Privacy at Syneos HealthTM Toronto

Our responsibility

Syneos Health Privacy Notice 

Personal Data Privacy - General Syneos Health (“we” “us”, or “Syneos Health”), operating through its affiliates/subsidiaries located throughout the world (collectively, the “Company”) is strongly committed to protecting your privacy and has implemented the below to ensure all the personal data you provide is protected. This Privacy Notice applies to all Personal Information gathered for and on behalf of Syneos Health through the various Syneos Health sites that link or refer to this Privacy Notice (such as any website operated by or on behalf of Syneos Health, social media pages and HTML-formatted e-mail messages) together with any and all offline sources including sales and marketing activities (collectively, the “Sources”). By using the Sources, you consent to the data collection and use practices described in this Privacy Notice. If you have questions about this Privacy Notice or the protection of your information, please contact us at Data.Privacy@syneoshealth.com. The Sources may provide links to or the ability to connect with non-Syneos Health websites, social networks or applications (“Third-Party Sites”). Clicking on those links or enabling those connections may allow the third party to collect or share information about you. Those Third-Party Sites are beyond Syneos Health control. We encourage you to check the privacy policies and terms of use of any Third-Party Sites before providing your Personal Information to them. Identification of Data Controller The Company legal entity that is the data controller of your personal data is the Company entity located in your jurisdiction and with which you interacted to provide your personal information and/or another Syneos Health legal entity with which you interacted to provide your personal information (if you did not interact with a local legal entity).  A current list of all Syneos Health entities globally can be found at https:/www.syneoshealth.com/our-office-locations. Each Company entity acting as a data controller can be contacted via the Company’s Global Privacy and Data Protection Officer at data.privacy@syneoshealth.com (additional contact details below). Information We Collect Through your interaction with and use of the Sources, Syneos Health may collect Personal Information, which is information that identifies an individual or relates to an identifiable individual. Personal Information may include, but is not limited to, your name, physical address, telephone number, e-mail address, company affiliation, and associated interests. Syneos Health may also collect other information through your interaction with and use of the Sources, which does not reveal your specific identity or does not directly relate to an individual. This other information may include, but is not limited to, browser and device information, data collected through automated electronic interactions, application usage data, demographic information, geographic or geo-location information, statistical and aggregated information. Statistical or aggregated information does not directly identify a specific person, but it may be derived from Personal Information. For example, we may aggregate Personal Information to calculate the percentage of users in a particular zip code. In some instances, we may combine Personal Information with other information, such as combining a precise geographical location with your name. If we combine Personal Information with other information, we will treat the combined information as Personal Information. How We Collect Information Syneos Health collects information in a variety of ways that fit broadly into the following general categories:
  • Direct Interactions: From your use of and interaction with us through the Sources and other activities such as sales inquiries and transactions.
  • Publicly Available Data/Data from Third Parties: Other data you may have made publicly available, such as social media posts, or data provided by third-party sources, such as marketing opt-in lists or data aggregators.
  • Automated Interactions: From the use of technologies such as cookies and other tracking technologies.
Cookies: "Cookies" (which may be html files, Flash files or other technology) are text files that help store user preferences and activity. "Web beacons" (also known as image tags, gifs or web bugs) are small pieces of code used to collect advertising data, such as counting page views, promotion views or advertising responses. The Sources and/or third parties may use “cookies,” “web beacons” and other similar tracking technologies (collectively, “Tracking Technologies”) to collect information from you automatically as you use the Sources, browse Syneos Health websites and the web. Other Tracking Technologies: We use Tracking Technologies to help tailor our content, understand website and internet usage, improve or customize the content, offerings or advertisements through the Sources, personalize your experience with respect to the Sources (for example, to recognize you by name when you return to an Syneos Health website), save your password in password-protected areas, save your online video player settings, help us offer you programs or services that may be of interest to you, deliver relevant advertising, maintain and administer the Sources and for other purposes described in the "Uses of Information." These Tracking Technologies collect “click stream” data and information regarding your use of the Sources, such as your visits, use of our features and preferences, and may also collect your IP address or some other identifier unique to the device you use to access the Sources (“Identifier”). Your Identifier may be automatically assigned to the device you use to access the Sources. By using the Sources, whether as a registered user or otherwise, you acknowledge, understand and hereby agree that you are giving us your consent to track your activities and your use of the Sources through these Tracking Technologies. Syneos Health’s use of Automated Interactions may change over time as technology evolves. The descriptions above are designed to provide you with some detail about Syneos Health's current approach to information collected from Automated Interactions. Use of Information Operations We use Personal Information and other information collected to (a) allow you to participate in the public areas and/or other features of the Syneos Health websites; (b) respond to your questions or other requests; (c) contact you regarding your use of the Sources, for informational purposes related to the Sources or, in our discretion, regarding changes to this Privacy Notice or related policies; (d) improve the Sources and for internal business purposes; (e) tailor your experience of the Sources and/or otherwise customize what you see when you use the Sources; (f) where applicable to conduct ongoing compliance screening against publicly available watch and sanctions lists and (g) otherwise to maintain, operate and administer the Sources and for other purposes disclosed at the time you provide the information. The legal bases for the processing of your personal data will depend on the reason you provided your personal information via the Sources: (i) the performance of a contract with you or in order to take steps at your request prior to entering into such contract, (ii) use of your Personal Data is necessary for us to comply with a legal obligation, (iii) our legitimate interests, which will be assessed in connection with the specific use of Personal Data, or (iv) your consent, which will be requested and given via the other Sources. Disclosure to Third Parties In addition to aggregate information (discussed previously), we may share some kinds of Personal Information with third parties, as described below.
  • Companies and people who work for us: We contract with other companies and individuals to help us provide services including the Sources. For example, we may host some of our Sources on another company's computers, hire technical consultants to maintain our sites, or work with companies to remove repetitive information from customer lists, analyze data, provide marketing assistance, and provide customer service. In addition, we may validate your identity and other information against available databases. In order to perform their jobs, these other companies may have limited access to some of the Personal Information we maintain about our users. Other companies may collect information on our behalf through their web sites. We require that such companies not use your information for any purpose other than fulfilling their responsibilities to us. We also require that such companies keep your Personal Information confidential and to comply with applicable laws. Syneos Health cannot, however, guarantee that any third party will maintain the privacy of your information.
  • Promotional and informational offers: Sometimes we send offers to selected groups of users. To accomplish this we may use third parties working on behalf of Syneos Health. We provide a variety of mechanisms for you to tell us you do not want to receive such promotional or informational offers. For example, we may provide an opt-in box for customers to receive information that is sent by a third-party fulfillment house, and we make clear that, by opting in, you are submitting your data to a third-party. You can elect not to receive promotional or informational material from us by following the instructions to opt-out as mentioned or included in each of our programs we send to you.
  • Business transfers: If we transfer a business unit or an asset (such as an Syneos Health website) to another company, we may transfer the Personal Information we have collected to the relevant third party.
  • Legal requirements: We may be obligated to cooperate with various law enforcement inquiries. Syneos Health reserves the right to share or transfer your information to comply with a legal requirement, disclose any activities or information about you to law enforcement or other government officials as we, at our sole discretion, determine necessary or appropriate, in connection with an investigation of fraud, for the administration of justice, intellectual property infringements, or other activity that is illegal or may expose us or you to legal liability. We may release information if, in our judgment the release may be necessary to prevent the death or serious injury of an individual.
Disclosure to Third Parties – EU Individuals Only In addition, Syneos Health may engage service providers (so-called “processors”), such as outsourced service providers, which may receive access to your information. Syneos Health in all such cases will make sure that (i) it diligently chooses the relevant service provider, (ii) the service provider will only handle your information in accordance with our instructions, (iii) the service provider adopts adequate technical and organizational measures to protect your personal data, and (iv) the service provider does not retain your personal data upon completion of its services. Details of service providers and the countries in which they are based are available from the Company by contacting its Global Privacy and Data Protection Officer. To the extent that your personal data is shared with service providers, Company affiliates or other third parties processing personal data on the Company’s behalf which are located outside your country of residence, the Company will also ensure an adequate level of data protection as required by your country’s data protection laws.     Sharing of Non-identifiable Information Information we collect that is not Personal Information or Personal Information that has been converted to information which cannot be used to identify you is not limited in any way by this Privacy Notice and can be used and disclosed by us in any manner and for any purpose. Protection of Information The security of your Personal Information is very important to Syneos Health. We use commercially reasonable physical, electronic and administrative safeguards that are designed to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction. However, regardless of our efforts and the device you use to access the Sources, it is possible that third parties may unlawfully intercept or access transmissions or private communications over an unsecured transmission. In the event that your Personal Information is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Syneos Health will notify you by e-mail, fax or U.S. mail. Syneos Health will give you notice promptly, consistent with the reasonable needs of law enforcement and/or Syneos Health to determine the scope of the breach and to investigate and restore the integrity of the data system. Your Privacy Choices Personal Information Opt-Out You may elect not to have your personal information either (a) disclosed to a third party, or (b) used for any purpose materially different from the third parties or purpose(s) stated within this Privacy Notice. In the event you wish to restrict your personal information from any such disclosure or use, please contact us at Data.Privacy@syneoshealth.com to review your request. Informational/Promotional Email Opt-out You may have an opportunity to elect to receive recurring informational/promotional e-mail from us. Our email correspondence will include instructions on how to update certain personal information and how to unsubscribe from our emails. Please follow the instructions in the emails to opt-out of an email. We will unsubscribe you from that newsletter or other programs within thirty business days. You can always contact us at Data.Privacy@syneoshealth.com in order to change your preferences with respect to marketing contacts. Children's Policy We are committed to protecting the privacy of children. For that reason, we do not knowingly collect or maintain personally identifiable information from any person we actually know is under the age of 13. No part of the Sources are structured to attract anyone under age 13. Changes to This Privacy Notice We may update this Privacy Notice occasionally. When we post changes to this Privacy Notice, we will also revise the “Last Updated” date at the end of this Privacy Notice. If there are material changes to this Privacy Notice, we will notify you by email or by means of a notice on our home page. We encourage you to review this Privacy Notice periodically to be informed of how we are using your information and to be aware of any changes to the Privacy Notice. Your continued use of the Sources after the posting of any amended Privacy Notice shall constitute your agreement to be bound by any such changes. Any changes to this Privacy Notice are effective immediately after being posted by us. Notice for California Users Under California’s “Shine the Light” law, California residents have the right to request in writing from businesses with whom they have an established business relationship (1) a list of the categories of Personal Information, such as name, address, e-mail address, and the type of services provided to that customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes, and (2) the names and addresses of all such third parties. To request the above information, please email us at Data.Privacy@syneoshealth.com or write to us at: Syneos Health Attn: Global Privacy and Data Protection Officer 3201 Beechleaf Ct Raleigh, NC 27604 We will respond to such written requests within 30 days following receipt at the mailing address above. We reserve the right not to respond to requests submitted other than to the address specified above or otherwise exempted by law. Please note that we are required only to respond to each customer once per calendar year. Your Rights as a Data Subject If you are a resident of the EU or another country that specifically provides these specific rights for data subjects, you can ask us to confirm whether your personal data is processed by us and for access to your personal data it processes. You may also request us to: correct, amend, block or delete your personal data; verify their content, origin and/or accuracy; ask for a restriction on processing; or object to their processing, in all cases except where the rights of other persons would be violated, where any other legal exemptions to subject access requests may apply, where your request is not legitimate or applicable, or where it is required to conduct company business to the extent allowed by applicable data protection laws.  To protect your privacy and the security of your information, we will take reasonable steps to verify your identity before updating or removing your information. For individuals located in the EU: Under the EU General Data Protection Regulation, you can also ask us to provide you your personal data for transmission to, or to directly transmit to, another data controller. If the sole legal basis for the processing of your personal data is your consent, you have the right to withdraw consent at any time, but such withdrawal will not affect the lawfulness of the processing based on your consent prior to the withdrawal. Should you withdraw consent to future processing of your personal data, we may not be able to contact or interact with you as originally planned when you first provided your consent. Should you have questions about the information about you that the Company holds and all communications, queries and subject access requests that are related to data protection issues, please contact Syneos Health Global Privacy and Data Protection Officer as follows: Global Privacy and Data Protection Officer Syneos Health 3201 Beechleaf Court Suite 600 Raleigh, NC 27604-1547 USA or e-mailed to Data.Privacy@syneoshealth.com for action or response on our behalf. Retention and Deletion Syneos Health will retain your Personal Information for as long as your account is active; as needed to provide you products or services; as needed for the purposes outlined in this Privacy Notice or at the time of collection; as necessary to comply with our legal obligations (e.g., to honor opt-outs), resolve disputes and enforce our agreements; or to the extent permitted by law. At the end of the retention period, Syneos Health will delete your Personal Information in a manner designed to ensure that it cannot be reconstructed or read. Cross Border Transfers and Privacy Shield Syneos Health is a global corporation with operations in over 75 countries, and has developed global data practices designed to assure your Personal Information is appropriately protected. Please note that your Personal Information may be transferred, accessed and stored globally as necessary for the uses stated above in accordance with this Privacy Notice. By using the Sources, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules than those of your country. Privacy Shield INC Research, LLC complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. INC Research, LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view the certification, please visit https://www.privacyshield.gov/. Related to its participation in the Privacy Shield Framework with both the EU and Switzerland, INC Research, LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”). In addition, INC Research, LLC is committed to cooperate with the EU Data Protection Authority (“DPA”) and the Swiss Federal Data Protection and Information Commissioner (“FDPIC”). If you have a complaint about the collection or use of your Personal Information and would like to seek an independent recourse mechanism; in the EU, you may contact your local DPA and in Switzerland you may contact the FDPIC. A listing of each EU country’s DPA may be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.  The FDPIC’s website may be found here: https://www.edoeb.admin.ch/?lang=en. You may also seek the possibility, under certain circumstances, for binding arbitration to resolve your complaint. When data is stored or processed by Syneos Health legal entities that have not certified participation with the EU-U.S. and Swiss-US Privacy Shield programs, Syneos Health uses alternative means of meeting the adequacy requirements of the applicable data protection laws, such as executing model clauses. How Your Dispute or Complaint May Be Resolved Any questions, concerns or complaints regarding the use of your personal data should be directed to Syneos Health Global Privacy and Data Protection Officer using the contact information presented below.  If you are located in the EU, have a complaint about the collection or use of your personal data and would like to seek an independent recourse mechanism, you may contact your local Data Protection Authority (DPA). A listing of each EU country’s DPA may be found here:  http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. Sensitive Information We ask that you not send us, and you not share any sensitive Personal Information (e.g., racial or ethnic origin, political opinions, financial background, religious or similar beliefs, sexual life, trade union membership or affiliations, individual medical records and history, physical, mental or physiological health condition or genetic or biometric information, ideological views or activities, information on social security measures, or administrative or criminal proceedings and sanctions which are treated outside pending proceedings). Specific Privacy Notice Terms In addition to the terms set out in this Privacy Notice, Syneos Health has additional privacy notices that are tailored for the different ways your Personal Information is collected by different Syneos Health lines of business:
  • Service terms with our contracts with clients address customer data to which we may be provided access in order to perform services.
  • Privacy Notice for employment applicants/candidates address information we may collect in connection with Syneos Health’s employment recruiting efforts.
Questions & Concerns If you have any questions or concerns about this Privacy Notice or Syneos Health’s collection and use of your Personal Information, you can contact our Global Privacy and Data Protection Officer at: Data.Privacy@syneoshealth.com or ATTN: Global Privacy and Data Protection Officer 3201 Beechleaf Ct Raleigh, NC 27604  
Your consent

Syneos Health only collects information from you after you give us your consent, except in specific circumstances where the law requires the collection, use, or disclosure of a person's information without consent (such as reporting for public health safety). We will tell you when we need to collect your personal information and why we are collecting it.

Providing us with personal information is entirely voluntary. By giving us your personal information, you consent to allowing us to use and disclose your personal information as described to you. If you do not agree with the use and disclosure of your information, please do not provide us with your personal information.

Certain services can only be offered if you provide personal information (for example, being enrolled in our Syneos Health Volunteer Registry). So, if you choose not to provide your information, we may not be able to provide you with those services.

You may withdraw consent for us to use your personal information at any time. You will be informed of the effect that withdrawing your consent will have.

Your withdrawal of consent will only apply from the point that you withdrew consent. Your withdrawal of consent is not retroactive. This means we will not retrieve information that has already been disclosed.

Collecting your personal information

As far as possible, we only collect personal information directly from you, and we only collect as much information as needed.

The primary reason we collect your personal information is to conduct research studies. We also collect your personal information when you enroll in our Syneos Health Volunteer Registry, and limited information is collected when you visit our website. Other reasons for collecting your personal information will be explained to you when it is collected.

If you change your contact information, we may have to search for your new contact information in order to contact you because of a medical situation.

We do not knowingly collect personal information from anyone under the age of 18, and especially from children under the age of 13. We do not use information if we discover that it has been provided by a minor.

Using and disclosing your personal information

Your personal information is used and disclosed only for the purposes for which it is collected, except with your consent or as required by law.

If information is disclosed to third parties, we will not disclose more information than is required. We do not sell or trade your personal information.

Keeping your personal information

Your information is kept in physical or electronic formats or both.

Syneos Health does not keep your personal information longer than necessary. The length of time that we keep your information depends upon the reason it was collected and the nature of the information. This period may extend beyond the end of your relationship with Syneos Health. There are cases where retaining your information is required for safety reasons or by law. Once we no longer need your information, we will destroy it or make it anonymous.

Protecting your personal information

The personal information you provide to Syneos Health is protected by strict security measures. Records kept electronically are maintained on a secure network; physical records are kept in secure storage facilities. The disposal of records is conducted in a secure manner.

Syneos Health employees are permitted to access only the personal information that they need in order to fulfill their duties.

Updating your personal information

Syneos Health will keep your personal information as accurate, complete, and up to-date as necessary for the purposes for which it is to be used.

You can send corrections or updates to your personal information by mail or by phone. You must provide your full name, your current address, and your current telephone number with your correspondence.

Please note that email is not a secure form of communication. Do not send sensitive information by email.

Accessing your own personal information

You can request a copy of your personal information we have and an account of its use and disclosure (i.e. telephone screening information and study medical records). We will respond within 30 days from the receipt of your written request.

Changes to our privacy practices

From time to time, Syneos Health will review and revise its privacy practices and publications, including this privacy statement. Changes made to our privacy policy and practices will apply to all the personal information that we hold.

Questions, comments, or complaints

If you have questions or comments about how we collect, use, share your personal information, about how to access it, or if you would like a copy of our Privacy Policy, please contact our Privacy Officer. Complaints about our privacy practices must be sent in writing. We will respond to you within 30 days after we have received it.

Your privacy is important to us. We will do our best to resolve your complaints and answer your inquiries and concerns.

Contacting Syneos Health

E-mail is not a secure means of communication. Do not send any sensitive information by e mail. Please contact us by phone or regular mail when sensitive information is part of your communication.

By mail: Privacy Officer
Syneos Health
720 King Street West
Toronto, ON M5V 2T3

By phone: 416.963.9338

By email: data.privacy@incresearch.com



Privacy and the Syneos Health Toronto Volunteer Registry


What is the Syneos Health Volunteer Registry?

An important part of a clinical research study is the ability to recruit participants like you. Our recruiting team stores and uses personal information to determine if people could be potential candidates for upcoming clinical research studies. This information is stored within a database we call the Syneos Health Volunteer Registry.

The Syneos Health Volunteer Registry only contains personal information we need to find a potential study match. This information includes, but is not limited to, name, ethnicity, date of birth, contact information (such as addresses and telephone numbers), physical traits (such as height and weight), lifestyle information (such as smoking, alcohol and drug use), and health information (such as medical conditions and medication use).

The Syneos Health Volunteer Registry is confidential. Only members of the Syneos Health recruiting team have access to this database. We do not sell or share your personal information with third parties.

How do I join theSyneos Health Volunteer Registry?

Your participation in the Syneos Health Volunteer Registry is entirely voluntary. You can join the registry over the telephone, through the online registration form or by sending an email request to studies4u@incresearch.com. By joining the Syneos Health Volunteer Registry, you consent to the collection, use, and disclosure of your information for study recruitment.

What happens if I join the Syneos Health Volunteer Registry?

As a member of the Syneos Health Volunteer Registry, you can choose to be considered for just one specific study or for future studies. If you choose to be considered for future studies, our recruiting team may contact you by phone when there is a clinical research study that you could be eligible for. If you pre-qualify for the study based on a phone questionnaire, a medical screening appointment will be scheduled for you.

From time to time, we review our registry in order to update information. During these review periods, the recruiting team may contact you by phone to verify and update your information. At this time, we may deactivate the names of individuals who cannot be reached or those whose contact information is no longer valid. You will also be given the choice to have your file remain active or inactive in the Syneos Health Volunteer Registry.

What if I want to leave the Syneos Health Volunteer Registry?

If you are registered and do not wish to be contacted for future study participation, you must advise us over the telephone or send us an e-mail request, so we can update the registry accordingly. If you request to be removed from the Syneos Health Volunteer Registry, we will deactivate your information, and we will no longer contact you about future studies.

If you have any questions about the Syneos Health Volunteer Registry, please contact one of our Recruiting Specialists at 1-855-633-8585.