Privacy Policy

Last updated: January 2025

Introduction

Trialinx ('we', 'our', or 'us') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our clinical research data collection platform.

Information We Collect

We collect information that you provide directly to us, including:

  • Account information (name, email address, password)
  • Study data and research information
  • Form submissions and records
  • Communication data when you contact us
  • Usage data and analytics

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices and support messages
  • Respond to your comments and questions
  • Monitor and analyze trends and usage
  • Detect, prevent, and address technical issues

Data Security

We implement multiple layers of security to protect your information:

• Encryption: All data is encrypted at rest and in transit using industry-standard encryption (TLS/HTTPS)

• Access Controls: Role-based access control ensures users only access data they're authorized to view

• Authentication: Secure authentication with optional two-factor authentication (2FA) and email verification

• Audit Logging: Comprehensive audit logs track all system actions with IP addresses and timestamps

• SQL Injection Protection: Advanced input sanitization prevents database attacks

However, no method of transmission over the Internet is 100% secure.

Data Sharing

When you participate in studies or collaborate with others:

• Study members may have access to study data based on their roles and permissions

• Study owners and managers have access to all data within their studies

• We may share information with service providers (e.g., cloud hosting, email services) who are contractually obligated to protect your information

Data Retention

We retain your personal information for as long as necessary to provide our services. Audit logs are retained as required by applicable laws and regulations (e.g., HIPAA, 21 CFR Part 11) for compliance purposes.

Your Rights (GDPR)

You have the right to:

  • Access your personal information
  • Export your data in a machine-readable format (data portability)
  • Correct inaccurate data
  • Request deletion of your account and data (right to erasure)
  • Object to processing of your data
  • Withdraw consent where processing is based on consent

Data Export and Deletion

You can export or delete your data at any time:

• Data Export: Export all your personal data, including studies, forms, records, and dashboards, in JSON format

• Account Deletion: Delete your account, which will delete your personal data. Study ownership may be transferred to other managers if applicable

Please note that audit logs may be retained for compliance purposes even after account deletion.

Compliance

Trialinx is designed to meet regulatory requirements including:

• HIPAA (Health Insurance Portability and Accountability Act)

• 21 CFR Part 11 (FDA Electronic Records and Signatures)

• GDPR (General Data Protection Regulation)

Our security measures, audit logging, and data protection practices align with these standards.

Contact Us

If you have questions about this Privacy Policy, please contact us through the contact form on our website.