Privacy Notice for the Clinical Trial’s Websites
In Heads (hereinafter referred to as the “Company” or “we”) we consider Data Protection an integral part of our operational business principles and are committed in respecting your privacy and complying with all applicable laws on data protection, including the General Data Protection Regulation (GDPR), ensuring that personal data is:
- a) processed lawfully, fairly and in a transparent manner in relation to data subjects (GDPR “lawfulness, fairness and transparency” principle of processing personal data);
- b) collected for specified, explicit and legitimate purposes and not further processed in any manner that is incompatible with those purposes (GDPR “purpose limitation” principle of processing personal data);
- c) adequate, relevant and limited to what is absolutely necessary for the purposes for which they are processed (GDPR “data minimization” principle of processing personal data);
- d) accurate and, where necessary, kept up to date; every reasonable step is taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (GDPR “accuracy” principle of processing personal data);
- e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to implementation of the appropriate technical and organizational measures required by applicable data protection legislation in order to safeguard the rights and freedoms of data subjects (GDPR “storage limitation” principle of processing personal data);
- f) processed in a manner that ensures appropriate security of the personal data (including when applicable, anonymization or pseudonymization), including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage using appropriate technical and organizational measures (GDPR “integrity and confidentiality” principle of processing personal data);
- g) transferred to a third country, outside the European Economic Area, or international organization, only when adequate level of protection is ensured to safeguard the rights and freedoms of data subjects.
In the context of protecting the privacy of our website visitors, we are sharing this privacy notice with you to explain how we collect, process, and use the personal data we receive via our website, the email or phone numbers mentioned within it, and the contact form through which you can directly contact us, and inform you of the rights you have in relation to these data. This notice is subject to modifications at any point in time; hence we advise you to periodically check this page to remain informed and updated on any amendments.
What personal data do we process?
We collect identification data concerning you (login username and password), information that you voluntarily submit through the website, or the information you provide to us when you contact us by email or phone or through the contact form. We collect and process your personal data exclusively for technically ensuring that you can login and use the website and for communicating with you, fulfilling your request and improving our services.
How do we process your personal data, for what purposes and with which legal basis?
The processing of your personal data is necessary in order for you to login and use the website so that you can perform your tasks in the context of your participation to the clinical trial to which the website corresponds and in order for us to respond when you contact us. Therefore, the legal basis for the processing of your personal data is the performance of your agreement with HeaDS.
Information we collect through cookies
Our website uses two technical cookies which are necessary for you to log in. To find out more details on the cookies we use, please refer to our Cookies Policy for the Clinical Trials’ Websites.
Recipients of your data
We only share and disclose your personal data with business partners who act on our behalf for the above purposes of processing or that offer us information technology services, e.g., for the registration and storage of data and/or for the operation of our website.
Transfers of personal data
Any transfer of your personal data outside the EU/EEA for the purpose of achieving the above processing purposes, due to sharing of personal data with them, will be based on an adequacy decision issued by the European Commission or subject to suitable and appropriate safeguards and conditions to ensure an adequate level of data protection, e.g., data transfer agreements based on standard contractual clauses approved by the European Commission. For further information on how Heads protects personal data when transferred outside the EU/EEA or in order to obtain a copy of the safeguards we implement to protect personal data when transferred outside the EU/EEA, please contact us at dpo@heads-research.com.
Duration of processing
Retention periods vary significantly based on the type of information and how it is used. Our retention periods are based on criteria that include legally mandated retention periods, pending or potential litigation, our intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving. For the duration of the processing of information collected through cookies, please refer to our Cookies Policy.
What are your rights?
| Right to be informed | You have the right to be informed about the collection and use of your personal data. |
| Right of Access | You have the right to view, request a copy or access your personal data being processed in a concise, easily understood, transparent and easily accessible form. |
| Right to Rectification | You have the right to request inaccurate, incomplete, or outdated personal information be updated or corrected. |
| Right to be Forgotten / Right to Erasure | You have the right to request your personal data be deleted, without any delay, subject to exemptions set by certain laws. |
| Right to Restriction | You have the right to request the restriction or suppression of processing of your personal data, subject to exemptions set by certain laws. |
| Right to Portability | You have the right to ask for your personal data to be transferred to another Controller or be provided to them, in a structured, commonly used, machine-readable electronic format. |
Heads will satisfy any request you may have based on the conditions set out in the law. Exercising your rights as granted by law does not necessarily imply that it will be fully satisfied, especially when other compelling legal provisions exist. In case we cannot fulfil a request of yours, we will inform you, accordingly, providing you with a relevant justification.
How can you exercise your rights?
If you have any question or concern regarding this Privacy Notice and your personal data processing by Heads or if you wish to exercise your rights, you may contact us at dpo@heads-research.com.
We will respond to your request within thirty (30) days of receipt; if an extension to this timeline is necessary for us to investigate and/or respond to your request, we will inform you, accordingly, providing you with a relevant justification for the extension required.
In any case, if you believe that your data protection rights have been violated, you have the right to lodge a complaint with the corresponding statutory regulator in your jurisdiction.
A list of contact details for the Data Protection Authorities in the EEA can be found here.
For the Swiss authority here, for the UK authority here, for the Australian authority here and for the Office of the Privacy Commissioner of Canada here.
Cookies Policy
What are cookies?
Cookies are small text files with information that a web page (specifically, a web server) stores on a user’s device (computer, tablet, laptop, mobile phone) so that whenever the user logs in the particular website, the latter retrieves that information and provides the user with services related thereto. A typical example of such information is the user’s preferences on a website, as stated by the user’s choices on the site (e.g., selecting custom “choices”, searches, ads, etc.).
Why do we use cookies?
We use the below two cookies because they are technically necessary for the website to operate properly and for you to login. Cookies we use are classified as Strictly Necessary Cookies, which are cookies that are absolutely necessary to provide you with the requested services through the website. They are essential to enable you to login to the CT website and use its features properly. Basic functions such as maintaining an anonymized user session by the server rely on these key cookies.
Which cookies are installed?
The cookies installed are the below listed two Session Cookies, which are used to keep you, as a user, connected to CT websites’ services.
List of cookies we use on our website
| Cookie Name | Type of Cookie | Description of purposes | First or Third Party | Can be Blocked | Duration |
| fe_typo_user | Strictly Necessary | Session Cookie to keep you logged on to the website | Third Party | Yes | Until the end of the logged on session |
| be_typo_user | Strictly Necessary | Session Cookie to keep you logged on to the website | Third Party | Yes | Until the end of the logged on session |
How to control cookies?
You can control and manage cookies through the settings of the web browser you use.
Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. You can enable or disable the storage of cookies on your device by changing the settings of your browser at any time. You can also set your browser to inform you before a cookie is stored on your device or follow your browser’s instructions to delete cookies already stored. If you use various devices, you need to adjust your preferred browser settings in respect to cookies at each one of your devices. You can disable all cookies already on your computer, as well as set up most browsers in a way that prevents cookies from being installed. However, in this case, you may not be able to fully experience the interactive features of our website or receive our services via our website and you might need to customize certain preferences yourself whenever you visit a website.
To control and/or delete cookies according to your wishes you can visit the following link: https://www.aboutcookies.org/
You can find additional information on cookies used on various websites through your browser or other internet resources, e.g.,
- AllAboutCookies: https://allaboutcookies.org/
- Cookiepedia: https://cookiepedia.co.uk/
Contact Details
If you have any question or concern regarding this Policy and your personal data processing by Heads, you may contact us at dpo@heads-research.com.
This Cookie Policy forms part and is incorporated into the Company’s Privacy Notice for the CT Website and may be subject to amendments from time to time. You are advised to check our Cookie Policy regularly to be informed of any updates. By visiting our website you agree to accept the information shared through this Policy and any changes made to it.
For information about a) your data protection rights and how to exercise them, b) recipients of information we collect through cookies and similar technologies, and c) transfers of information, that we collect through cookies and similar technologies, outside the EU/EEA, please visit the website’s Privacy Notice.
Last updated: 13-Nov-2023
