Submit a RFP/RFI

Tailored Clinical Research Solutions Limited (“TCR-Solutions”)

Privacy Notice

This privacy notice governs the collection, storage, use of personal information collected by TCR-Solutions, which is the data controller of the personal data it collects.

Please read this privacy notice carefully – by using our services and our website, you confirm that you have read, understood, and agree to this privacy notice in its entirety. If you do not accept them, you should not use our services or website.

This notice provides details about the personal information we collect from you, how we use your personal information, and your rights regarding the personal information we hold about you.

Personal data means data that relate to a living individual who can be identified from that data, or from that data and other information which is in our possession, or is likely to come into our possession, and includes any expression of opinion about an individual and any indication of our intentions or the intentions of any other person in respect of the individual.

We will use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose if required, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Where we need to collect personal data by law or under the terms of a contract with you, and you fail to provide that data on request, we may not be able to perform the contract we have or are trying to enter into with you (e.g. to provide you with services). In this case, we may have to cancel a contract or service you have with us. We will tell you if this is the case.

You can set your browser to refuse all or some browser cookies which process your data or to alert you when websites set or access cookies. For more information about the cookies we use, see our Cookie Policy.

Who we are

Tailored Clinical Research Solutions Limited is a clinical research organisation registered in England and Wales as a limited liability company, and whose registered address is 2 Hinksey Court, Church Way, Oxford, England, OX2 9SX

TCR-Solutions is the data controller of this website and the personal details of its staff.

TCR-Solutions also conducts data processing activities on behalf of its clients who will be the data controller for such activities.

Where TCR-Solutions is a data processor, we may only process personal data in accordance with the controller’s documented instructions as set out in a data processing agreement or contractual arrangements between us and our clients. We may only transfer personal data out of the UK and EEA and appoint sub-processors as permitted by the data processing agreements in place and applicable data protection legislation.

TCR-Solutions is also given data sets for the purposes of research in a pseudonymised format which means the data subject will not be identifiable to TCR-Solutions because we have no access to the code that will re-identify the data.

Children

This website does not target and is not intended for children under the age of 13. TCR-Solutions does not knowingly solicit information from children under the age of 13.  If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing your information a part of our service provision and your country requires consent from a parent, we may require your parent’s consent before we collect and use that information.

How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances (more than one may apply):

  • With your explicit consent (which you may withdraw at any time)
  • Where we need to perform a contract, we are about to enter into or have entered into with you
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation
  • Where it is in the public interest to do so
  • With your explicit consent where relevant and appropriate

This may include things like:

 

  • contacting you
  • providing services to you
  • personalisation of content, business information, or user experience on our website
  • account setup and administration
  • delivering marketing and events communication
  • carrying out polls and surveys
  • internal research and development purposes
  • meeting internal audit requirements
  • selling or reorganising our business or to work with business partners
  • providing third party services to us, for example, obtaining legal and financial advice

How Is Your Personal Data Collected By Us?

Through direct interactions: We use different methods to collect data from and about you, which may not always be collected directly from you.

You may give us your identity data, contact data, and financial data by filling in forms or by corresponding with us by post, telephone, email, or otherwise. This includes personal data you provide when you do any of the following:

  • Contact us to request our services
  • Make an enquiry to our website
  • Send us your CV or biography
  • Share your knowledge and expertise with us
  • Approach and/or contract with us to perform services
  • Take part in research either online, through video conferencing, by phone, or face to face
  • Meet us at an event
  • Give us feedback
  • Contact us online in a networking or social media forum

Through automated technologies: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns. This may also include your internet protocol (IP) address, browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. We collect such personal data by using cookies, server logs, and other similar technologies.

When You access the website by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data.

We may also collect information that your browser sends whenever you visit our website or when You access the website by or through a mobile device.

Please see our Cookie Policy  for further details.

Through third parties: We may receive personal data about you indirectly, from various third parties and publicly available sources including those below:

  • Agents and recruitment consultants
  • Suppliers
  • Analytics providers
  • Search information providers such as Google, Chrome
  • Partner institutions and our clients
  • Healthcare provider organisations
  • Social media sites
  • Identity and contact data from publicly availably sources such as Companies House and the Electoral Register, British Medical Association, Association of the British Pharmaceutical Industry, Health Research Authority, National Institute for Health Research, and similar international organisations, if applicable
  • Medical journals and conference organisers
  • Third-party data collection specialists
  • Technical data from the following:
    • Our website hosting provider may collect your IP address; however, this information is anonymised so TCR-Solutions does not receive such data in a way that it can be personally identifiable
    • We generate log files about browsing patterns; this is statistical data which does not identify you as an individual
    • This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”); Google Analytics uses cookies to analyse how visitors use the website

Healthcare Provider Organisations. As part of research studies conducted by TCR-Solutions on behalf of clients we collect from or are given pseudonymised patient data by Healthcare Provider Organisations for example hospitals, study sites, general practices. In these cases the data is not collected directly from the patient (Data Subject). TCR-Solutions does not hold the re-identification criteria or “key” to this personal data. Therefore TCR-Solutions is unable to confirm to any data subject whether they hold their personal data or from which Healthcare Provider Organisation from which it came.  Without the ability to re-identify the data subject, TCR-Solutions is unable to provide a data protection notice directly to any of the data subjects held in these pseudonymised patient records. In these cases the original data protection notice issued to the data subject by the data controller will apply.

What Personal Data May We Be Collecting About You?

As a business we may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity data include first name, last name, maiden name, username or similar identifier, date of birth, emergency contacts, marital status, profession, title, and gender
  • Contact data include billing address, delivery address, email address, and telephone numbers
  • Marketing and communications data include your preferences in receiving marketing and or newsletters from us and any communication preferences collected
  • Financial data include bank account and payment card details
  • Transaction data include details about payments to and from you
  • Technical data include IP address and browser information
  • Profile data including your feedback, interests, preferences and any survey responses
  • Aggregated data are statistical or demographic data for any purpose and may be derived from your personal data but are not considered personal data by law, as these data do not directly or indirectly reveal your identity
  • Usage data including information about how you use our website
  • Educational and biographical data include information about your work history, job title, specialisms, qualifications, professional licence numbers for accredited bodies, progression, achievements, and extra-curricular activities
  • Research data include any personal and or special categories of personal data including health data, genetic or biometric data, and data that relate to your sexual orientation or sex life that you have shared with us as a participant in a research study or survey or as part of our agreement with you; such data may exist in a pseudonymised form with a code and we may not know which individual the code relates to
  • Pseudonymised Data such as patient records not collected directly from a patient via a Healthcare Provider Organisation such as a hospital or doctor’s general practice. There is no way for TCR-Solutions to re-identify this data as the re-identification criteria or “key” always remains with the Healthcare Provider Organisation in these circumstances.

How Does This Website Collect Your Data?

This website collects personal data to enable us to contact you or identify you, and to power our site analytics, including:

  • Your name, email address, telephone number and address
  • Information about your IP address, browser type and version, login data, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website
  • Web pages you visited prior to coming to this website
  • Your mobile device IP address, your mobile operating system and browser

This information may also include details about your use of this website, including:

  • Clicks
  • Internal links
  • Timestamps
  • Scrolling
  • Searches
  • Pages visited

These functional and required cookies and web beacons are always used to securely provide and maintain this website for you. we also use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to meet our customer’s needs and expectations.

You can choose to accept or decline cookies on our website. Those analytics and performance cookies that are used on this website, as described above, are used only when you acknowledge our cookie banner.  Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer; however, this may prevent you from taking full advantage of the functionality of a website.

When someone visits our website we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

For further details about our use of cookies see our Cookies Policy.

External Links & Sharing

This website may include links to external websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow other parties to collect or share data about you. We do not control these external websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Sharing Your Data With Third Parties  

We may have to share your personal data with third parties, including those outlined below. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

This includes the following external third parties:

  • Key service providers who provide compliance, IT, and system administration services; these include Microsoft Corporation (for Microsoft Applications including Teams and SharePoint), Zoom Video Communications, Inc., for teleconferencing and webinar services
  • Professional advisers including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services
  • HM Revenue & Customs, regulators, and other authorities based in the EEA or outside the EEA who require reporting of processing activities in certain circumstances including the public interest
  • Marketing providers, including The Rocket Science Group LLC (trading as MailChimp) and/or GoogleForms supplied by Google LLC for marketing activities
  • Third parties identified in our contracts with you who assist with the performance of services or the supply of goods by us
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets; alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice

By providing us with your personal data you agree that we may share personal data, on a confidential basis, with third-party individuals and organisations that assist us, including contractors, financial service providers, web hosts, and others as set out above in order to carry out our business.

How Long We Keep Your Data

We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We are required by law to keep basic information about our customers (including contact, identity, financial and transaction data) for at least 6 years after they cease being customers for legal and tax-reporting purposes. At the end of the retention period, your personal data will be securely deleted or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.

How We Protect Your Data

We implement appropriate technical and organisational measures to protect the data that we process from unauthorised loss, disclosure, use, alteration, or destruction and to ensure business continuity and disaster recovery including the use of password protection, appropriate encryption, and secure file transfer protocols. Access to all personal information we hold is restricted strictly to those with a need to know to carry out their role or function to us and we ensure all staff and contractors with access are appropriately trained.

International Transfers

We may share your personal data within our international clients and partners. This may involve transferring your data outside the EEA or the UK.

For UK and EU personal data, whenever we transfer your personal data out of the EEA or the UK, we ensure a similar degree of protection is afforded by implementing at least one of the following safeguards:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data. For further details, see
  • Where we use certain service providers, we may use specific contracts approved by the European Commission and/or ICO as appropriate which give personal data the same protection it has in Europe. For further details, see  These contracts are often referred to as ‘Standard Contractual Clauses’ and ‘International Data Transfer Agreement’.

Your Rights And Complaints

You have the following rights in respect of your personal data:

  • You have the right of access to your personal data and can request copies of it and information about our processing of it
  • If the personal data we hold about you in incorrect or incomplete, you can ask us to rectify or add to it
  • Where we are using your personal data with your consent, you can withdraw your consent at any time
  • Where we are using your personal because it is in our legitimate interests to do so, you can object to us using it this way
  • Where we are using your personal data for direct marketing, including profiling for direct marketing purposes, you can object to us doing so
  • You can ask us to restrict the use of your personal data if:
    • It is not accurate
    • It has been used unlawfully but you do not want us to delete it
    • We do not need it any-more, but you want us to keep it for use in legal claims
    • if you have already asked us to stop using your data but you are waiting to receive confirmation from us as to whether we can comply with your request.
  • In some circumstances you can compel us to erase your personal data and request a machine-readable copy of your personal data to transfer to another service provider
  • You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

Where we have not collected the data directly from you, you have similar rights which may require you to communicate your request to the data controller from which TCR-Solutions  received the data (TCR-Solutions would not have the ability to identify you should your data reside within a pseudonymised data set).

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

If you wish to exercise your rights, please contact us at . You can also lodge a complaint with the Information Commissioner’s Office. They can be contacted using the information provided at: https://ico.org.uk/concerns/.

Contact

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please email us at . Please note that this email address is not intended or designed for any other communications.

Changes To This Privacy Notice

We may update this policy from time to time as shown below. We will notify of the changes where required by applicable law to do so.

Last modified 31 January 2024