Participant End User Privacy Statement

The Teckro Solution is a platform which incorporates Solas by Teckro, a participant platform application (hereinafter referred to as the "Solas") and Teckro, a clinical trial platform application, both of which are owned and controlled by Teckro Limited (hereinafter referred to as "Teckro")

As a data processor, Teckro is committed to protecting your privacy and this Privacy Statement explains the personal data Teckro processes, how Teckro processes it and for what purposes.

Unlike data controllers, data processors have a different set of responsibilities under data protection law, in particular:

• Teckro processes personal data on the instructions of the data controller
• Teckro has written agreements in place with the data controllers
• Teckro takes appropriate steps to ensure that personal data is secure from unauthorized access, disclosure, destruction or accidental loss

What legal basis do we have for processing of your personal data?

We process personal information for certain legitimate business purposes, which include some or all of the following:

• For the provision of the user account
• Where the processing enables us to enhance, modify, personalize or otherwise improve our services / communications for the benefit of the end users
• To better understand how people interact with our application

Whenever we process data for these purposes, we will ensure that we will always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so, please contact us at data-privacy@teckro.com. Please bear in mind that if you object, this may affect our ability to carry out tasks as detailed above for your benefit.

What information do we process?

At the discretion of the data controller, authorized users may 'invite' person(s) involved in a trial to register for Solas access.

Teckro is provided, directly from the data controller, with your screening ID number. To create your participant account, Teckro generates your unique Solas I.D. This will be your future username for your Solas account. There is no personal data required to create your account.

For security and performance monitoring purposes, Teckro logs the following personal data:

• IP address

In the provision of additional feature support, and at the request of the data controller, Teckro may also process the following personal data:

• Email address associated with your account
• Participant medical data captured during your participation in a clinical trial
• Participant subject ID number

Other types of non-personal data processed are:

• Study name
• Study number
• Site institution details: name, site number, site address, city, country
• Therapeutic area under study review

In addition, to better understand how users interact with our application Teckro also tracks your device details, freely available to third party mobile apps, including:

• Manufacturer e.g., Samsung, Apple
• Model e.g., iPhone, Galaxy
• Platform e.g., Android, iOS
• Version

How do we use your information?

The screening ID provided to Teckro by the authorized 'inviter' enables your registration within Solas.

Where an email is provided to Teckro by the authorized 'inviter' it enables your ability to reset your password.

Where the data controller uses Solas to facilitate medical data return, your participant subject or screening ID number are retained to provision the return of this medical data. Your email, if provided, may also be used to send a notification to inform you that your medical data is available to view via Solas.

Your information, as detailed above, may be retained by Teckro with the agreement of the data controller, to enable future use of your Solas account.

In accordance with its agreement with the relevant data controller, Teckro may also monitor usage patterns on an aggregated / depersonalized basis, which enables us to improve the service we provide to our clients and the end user.

Do we share your information?

In accordance with its agreement with the relevant data controller, Teckro may use information internally on an aggregated and depersonalized basis for analytics, reporting and service improvement purposes.

Teckro may also use third party service providers to help us provide elements of our application. Your personal data i.e. IP address may be processed by a third-party service provider. For more information regarding our sub-processors please refer to our sub-processor list which is available at https://teckro.com/gdpr-subprocessors.

However, Teckro will not pass your personal data, including sensitive data, to a third party service provider, other than described in this Privacy Statement, unless for (a) any successors-in-title to our business; or (b) where such disclosure is required by law.

Where do we store your information?

Data is stored on servers located inside the European Economic Area. By using the Teckro solution you acknowledge that the laws, regulations, and standards of the country in which your information is stored or processed or accessed may be different from those of your own country. However, Teckro has taken steps to ensure that all locations provide a level of security and protection for personal data that meets EU laws.

How do we keep your personal information secure?

The personal data which Teckro processes is held on secure servers and appropriate steps are taken (both technical and organizational security measures) to protect your personal data in line with applicable law.

How long do we keep personal information?

Teckro keeps personal data in accordance with our agreement with the data controller and applicable law.

Links

Solas may contain links to other websites if requested by a client. Teckro holds no responsibility whatsoever for the security or data privacy measures within an external site. To this end Teckro is not responsible for any liability, of any kind, that may arise in connection with or as a result of the use of the external site in question. However, to alert you to the fact that you may be about to navigate to an external website, Teckro provides a pop-up alert within Solas whenever you click on an external link.

Location Services

Teckro does not use location services and does not track your GPS position.

What are your rights?

You enjoy a number of rights under data protection law. These rights are exercisable against the controller, rather than Teckro. However, as a processor Teckro is responsible for assisting the controller when you make a request to exercise your rights.

The exact rights which are available to you may vary depending upon the legal basis relied upon by the controller to process your information.

You have the right to request information about how your information is being used. You also have the right to request a copy of the information that Teckro has about you, request its correction, or request its erasure.

If you would like to exercise your statutory data protection rights, please contact Teckro at data-privacy@teckro.com and we can facilitate by referring your request to your data controller.

Will we update this policy?

Our Privacy Policy Statement may change from time to time. Following any updates, you will be asked to review and acknowledge the revised Privacy Statement the next time you log into Solas.

Contact Information

If you have further queries with regard to how Teckro processes your personal data, please contact us at data-privacy@teckro.com.