Access to the TrialGrid system (“the application”) is provided under the terms of a Master Services Agreement between TrialGrid Ltd and an employer or individual. Use of the application may also be covered by Non-Disclosure Agreements. In general, your access to the application will be covered under the terms of your Employment Agreement with your employer.
Under the terms of the agreements with your employer we do not share any of your Personal Information with other organizations or individuals.
In Europe the General Data Protection Regulation (GDPR) requires that we provide you with information about what Personal Information we collect on you, why we collect it and how we use it. It also provides you with important rights such as the right to a copy of Personal Information we hold about you and the right to be forgotten (also known as right of data erasure).
The GDPR defines Controllers of Personal Information and Processors of Personal Information. Since your Employer requires you to make use of the TrialGrid system they are the Controller of this data. TrialGrid Ltd is a Processor of this information - it collects and processes Personal Information on behalf of the Controller.
Information we collect from users¶
TrialGrid collects the following information from users on registration:
- Their email address
- A username by which they will be known uniquely in the system
Optionally, users may also provide:
- A First name
- A Family name
- An image of their choosing (a.k.a. an Avatar) to be shown alongside their username in the system
- Data files (Micrsoft Word Documents, Images, PDF Files etc) uploaded from their own computer
System tracking information¶
Related to the use of the application a user will accrue a “data trail” of information which can also be used to identify the user but which is required for the operation and performance monitoring of the system. These are:
- Browser Cookies which are used to identify the users session so that the system can determine the identity and logged-in status of the user.
- Session begin/end information and IP address. Each unique user session is recorded in the system along with the IP address where it originated. This information is used to report usage statistics such as number of logins in a time period and length of session.
- Audit trail activity. Changes to data in the system are tracked with a date/time and the unique ID of the user who made the change to the data. This audit trail information is reported in the system so that users can see what changes have been made, when and by whom.
- Comments and free text entered in Tickets. Users are able to enter free text in Comments and in Tickets. This data is associated with the user that made the comment or entered the text. It is required for the collaboration features of the application.
- System logs. The hosting system for TrialGrid retains logs of all access to the system (i.e. every Browser request). This data contains the IP address of the requesting computer along with the date/time of the request and the URL requested.
Subject Access Requests¶
Under the GDPR you may request a copy of your Personal Information held in the application and this information must be provided within 30 days. All such requests should go to the Controller (your employer) and TrialGrid Ltd will work with them to facilitate this request.
Under the GDPR you have a “right to be forgotten” - a right to have your Personal Information erased from a system. All such requests should go to the Controller (your employer) and TrialGrid Ltd will work with them to facilitate this request.