Privacy Policy

July 23rd, 2021

Tilda Research, Inc. (“Tilda”, “we”, “us”) is committed to protecting your privacy. This Privacy Policy explains how Tilda collects, uses, protects and shares the personal information we collect from visitors to our platforms, portals, and websites where this Privacy Policy is posted (collectively, the “Sites”) and contact/registration information from our customers during the provision of our online hosted services (“Service”).

We provide the Service to our customers under an agreement with the customer and solely for the benefit of their personnel and other personnel authorized by the customer as users of the Service (“Authorized Users“).

This Privacy Policy does NOT govern:

  • the collection, use and sharing of Protected Health Information (“PHI”, “patient data”) from our customers or patients through the Service. Please see the customer agreement executed with Tilda for relevant terms regarding Tilda’s use of patient data or the Notice of Privacy Practices;
  • the Patient’s Rights under the Health Insurance Portability and Accountability Act (“HIPAA”).

Acknowledgement of the Privacy Policy

By accessing or using our Service and Sites, you signify that you have read, understand and agree to our collection, storage, use and disclosure of personal information as described in this Privacy Policy.

PLEASE READ IT CAREFULLY

What Data Do We Collect And How?

The categories of information we collect can include:

Information That You Provide To Us

We collect information that you provide to us when you set up an account with us, use our Service, or communicate with us.

For example, we may request:

  • your personal information (e.g., name, postal address, email address, telephone number); or
  • your applicable business information when you register for an account or subscribe to our Service (“Account Information”).

We may also collect any communications that you exchange with us, as well as any information you provide if you take part in certain interactive features of the Service, such as surveys or support tickets.

Information We Automatically Collect or Obtain From Other Sources

Usage and Log Data

We, and our third party partners, automatically may collect certain types of usage information when you visit our Sites or otherwise engage with us. We typically collect this information through a variety of tracking technologies, including cookies, web beacons, file information and similar technology (collectively, “tracking technologies”).

For example, we may collect information about your device and its software, such as:

  • your IP address,
  • browser type,
  • Internet service provider (“ISP”),
  • platform type,
  • device type,
  • operating system,
  • date and time stamp,
  • a unique ID that allows us to uniquely identify your browser, mobile device or your account, and other such information.

We also may collect information about the way you use our Sites, for example,

  • the site from which you came and the site to which you are going when you leave our Sites,
  • the pages you visit,
  • the links you click,
  • how frequently you access the Sites,
  • and other actions you take on the Sites.

When you access our Sites from a mobile device, we may collect:

  • unique identification numbers associated with your * device or our mobile application (including, for example, a UDID, Unique ID for Advertisers (“IDFA”), Google AdID, or Windows Advertising ID),
  • mobile carrier,
  • device type,
  • model and manufacturer,
  • mobile device operating system brand and model,
  • phone number,
  • and depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g., latitude and/or longitude) or similar information regarding the location of your mobile device, or we may be able to approximate a device’s location by analyzing other information, like an IP address.

We may collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics of our users.

Other Sources

We may obtain information from other sources, such as:
third-party information providers,

  • security and fraud detection firms,
  • marketing and business partners,
  • or through mergers and acquisitions,

and combine this with information previously collected. In these cases, our Privacy Policy governs the handling of the combined personal information.

Do Not Track

Although we do our best to honor the privacy preferences of our users, we are unable to respond to Do Not Track signals set by your browser at this time.

How Do We Handle Or Store Your Data?

Location

Tilda securely stores your data in Google Cloud Platform (GCP) and Services, encrypted at rest and in transit where applicable.

Data Retention

Tilda may retain your data for a commercially reasonable amount of time for recordkeeping, audit or other purposes. Any Customer Data that we have access to shall be retained, stored, and deleted according to our agreement with our applicable customer.

Data Location

Your information may be stored and processed in the United States or any other country in which Tilda or its subsidiaries, affiliates or service providers maintain facilities. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may store information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which we or our parent, subsidiaries, affiliates or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

Keeping Your Data Safe

Tilda cares about the security of your information and uses reasonable physical, technical and
organizational measures designed to preserve the integrity and security of all information we collect. However, no security system is impenetrable and we cannot guarantee the security of our systems.

In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

Tilda’s obligations with respect to Customer Data are defined in our agreements with our customers and are not included in this Privacy Policy. Each customer will remain responsible for the privacy and security of the Customer Data that it collects and processes and for compliance with applicable data protection laws that may apply to the collection, processing and disclosure of Customer Data through the Service.

How Do We Use Your Data?

We use personal information collected via the Sites, our Service, and through other means for purposes described in this Notice, including using your information to:

  • operate, maintain, and provide to you the features and functionality of the Sites and Service,
  • communicate directly with you, such as to send you email messages about products and services that may be of interest to you,
  • send you Service-related emails or messages (e.g., account verification, purchase confirmation, changes or updates to features of the Service, technical and security notices),
  • enhance security, monitor and verify identity or service access, combat fraud, spam, malware or other network and/or information security risks,
  • provide custom, personalized content and information, including targeted content and advertising,
    process your information for other legitimate business purposes, such as customer surveys, data analysis, audits, collecting and assessing feedback, identifying usage trends, determining the effectiveness of our marketing campaigns and to evaluate and improve our products, services, marketing and customer relationships.

How Do We Share Your Data?

We may share your personal information in the instances described below. For further information on your choices regarding your information, see “Control Over Your Information.”

  • We may share your personal information with third-party service providers or business partners who help us deliver or improve our Service or who perform services on our behalf, such as processing payments, sending postal mail, providing back-office services, or measuring site traffic.
  • We may share or disclose your personal information if we determine, in our sole discretion, that we are required to do so under applicable law or regulatory requirements, or if we reasonably believe disclosure is necessary to prevent harm or financial loss, or in connection with preventing fraud or illegal activity, and/or to enforce our Terms of Service.
  • We may share your personal information with any companies and brands owned or controlled by Tilda, and any other companies owned by or under common ownership as Tilda. These companies may use your personal information in the same way as we can under this Privacy Policy.
  • We reserve the right to transfer any information we collect in the event we sell or transfer all or a portion of our business or assets (including any shares in the company) or any portion or combination of our products, services, businesses and/or assets. Should such a transaction occur (whether a divestiture, merger, acquisition, bankruptcy, dissolution, reorganization, liquidation, or similar transaction or proceeding), we will use reasonable efforts to ensure that any transferred information is treated in a manner consistent with this Privacy Policy.
  • We may also share information with others in an aggregated or otherwise anonymized form that does not reasonably identify you directly as an individual.

Control Over Your Information

Email Communications

At this time, Tilda sends strictly essential communications, such as reminders for patient’s appointments, study related documents, clinically relevant communication, account verification, confirmations of transactions, technical or legal notices. You cannot unsubscribe from these email communications.

Enhancing Your Privacy

If you would prefer not to accept cookies, most browsers will allow you to:

  • change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it;
  • disable existing cookies; or
  • set your browser to automatically reject cookies.

Please note that doing so may negatively impact your experience using the Sites, as some features and services on our Sites may not work properly.

Depending on your mobile device and operating system, you may not be able to delete or block all cookies. You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it. Deleting cookies does not delete Local Storage Objects (LSOs) such as HTML5.

Privacy Policy of Other Websites

For your convenience, our Sites and Service may provide links to third-party websites or services that are not governed by this Privacy Policy. To the extent that any linked third-party websites or services you visit are not owned or controlled by Tilda, we are not responsible for those websites’ or services’ content or information practices.

We encourage you to review the privacy policies of any site or service before providing any personal information.

Special Cases & Exclusions

Customer Data

In providing our Service, our customers may upload data and information to our Service (all of which, excluding customer Account Information, we refer to in this Privacy Policy as “Customer Data”). Customer Data is owned and controlled by our customers, and any Customer Data that we maintain or process we consider to be strictly confidential.

We collect and process Customer Data solely on behalf of our customers, and in accordance with our agreements with the customers. We do not use or disclose Customer Data except as authorized and required by our customers and as provided for in our agreements with our customers.

Patient Data

Patient Data, in particular Protected Health Information (“PHI”), is not covered under this Privacy Policy.

Tilda’s patients should consult the Notice of Privacy Practices (“NOPP”) they acknowledged, whether Tilda’s NOPP, or their physician’s (contact your physician for more information).

Children’s Privacy

Tilda’s Sites and Service are intended for use strictly by adults. We do not knowingly solicit or collect personal information from children under the age of 13. If we learn that any personal information has been collected inadvertently from a child under 13, we will delete the information as soon as possible. If you believe that we might have collected information from a child under 13, see “How to Contact Us”.

Please note that children’s data as part of customer agreements executed with Tilda are treated as Patient and Customer data, which are not submitted to that Privacy Policy.

Changes to Our Privacy Policy

We reserve the right to change this Privacy Policy from time to time at our sole discretion. We will post changes on this page and adjust the “Revision History” section of this policy accordingly.

Please check back often for any updates. Your continued use of our Sites or Service after any change in this Privacy Policy will constitute your acceptance of such change.

How to Contact Us

For additional inquiries about this Privacy Policy, please do not hesitate to contact us:

privacy@tilda.bio