General Privacy Notice
Who we are
We are Modus Outcomes LLP which is comprised of the following companies:
- Modus Outcomes Inc.
Registered address: CIC, 1 Broadway, 14th Floor Cambridge, MA 02142, USA
- Modus Outcomes Ltd.
Registered address: Suite 210b, Spirella Building, Letchworth Garden city, SG6 4ET, UK
- Modus Outcomes Société
Registered address: Wojo Grand Hôtel-Dieu,4 place Amédée Bonnet, 69002 Lyon, FRANCE
Modus Outcomes is registered with the Information Commissioners Office as a Data Controller. Registration number: ZB096973.
Modus Outcomes provides patient centred outcomes research consultancy to its clinical research clients.
Your privacy matters to us and we are committed to the highest data privacy standards, confidentiality, and adherence with all applicable data protection legislation in the US, UK & EEA.
To disclose this to you, our Privacy Notice includes the following:
- What data we collect from you.
- How and why we process it.
- Who we share it with and why
We adopt the six core principles of data protection legislation which are:
- Lawfulness, fairness and transparency - we process personal data lawfully, fairly, and in a transparent manner in relation to you, the data subject.
- Purpose limitation - we only collect personal data for a specific, explicit, and legitimate purpose. We clearly state what this purpose is in this Privacy Notice, and we only collect data for as long as necessary to complete that purpose.
- Data minimisation - we ensure that personal data we process is adequate, relevant, and limited to what is necessary in relation to the processing purpose.
- Accuracy - we take every reasonable step to update or remove data that is inaccurate or incomplete. You have the right to request that we erase or fix incorrect data that relates to you, and we will complete this task as soon as possible but guarantee to do so within a month.
- Storage limitation - we delete personal data when we no longer need it. While the timescales in most cases aren't set, we outline our retention strategy within this Privacy Notice.
- Integrity and confidentiality - we keep personal data safe and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Collection of personal data for which we are responsible as a Data Controller
We collect the personal information of our business clients, prospective clients, research partners, research subjects, consultants, and other interested parties via disclosure directly from them. This might be via our website, email, telephone, face-to-face engagement or through contractual agreements.
Categories and Types of personal data collected and processed as Data Controller
In our engagement with individuals directly as part of our business and research interactions we may collect:
- Telephone number(s)
- Work email addresses
- Work addresses
In our activities as consultative researchers, we may directly collect from individuals taking part in research studies:
- Names, Telephone numbers, Email addresses, Home addresses
- *Ethnicity, Gender, Age, Weight, Height
- *Health & Medical information
- *Medical study results
* We treat all personal data as sensitive but acknowledge that we are processing special category data. We recognise our obligations in ensuring that special category data is given particular protection.
Reason for data collection and processing activities
Contact information is captured to enable us to work with clients, partners, consultants, and contractors efficiently.
Information collected on those individuals taking part in our research studies is done so to provide us with the information required to provide anonymised research results to our clients.
Sharing of personal data
During our engagement with you for business or research activities, we may share your personal data with other organisations who are critical for these purposes. These organisations will be contracted as our Data Processors. Under the terms of the contracts with them, they will have provided sufficient guarantees that they will process your data only as instructed by us and throughout their processing activities will ensure that your data is protected using appropriate technical and organisational measures.
We will share personal data collected from you with appropriate staff across our LLP who are located in Europe and the USA.
The sharing of your personal data in this way means that it is shared with organisations who are located in countries who do not have the same regulatory data protection standards as the UK or EEA. We will ensure that the appropriate safeguards for the protection of your personal data are in place before allowing transfer to these countries.
A full list of processors is available from our Data Protection Officer.
Securing and processing of your personal data
The personal data that we process is stored within our own internal IT systems, offices, and those of contracted electronic storage providers.
We have assessed the risks of the processing and storage of your personal data to ensure we have implemented appropriate technical and organisational measures to protect it.
In the unlikely event that we lose personal data, or a device on which personal data resides, or it is accessed by someone unauthorised, we have a duty to inform those individuals affected immediately. If the loss or unauthorised access of personal data has potential to cause harm or impact the data rights of individuals resident in the UK or EEA, we will also report this to the relative supervisory authorities.
Our legal basis for processing your personal data
Depending on the processing activity, we rely on the following lawful basis for processing data under UK and European GDPR:
- Article 6(1)(a) consent
- Article 6(1)(b) contract
- Article 6(1)(c) legal obligation
- Article 6(1)(d) vital interests
- Article 6(1)(e) public task
- Article 6(1)(f) legitimate interests
Our processing activities with respect to business and research will be done on a contractual or consensual relationship with you.
We could also process your data under our legitimate interests with respect to the effective management of business operations and also in order to meet our legal requirements.
Where a special category of data is processed, for example your health data, the additional bases for processing that we rely on are:
- Article 9(2)(a) explicit consent
- Article 9(2)(i) for reasons of public interest in the area of public health
How long do we keep personal data for
We keep personal data for the shortest duration needed to conduct our business operations and manage the research studies.
We will retain some personal data following expiry of any contractual agreement, in order to meet legal requirements, such as financial accounting.
Your rights in relation to personal data
Under the UK & EU GDPR, you have rights to access and control your personal data.
These rights include:
- access to personal information
- correction and deletion
- withdrawal of consent (if processing data on condition of consent)
- data portability
- restriction of processing and objection
- lodging a complaint with the appointed supervisory bodies
You can exercise your rights by emailing our Data Protection Officer at:
If you took a part in one of our research studies, please refer to your Information Sheet which provides further details on your data rights and the way in which you should exercise your rights.
If you are unhappy with anything we have done with your data, you have the right to complain to the supervisory body appointed in your country of residence.
Necessary cookies are essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
|5 months 27 days
|This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
|This cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
|This cookie is set by GDPR Cookie Consent plugin. This cookie is used to store the user consent for the cookies in the category "Necessary".
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other”.
|This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
|This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookie and is deleted when all the browser windows are closed.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedback, and other third-party features.
Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
|This cookie is installed by Google Analytics. The cookie is used to calculate visitors, sessions, campaign data, and keep track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors.
|This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number of visitors, the source where they have come from, and the pages visited in an anonymous form.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Other uncategorized cookies are those that are being analysed and have not yet been classified into a category.
How to contact us
For all data protection matters or questions relating to how we manage your data, you can contact our Data Protection Officer via these means:
Data Protection Officer: Clinical DPO
Phone Number 0203 411 2848