Legal

Privacy Policy

Last updated: April 2025

1. Who We Are

TrialConnect ("we", "us", "our") operates the platform at TrialConnect.co.uk. We are a UK-based health technology company registered in England and Wales. For any privacy queries, contact us at our contact page.

2. Information We Collect

  • Account information: name, email address, and password when you register.
  • Health profile data: conditions, medications, age range, and location you provide for trial matching.
  • Usage data: pages visited, features used, and anonymous analytics collected via cookies.
  • Device information: browser type, operating system, and IP address for security and performance.

3. How We Use Your Information

  • To match you with relevant clinical trials based on your health profile.
  • To improve our platform, services, and user experience.
  • To communicate important updates about trials, your account, or platform changes.
  • To comply with legal obligations and protect against fraud.

4. Legal Basis for Processing (GDPR)

  • Consent: when you agree to receive communications or share health data for matching.
  • Contract: to deliver the trial matching service you signed up for.
  • Legitimate interest: platform improvement and security monitoring.
  • Legal obligation: regulatory compliance and safeguarding requirements.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Clinical trial sponsors — only anonymised matching scores unless you explicitly opt in to share your profile.
  • Service providers — hosting, analytics, and email delivery partners bound by data processing agreements.
  • Legal authorities — when required by law or to protect safety.

6. Data Retention

We retain your data only for as long as necessary. You can request deletion at any time. Inactive accounts are reviewed after 24 months and data may be anonymised or deleted.

7. Your Rights

Under UK GDPR and the Data Protection Act 2018, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erasure ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

8. Cookies

We use essential cookies for authentication and security, and analytics cookies to understand platform usage. You can manage cookie preferences through your browser settings.

9. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted data at rest, and regular security reviews. However, no system is completely secure and we cannot guarantee absolute security.

10. International Transfers

Your data is stored and processed within the UK and EEA. If data is ever processed outside these regions, we ensure adequate safeguards are in place, such as UK-approved data transfer mechanisms.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or a prominent notice on the platform. Continued use after changes constitutes acceptance.

12. Contact

For privacy enquiries or to exercise your rights, please visit our contact page or write to our Data Protection Officer. See also our Data Protection page for more detail.