Global Privacy Policy

The purpose of this Policy is to describe Anju Software, Inc.’s (“Anju”) privacy practices in compliance with federal and international regulations that govern clinical research, the EU-U.S. Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and EU General Data Protection Regulation (GDPR) regarding the processing, transfer and hosting of personal information.  This Global Privacy Policy does not apply to California residents.  See PR-04 California Privacy Policy.

This Policy applies to information, including personal information, collected, processed, and stored by Anju and its affiliates: MDC Partners, b.v.b.a., Anju ClinPlus LLC, Anju Sylogent LLC, Anju Zephyr Health LLC, OmniComm Systems Inc., OmniComm USA Inc., and Online Business Applications Inc.

Collectively, Anju and these affiliates may be referred to in this Policy as “Anju”, “we”, or “us”.

Anju respects the fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. This includes data from its customers, sponsors, employees, clinical trial participants, healthcare professionals, researchers, data managers, physicians, regulatory affairs officers, clinical investigators, investors, business partners, and others. Anju collects, processes, and uses personal information in a manner that is consistent with the laws of countries in which the organization does business. Furthermore, data is only collected for specified, explicit and legitimate purposes detailed in initial agreements and contracts in which the data subject provides consent. Data is not further processed in a manner that is incompatible with those purposes.

To the extent permitted by applicable law, by using Anju’s products or services and providing Anju with personal information, you agree to the practices described in this Privacy Policy and to updates posted here from time to time.  If you are based in the European Economic Area (“EEA”) or United Kingdom (“U.K.”), this Privacy Policy serves as notice of how Anju treats personal information for which Anju is a controller.  Anju will request your express consent as required by applicable laws.

As used herein, personal information means any information that identifies, relates to, describes, references, or is reasonably capable of being associated with an identified or identifiable natural person.

Anju collects personal information from the following sources:

• Directly from data subjects. For example, during account registration from forms you complete, or from other data you provide directly to us.
• Indirectly from data subjects. For example, from observing your actions on our Websites.
• From third parties. For example, third party social networking providers and advertising companies, our affiliates and service providers who provide services or information to us. If you do not want us to collect information from social networks, you should review and adjust your privacy settings on those networks as desired.
• From publicly available sources. For example, online database searches.

Anju may collect the following types of personal information directly from data subjects:

• Information about employees collected during the hiring process such as first name, last name, contact email, phone number, address, education, and work history.
• Personal information from customers (such as an e-mail address, system information, telephone numbers) in order to communicate with customer and to provide online technical support and troubleshooting. If any customers choose to correspond with us through electronic communication (e.g., email, online chat, or instant messaging), we may retain a copy of the electronic communication together with the customer’s email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received by mail and telephone.
• Information about users of our software systems that helps us conduct business, such as the types of products, geographic locations, and demographics.
• Transaction Information about how the user interacts with Anju, including purchases, inquiries, customer account information, and information about the use of the Anju website and applications. We collect this information when users visit our website, call us, use our applications, or otherwise contact us, such as for customer service purposes.
• When visiting Anju’s website, we use cookies to collect information about individuals using our website and applications. We treat this information as personal information when it is associated with your contact information. For more information about cookies, please see the section Cookies Statement and Anju Cookie Policy Addendum.

Anju may collect this information when you visit our websites, request information about our products or services, apply for an employment opportunity, or express interest in participating in a clinical trial.

Our websites may automatically collect certain personal information about you. By way of example, this personal information may include:

• IP address, which is the number associated with the service through which you access the Internet, such as through your ISP (Internet service provider);
• Date and time of your visit or use of our websites;
• Domain server from which you are using our websites;
• Type of computer, web browsers, search engine used, operating system, or platform you use;
• Data identifying the web pages you visited prior to and after visiting our websites;
• Your movement and activity within the website;
• Geo-location information through the use of any of our mobile applications;
• Mobile device information, including the type of device you use, operating system version, and the device identifier (or “UDID”); and
• Mobile application identification and behavior, use, and aggregated usage, performance data, and where the application was downloaded from.
• If you sign up for text messaging, cookies or other tracking devices may be used to personalize your experience (for example, to send you personalized text message offers).

Anju may use cookies, SDKs, tracking pixels and similar technologies, which are small files that a website or mobile application stores on your device that recognizes the user’s browser or device and captures and remembers certain information.

We use these technologies to recognize you when you visit our websites and to optimize the functionality of our websites and services.

Anju may collect the following types of personal information from sources other than the data subjects:

• Personal information that is publicly available, which may include name, contact information, job position and title, employer or organizational affiliation, educational and professional credentials, and National Provider Identifier.

We collect this information from publicly available websites and directories.

Anju’s customers may utilize Anju’s software or services to store personal information of data subjects.  Under these circumstances, Anju’s customer is the controller of this personal information while Anju is the processor of this personal information.  Any personal information that is related to the use of the Anju software products or personal data developed in specific medical or pharmaceutical research studies is the responsibility of the customer, as the controller.  For information about personal information collected by Anju’s customers, you should contact those customers or refer to their publicly available privacy policies.

Personal information provided by you will be used for the purposes for which it was provided, such as fulfilling a contract or processing an employment application, and for any other purposes for which you provide their consent.  Anju may also use this information for its own legitimate purposes, such as monitoring the activity of users on its websites.

You may withdraw your consent to such use of your personal information by contacting our data protection officer using the contact information provided below or by utilizing the opt-out or unsubscribe links contained in our communications to you.

Anju generally does not rely upon consent as a legal basis for collecting personal data from publicly available sources or for processing personal data that we collect from these sources.  Anju processes publicly available personal information where it is necessary for our legitimate interests (or those of a third party) in conducting and managing our business to provide our customers with our advertised services, including the execution and management of clinical trials.  Those legitimate interests include the use of the publicly available personal information collected by our applications for commercial purposes related to the identification of, and communication with, targeted Key Opinion Leaders (“KOL”) for various medical and/or scientific engagements and collaborations. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.  We do not use your publicly available personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).  You can obtain further information about how we assess our legitimate interests against any potential impact on you by contacting our data protection officer.

We may disclose your personal information to other parties, including:

• Our affiliates
• Service providers
• Life sciences industry companies, analytics companies and other third parties with whom we have business relationships
• Government regulators
• Our legal advisors and parties involved in a legal process
• To an entity involved in the sale of our business
• Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or Services we provide to you

Personal data is only shared by Anju with third parties who require it for specific business purposes.

Data is transferred only for the scope of purpose it was initially intended and not for any other reasons. Where applicable, these third parties must agree to abide by the same level of privacy protection as required by Data Privacy Framework principles for EU, UK, and Swiss Individuals.

Service providers may include data centers who store employee contact information such as name, email, phone number of a select group of employees as part of the approved access list. The employees in the list have limited access to the data center to provide maintenance of servers. These typically involve members of the IT department and the individuals responsible for conducting third party vendor audits.

You may contact Anju’s data protection officer by email at: dataprotection@anjusoftware.com or by mail at:

Anju Software, Inc.
Attention: Data Protection Officer
4343 Commerce Court, Suite 501
Lisle, IL 60532 USA

Alternatively, if you have questions about this privacy and cookie notice, our data collection practices, or your rights, please complete the online form.

As required by applicable laws, and subject to any permitted exceptions and limitations, we will comply with any verified consumer request you submit with respect to your personal information. You may exercise these rights by contacting Anju’s data protection officer.  Alternative options may also be presented on the website.

Rights of Individuals in Europe

This section of our Privacy Policy is intended to comply with the GDPR and applies only to individuals whose data is collected by Anju from within the EEA, Switzerland, or the U.K.

Anju is the controller (as defined under the GDPR) for the processing of personal information it collects from individuals located in the EEA, Switzerland, or the U.K.

Subject to applicable law, you may be able to exercise any of the following rights in relation to your personal information:

• Right to know what information we have about you: This is known as the “right of access” and gives you the right to find out what, if any, personal information we have about you, how we process it, and to request a copy of the personal information.
• Right to correct your information: This is known as the “right of rectification” and gives you the right to ask that we correct or complete any personal information we have about you.
• Right to delete your information: This is known as the “right to erasure” or “right to be forgotten” and gives you the right to ask us to delete your personal information.
• Right to change how we use your information: This is known as the “right to restrict processing” and gives you the right to ask us to change how we use your personal information in certain circumstances, such as where you contest the accuracy of the data or object to us using it in a certain way.
• Right to move your information: This is known as the “right to data portability” and gives you the right to ask to receive your personal information from us in a structured, commonly used and machine-readable format or to have it transmitted to another controller.
• Right to stop us from using your information: This is known as the “right to object” and gives you the right to ask us to stop using your personal information when applicable.
• Rights relating to how we use your information to categorize you or make decisions about you: This is known as the “right in relation to automated decision-making and profiling”: You have the right to be free from decisions we may make that are based solely on automated processing of your personal information, including profiling, if they produce a significant legal effect on you, unless such decision-making or profiling is necessary for entering into or performing a contract between you and us, or is made with your explicit consent.
• Right to withdraw consent: If we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This will not affect our use of your data before we received notice that you wished to withdraw your consent.
• Right to file a complaint with the supervisory authority: If you have a concern about our privacy practices, including the way we handled your personal information, you can report it to the supervisory authority that is authorized to hear those concerns in your jurisdiction, although we invite you to contact us with any concern as we would be happy to try and resolve it directly.

You may exercise these rights by contacting our data protection officer, and we will respond to your requests in the time period stated by applicable law. Alternatively, if you have questions about this privacy and cookie notice, our data collection practices, or your rights, please complete this form.

Anju does not undertake decisions based solely on automated processing or profiling of individuals that produce legal or similarly significant effects.

Anju has in place appropriate safeguards in accordance with applicable legal requirements to provide adequate protections for any personal data transferred from the EEA, Switzerland, or the UK to the United States. Anju uses the European Commission ‘Standard Contractual Clauses’ and has incorporated them into our Data Processing Agreements as well.

Anju complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Anju has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles, and the UK Extension to the EU-U.S. Data Privacy Framework Principals (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Anju has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, and the UK Extension to the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit Data privacy framework website.

Anju utilizes reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process and to prevent unauthorized disclosure of data.

Anju provides services internationally and receives information from all over the world. Whenever Anju is required to transfer personal information, regardless of where this occurs, Anju protects confidentiality, integrity, and availability of personal information by physical and logical security measures.

Anju takes steps through Anju’s validation process to ensure that personal information is reliable to its use, that the data is accurate, complete, and current. Anju does not process information that is incompatible with the original purposes for which it has been collected unless subsequently authorized by the individual.

In compliance with the EU-U.S. DPF Principles and the UK Extension to the EU-U.S. DPF Principles, and the Swiss-U.S. DPF Principles, Anju commits to resolve complaints about our collection or use of your personal information.

Anju has further committed to refer unresolved Data Privacy Framework complaints to the International Centre for Dispute Resolution/American Arbitration Association (ICDR/AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the ICDR/AAA are provided at no cost to you.

Anju has further committed to cooperate with the panel established by the EU Data Protection Authorities (DPAs) with regard to unresolved Data Privacy Framework complaints concerning human resources data transferred from the EU in the context of the employment relationship.

All individuals are encouraged to please forward any complaints, issues, concerns, or questions regarding the collection, the use or disclosure of personal information to dataprotection@anjusoftware.com or to:

Anju Software, Inc.
Attention: Data Protection Officer
4343 Commerce Court, Suite 501
Lisle, IL 60532 USA

For non-HR data transferred from the EU, and the UK, or Switzerland, Anju has registered with the American Arbitration Association (AAA) as an independent recourse mechanism to resolve complaints at https://go.adr.org/dpf_irm.html.

For HR data transferred from the EU for use in the context of the employment relationship, Anju has registered with the EU Data Protection Authorities (DPAs) as an independent recourse mechanism to resolve complaints at http://ec.europa.eu/justice/data-protection/bodies.

Anju will retain personal information for as long as the account is needed to provide products or services; as outlined in previously stated agreements at the time of collection; and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements; or to the extent permitted by law.

At the end of the retention period, Anju will delete this personal information in a manner designed to ensure that it cannot be reconstructed or read.

Anju’s sites, products, and services are not intended for and may not be used by children under the age of 18. We do not knowingly collect information from children under the age of 18 and we do not target our sites or services to children under the age of 18.

We may update this Privacy Policy from time to time. Any updated version of this Privacy Policy will be effective as of the date set forth therein.

The Anju organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

There exists the possibility, under certain conditions, for the individual to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Anju is required to disclose personal information in response to lawful requests by public authorities, including those necessary to meet national security or law enforcement requirements.

Anju acknowledges the potential liability in cases of onward transfers to third parties of personal data of EU and UK individuals and/or Swiss individuals received pursuant to Data Privacy Framework.

The Global Privacy Policy is disclosed in Anju’s webpage as required for data privacy regulations, EU- U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework, and Swiss-U.S. Data Privacy Framework compliance. The policy may be referenced at http://www.anjusoftware/privacy-policy.

Anju Software, Inc. (Anju) Use of Cookies

Cookies are small text files that are stored by the web browser on your device. These files allow us to recognize when you come back, so that we can provide a seamless navigating experience for our users.  Some are essential to make our site work properly, and others help us improve the user’s experience.

One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. When you return to the same website, the information you previously provided can be retrieved, so you can easily use the customized features.

Anju also keeps track of the pages you visit within the website in order to determine what portion of the Anju website or subscription service is used the most by users. This data is analyzed to deliver promotions within the Anju website and subscription service to customers whose behavior indicates that they are interested in a particular subject area.

What Type of Cookies Are Collected?

First-party cookies are cookies that belong to Anju, third-party cookies are cookies that another party places on your device through our website. Third-party cookies may be placed on your device by someone providing a service for Anju, for example to help us understand how our service is being used. For instance, we may also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

Strictly Necessary Cookies

These cookies are essential to enable you to browse around our website and use its features. Without these cookies, basic functions of the website cannot be provided.

Performance Cookies

Collect information about how you have used our website. These cookies may also be used to allow us to know what you have viewed so that we can serve you better content. The information collected is used to improve how the website works.

Functionality Cookies

These cookies allow us to remember how you’re logged in, whether you chose to no longer see advertisements, when you logged in or out, the state or history of tools you’ve used. These cookies also allow us to tailor the experience to provide enhanced features and content for you and to remember how you’ve customized the browsing experience in other ways. The information these cookies collect may be anonymous, and they are not used to track your browsing activity on other sites or services.

When running an Anju product, the use of cookies is required to maintain session information. Only session cookies are used; no information is retained after the user logs off. By logging on to an Anju product, the user is accepting the use of cookies.

Targeting Cookies

Anju, our advertising partners, or other third-party partners may use these types of cookies to deliver advertising that is relevant to your interests. These cookies can remember that your device has visited a site and may also be able to track your device’s browsing activity on other sites or services other than Anju’s. Our ad network partner use cookies and web beacons to collect non-personal information about your activities on this and other Web sites to provide you targeted advertising based upon your interests.

Options

You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can modify your browser setting to decline cookies at your will. For detailed information on how to modify, disable or enable cookies in your browser of choice, you may refer to  www.allaboutcookies.org/manage-cookies/google-chrome.html or

Google Chrome

For more information on other cookie settings offered in Chrome, refer to the following page from Google: https://support.google.com/chrome/answer/95647

Microsoft Internet Explorer 6.0, 7.0, 8.0

For more information on other cookie settings offered in Internet Explorer, refer to the following page from Microsoft: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies

Mozilla Firefox

For more information, refer to the following page from Mozilla: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Safari on OSX

For more information on other cookie settings offered in Safari, refer to the following page from Apple: https://support.apple.com/kb/ph21411

Note that by disabling certain categories of cookies, you may not be able to fully experience the interactive features of the Anju Websites. Also note that by declining strictly necessary cookies on Anju Websites that only use strictly necessary cookies, you may not be able to access or use that particular Anju Website. To opt out completely from us having your information, you may email optout@Anjusoftware.com