General Privacy Notice

Who we are


We are Modus Outcomes LLP which is comprised of the following companies:

  • Modus Outcomes Inc.
    Registered address: CIC, 1 Broadway, 14th Floor Cambridge, MA 02142, USA
  • Modus Outcomes Ltd.
    Registered address: Suite 210b, Spirella Building, Letchworth Garden city, SG6 4ET, UK
  • Modus Outcomes Société
    Registered address: Wojo Grand Hôtel-Dieu,4 place Amédée Bonnet, 69002 Lyon, FRANCE


Modus Outcomes is registered with the Information Commissioners Office as a Data Controller. Registration number: ZB096973.

Modus Outcomes provides patient centred outcomes research consultancy to its clinical research clients.


Your Privacy

Your privacy matters to us and we are committed to the highest data privacy standards, confidentiality, and adherence with all applicable data protection legislation in the US, UK & EEA.

To disclose this to you, our Privacy Notice includes the following:

  • What data we collect from you.
  • How and why we process it.
  • Who we share it with and why

We adopt the six core principles of data protection legislation which are:

  1. Lawfulness, fairness and transparency - we process personal data lawfully, fairly, and in a transparent manner in relation to you, the data subject.
  2. Purpose limitation - we only collect personal data for a specific, explicit, and legitimate purpose. We clearly state what this purpose is in this Privacy Notice, and we only collect data for as long as necessary to complete that purpose.
  3. Data minimisation - we ensure that personal data we process is adequate, relevant, and limited to what is necessary in relation to the processing purpose.
  4. Accuracy - we take every reasonable step to update or remove data that is inaccurate or incomplete. You have the right to request that we erase or fix incorrect data that relates to you, and we will complete this task as soon as possible but guarantee to do so within a month.
  5. Storage limitation - we delete personal data when we no longer need it. While the timescales in most cases aren't set, we outline our retention strategy within this Privacy Notice.
  6. Integrity and confidentiality - we keep personal data safe and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.


Collection of personal data for which we are responsible as a Data Controller

We collect the personal information of our business clients, prospective clients, research partners, research subjects, consultants, and other interested parties via disclosure directly from them. This might be via our website, email, telephone, face-to-face engagement or through contractual agreements.


Categories and Types of personal data collected and processed as Data Controller

In our engagement with individuals directly as part of our business and research interactions we may collect:

  • Names
  • Telephone number(s)
  • Work email addresses
  • Work addresses

In our activities as consultative researchers, we may directly collect from individuals taking part in research studies:

  • Names, Telephone numbers, Email addresses, Home addresses
  • *Ethnicity, Gender, Age, Weight, Height
  • *Health & Medical information
  • *Medical study results

* We treat all personal data as sensitive but acknowledge that we are processing special category data. We recognise our obligations in ensuring that special category data is given particular protection.


Reason for data collection and processing activities

Contact information is captured to enable us to work with clients, partners, consultants, and contractors efficiently.

Information collected on those individuals taking part in our research studies is done so to provide us with the information required to provide anonymised research results to our clients.


Sharing of personal data

During our engagement with you for business or research activities, we may share your personal data with other organisations who are critical for these purposes. These organisations will be contracted as our Data Processors. Under the terms of the contracts with them, they will have provided sufficient guarantees that they will process your data only as instructed by us and throughout their processing activities will ensure that your data is protected using appropriate technical and organisational measures.

We will share personal data collected from you with appropriate staff across our LLP who are located in Europe and the USA.

The sharing of your personal data in this way means that it is shared with organisations who are located in countries who do not have the same regulatory data protection standards as the UK or EEA. We will ensure that the appropriate safeguards for the protection of your personal data are in place before allowing transfer to these countries.

A full list of processors is available from our Data Protection Officer.


Securing and processing of your personal data

The personal data that we process is stored within our own internal IT systems, offices, and those of contracted electronic storage providers.

We have assessed the risks of the processing and storage of your personal data to ensure we have implemented appropriate technical and organisational measures to protect it.

In the unlikely event that we lose personal data, or a device on which personal data resides, or it is accessed by someone unauthorised, we have a duty to inform those individuals affected immediately. If the loss or unauthorised access of personal data has potential to cause harm or impact the data rights of individuals resident in the UK or EEA, we will also report this to the relative supervisory authorities.


Our legal basis for processing your personal data

Depending on the processing activity, we rely on the following lawful basis for processing data under UK and European GDPR:

  • Article 6(1)(a) consent
  • Article 6(1)(b) contract
  • Article 6(1)(c) legal obligation
  • Article 6(1)(d) vital interests
  • Article 6(1)(e) public task
  • Article 6(1)(f) legitimate interests

Our processing activities with respect to business and research will be done on a contractual or consensual relationship with you.

We could also process your data under our legitimate interests with respect to the effective management of business operations and also in order to meet our legal requirements.

Where a special category of data is processed, for example your health data, the additional bases for processing that we rely on are:

  • Article 9(2)(a) explicit consent
  • Article 9(2)(i) for reasons of public interest in the area of public health


How long do we keep personal data for

We keep personal data for the shortest duration needed to conduct our business operations and manage the research studies.

We will retain some personal data following expiry of any contractual agreement, in order to meet legal requirements, such as financial accounting.


Your rights in relation to personal data

Under the UK & EU GDPR, you have rights to access and control your personal data.

These rights include:

  • access to personal information
  • correction and deletion
  • withdrawal of consent (if processing data on condition of consent)
  • data portability
  • restriction of processing and objection
  • lodging a complaint with the appointed supervisory bodies

You can exercise your rights by emailing our Data Protection Officer at:

If you took a part in one of our research studies, please refer to your Information Sheet which provides further details on your data rights and the way in which you should exercise your rights.

If you are unhappy with anything we have done with your data, you have the right to complain to the supervisory body appointed in your country of residence.


Use of Cookies and Other Technologies on our Website

We use cookies or similar technologies to analyse trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base. This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyse and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience. The chart below explains the different types of cookies and tracking technologies and what we use them for:

Necessary cookies are essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie Duration Description
_GRECAPTCHA 5 months 27 days This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checkbox-analytics 11 months This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional 11 months This cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary 11 months This cookie is set by GDPR Cookie Consent plugin. This cookie is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others 11 months This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other”.
cookielawinfo-checkbox-performance 11 months This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
PHPSESSID session This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookie and is deleted when all the browser windows are closed.
viewed_cookie_policy 11 months This cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.


Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedback, and other third-party features.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.


Cookie Duration Description
_ga 2 years This cookie is installed by Google Analytics. The cookie is used to calculate visitors, sessions, campaign data, and keep track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors.
_gid 1 day This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number of visitors, the source where they have come from, and the pages visited in an anonymous form.


Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Other uncategorized cookies are those that are being analysed and have not yet been classified into a category.

Cookie Duration Description
_gat_gtag_UA_130726208_1 1 minute No description


How to contact us

For all data protection matters or questions relating to how we manage your data, you can contact our Data Protection Officer via these means:

Data Protection Officer:             Clinical DPO

Phone Number                             0203 411 2848