Privacy policy.

1. Quick summary

We collect personal information to run clinical trials, manage participants, and improve research outcomes. We limit collection to what’s necessary, protect data with reasonable safeguards, and provide participants with control over their information.

2. Who we are

Nexus Research operates clinical trial sites and provides study coordination and data management services.
Contact: privacy@nexusresearch.example (replace with your real contact).

3. Data we collect

We collect the minimum data necessary to enroll and safely manage participants:

  • Contact & identification: name, address, phone, email.

  • Medical & health information: diagnosis, medical history, medications, lab results (protected health information — PHI).

  • Study data: consent forms, visit notes, adverse event reports, device data, and surveys.

  • Technical & usage data: IP, device identifiers, cookies when you use our website or portal.

  • Administrative data: billing, insurance details where necessary for study-related payments.

4. How we use data

  • To operate and manage clinical trials (eligibility screening, visits, safety monitoring).

  • To comply with legal, regulatory, and reporting obligations (FDA, IRB, sponsors).

  • To communicate with participants about studies, appointments, and results.

  • To de-identify and aggregate for research, quality improvement, and publications.

  • To process payments and handle administrative tasks.

5. Legal basis & consent

For participants in the United States, we rely on participant consent and legal obligations for safety reporting and regulatory compliance.
For residents in jurisdictions with data-protection laws (e.g., GDPR), we process personal data under lawful bases such as consent, contract performance, legal obligation, and legitimate interests.

6. Special category data (health data & PHI)

Health data are treated as sensitive. In the U.S., we handle PHI in accordance with HIPAA where applicable. We only use and disclose PHI for treatment, payment, research-related activities authorized by your consent, and as required by law or an IRB.

7. Sharing & third parties

We may share data with:

  • Study sponsors and contract research organizations (CROs).

  • Regulatory authorities, ethics committees, and safety monitoring boards.

  • Service providers who process data on our behalf (e.g., EDC platforms, labs, payment processors).

  • Other parties if required by law or with your explicit consent.

When sharing data for research or publication, we remove direct identifiers where possible and use de-identified datasets.

8. International transfers

Data may be transferred to countries with different privacy rules. We use contracts and safeguards to protect data during transfers.

9. Cookies & website tracking

We use cookies and similar technologies on our public website and participant portals for analytics, security, and user experience. You can manage cookie preferences through your browser; core functionality may require certain cookies.

10. Data security

We maintain administrative, technical, and physical safeguards to protect personal data. No method is 100% secure—if a breach affects your data, we will follow legal obligations and notify affected individuals and authorities as required.

11. Data retention

We retain participant records for the period required by law, sponsors, or institutional policy (typically several years after study completion).
De-identified data may be kept indefinitely for research and quality improvement.

12. Your rights

Depending on local law, you may have rights to access, correct, restrict, or delete your personal data; to receive a copy; or to object to processing.
Participants may withdraw consent for future processing—withdrawal will not affect data already used in analysis where removal is not feasible.

13. Children

We do not recruit minors unless a study specifically involves them and parental consent is obtained. We do not knowingly collect personal data from children through our public website.

14. Changes to this policy

We may update this policy periodically. Material changes will be posted with a new effective date.

15. Contact

Email: privacy@nexusresearchfl.com
For formal requests under GDPR or other laws, please include your name, contact information, and details of the request.