PRIVACY STATEMENT – PSR
PSR Group B.V. (“PSR”), having its registered office in Zaandam, the Netherlands and its business address at Planetenweg 5 (2132 HN) Hoofddorp, the Netherlands, process personal data in accordance with the General Data Protection Regulation (“GDPR”) and relevant local data protection legislation currently in force.
This privacy statement clearly explains:
- why does PSR collect personal data;
- what personal data PSR collects;
- how personal data will be collected;
- The use of the cookies, Google analytics and plugins;
- who receives personal data;
- how long does PSR store personal data;
- what are your rights and obligations regarding your personal data;
- what if you do not want to provide us with your personal data.
This privacy statement applies to:
- PSR’s business clients / contacts;
- PSR’s job applicants;
- visitors / users of PSR’s websites, such as but not limited to:
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”), in particular by reference to an identifier such as name, an identification number, location data et cetera.
“Processing” means any operation which is performed on personal data such as collection, use or storage.
Why does PSR collect personal data?
PSR collects and processes the personal data for the following purposes:
- to provide services to our clients – CRO services, recruitment and training;
- to stay in touch with potential clients and partners for marketing purposes;
- to assess / consider candidates with regard to a current and/or future job application;
- to support the persons that signed the petition on www.rarediseasepatient2030.com;
- to ensure PSR’s IT systems are secure and robust against unauthorised access;
- for other legitimate business interests.
There may be more than one business reason for processing your personal data. Furthermore, the reason(s) for processing your personal data will depend on what our services are you interested in.
The legal basis in the GDPR for processing your personal data is:
- the processing is necessary for the performance of the contract we have with you or in order to take steps at your request prior to entering into a contract; and/or
- that you have given your consent in relation to one or more purposes see above; and/or
- the processing is necessary to pursue legitimate interest primary business-related.
What personal data PSR collects?
The list below identifies the categories of natural persons (data subjects) that PSR process:
- potential partners – visitors of our webpages, medical seminars / webinars or events;
- client related persons;
- vendor related persons – investigators and lab staff;
- job applicants;
- employees and contractors.
The list below identifies the categories of personal data that PSR collects:
- name and contact information;
- personal data in CV – references, education and employment history
- ICT related personal data (login / password, IP-address, etc.);
- health related personal data (patient’s);
- GDPR-related personal data – consents, rights requests, etc.;
- HR-related personal data – employees, contractors and job applicants.
How personal data will be collected?
Your personal data will be collected primarily from you – through the online forms (our websites or via other channels), your visit card, emails, phone calls, application / recruitment process and others. We may possibly receive your personal data from a third party, too (for example from recruitment company). Further information will be obtained directly from you during the course of your engagement with us, for example through communication with you.
The use of the cookies, Google analytics & plugins
PSR uses analytical cookies for web research and statistics. We do so because we want to understand how visitors use our websites and it helps us to improve website’s content. Furthermore, we use functional cookies that are necessary for properly function of our websites. PSR collects anonymized data through these cookies and Google Analytics only.
Based on the law consent is not required for these types and our use of these cookies and Google Analytics.
Please note that you can find sharing buttons on our websites (for Facebook, Twitter etc.). Once you use these buttons you will be linked to the social media websites with their own privacy policies (they are not our personal data processors).
Finally, PSR uses various security measures to enhance the security of personal data processing – both internally and on webpages.
Who receives personal data?
Generally, all information collected through our websites will be sent through to company mailboxes and further processed in the company’s internal network. We use selected contract processors for the processing your personal data which assure the same level of your personal data security.
How long does PSR store personal data?
Generally, we will retain your personal data during the statutory (including fiscal) retention periods and limitation periods (“wettelijke bewaar- en verjaringstermijnen”). If such periods do not apply to the relevant personal data we will keep your personal data no longer than is necessary for the purposes for which the personal data are processed.
Your IP-address, collected during your website visits, will be deleted as soon as possible, unless there are security reasons for keeping it.
At the end of the retention period, your data will be reviewed and deleted, unless there is a specific reason for keeping it.
What are your rights and obligations regarding your personal data?
With regard to your personal data that PSR processes, you have the right to:
- be informed – this means that you will be informed that PSR started the processing of your personal data;
- access – this means that you have the right to access the personal data PSR keeps about you;
- rectification – should any data PSR keeps about you be incomplete or inaccurate, you have the right to request PSR to correct it;
- erasure – you have the right to ask PSR to erase your personal data from PSR’s systems where you believe there is no reason for PSR to continue processing it;
- restriction of processing – in certain cases you have the right to obtain from PSR restriction of processing;
- object to processing – in case of your particular situation and if PSR relies on a legitimate interest as the legal basis for the processing of your personal data, you have the right to object to processing;
- portability – this means that you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit those data to another party.
- withdraw the consent given – this means that you can withdraw your consent (if given) anytime, without affecting the lawfulness of processing based on consent before its withdrawal. However, in certain cases the processing of your personal data is also based on another legal ground and in that case PSR will continue using your personal data;
- not to be subject of the decision based solely on the automated processing – this means that PSR may not to make any decision based only on the automated processing. PSR does not process the personal data in this way.
Furthermore, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, www.autoriteitpersoonsgegevens.nl).
All these rights are subject to the conditions as laid down in the GDPR.
In order to exercise your rights, please send a request to the contact person stated below in this Privacy Statement. You have to properly identify yourself to enable the fulfilling the right.
What if you do not want to provide us with your personal data?
Finally, what happens if you do not want to provide PSR with your personal data? Providing appropriate personal data is a precondition for specific services, such as the performance of the executed contract, the possibility to successfully apply for a job, or where is a legal obligation to process the personal data. Failure to provide specific personal data may affect PSR’s ability to enter into a contract with you, to contact you and/or to proceed with the selection procedure (job applicant, investigator, etc.).
Amendment of this Privacy Statement
We reserve the right to change this Privacy Statement at any time. If we decide to change this Privacy Statement we will announce this, for example by publishing our amended Privacy Statement on our websites.
Questions / further information
Should you have any questions regarding this privacy statement and/or the processing of your personal data, please contact: Tamara Prins, GDPR@psr-group.com.
Ergomed plc group, that PSR is part of, appointed the group Data Protection Officer (DPO). To contact DPO, please send an email to: DPO@ergomedplc.com.