BECRO is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
BECRO may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25.05.2018.
What we collect
This website collect data that you provide us about you, through filling out forms, and other information that we automatically collect from you.
- Contact form. We collect questions or feedback you leave, including your name, email address if you use our online form to contact trials[at]becro.gr. We use these details to respond to the feedback you send us.
Clinical and Medical Data
As a CRO, on behalf and according to the directions of our sponsors, we collect, host and analyze health data related to clinical trial subjects. Consistent with Good Clinical Practice, subjects are only identified by a code, and in order to enhance privacy, subjects names and other direct identifiers are not attached to any records collected and archived by BECRO (e.g. at the paper or electronic CRF documents). The complete and named subject records are accessed only by the study doctors and authorized BECRO personnel (CRAs) at the investigational sites. All clinical and medical information processed by BECRO is done so under contract with the sponsors. By the GDPR terms establishment BECRO considers that the sponsor is ultimately in control of how and why clinical and medical data are processed, whilst BECRO acts on the sponsor’s directions. The processing occurs based on the explicit consent of the study subjects, that is obtained by the designated study medical doctors or investigational sites and acting upon written contracts between us, the sponsor, the medical doctor and the investigational sites.
Employee and Human Resource Data
Becro collects personal information from applicants regarding working positions within the company, including private contact details, professional qualifications and previous employment history, necessary for reaching employment decisions. Once employed, Becro collects information on staff for human resource, performance, payroll and tax purposes. Various Becro internal systems will collect and record employee information consistent with standard business operations.
Information we collect from you
Information that we may automatically collect in relation to your visits to this Website does not identify you personally. It provides us with data about how you use www.becro.gr and engage with us. The information we collect includes all of the following:
- Your IP address and details of which type of web browser you used.
- The website address from which you accessed this site.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Respond to any feedback you send us.
- Provide you with information which we think you may find interesting using the email address which you have provided.
We do not sell, trade, or transfer to outside parties your personally identifiable information.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
The Data Center equipment consists of top brand high performance devices and servers. Rack-mounted HP ProLiant BL Blade Servers in load balancing and clustered configurations provide ultimate performance and availability. Latest technology SAN switches and HP 3PAR Storeserv storage enclosures over redundant fiber and iSCSI connections safeguard critical business data and sustain effective performance between front-end and back-end data.
Data Center complex is tightly protected by multiple level security mechanisms. There are four security levels for physical access to the server area and the network equipment within the Data Center. Only authorized personnel that possess special access cards can gain access to the main Data Center area. The entire Data Center facility, including the outside perimeter and all interior areas, are constantly monitored by security cameras, and trained staff is prepared at all times to take appropriate action in case of an emergency.
Multiple SAN storage systems form the core storage area used for hosting the dynamic data center services. In the unlikely event of a disaster or SAN failure daily, weekly and monthly backups are always in place, ready to be promptly restored. Backup and restore operations are conducted by Microsoft’s System Center Data Protection Manager, providing short-term disk based backups for optimal restore response times.
All web traffic between this site and your browser is encrypted and transferred via the 256-bit SSL protocol.
Paper Format files storage and protection
BECRO needs to store and process necessary files such as contracts, invoices etc containing personal information in hard-copy versions that are filed based on our company’s specially designed storage rooms. These rooms are locked and access is only granted to authorized personnel. Safety measures in the event of fire are implemented, including fire-fighting equipment. Our offices are supplied with shredders, in order to eliminate the possibility of unauthorized access to files containing personal data and the server room, is also protected, has restricted access, special air-conditioning system and power-supply recovery system.
Links to other websites
Our website contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How long do we keep your information?
We will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations.
The only exceptions to the periods mentioned above are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law
As an individual whose personal data is processed by BECRO, you have:
The right to be informed
You have the right to be informed about the collection and use of your personal data.
The right to access the data we hold on you
You also have the right to ask for the personal data that we have about you to increase your awareness of and allow you to verify the lawfulness of the processing. To protect your privacy we may ask you to verify your identity.
The right to have your data rectified if it is inaccurate
If you believe that personal data we hold on you is inaccurate or misleading then you have the right to request that it is rectified.
The right to erasure (in limited circumstances)
In some circumstances, you can ask for your personal information to be deleted, for example:
- your personal information is no longer needed for the reason it was collected in the first place
- you have removed your consent for us to use your information (where there is no other legal reason us to use it)
- there is no legal reason for the use of your information
Please note that we cannot delete your information where:
- we’re required to have it by law
- it is necessary for legal claims
If you wish to confirm that BECRO is processing your personal data, or to have access to the personal data BECRO may have about you, please contact the DPO at dpo[at]becro.gr.
This policy was last modified on 14/05/2018