Sealed Envelope Ltd ("we" or "us") is registered in England and Wales (number 4338315) at Trojan House, 34 Arcadia Avenue, London, N3 2JU, UK.
Sealed Envelope Ltd is registered (reference Z9134630) with the UK Information Commissioner's Office (ICO) which enforces data protection law governing how organisations collect, use and keep personal information. For details see ico.org.uk.
We collect your personal information directly from you when you register to use our services, when you contact us via our Website contact form, when you send us an email, or when you opt-in online to receive our marketing emails. We may collect the following personal information from you:
The personal information that we collect from you is used to:
We collect limited personal information from visitors to our Website and users of our services. This information may include:
Passively collected information is used to:
We act as a data processor for our customers, who make use of our services to collect data on subjects taking part in research studies such as clinical trials ("Customer Data").
If you are a patient in a clinical trial or a subject in a research study and one of our customers is using our services to operate that study, we may receive personal information (including sensitive personal information) about you from that third party. The terms of our agreement with that third party require them to have obtained your consent before supplying your personal information. If you would like your data to be erased, rectified, accessed or for any other queries about the information held on you as part of the research study, please contact the people running the research study directly.
If our customer is making use of our online survey service (ePRO) we may contact you by email or SMS to ask you to complete an online survey. We will record your responses to this survey along with your IP address. To opt out of these online surveys please contact the people running the research study directly.
If you want to access your data, rectify your data, erase your data, object to the processing of your data, or for any other enquiries regarding the handling of your data, please contact the customer directly. Our customers are able to amend, erase and access all the data for their study from their account.
We do not disclose any information you provide via the Website to any third parties except:
Where we share information with third party suppliers we provide only the information they need to perform their specific services. They have the appropriate technical and organisation measures to keep personal data secure, and they may only use your data for the purposes specified in our contract with them. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
You have the right to request:
You have the right to request a copy of any information about you that we hold at any time, and also to have that information corrected if it is inaccurate. To ask for a copy of your information or for it to be amended, please contact us.
If we choose not to action your request we will explain to you the reasons for our refusal.
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request. To opt out of marketing emails use the 'unsubscribe' link in the email or contact us directly.
We take all appropriate steps to protect your personally identifiable information as you transmit your information from your computer to our Site and to protect such information for loss, misuse, and unauthorised access, disclosure, alteration, or destruction. We use leading technologies and encryption software to safeguard your data, and operate strict security standards to prevent any unauthorised access to it.
All areas of our website are only accessible via HTTPS which ensures information is encrypted in transit. All access to personal information is restricted. Only employees who need the information to perform a specific job are granted access to personally identifiable information. Furthermore, all employees are kept up-to-date on our security and privacy practices through regular training. We conduct regular automated penetration testing to look for weaknesses in our Website. See our security and data protection page for more detailed information.
Where you use passwords, usernames, or other special access features on this site, you also have a responsibility to take reasonable steps to safeguard them.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
For example, documentation related to a randomisation system we have provided will be kept for five years after the system has been decommissioned so we can comply with our legal and contractual obligations.
To the extent prohibited by applicable law, Sealed Envelope does not allow use of our services that record data (such as randomisation or Red Pill) by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information.
We cannot be responsible for the privacy policies and practices of sites that are not operated by us, even if you access them via the Site that is operated by us. We recommend that you check the policy of each site you visit and contact its owner or operator if you have any concerns or questions.
In addition, if you came to this Website via a third party site, we cannot be responsible for the privacy policies and practices of the owners or operators of that third party site and recommend that you check the policy of that third party site and contact its owner or operator if you have any concerns or questions.
We and some of our suppliers are based outside the EEA (all EU Member countries as well as Iceland, Liechtenstein and Norway). This means personal data that we collect from you is stored outside the EEA. We comply with applicable legal requirements to safeguard EU personal data transferred outside of the EEA. For customers based in the EEA we offer an agreement Standard Contractual Clauses for controllers to processors to allow for the transfer of data as approved by the European Commission. Please contact us to arrange this.
If you are based in the EEA, you can initiate data requests with our EU representative Juksta GDPR Representative Limited. Please go to the contact portal to make a request.
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or going to www.ico.org.uk/concerns.
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by way of our contact page.
Last updated Dec 2020