Syneos Health ("we," “us,” or “Syneos Health”), operating through its affiliates/subsidiaries located throughout the world (collectively, the “Company”) is committed to protecting your privacy and has implemented the measures below to protect the personal data we process about you. In this notice, when we use the term "Personal Data", we mean all information that relates directly or indirectly to an identified or identifiable natural person. Personal Data does not include information that cannot be used to identify you or a natural person, including aggregated or anonymized information. Our use of information that cannot identify a natural person is not limited in any way by this notice.
Except as set forth in the Exclusions section of this notice, this notice applies to all Personal Data gathered for and on behalf of Syneos Health through the various Syneos Health sites that link or refer to it (such as websites or applications operated by or on behalf of Syneos Health and HTML-formatted e-mail messages) together with any and all offline sources including sales and marketing activities (collectively, the “Sources”). By using the Sources, you consent to the data collection and use practices described in this notice.
Effect of Other Notices
Syneos Health has additional privacy notices or terms that are tailored for the different ways your Personal Data is collected by different Syneos Health lines of business or functions. For example, Syneos Health provides employment applicants with a notice that describes the Personal Data we may collect in connection with Syneos Health’s employment and recruiting efforts. If you receive a privacy notice provided to you for a specific purpose, the terms of the more specific notice or contract will control your interaction with Syneos Health to the extent that notice conflicts with this notice.
- Customer Contracts. Except as otherwise stated in this notice, this notice does not apply to the Personal Data that we process for our customers under our contracts with them. Our customer contracts will outline our data protection obligations to them and to individuals (where applicable), which will depend on the services we provide.
Identification of Data Controller
The Syneos Health legal entity that is the data controller of your Personal Data is the company entity located in your jurisdiction and with which you interacted to provide your Personal Data and/or another Syneos Health legal entity with which you interacted to provide your Personal Data (if you did not interact with a local legal entity). A current list of all Syneos Health entities globally can be found at https:/www.syneoshealth.com/our-office-locations. You can contact the Syneos Health entity acting as a data controller through our Privacy Office, using the contact information provided in this notice.
Information We Collect
Through your interaction with and use of the Sources, Syneos Health may collect Personal Data about you. Various regulators define what constitutes Personal Data, but in general, it may include information such as your name, physical address, telephone number, e-mail address, company affiliation, employment and educational history, browsing history, and associated interests.
Syneos Health may also collect statistical or aggregated information through your interaction with and use of the Sources that does not reveal your specific identity nor directly relate to an individual. For example, we may aggregate Personal Data to calculate the percentage of users in a particular zip code. This other information may include, but is not limited to, non-identifying browser and device information, data collected through automated electronic interactions such as referring page, application usage data, demographic information, geographic location, statistical and aggregated information. To learn more about how we do this, please see the “Cookies and Other Tracking Technologies” portion of this Privacy Notice.
In some instances, we may combine Personal Data with other information, such as combining a precise geographical location with your name. If we combine Personal Data with other information, we will treat the combined information as Personal Data. When we combine information we may do so to improve the completeness and accuracy of your Personal Data and to perform the other activities described in this Privacy Notice or another notice we may provide to you.
Sensitive Personal Data
We do not generally seek to collect Sensitive Personal Data (which is also known in certain jurisdictions as special categories of Personal Data) through the Sources. The term "Sensitive Personal Data" refers to categories of personal data identified by data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent from you. These categories generally include racial or ethnic origin, political opinions, financial background, religious or similar beliefs, sexual life, trade union membership or affiliations, individual medical records and history, physical, mental or physiological health condition or genetic or biometric information, ideological views or activities, information on social security measures, or administrative or criminal proceedings and sanctions which are treated outside pending proceedings.
If we seek to collect Sensitive Personal Data, we will do so in accordance with applicable law. Unless we have specifically requested such data, however, we ask that you not send to us, nor share with us, any Sensitive Personal Data.
How We Collect Personal Data
Syneos Health collects Personal Data in a variety of ways:
- Direct Interactions: You may choose to provide us with your Personal Data, for example when you complete a form, during your use of and interaction with us through the Sources and other activities such as sales inquiries and transactions.
- Publicly Available Data/Data from Third Parties: We may also collect Personal Data from other sources, for example from information you may have made publicly available, such as social media posts, or data provided by third-party sources, such as marketing opt-in lists or data aggregators or list vendors. When we obtain Personal Data from third-party sources, such as data aggregators or list vendors, it is our practice to ask them to confirm that they have legally acquired the Personal Data, that they have the right to disclose the Personal Data to us, and that we have the right to use it.
- Automated Interactions: We may collect Personal Data from the use of technologies such as cookies and other tracking technologies. For example, we may log certain information that your browser sends us when you use a Source, such as your IP address, browser type, version and language, when you accessed the Source, the duration of time you accessed the Source, the referring website, and information about the pages you may have visited on the Source. In addition, some of our Sources (such as marketing e-mails you receive from us) may use technologies that tell us whether you’ve opened the e-mail or clicked on the link. Please see the “Cookies and Other Tracking Technologies” portion of this notice.
How We Use Personal Data
We use Personal Data for many purposes, including to (a) allow you to participate in the public areas and/or other features of the Sources; (b) respond to your questions or other requests; (c) contact you regarding your use of the Sources, for informational purposes related to the Sources or, at our discretion, regarding changes to this Privacy Notice or related policies; (d) improve the Sources and for internal business purposes; (e) tailor your experience of the Sources and/or otherwise customize what you see when you use the Sources; (f) provide you with information about Syneos Health or your industry that may be of interest to you; (g) contact you for responses to surveys or questionnaires; (h) maintain, operate and administer the Sources; and (i) for other purposes disclosed at the time you provide the Personal Data to us.
Disclosure to Third Parties
We may share Personal Data with third parties, as described below.
- Companies and people who work for us: We contract with other companies and individuals to help us provide services including the Sources. For example, we may host some of our Sources on another company's computers, hire technical consultants to maintain our sites, or work with companies to remove repetitive information from customer lists, analyze data, provide marketing assistance, and provide customer service. In addition, we may validate your identity and other information against available databases. In order to perform their services, these other companies may have limited access to some of the Personal Data we maintain about our users. Other companies may collect information on our behalf through their websites or applications. We require that such companies not use your information for any purpose other than fulfilling their responsibilities to us. We also require that such companies keep your Personal Data confidential and comply with applicable laws. Syneos Health’s practice is to (i) conduct reasonable and appropriate due diligence on our service providers; and (ii) obtain written commitments regarding the processing of Personal Data, including that the service provider will only handle Personal Data in accordance with our instructions; adopt adequate technical and organizational measures to protect your personal data; and not retain Personal Data when it is no longer required for completion of its services. Details of service providers and the countries in which they are based are available from the Syneos Health by contacting its Global Privacy and Data Protection Officer.
- Promotional and informational offers: Sometimes we send offers to selected groups of users. To accomplish this we may use third parties working on behalf of Syneos Health. We provide a variety of mechanisms for you to tell us you do not want to receive such promotional or informational offers. For example, where required by law, we may provide an opt-in box for customers to receive information that is sent by a third-party fulfillment house, and we make clear that, by opting in, you are submitting your data to a third party. You can elect not to receive promotional or informational material from us by following the instructions to opt-out as mentioned or included in each of our programs we send to you.
- Business transfers: If we transfer a business unit or an asset (such a Syneos Health website) to another company, we may transfer the Personal Data we have collected to the relevant third party.
- Legal requirements: We may be obligated to cooperate with various law enforcement inquiries. Syneos Health reserves the right to share or transfer your information to comply with a legal requirement, disclose any activities or information about you to law enforcement or other government officials as we, at our sole discretion, determine necessary or appropriate, in connection with an investigation of fraud, for the administration of justice, intellectual property infringements, or other activity that is illegal or may expose us or you to legal liability. We may release information if, in our judgment the release may be necessary to prevent the death or serious injury of an individual.
Legal Basis for Processing Personal Data
In certain jurisdictions, such as the Member States of the European Union, we are required to identify the legal bases for processing Personal Data. We process Personal Data:
- To perform contracts with you or to take steps at your request prior to entering into such contract;
- To comply with a legal obligation;
- For our legitimate business interests, which will be assessed in connection with the specific use of Personal Data;
- With your consent (or, where required to process Sensitive Personal Data, with your explicit consent), which will be requested and given via the Sources or otherwise.
Withdrawal of Consent
If we process Personal Data based on your consent or your explicit consent, you have the right to withdraw your consent in whole or in part at any time. Once we have received notification that you have withdrawn your consent, we will no longer Process the Personal Data for the purpose(s) to which you originally consented unless there are compelling legitimate grounds that override your interests, rights and freedoms (for example, to comply with a legal obligation), or for the establishment, exercise, or defense of legal claims. If we processed Personal Data for direct marketing purposes, you have the right to object at any time, in which case we will no longer process your Personal Data for such purposes. The withdrawal of your consent does not affect the lawfulness of such processing that occurred before its withdrawal. Should you withdraw consent to future processing of your Personal Data, we may not be able to contact or interact with you as originally planned when you first provided your consent.
Syneos Health operates on a global basis, and your Personal Data may be transferred, accessed and stored globally as necessary for the uses stated in this notice, or in another notice or agreement provided to you. We have taken measures to protect the confidentiality, integrity, availability, and security of Personal Data when it is transferred. By using the Sources (and if required by law), you consent to the transfer of information to countries outside of your country of residence.
For cross-border transfers within the Syneos Health Group:
- Syneos Health, LLC (formerly INC Research, LLC) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union and the United Kingdom and/or Switzerland, as applicable, to the United States in reliance on Privacy Shield. Syneos Health, LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information. To learn more, please see our Privacy Shield Statement.
- We also use other transfer mechanisms where required, including Intra-group data transfer agreements based on Standard Contractual Clauses. For information about our Intragroup Data Transfer Agreement, please contact us at firstname.lastname@example.org.
To the extent that your Personal Data is shared with service providers or other third parties processing Personal Data on our behalf which are located outside your country of residence, it is our practice to enter into appropriate contracts that require such third parties to comply with applicable data protection laws.
Retention and Deletion
Syneos Health will retain your Personal Data for as long as your account is active; as needed to provide you products or services; as needed for the purposes outlined in this Privacy Notice or at the time of collection; as necessary to comply with our legal obligations (e.g., to honor opt-outs), resolve disputes, and enforce our agreements; or to the extent permitted by law. Syneos Health does not retain Personal Data after it no longer serves the purposes for which it was collected or subsequently authorized. At the end of the retention period, Syneos Health will delete your Personal Data in a manner designed to ensure that it cannot be reconstructed or read.
Protection of Information
The security of your Personal Data is important to Syneos Health. We use commercially reasonable physical, electronic, and administrative safeguards that are designed to protect your Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction. However, regardless of our efforts and the device you use to access the Sources, it is possible that third parties may unlawfully intercept or access transmissions or private communications over an unsecured transmission.
Cookies and Other Tracking Technologies
The Sources and/or third parties may use “cookies,” “web beacons,” scripts, tags, Local Shared Objects (Flash cookies), Local Storage (HTML5) beacons, and other similar tracking technologies (collectively, “Tracking Technologies”) to collect information from you automatically as you use the Sources, browse Syneos Health websites, and the web. These Tracking Technologies help us tailor our content, gather statistics about and understand website and internet usage, improve or customize the content, offerings, or advertisements through the Sources, personalize your experience with respect to the Sources (for example, to recognize you by name when you return to a Syneos Health website), save your password in password-protected areas, save your online video player settings, help us offer you programs or services that may be of interest to you, deliver relevant advertising, maintain and administer the Sources, and for other purposes described in the "Uses of Information" section of this Privacy Notice.
These Tracking Technologies collect “click stream” data and other information regarding your use of the Sources, such as your visits, use of our features and preferences, and may also collect your IP address or some other identifier unique to the device you use to access the Sources (“Identifier”). Your Identifier may be automatically assigned to the device you use to access the Sources. By using the Sources, whether as a registered user or otherwise, you acknowledge, understand, and hereby agree that you are giving us your consent to track your activities and your use of the Sources through these technologies.
"Cookies" are text files that a website can send to your device through your browser, which is then used to identify your device by the website. Cookies can be both “session level” (stored only for until you close your web browser), which help you efficiently navigate our Sources during a visit, and “persistent” (stored for a longer period, even after you close your browser), which remember relevant information such as your language preference. Syneos Health Sources may use both session level and persistent cookies.
Cookies may also be “first-party cookies,” which are cookies that are placed by the website owner on a website, or “third-party cookies,” which are cookies belonging to one party that are placed on another party’s website. We may use both first- and third- party cookies on the Sources. Some of the third-party cookies we use relate to Tracking Technologies we have licensed from third parties, including Adobe Experience Cloud and Google Analytics. These companies use programming code to collect information about your interaction with our sites, such as the pages you visit, the links you click on, and how long you are on our sites.
If you would like more information about cookies, including how to manage them, please see All About Cookies.
Other Tracking Technologies
We also use other technologies to collect information about how our Sources are used, tailor our content, gather statistics about and understand website and internet usage, improve or customize the content, offerings or advertisements through the Sources, personalize your experience with respect to the Sources (for example, to recognize you by name when you return to a Syneos Health website), save your password in password-protected areas, save your online video player settings, help us offer you programs or services that may be of interest to you, deliver relevant advertising, maintain and administer the Sources and for other purposes described in the "Uses of Information." Some examples of these Tracking Technologies include:
- "Web beacons" (also known as image tags, gifs or web bugs), including conversion pixels, are small pieces of code used to collect advertising data. They may count page views or help us understand, for example, whether e-mails we send out have been opened or whether certain links have been clicked. As noted above, web beacons often act in conjunction with cookies. If you do not want your cookie information to be associated with your visits, you can turn off cookies in your browser. Your visit will then be detected, but it will not be associated with information stored in cookies.
- Local Shared Objects (e.g., Flash cookies), and Local Storage (e.g., HTML5) may be used to store content information and preferences. You may manage Flash cookies by clicking here. Your browser may offer settings to turn off HTML5.
Syneos Health Sources do not recognize automated “do not track” instructions. You can, however, adjust your web browser’s privacy preferences regarding the use of most cookies. For example, you can remove existing cookies and block future cookies from being placed on your device through your browser’s privacy settings. Unless you choose to block cookies, some Sources may issue cookies when you visit our site or click on an e-mail link that we send to you, even if you have previously deleted our cookies. If you choose to delete or block cookies, you may impact your user experience on the Sources, as some features may no longer work. In addition to deleting or blocking cookies, you may be able to manage cookie preferences with the cookie manufacturer. For example, you can opt out of Google Analytics by clicking here. You can opt out of Adobe Experience Cloud by clicking here.
We are committed to protecting the privacy of children. For that reason, we do not knowingly collect or maintain personally identifiable information from any person we actually know is under the age of 13. No part of the Sources are structured to attract anyone under age 13.
Your Privacy Choices
You may have an opportunity to elect to receive recurring informational/promotional e-mail from us. Our e-mail correspondence will include instructions on how to update certain Personal Data and how to unsubscribe from our e-mails. Please follow the instructions in the e-mails to opt-out of an e-mail. We will unsubscribe you from that newsletter or other programs within 30 business days.
You can always contact us at email@example.com in order to change your preferences with respect to marketing contacts.
Notice for California Consumers – Your Privacy Rights
Under California’s “Shine the Light” law, California residents have the right to request in writing from businesses with whom they have an established business relationship (1) a list of the categories of Personal Information, such as name, address, e-mail address, and the type of services provided to that customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes, and (2) the names and addresses of all such third parties. To request the above information, please e-mail us at firstname.lastname@example.org or write to us at:
Attn: Global Privacy and Data Protection Officer
1030 Sync Street
Morrisville, NC 27560
We will respond to such written requests within 30 days following receipt at the mailing address above. We reserve the right not to respond to requests submitted other than to the address specified above or otherwise exempted by law. Please note that we are required only to respond to each customer once per calendar year.
Your Rights as a Data Subject
In some jurisdictions (for example, the Member States of the European Union) you may be entitled to certain rights in and to your Personal Data, subject to certain conditions and exceptions contained in applicable law. These rights may include the following:
- Request us to confirm whether your Personal Data is processed by us, and if we do, to obtain access to your personal data and certain information about it.
- Require the correction of your Personal Data if it is inaccurate or incomplete.
- Direct us to stop processing your Personal Data under certain circumstances.
- Erase or delete your Personal Data, for example, where the data is no longer needed to achieve the purpose for which it was collected.
- Restrict the further Processing of Personal Data
- Request us not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (we currently do not engage in such processing and will notify you prior to doing so).
- Request to receive your Personal Data for transmission to, or to directly transmit to, another data controller in a structured, commonly-used and machine-readable format.
To protect your privacy and the security of your Personal Data, we will take reasonable steps to verify your identity before complying with such rights requests.
Exercising Your Rights or Raising Concerns
Should you have questions about the Personal Data that we process, or if you have a question, concern, or would like to exercise your legal rights in and to your Personal Data, please contact the Syneos Health Global Privacy and Data Protection Officer as follows:
|Attn: Privacy Office
1030 Sync Street
Morrisville, NC 27560
United States of America
|Attn: Privacy Office
Farnborough Business Park, 1 Pinehurst Road,
Farnborough, Hants, GU14 7BF
We may also be reached via e-mail at email@example.com.
How Your Dispute or Complaint May Be Resolved
Any questions, concerns, or complaints regarding the use of your Personal Data should be directed to Syneos Health Global Privacy and Data Protection Officer using the contact information presented above.
If you are located in certain jurisdictions, such as the European Union, you also have the right to raise a complaint about the collection or use of your Personal Data to your local regulator. In the European Union, you may contact the United Kingdom’s Information Commissioner’s Office, which we have designated as our Lead Supervisory Authority. You may also contact the Supervisory Authority for the Member State in which you reside.
Changes to This Privacy Notice
We may periodically update this notice. When we post changes to this notice, we will also revise the “Last Updated” date appearing at the top of the notice. If there are material changes to this notice, we will notify you by e-mail or by means of a notice on our home page. We encourage you to review this notice periodically to be informed of how we are using your information and to be aware of any changes to it. Your continued use of the Sources after the posting of any amended notice shall constitute your agreement to be bound by any such changes. Any changes to this notice are effective immediately after we post it.