Privacy Policy

Introduction

The collection and analysis of the most confidential and personal information about people is of fundamental importance for conducting medical research. MAC Clinical Research understands that in order for individuals to share their most sensitive personal information with Us, We must have a culture of trust and that We will store data following safe data management practices.

MAC Research Limited, together with its affiliates and subsidiary companies (collectively “MAC,” “We,” “Us,” or “Our”), is committed to ensuring that We handle all individual information in a responsible and careful manner and in accordance with applicable data privacy and confidentiality laws in the UK and other countries.

This Privacy Policy (“Policy“) outlines and describes Our commitment as an organisation to the individuals whose data We manage, the key types of personal data We collect, process and how that information may be used or disclosed. The Policy explains in general terms how We strive to comply with data privacy laws, including without limitation the UK General Data Protection and the Data Protection Act 2018, EU General Data Protection Regulation, and any subsequent amendments to this regulation or local law equivalent that is later adopted, and any applicable local law (“Law(s)”) and the privacy and confidentiality requirements of ICH Good Clinical Practice.

Who Are We?

MAC is a leading global Contract Research Organisation with a network of clinical research centres in multiple countries. MAC provides patient engagement and recruitment services and conducts ethically approved clinical research and medical trials for pharmaceutical and biotechnology companies, medical device companies and other contract research organisations (“Sponsor” and/or “Client”). MAC also provides healthcare and professional consultancy services for its Clients.

Please read the following carefully to understand Our views and practices regarding personal data information and how We will treat it.

Types of Personal Information Managed by MAC

In our capacity as a Contract Research Organisation providing services for Sponsors, we host and analyse significant quantities of health data relating to clinical trial participants and individuals who have volunteered to be on a clinical trial and are assessed for eligibility to enter a clinical trial. MAC also collects, processes, and manages personal information about its employees, Clients and other service providers, during the course of its business operations. MAC also processes contact information provided by members of the public via its website.

MAC may be the data processor or the controller for different types of personal data, and the legal basis for this processing may differ for each activity, the specific arrangements for each type of personal information we process is described in detail below:

1. Clinical Trial Participant Information

The integrity of a clinical trial relies on the accurate delivery of the clinical trial protocol and these stringent measures ensure that new medications, once approved by regulatory authorities for use by humans, can ultimately be used to benefit health and social care of humans.

MAC collects, gathers and manages personal data from individuals who have expressed their interest in a MAC clinical trial and have provided their consent to their participation to be on a clinical trial and/or to be considered for a clinical trial. We only use personal data for the purposes We have collected the information for.

Personal data, including sensitive personal data, is collected and processed to match prospective participants to the eligibility requirements of relevant clinical trials, and to conduct and deliver clinical trials and analyse their results. This data may include personal information such as contact details, date of birth, gender, race, ethnicity, physical or mental disability, sex (including pregnancy, and related medical conditions), genetic information (including familial genetic information), and GP Surgery details, health information including current health status, health behaviours and medical history information obtained from the individual, or their GP or other method of collecting information in a local country (for example: NHS England) that identifies the participant, such as their passport or other identifying documents, photographs; and clinical trial data which includes the individuals eligibility to enter the clinical trial and any treatments administered, clinical tests, observations and assessments (including samples such as blood and genetic tests) collected during the clinical trial and any follow-up period.

We do not use automated individual decision-making when processing medical records, but we do use search tools to identify registered individuals who may be suitable for further assessment. Eligibility is always verified by a qualified healthcare professional prior to participation in any clinical trial.

MAC is the controller or processor of this data and has a legitimate interest in processing and retaining this information in accordance with applicable Laws and/or regulations, even if the individual does not enter the trial or withdraws from the trial after enrolment. Sponsor and regulatory representatives may audit or inspect MAC’s data for quality and safety purposes which may include personal data belonging to the clinical trial participant. However, this activity is strictly controlled, and these representatives are not permitted to remove any identifiable participant data from MAC.

MAC engages a range of specialist third-party service providers to deliver clinical trial activities, and to process personal data on its behalf including monitoring whether potential participants were previously on a clinical trial. All processors are required to put in place appropriate safeguards to ensure the protection of personal data. They are subject to contractual restrictions on the processing of this data which reflect their legal and contractual obligations under UK and EU GDPR and/or applicable local Law relating to personal data.

We may also process information for individuals who have consented to being considered for participation in future clinical trials. MAC is the data controller of this information and processes this data under the legal basis of MACs legitimate interest in offering clinical trial recruitment services.

MAC shares the data collected during a clinical trial with the clinical trial Sponsor. This information is pseudonymised, which means that the personal data which could be used to identify the individual is removed and replaced with a special code prior to it being shared. Only MAC can use this code to link the pseudonymised data back to the individual. The Sponsor controls this pseudonymised data and is legally obliged to process and retain it in accordance with applicable Laws and/or regulations.

During the initial and on-going communications with the potential clinical trial participant and successful clinical trial participant We record all calls for training and monitoring purposes.

2. Industry Professional Information

MAC will liaise with its customers and/or Clients, employees, consultants, contractors and other third parties employed or engaged by our Clients, when conducting our clinical trials and research activities. MAC will record and control personal data including the names, contact details and other professional information on these individuals for legitimate business-related purposes, including project and financial administration. This information may be used (including email addresses), to provide background on MAC’s services for Our Clients.

3. Employee and Human Resource Data

We collect and control personal information from applicants pursuing employment with MAC and MAC employees for its legitimate business-related purposes. Such professional or employment-related data includes private contact details, professional qualifications and previous employment history, DBS and professional disbarment checks to assist with the personnel recruitment, staff performance, payroll, security, safety of Our premises and tax purposes. MAC processes similar information relating to consultants, contractors and other third parties that We engage to deliver products or services.

4. Website Visitors Information

Generally anyone can visit the MAC website without revealing who they are and without disclosing any of their personal information. However, MAC collects names and contact details volunteered by visitors to Our company website when making an online enquiry via the site. This includes enquiries, for example by industry professionals regarding information about company services, or when members of the public are interested in volunteering to a clinical trial or applying for a job vacancy with the company. MAC may collect various data via cookie-based technologies, linked to virtual identities allocated to visitors when they access Our websites, such as browsing history, device ID, search history, IP address (Internet Protocol address), information on the visitors’ interaction with a website, device geolocation, application type and version, or advertisements placed and ad interactions. This information is used for website analytics and for first party marketing. These virtual identities are sometimes connected with real world identities of visitors when they submit named details. This enables MAC to personalise marketing messages to make them relevant to those visitors. MAC is the data controller of this information and processes it for legitimate business-related purposes in engaging with members of the public in the delivery of clinical research services, employment opportunities and business development.

5. Commercial Information:

MAC will collect and use commercial information such as records of products or services purchased or obtained, or correspondence received. MAC will also collect information for one or more of the following purposes: to fulfil or meet the reason for which the information is provided, including to process payments and other financial transactions; to provide information, products or services that are requested from Us; to provide electronic messages consisting of alerts, reminders, event registrations and other notices concerning Our products or services, appointments, events or news that may be of interest; to improve Our website and present its contents to visitors to the site; for testing, research, analysis and product or services’ development.

Internal and External Disclosures of Personal Information

Personal information is only shared on a “need to know” basis within MAC and its affiliates and subsidiaries and with relevant third parties (such as agents, contractors) to deliver stated legitimate business purposes and legal obligations. Any access to personal information contained within databases and binders is carefully restricted and only viewable by appropriate MAC staff for legitimate purposes. MAC does not trade or sell personal information.

Under some circumstances, MAC may be required by law enforcement agency, court, regulator, government authority, or judicial authorities or other third party to disclose certain personal information as part of investigations or for litigation purposes. Or, where We believe such disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect Our rights or the rights of any third party, including to identify or locate anyone for the prevention or detection of crime or the apprehension or prosecution of offenders. In such circumstances we expressly disclaim any liability from any claims resulting from such disclosures and from any actions taken as a consequence of investigations by either Us or law enforcement authorities.

MAC may disclose and transfer personal information to a third party in connection with the sale, assignment, or other transfer of Our business to which the information relates.

Any companies who work as third party contractors or agents for MAC are required to sign “data processing agreements” as a processor and/or confidentiality agreements whereby they commit to only process personal information consistent with contracted purposes and to ensure organisational and technical security safeguards for the data are in place prior to any processing of personal data.

We also share aggregate, non-personal information about website usage with affiliated and unaffiliated third parties.

We may, for example, provide visitors information to agents, contractors, or partners for hosting Our databases, for data processing services, or so that they can mail information to that visitor if requested.

Notice of Data Use and Consent

MAC will provide notice to individuals using clear and conspicuous language at the point of data collection, about how their information will be used and disclosed. We will make clear what choices are available in relation to how individual personal data is managed and what rights there are under data privacy Law or under this Policy and who to contact with any questions or complaints. MAC’s privacy notices are tailored according to specific data collection circumstances. In providing such notice, MAC meets its obligations to be transparent and fair with individuals as is required by General Data Protection Regulation. Dependent on the medium, notice may be given in person, by email, post, telephone, or by posting on Our website.

In accordance with data privacy Law and good practice, MAC will seek consent of individuals to collect, use, and disclose their data consistent with the relevant privacy notice. However, in certain cases where the law allows processing of personal data, in particular where the intended processing of the personal data is in MAC’s or Our Clients’ legitimate interests and the privacy risks are low, MAC will proceed to process personal information absent of consent, for example, where gaining consent from a person will involve a disproportionate effort. MAC will also use and disclose personal information without consent where required by law and judicial order to disclose information.

MAC will collect all necessary informed consents of clinical trial participants on behalf of Clients, according to good clinical practice, Laws on confidentiality and data privacy regulations and Laws in the country where the consent is provided. MAC’s interests are in conducting ethically approved clinical trials and following good clinical practice to the highest medical and scientific standards.

Data Quality, Integrity and Retention of Records

Data quality and accuracy is essential in ensuring the safety and integrity of clinical trials and the reliability of the scientific knowledge they generate. MAC employs a number of specialists to ensure that data processing standards comply with all legal requirements. Our privacy notices provide individuals with straight-forward information on how to check, update and correct their information. MAC retains personal information in accordance with contractual and regulatory requirements which may vary in different countries and/or across clinical trials.

We will retain this information for as long as necessary for the uses set out in this Policy and for a period permitted under applicable law, including as necessary to comply with our legal obligations, resolve disputes, enforce our legal agreements and policies, and protect Our property. We will also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the website, or We are legally obligated to retain this data for longer time periods. If you ask us to delete your information before this time, we may not be able to do so for technical, regulatory, or contractual constraints.

If you agree to take part in one of our clinical trials, we will provide detailed information regarding retention periods prior to your enrolment.

Your Rights

In accordance with data privacy Laws and contractual commitments, MAC ensures that individuals can exercise all relevant informational rights with respect to their personal information processed by the organisation. Where no overriding legal obligation or legitimate interest prevails to individuals requests, MAC will endeavour to allow the following informational rights under this Policy as a matter of good practice, these may include:

to allow access to copies of personal information;
to correct personal information where inaccurate;
to erase personal information;
to object to Our use of personal information;
to restrict Our use of personal information;
to withdraw a previously provided consent to processing of personal information;
to receive personal information in a usable electronic format and transmit it to a third party (right to data portability); and
to lodge a complaint with local data protection authority if one exists in the country where the personal data was collected.

Information collected about individuals who are assessed for eligibility or enrolled in a clinical trial is subject to overriding legal obligations to ensure the safety and integrity of the trial. This means that some informational rights are restricted in these circumstances, including the individual’s right to access the personal data we hold about them, to the correction of their personal data when incorrect, out of date or incomplete, to withdraw consent or object to further processing of their personal data, to request deletion of personal data we hold about them, to restrict aspects of data processing, or to request transmission of personal data in a common digital format (e.g. pdf) to the themselves or another organisation.

Participants enrolled in a clinical trial should discuss any concern with their Principal Investigator, who will be able to identify the participant and progress their request accordingly. Principal Investigators contact details are provided in the clinical trial specific information leaflet, or they can be contacted via the MAC clinical trial site. Contact details for MAC clinical trial sites are available at the following web address: https://researchforyou.co.uk/clinical-trial-centre-locations/.

If you wish to exercise any of these rights, please contact our Data Protection Officer using the details shown in the section titled “Inquiries, Complaints and Requests to Exercise Rights” below.

Information Security

MAC maintains wide-ranging information security policies to apply technical and organisational security measures appropriate to the risk to the personal information We process. This is to ensure We protect sensitive and personal information that participants provide to Us (particularly sensitive clinical data), against unauthorized access or loss. MAC’s security breach policy provides a procedural response for managing any breach of personal information, including making necessary notifications to individuals or governmental authorities.

Depending on which country personal data is collected or received from will decide which servers are used to store personal data. In the UK MAC stores information on its own servers or on third-party servers (which may be in a different country) and personal data is transferred and stored in accordance with applicable Laws. All data stored are downloaded by MAC personnel. MAC uses commercial measures to ensure that your data is kept safe and treated in accordance with this Policy and applicable data protection and privacy Laws.

Worldwide Transfer of Personal Information: Personal information may be transferred to, stored, and processed in a country other than the one in which it was provided, including the U.S. (i.e., a ‘Recipient’ country). MAC will use mechanisms for any such transfer as required under applicable Law. If you have questions concerning the transfer of your information, please contact Us using the contact details set out below.

Considerations When Online

The pages on MAC’s websites may contain links to external websites, i.e. outside of the company. These external websites are not controlled, maintained, or endorsed by MAC and may contain different information and/or different privacy policies from those of Our company. This Policy does not apply to linked websites outside the MAC organisation. MAC recommends that visitors review the privacy policy of each individually linked website before submitting any personal information. We do not accept any responsibility or liability for external/other websites’ privacy policies.

Our web pages also use cookies. A cookie is a data file that is placed by a website operator on the hard drive of a visitor to their website. MAC, and third parties with whom We work, may place cookies with the following functions on the computers of visitors to MAC websites: to allow the site to deliver the service requested by the visitor; to remember repeat visitors; to improve the user experience of the site; to allow the company to perform site analytics; and to serve and help tailor Our marketing messages on our websites and elsewhere on the internet, based on the visitor’s previous browsing activity.

The web browser and cookie settings on your electronic devices can be tailored to manage your online relationship with MAC. At this time, We do not respond to “do not track” signals, however most web browsers will allow users to choose which cookies can be placed on their electronic device and to delete or disable cookies. Visitors should be aware that disabling cookies may prevent them from using certain features on MAC websites. For more information, please see Our Cookie Policy.

The safety and security of information also depends on the individual providing the personal information:

If any individual chooses or are given a user identification code, password, or any other information as part of Our security procedures for one of the registration-only sections of the website, the individual is responsible for maintaining the confidentiality of their password and username for the website and the individual is responsible for all activities that are carried out under them. We will not be liable where the individual’s password or username is used by someone else. MAC requires that the individual must notify Us immediately, at the contact information provided below, of any unauthorised use of the individuals password or username as soon as they become aware of such unauthorised use. We have the right to disable any user identification code or password, whether chosen by the individual or allocated by Us, at any time to safeguard the individuals account and data. Please be aware that while We take appropriate steps to safeguard the security of personal information, the transmission of information over the Internet is not completely secure and therefore the individual that discloses personal information does this at their own risk.

Children’s Online Privacy Protection

This website is not intended for, or designed to attract, individuals under the age of 18. MAC does not collect information through our websites from individuals who are known to be under the age of 13, and no part of our online presence is directed to anyone less than 13 years. If you are a parent or guardian and you are aware that your child has provided Us with personal information, please contact Us.

Inquiries, Complaints and Requests to Exercise Rights

Communications, queries, requests to exercise informational rights (e.g., access to data) or complaints can be addressed for the attention of the Data Protection Officer, MAC Clinical Research Finance Limited, Kaman Court, 1 Faraday Way, Blackpool, Lancashire, FY2 0JH, United Kingdom, (“DPO”).

Within UK individuals have the right in law to complain about how their information is managed to a supervisory authority that is responsible for regulating compliance with the Regulation. The following URL links to the relevant authority https://ico.org.uk/make-a-complaint/your-personal-information-concerns/.

Legal Status of Policy and Policy Changes

This Policy is not a contract, and it does not create any legal rights or obligations. MAC reserves the right to modify or amend this Policy and may do so according to new or amended legislation. The updated Policy will be posted on: https://www.macplc.com/mac-privacy-policy and https://researchforyou.co.uk/privacy-policy/ (Last Updated: 21^st May 2024). Changes and additions to this Policy are effective from the date on which they are posted. Please review the privacy Policy from time to time to check whether We have made any changes to the way in which We use personal information. You may request previous versions of the Privacy Policy from the DPO.

We reserve the right to take any appropriate legal action, including referral to law enforcement, for any illegal or unauthorised use of this website. We also reserve the right take any action to prevent the unauthorised use of Our intellectual property.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
csrftoken	past	This cookie is associated with Django web development platform for python. Used to help protect the website against Cross-Site Request Forgery attacks
elementor	never	The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.

Cookie	Duration	Description
_hjIncludedInSessionSample_2457055	2 minutes	Description is currently not available.
_hjSession_2457055	30 minutes	Description is currently not available.
_hjSessionUser_2457055	1 year	Description is currently not available.
_schn2	3 minutes	Description is currently not available.
_scid_r	1 year 1 month	Description is currently not available.

Cookie	Duration	Description
_tt_enable_cookie	1 year 24 days	Tiktok set this cookie to collect data about behaviour and activities on the website and to measure the effectiveness of the advertising.
_ttp	1 year 24 days	TikTok set this cookie to track and improve the performance of advertising campaigns, as well as to personalise the user experience.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements by tracking user behaviour across the web, on sites with Facebook pixel or Facebook social plugin.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
MUID	1 year 24 days	Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
sc_at	1 year 24 days	Snapchat sets this cookie for showing relevant advertising based on the user’s movement.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_fbp	3 months	Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user.
_hjRecordingEnabled	never	Hotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session.
_hjRecordingLastActivity	never	Hotjar sets this cookie when a user recording starts and when data is sent through the WebSocket.
afl_wc_utm_cookie_expiry	3 months	AppFromLab sets this cookie to stores the number of days that the cookies should expire after the visitor’s last visit.
afl_wc_utm_sess_landing	3 months	AppFromLab sets this cookie to track visitor for 90-days. It will collect attribution data like when did the visitor first visited your website, the first landing page, website referrer and the most important of all are the UTM campaign parameters
afl_wc_utm_sess_visit	3 months	AppFromLab sets this cookie to track visitor for 90-days. It will collect attribution data like when did the visitor first visited your website, the first landing page, website referrer and the most important of all are the UTM campaign parameters
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.

Cookie	Duration	Description
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect a user's first pageview session, which is a True/False flag set by the cookie.
_scid	1 year 1 month	This cookie is set by Snapchat to store Snapchat Pixel unique ID of the User.
ig_did	past	Instagram installs this cookie so that its widgets are enabled on the website.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
mid	past	The mid cookie is set by Instagram to personalise user experience by remembering user preferences and settings.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.
X-AB	1 day	Adobe Analytics sets this cookie in context with multi-variate testing. This is a tool used to combine or change content on the website. This allows the website to find the best variation or edition of the site.

Privacy Policy

Privacy Policy

The UK's leading Clinical Trials Sites

quick links

Follow Us

Download The Research For You App