PRIVACY


Overview

Trial By Fire Solutions is an eClinical software company focused on Clinical Trial Management Solutions (CTMS) that improve planning, execution and tracking of clinical trial activities.

We take the security and privacy of your data and our infrastructure very seriously. Our commitment is to provide an environment that is safe, secure and available to all of our customers and website visitors.


Products and Design

Our SimpleCTMS and SimpleTrials CTMS applications are offered as commercially available cloud-based SaaS solutions. Additional details can be found at www.simpleCTMS.com and www.simpletrials.com. These CTMS applications are utilized worldwide on a daily basis via established web browsers.

SimpleCTMS and SimpleTrials CTMS products are designed with global clinical studies in mind. Individuals who utilize our CTMS applications as licensed users do so with specific purpose, training and experience. They are authorized for a CTMS account through their organizations who directly contract with Trial By Fire Solutions.

  • Our CTMS features support management of data related to contact records, timelines, site and subject tracking, workflow processing and file uploads for studies being managed by our clients.

  • Our clients input data into our CTMS and are responsible to obtain the necessary consent for collection of personal data for individuals that are participating in clinical trials but are not CTMS users.

  • We do not display third party advertising within our websites or applications nor do we sell or share user data with advertisers.

  • We make no effort to track your activity when you are not using our websites or services. We only use data entered to support the products and services we provide.

  • Our simplistic design elements support clinical study tracking needs without collecting more data than is necessary to support the business needs of our client.

  • Established user roles and sensible data view options provide clients with appropriate levels of transparency and accountability for data viewing and edit permissions by their CTMS users.

  • Technical controls for 21 CFR Part 11 compliance come standard.


Privacy Policies and Agreements

PLEASE NOTE: Policies have been updated in Feb 2022. See the change summary and new policies here.

The following policies are tailored for the different ways personal information is collected from individuals who visit our website and those that utilize our CTMS service or otherwise interact with us.

  • Privacy Policy for Visitors - addresses information we collect when you visit our simpletrials.com and simplectms.com websites and in offline sales and marketing activities.

  • Cookie Policy – please reference the Privacy Policy for Visitors

  • Privacy Policy for SimpleCTMS Subscribers - addresses privacy practices with respect to data collected from you or generated when you use our SimpleCTMS product and services.

  • Privacy Policy for SimpleTrials Subscribers – addresses privacy practices with respect to data collected from you or generated when you use our SimpleTrials product and services.

  • Terms of Use (for SimpleTrials) – applies to all licensed users. This is accepted by each user to access the client server upon initial activation of their account and as updates apply.

  • Terms of Use (for SimpleCTMS) – applies to all licensed users. This is accepted by each user to access the client workspace upon initial activation of their account and as updates apply.

  • Master Services Agreement (for SimpleTrials) – applies to the subscribing client organization. This MSA establishes the business needs and contractual details for the client engagement to utilize our CTMS.

  • Service Provider License Agreement (for SimpleCTMS) to the contracting client organization. This SPLA establishes the business needs and contractual details for the client engagement to utilize our CTMS.

For questions about Data Privacy for SimpleCTMS, please contact us. For questions about Data Privacy for SimpleTrials, please contact us.


Data Protection, Transfer and Processing

Trial By Fire Solutions is a US based company with data safely retained in the United States. Our goal is to provide our clients with secure, fast and reliable CTMS service. Our websites and applications are accessed globally from the internet. As the data controllers, we expect our clients to have the proper policies and protections in place with their CTMS users regardless of their location.  

Trial By Fire Solutions has sufficient organizational and technical controls in place to support data transfer, processing and privacy needs for our clients. This means that clients may invite their team members in different geographic locations to create CTMS user accounts. This also means that CTMS users may input personal data for persons located in any geographic location and continue to utilize the CTMS application per the designated business need.

In all cases, the client owns the data input into our CTMS applications by their users. We process personal data via other organizations to help provide the service given the established business need. The sub-processors we authorize to process client data for our CTMS services are further described in the Terms of Use.


General Data Protection Regulation (GDPR)

GDPR is an opportunity to build a stronger data protection foundation for the benefit of everyone. Trial By Fire Solutions is committed to ensuring compliance with GDPR requirements. This includes our commitment to helping our customers stay in compliance with GDPR and their local requirements.

As part of this commitment, we have updated our Privacy Policies for Subscribers and Privacy Policies for Visitors. In addition, here are a few things that Trial By Fire Solutions is committed to doing to ensure our compliance with GDPR and that of our CTMS clients:

  • We commit to adhering to appropriate safety measures and precautions in accordance with GDPR.

  • We will ensure that our personnel authorized to process personal data have committed to confidentiality.

  • For new features and enhancements, we’re applying Data by Design principles of GDPR.

  • When we transfer data outside of the EU, we commit to having the appropriate data transfer mechanisms in place.

  • We will ensure that subprocessers, including data center partners, which handle personal data are held to the same data management, security and privacy practices and standards that we ourselves follow.

  • We will assist our customers in responding to data subject requests they may receive under the GDPR.

  • We will assist in notifying regulators of data breaches and providing prompt communications to customers and users.