.
Third-Party Applications/Websites
We may provide links to websites and other third-party content or services that we do not own or operate. We have no control over the privacy practices of websites or services we do not own. For details about such third parties’ privacy practices, see their privacy notices.
Changes To This Privacy Notice
We may change our Notice and privacy practices. New notices will be published on our website. If changes are material, the Notice that was in place when you submitted personal data to us will generally govern that data unless you consent to the new Notice. Our Notice shows “effective” and “last updated” dates below. The effective date is the date the current version took effect. The last updated date is the date the current version was last substantively changed.
Contact Information
If you have questions, comments, or complaints on our privacy practices, or if you need to access this Notice in a different form due to a disability, please contact us. We will try to address your requests and provide you with additional privacy-related information.
Privacy@pinnacleresearch.com
5109 Medical Drive, Suite 200
San Antonio, TX 78229
Phone: (210) 982-0320
Additional Information For California Residents
California law requires us to disclose the following information on our privacy practices. If you are a California resident, the following disclosures apply to you in addition to the rest of the Notice.
- California Shine the Light. If you would like more information on the categories of personal data (if any) we share with third parties or affiliates for those parties to use for direct marketing, submit a written request using the information in the Contact Information section.
- California Sensitive Information Disclosure. We collect the following categories of sensitive personal data (as defined under California law): Personal information collected and analyzed concerning a consumer’s health. This data is collected to comply with laws, manage our business, or provide services. Note that we do not use such data for any purposes that are not identified within the California Privacy Rights Act Section 1798.121.
Effective Date: February 10, 2025
Last Update: _____________________
Hours:
Monday– Friday
9:00 AM-5:00 PM
Office Main: 972-433-9100
Fax: 214-583-2278