Privacy Policy

Privacy Policy

Effective Date: July 12, 2024

Healogix, LLC, located in Doylestown, PA, United States, is an independent, global, research-based strategic consultancy specializing in the biopharmaceutical industry. Healogix, LLC understands the importance of protecting the privacy of potential research participants and are committed to taking the appropriate steps to ensure that any personal identifiable information (“PII”) in its possession is treated confidentially.

When processing PII, Healogix, LLC adheres to industry-recognized data privacy standards including the Insights Association Code of Standards and Ethics for Market Research and Data Analytics.  Healogix, LLC is self-certified to the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework and committed to complying with the GDPR and the UK Data Protection Act.  Healogix, LLC makes all reasonable efforts to protect the privacy of potential research participants and to keep their personal information confidential and secure. Additionally, Healogix, LLC complies with applicable privacy laws and regulations governing privacy, data security and the disclosure, receipt and use of PII.

In this privacy policy Healogix, LLC clearly states why and how PII is processed and are transparent about how it is used for market research purposes.

COLLECTING Person Identifiable Information:

The PII that Healogix, LLC processes for market research purposes include, but are not limited to, the following:

  • Name (first and last)
  • Address information (including street address and/or email address)
  • Asset information such as IP Address (Internet Protocol)
  • Telephone numbers (including mobile, business, personal)
  • Personal characteristics including photographic image of the face
  • Geographical indicators
  • Employment, medical, education and financial information
  • Sensitive data including health information and biometric data

USE of Personal Identifiable Information:

Any PII that Healogix, LLC processes is used for market and opinion research purposes only and not for any other purposes such as advertising, marketing, and/or sales. Healogix, LLC uses the PII primarily to invite individuals to participate in a market research study or to contact individuals who have agreed to participate in a market research study. Healogix, LLC reports the research findings to the research sponsoring client, generally a pharmaceutical or biotech company, addressing the key objectives in aggregate while protecting the anonymity of research participants. PII that Healogix, LLC receives will be stored solely for the purpose of the research and kept as long as necessary to complete the research project. Healogix, LLC may also use your PII to defend our rights and the rights of others, to efficiently maintain our business, to comply with the law, and for other limited circumstances as described in Information Sharing below.

Information Sharing

Healogix, LLC may share your PII with the following third parties:

  • We share PII with service providers that perform functions on our behalf. These service providers include contracted transcribers.
  • In the event we enter into, or intend to enter into, a transaction that alters the structure of our business, including, but not limited to, a merger, acquisition, or sale, or disposition or our business, assets, or stock, we would share PII with third parties, including the buyer or target, for the purpose of facilitating and completing the transaction. We will also share PII with third parties if we undergo bankruptcy or liquidation in the course of such proceedings.
  • We will share PII with third parties where we are legally required to do so, such as in response to court orders, law enforcement or legal processes; to establish, protect, or exercise our legal rights or contractual obligations; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person. or to comply with the requirements of any applicable law.

Healogix, LLC Understands its Accountability for ONWARD TRANSFER:

Healogix, LLC generally outsources the recruitment of potential research participants to marketing research companies, vendors and contractors specializing in data collection and field services. Healogix, LLC will not transfer PII to any third party unless that company is a trusted partner and enters into a confidentiality agreement that requires them to provide an adequate level of data security and to implement limitations of use and disclosure. PII that is transferred is done specifically for research purposes only. Otherwise, Healogix, LLC will not disclose PII unless it is in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also provide PII to a third party in connection with the sale, assignment, or other transfer of the business of Healogix, LLC.

Healogix, LLC recognizes it may be liable for violations which occur during onward transfer to third parties.

Collecting PII through COOKIES:

Some pages on this website collect certain types of data through the use of “cookies,” which are small text files that are placed on your hard drive by the website to store information related to you or your device. These files are used for site registration and to customize your user experience on the website. Cookies identify you to the website and assist in loading your preferences and tracking the pages you visit. If your browser is set up to automatically accept cookies, it will add this small file to your hard drive without any input from you. You can configure your web browser to warn you when it receives a cookie in order to be given a choice to accept or reject a cookie, or your browser may be configured to automatically refuse cookies. Refer to the “Help” menu of your browser to learn how to change your cookie preferences. By not accepting cookies, you may have to manually input user IDs and passwords to access certain information on this website and some pages may not fully function.

 DO NOT TRACK Signals

This website honors “do not track” signals.

Third Party Websites

The policies and procedures described in this privacy policy do not apply to websites not owned by Healogix, LLC. If you link to or otherwise visit any other sites managed by third parties, you should review the privacy, security, data collection and distribution policies of such websites directly. Healogix, LLC has no control over those sites and is not responsible or liable for the policies and practices followed by third parties.

How Healogix, LLC Keeps PII Data SECURE:

Healogix, LLC stores and processes your PII on servers located in the United States. Healogix, LLC abides by the principles of the Data Privacy Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of PII.

Internal policies and procedures have been developed and implemented by Healogix, LLC to protect PII. Healogix, LLC have security safeguards in place to prevent risks such as loss, misuse, unauthorized access or unauthorized use. For example, Healogix, LLC stores personal identifiable information on secured servers and performs all onward transfers via a Secure File Transfer Protocol (SFTP) site.

Healogix, LLC is committed to providing training and policy updates to each employee to protect PII as required by law to ensure its employees adhere to the principles of the Data Privacy Framework, the General Data protection Regulation (GDPR) and the UK Data Protection Act.

PURPOSE for Which Healogix, LLC Collects PII and its Commitment to DATA INTEGRITY:

Consistent with the Data Privacy Framework, GDPR principles, and the UK Data Protection Act, personal information is received, stored and processed for market research purposes only. We take reasonable steps to ensure data is reliable for its intended use, accurate, complete and current. PII is retained for as long as needed to complete the research.

How You Can ACCESS, Correct or Erase Your Information

You have a right to access your personal identifiable information. If you would like to correct errors in your personal information (name, e-mail address, etc.) please contact Healogix, LLC by emailing [email protected] or by calling 267-858-6044.

You Have the CHOICE to Opt-Out:

You may request that Healogix, LLC erase your personal information at any time. You may also opt-out or request that invitations from Healogix, LLC and their 3rd party suppliers discontinue by emailing [email protected] or by calling 267-858-6044.

California Privacy Rights

California Civil Code Section 1798.83 permits users that are California residents to request certain information regarding our disclosure of personal information to third parties for such third parties’ direct marketing purposes. Healogix, LLC does not disclose PII for advertising, marketing, or sales purposes, but if you are a California resident and would like to make such a request, contact us by email at [email protected] or by calling 267-858-6044.

 

Data Protection Governance

Healogix complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Healogix has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Healogix has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Pursuant to the Data Privacy Framework, individuals in the EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain PII relating to them in the United States. Upon request, we will provide you with access to the PII that we hold about you. You may also correct, amend, or delete the PII we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate PII transferred to the United States under Data Privacy Framework, should direct their query to Nadya Serrano, DPO. If requested to remove PII, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive information, before we share your PII with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request limiting the use and disclosure of your PII, please submit a written request to Nadya Serrano, DPO ([email protected]).

In certain situations, we may be required to disclose PII in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Healogix, LLC’s accountability for PII that it receives in the United States under the Data Privacy Framework and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Healogix, LLC remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process the PII on its behalf do so in a manner inconsistent with the Data Privacy Framework Principles, unless Healogix, LLC proves that it is not responsible for the event giving rise to the damage.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Healogix, LLC commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Healogix, LLC at:

Nadya Serrano
Senior Director, Fieldwork Operations & Data Protection Officer
108 N. Main St, Doylestown, PA 18901
[email protected]
267-858-6044

You may also contact our GDPR representatives:

UK General Data Protection Regulation (GDPR) – UK Representative

Pursuant to Article 27 of the UK GDPR, Healogix has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

– by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/

– by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom

 

General Data Protection Regulation (GDPR) – European Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Healogix has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

-by using EDPO’s online request form: https://edpo.com/gdpr-data-request/

-by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

Email: [email protected]

Healogix, LLC has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, the Insights Association Data Privacy Framework Program, a non-profit alternative dispute resolution provider located in the United States and operated by the Insights Association. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.insightsassociation.org/Resources/Data-Privacy-Framework/Information-for-EU-Swiss-Citizens-to-file-a-complaint for more information and to file a complaint. This dispute resolution service is offered at no cost to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.

With respect to PII received, processed, or transferred pursuant to the Data Privacy Framework, Healogix, LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission. If Healogix, LLC becomes subject to an FTC or court order based on non-compliance, Healogix, LLC will make public any relevant Data Privacy Framework-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements.

 NON-EU Visitors

Without limiting Healogix, LLC’s obligations under the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework, if you reside outside of the European Union, please be aware that any information that you provide to Healogix, LLC will be transferred to the United States. By providing Healogix, LLC with your PII, you consent to such transfer and understand that the United States may not provide the same level of protection as the laws in your country.

 Changing Our Privacy Policy

This privacy policy became effective as of the date set forth above. Healogix, LLC reserves the right to make changes to this privacy policy from time to time at its discretion. Healogix, LLC will update the effective date posted at the top of this webpage and post an updated privacy policy for any changes made to the privacy policy. We recommend that all visitors and users of this website re-visit this privacy policy page frequently to learn of any new privacy practices or changes to this privacy policy. Your continued use of this website constitutes an act of acceptance of any changes to this privacy policy.