Prudentia Group, LLC, Prudentia Management and Technology Consulting LLP, and Prudentia Consulting India Pvt Ltd. (collectively, “Prudentia”, “we”, “us”, “our”) take the protection of personally identifiable information (“Personal Data”) very seriously. This Privacy Policy (the “Policy”) applies to Personal Data we may receive in our web-based applications PV TREND, MedCodr, E2B BRIDGE, NEOS, eQMS-Sign and eQUATe as well as in the course of providing Pharmacovigilance (PV) consulting services, coding services, and customer support services (collectively, the “Services”). This Policy does not apply to Personal Data we collect by other means, such as Personal Data that we receive directly through Prudentia’s own publicly accessible websites.
Prudentia acts as an agent, also known as a data processor, for the Personal Data we process for our clients when providing our Services. This means that Prudentia’s clients determine the type of Personal Data they provide for Prudentia to process on their behalf. Prudentia typically has no direct relationship with the individuals whose Personal Data it receives from its clients.
We receive your Personal Data from our clients in the course of providing the Services or, in certain cases, directly from you.
Within the scope of this Policy, we process Personal Data based on the instructions of our clients
Prudentia typically processes the following types of Personal Data:
We process Personal Data for the purposes of enabling our clients to use the Services, which typically entail analyzing submitted Personal Data, storing records of tests performed upon such data, as well as providing our Pharmacovigilance consulting services, coding services, and customer support services.
We retain Personal Data for as long as instructed by the respective client (who typically acts as a data controller). We delete the Personal Data submitted to us by our clients within six months of the termination of the applicable service agreement with Prudentia, unless otherwise instructed by our client within the service agreement, or in case applicable law requires or allows for a different retention period.
We share Personal Data with our service providers, who process Personal Data on behalf of Prudentia, and who agree to use the Personal Data only to assist us in providing our Services or as required by law. Our service providers include those providing the following services:
Our service providers may be located within or outside of the United States and we will require that those third parties maintain at least the same level of privacy and security that we maintain for such Personal Data. Prudentia remains liable for the protection of your Personal Data within the scope of our Data Privacy Framework certification that we transfer to our service providers, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.
We may disclose Personal Data as stated below: (i) to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, or (ii) if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change, (iii) to our subsidiaries or affiliates only if necessary for business and operational purposes as described in the section above, or (iv) to protect an individual’s vital interests. We also use and may otherwise process aggregated, anonymous data, which does not include any Personal Data, about individuals whose Personal Data we process in connection with providing our Services, as a group, for any legal business purpose, such as analyzing usage trends and seeking compatible business opportunities. If we must disclose your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your Personal Data.
Prudentia has implemented and will maintain technical, administrative, and physical measures that are reasonably designed according to industry standards to help protect Personal Data from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction. However, please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure.
If we store Personal Data about you, you may have a right to request access to, and the opportunity to update, correct, or delete, such Personal Data. You may also have the right to opt out of having your Personal Data shared with third parties and to revoke your consent that you have previously provided for your Personal Data to be shared with third parties, except as required by law. You also have the right to opt out if your Personal Data is used for any purpose that is materially different from, but nevertheless compatible with the purpose(s) for which it was originally collected or subsequently authorized by you. Requests should be sent directly to the Prudentia client who provided your Personal Data to Prudentia. Prudentia has limited rights to access Personal Data our clients submit to us. Therefore, if you contact us with such a request, please provide the name of the Prudentia client who submitted your Personal Data to us. We will forward your request to that client and provide any needed assistance as they respond to your request.
With respect to Personal Data processed in the scope of this Policy, Prudentia Group, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF),the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce and the European Commission,the UK Government, and the Swiss Federal Administration to provide U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union / European Economic Area, the United Kingdom (and Gibraltar), and Switzerland while ensuring data protection that is consistent with EU, UK, and Swiss law. Prudentia Group, LLC has certified to the Department of Commerce that it adheres to the DPF Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the DPF Principles, the DPF Principles shall govern. Where applicable, Prudentia will work with our EU/UK/Switzerland clients to assure the appropriate measures and data privacy agreements are put in place to secure and protect Personal Data between EU/UK/Switzerland and United States. VeraSafe has been appointed as Prudentia’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted in addition to Prudentia’s point of contact only on matters related to the processing of personal data. To learn more about the DPF, please visit https://www.dataprivacyframework.gov To view Prudentia Group, LLC’s certification, please visit https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000TX44AAG&status=Active To contact Prudentia: qa@prudentia-grp.com To contact VeraSafe (only on matters related to processing personal data in the EU): https://verasafe.com/public-resources/contact-data-protection-representative
Where a privacy complaint or dispute cannot be resolved through Prudentia Group, LLC’s internal processes, Prudentia Group, LLC has agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure; https://www.verasafe.com/privacy-services/dispute-resolution/privacy-shield-dispute-procedure/. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/public-resources/dispute-resolution/submit-dispute/
If your dispute or complaint can’t be resolved by us, nor through VeraSafe’s Data Privacy Framework Dispute Resolution Procedure, you may have the right to require that we enter into binding arbitration with you pursuant to the Recourse, Enforcement and Liability Principle and Annex I of the Data Privacy Framework.
Prudentia Group, LLC is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
If we make any material change to this Policy, we will post the revised Policy on our own publicly accessible websites and update the “Effective” date above to reflect the date on which the revised Policy became effective.
If you have any questions about this Policy or our processing of your Personal Data, please write to our privacy contact:
Prudentia Group, LLC
Attn: QA Functional Area Manager
101 Hudson Street - Suite 2101
Jersey City, NJ 07302
USA
qa@prudentia-grp.com
Please allow up to four weeks for us to reply.