Clinical Trial Selector (CTS)

General Privacy Policy

Last Updated: May 9, 2020

The Clinical Trial Selector (CTS) allows end-users to login through portals including the Dept. of Veteran Affairs (VA) Health API as well as the Center for Medicare and Medicaid Services (CMS) Blue Button 2.0 API. Using their patient information, diagnoses, and lab results, the system matches the user to relevant clinical trials that they would be eligible for.

Introduction

This General Privacy Policy applies to Personal Information and other types of information collected from you or retrieved for you when you access CTS system as a Visitor.

Personal Information” for purposes of this Policy means information that can reasonably used to identify you, such as your name, address, phone number, email address or medical record. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual. 

This General Privacy Policy explains our policies with respect to Clinical Trial Selector (CTS) information practices when you access our Site as a Visitor, including:

By accessing and using Clinical Trial Selector (CTS, you agree to this General Visitor Privacy Policy. If you do not agree with the terms of this General Visitor Privacy Policy, please do not use this Website.

Information We Collect About Visitors

As a Visitor, you may use Clinical Trial Selector (CTS) to obtain matching clinical trials without providing us Personal Information or registering for the Service. The information we learn from people who use our Website as Visitors helps us personalize and continually improve our Site. Here are the types of information we collect from Visitors. 

Passively-Collected Information

Like most websites, we automatically receive and store certain types of information whenever you interact with our Website. For example, the Internet protocol (IP) address used to connect your computer to the Internet; computer and connection information such as browser type, version, and time zone setting. We may collect this information passively using technologies such as standard server logs, cookies, and clear GIFs (also known as “Web beacons”). We use this information to analyze, administer, operate, and improve the Website. Information that is collected in this way generally does not personally identify the user.

We do not link or associate any information gathered through passive means with Personal Information. We use and disclose information collected by passive means in aggregate form or otherwise in a non-personally identifiable information.

As with other websites, we use "cookies" to obtain certain types of information when your Web browser accesses our Website. Cookies are unique identifiers that we transfer to your device to enable our systems to recognize and remember your device.

The Help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.

Customer Service Information. When you contact Clinical Trial Selector (CTS) with questions and requests, we may collect Personal Information directly from you in order to assist you.

How We Use Information We Collect

We use information we collect, including Personal Information, to:

Aggregate or De-Identified Information. We may aggregate (combine) or de-identify data we collect so that you are not readily identifiable. We may use this aggregate or de-identified information for any purpose.

How We Share Your Personal Information

Except as described in this General Visitors Privacy Policy, we will not disclose personal information that we collect or retrieve to third parties without your consent except (i) if required by law, regulatory request, subpoena, court order or other requests relating to a legal proceeding or investigation, (ii) in connection with a change of control or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership, (iii) to service providers who perform services on our behalf and who are under confidentiality obligations, (iv) to protect our legal rights or the rights of our other customers, users, individuals or third parties, or (v) as otherwise provided in this Privacy Policy. We can (and you authorize us to) disclose any such information in those circumstances.

Selling Information. We do not sell, trade or license Personal Information about our users.

Aggregate or De-Identified Information. We may share aggregate or de-identified information with others for any purpose.

Information Security

While Clinical Trial Selector (CTS) cannot guarantee the security of your Personal Information under all circumstances, CTS does take reasonable steps to protect your personally identifiable information and other information from loss, misuse, or unauthorized alteration by using industry-recognized security safeguards, coupled with carefully developed security procedures and practices. CTS does not store any personal infrmation retrieved from the portals.

However, please remember that the Internet is not a 100% secure environment, and therefore CTS cannot and does not guarantee that information you provide CTS may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

Children’s Privacy

Clinical Trial Selector (CTS) is intended for adults. It is not intended or designed for the use of children under the age of 13. We do not collect or retrieve personally identifiable information from any person we actually know is a child under the age of 13. If we become aware that we have received information from a person under the age of 13 through CTS, we will destroy such information.

International Users

Clinical Trial Selector (CTS) is intended solely for use by residents of the United States. Personal Information that you provide to us electronically is subject to the privacy laws of the United States which might differ from those of other countries.

Updates to This Policy

We may occasionally update this General Visitors Privacy Policy. When we do, we will also revise the “last updated” date at the beginning of the General Visitors Privacy Policy. Your continued access and use of CTS after such changes will be subject to the then-current Privacy Policy. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose Personal Information.

Questions, Comments, Complaints, or Disputes

If you have questions or comments about this Privacy Policy, or wish to make a complaint about how your information has been handled please contact us at: cts@girlscomputingleague.org


Girls Computing League Model Privacy Notice

Note: Developers of consumer health technology or apps (“health technology developers”) that collect digital health data about individuals would use this template to disclose to consumers the developer’s privacy and security policies. "We" refers to the health technology developer or technology product and "you/your" refers to the user/consumer of the health technology.



Use: How we use your data internally

We collect and use your
identifiable data
Identifiable data means: data, such as your name, phone number, email, address, health services, information on your physical or mental health conditions, or your social security number, that can be used on its own or with other information to identify you.
:



Share: How we share your data externally with other companies or entities



We share your data AFTER removing identifiers (note that remaining data may not be anonymous):



Sell: Who we sell your data to

Sold Data Do we sell?
Do we sell your identifiable data
Identifiable data means: data, such as your name, phone number, email, address, health services, information on your physical or mental health conditions, or your social security number, that can be used on its own or with other information to identify you.
to data brokers
Data broker means: companies that collect personal information about consumers from a variety of public and non-public sources and resell the information to other companies
, marketing, advertising networks, or analytics firms?
No
Do we sell your data AFTER removing identifiers (note that remaining data may not be anonymous) to data brokers
Data broker means: companies that collect personal information about consumers from a variety of public and non-public sources and resell the information to other companies
, marketing, advertising networks, or analytics firms?
No



Store: How we store your data

Stored Data Is it stored?
Are your data stored on the device? No
Are your data stored outside the device at our company or through a third party? No




Encryption: How we encrypt your data

Encrypted Data Is it encrypted?
Does the app or technology use
encryption
Encryption means: a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it.
to encrypt your data in the device or app?
N/A
Does the app or technology use
encryption
Encryption means: a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it.
to encrypt your data when stored on our company servers or with an outside
cloud computing
Cloud computing means: a kind of Internet-based computing that provides shared processing resources and data to computers and other devices on demand.
services provider?
N/A
Does the app or technology use
encryption
Encryption means: a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it.
to encrypt your data while it is transmitted?
Yes, by default



Privacy: How this technology accesses other data

Other Data Is it accessed?
Will this technology or app request access to other device data or applications, such as your phone’s camera, photos, or contacts? No
Does this technology or app allow you to share the collected data with your social media accounts, like Facebook? No



User Options: What you can do with the data that we collect

Can you access, edit, share, or delete the data we have about you? No - we do not store your data, we only use the data provided by VA and CMS. The app provides opportunities to manually enter data such as laboratory results in order to improve trial matching. This does not permanently change your data at the source.



Deactivation
Deactivation means: an individual takes action or a company ceases operation or deactivates an individual’s account due to inactivity.
: What happens to your data when your account is deactivated

When your account is deactivated/terminated by you or the company, your data are... Not available for use by the tool (data is never stored)



Policy Changes: How we will notify you if our privacy policy changes

Prominently at the home page of the application, with a summary of the recent changes. In addition, at the top of this page we will update the "Last Updated" date



Breach
Breach means: an unauthorized disclosure.
: How we will notify you and protect your data in case of an improper disclosure

Girls Computing League complies with all applicable laws regarding breaches.
In the event of a breach we will announce it prominently on our web page. We do not store any information, including contact information, on our visitors



Contact Us

Girls Computing League

Privacy Policy (https://cts.girlscomputingleague.org)

cts@girslcomputingleague.org

Girls Computing League