Privacy policy

Expertrials.com website is owned by ExperTrials, which is a data controller of your personal data.

We have adopted this Privacy Policy to determine how we are processing the information collected by expertrials.com and provide the reasons why we must collect certain personal data about you.

Therefore, this Privacy Policy must be read and accepted before using the expertrials.com website. We take care of your personal data and undertake to guarantee its confidentiality and security.

1. On the basis of what legal provisions are or may be processed your personal data?

 

The rules on the protection of personal data (hereinafter referred to as the GDPR ) are set out, inter alia, in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), the Act of 10 May 2018 on the Protection of Personal Data  and in country related special acts (lex specialis).

 

2. Important terms

 

  1. Personal data” – means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be directly or indirectly identified, in particular on the basis of an identifier such as name and surname, identification number, location data, internet identifier or one or more specific physical, physiological, genetic, mental factors, economic, cultural or social identity of a natural person,
  2. Processing” – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction,
  3. Controller” – means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law,
  4. Supervisory authority” – means an independent public authority which is established by a Member State,
  5. “Recipient” – means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing,
  6. “Processor” – means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller,
  7. “Third party” – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data,
  8. “Third country” – an entity outside the EEA (European Economic Area) to which personal data is disclosed,
  9. “Consent” – of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her,
  10. “Privacy Policy” – this document, presenting information on the principles of personal data processing in accordance with the substantive scope indicated in art. art. 13 GDPR – information clause regarding the processing of personal data,
  11. “GDPR” – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation): See eur-lex.europa.eu

 

3. Who does this Privacy Policy apply to?

 

This Privacy Policy (hereinafter referred to as PP) applies to the processing of personal data of natural persons, natural persons conducting sole proprietorship and persons acting on behalf of legal persons, i.e. persons appointed to represent a legal person, proxies, employees and / or associates acting on behalf of a legal person. The categories of personal data concerned are natural persons acting alone, natural persons acting on behalf of organizational units without legal personality, natural persons acting on behalf of legal persons (e.g. as members of their bodies, proxies, contact persons), e.g. at the beginning of preceding the conclusion of the contract or after its conclusion.

 

4. Who is the Controller?

 

Please be advised that Controller is ExperTrials, 35-37 Rue Louis Guérin, 69100 Villeurbanne, France

 

5. Contact details to the Controller

 

Please send inquiries regarding the protection of personal data to the Controller by traditional mail to the above-mentioned address or by e-mail to the address privacy@expertrials.com.

 

6. Data Protection Officer

 

Please be advised that the Controller has not appointed a Data Protection Officer. Inquiries regarding the protection of personal data should be directed to the Controller by traditional mail to the Controller’s address or by e-mail to the following address: privacy@expertrials.com.

 

7. Information about Joint controllers

 

  1. Please be advised that the Controller runs a fanpage (s) on LinkedIn,
  2. Please be advised that in connection with running a fanpage on LinkedIn, there is co-administration (Article 26 of the GDPR). The Joint controllers with regard to personal data processed on the fanpage are or may be:
  • Controller,
  • LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland,
  1. Please be advised that the Joint controllers made common arrangements. Information on co-administration and responsibilities is available at: https://legal.linkedin.com/pages-joint-controller-addendum,
  2. Please be advised that regardless of the arrangements made between the Joint controllers, the data subject may exercise his rights under the GDPR with respect to each of the data Controllers separately,
  3. Contact details to the Data Protection Officer:
  1. We hereby inform that due to the joint controllership, the supervisory authorities competent for the LinkedIn is Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland: https://www.dataprotection.ie/.

 

8. For what purposes is or can your personal data be processed?

 

Personal data is or may be processed for the following purposes:

 

No. Purpose of processing The scope of data Lawfulness of processing
1.

NDA

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the confidentiality agreement (NDA))

1) in the case of natural persons: name, surname, ID number, position, e-mail address, telephone number,

2) in the case of legal persons: name and surname, position, e-mail address, telephone number,

1) in the case of natural persons: art. 6 (1) b), f) GDPR,

2) in the case of legal persons: art. 6 (1) f) GDPR,
2.

Arrangement

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the contract)

1) in the case of natural persons: name, surname, ID number, position, e-mail, telephone number, registration data (e.g. NIP), other personal data in connection with the settlement of e.g. civil law contracts (orders / work)

2) in the case of legal persons: name and surname, position, e-mail address, telephone number

1) in the case of natural persons: art. 6 (1) b), c), f) GDPR,

2) in the case of legal persons: art. 6 (1) c), f) GDPR,
3. Personal data processed for contact purposes – replying to received correspondence name, surname, telephone number, e-mail address, information provided in the content of the e-mail: position, place of work, 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller,
4. Personal data processed in order to prepare and present an offer in relation to own products and services name, surname, telephone number, e-mail address,

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller,
5. Personal data processed for the purpose of sending commercial information in relation to own products and services by electronic means name, surname, e-mail address,

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller,
6. Personal data processed in connection with the process related to the submission of offers (in response to inquiries) name and surname, e-mail address, telephone number, registration data of the entity (NIP, seat), other personal data provided by the applicant

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller,
7. Personal data processed in connection with the exercise of rights in the field of personal data protection The scope of data necessary to exercise the rights of the person

1) art. 6 (1) c) GDPR – legal provisions,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller,
8.         For other purposes – while the content of art. 13 GDPR will then be presented individually for the respective processing purpose

 

We hereby inform that depending on the purpose of processing, the scope of the indicated personal data may change.

 

9. How long will personal data be processed in accordance with the storage limitation principle (personal data retention)?

 

Please be advised that personal data are or may be processed for the period of:

 

No. Purpose of processing Lawfulness of processing Processing period
1.

NDA

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the confidentiality agreement (NDA))

1) in the case of natural persons: art. 6 (1) b), f) GDPR,

2) in the case of legal persons: art. 6 (1) f) GDPR,

a) in order to prepare, conclude and implement the provisions of a confidentiality agreement (NDA) – for the duration of the preparation, conclusion and duration of the contract – for an indefinite period or until the contract is terminated or until an objection to the processing is raised,

b) for purposes related to the investigation of claims between the parties to the contract for the performance of the provisions of the contract (NDA) – if applicable – for the duration of the claims in accordance with applicable law and for the period of their investigation – if applicable,

c) for internal management purposes – controlling and archiving documentation in connection with the conclusion of the contract – for a period of 10 years from the date of the contract, which may be changed,
2.

Arrangement

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the contract)

1) in the case of natural persons: art. 6 (1) b), c), f) GDPR,

2) in the case of legal persons: art. 6 (1) c), f) GDPR,

a) in order to prepare, conclude and implement the provisions of the contract – for the duration of the preparation, conclusion and duration of the contract – for an indefinite period or until the termination of the contract or until objections to processing are submitted,

b) in order to make financial settlements – for a minimum period of 6 years from the end of the financial year,

c) for purposes related to the investigation of claims between the parties to the contract for the performance of the provisions of the contract – if applicable – for the duration of the claims in accordance with applicable law and for the period of their investigation – if applicable,

d) for internal management purposes – controlling and archiving documentation in connection with the conclusion of the contract – for a period of 10 years from the date of the contract, which may be changed,
3. Personal data processed for contact purposes – replying to received correspondence

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

1) until the consent is withdrawn,

2) until an objection to the processing is submitted,

3) for a period of 10 years for internal administrative purposes,
4. Personal data processed in order to prepare and present an offer in relation to own products and services

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

1) until the consent is withdrawn,

2) until an objection to the processing is submitted,

3) for a period of 10 years for internal administrative purposes,
5. Personal data processed for the purpose of sending commercial information in relation to own products and services by electronic means

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

1) until the consent is withdrawn,

2) until an objection to the processing is submitted,

3) for a period of 10 years for internal administrative purposes,
6. Personal data processed in connection with the exercise of rights in the field of personal data protection

1) art. 6 (1) c) GDPR – legal provisions,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

1) for the period resulting from legal provisions (for an indefinite period)

2) until an objection to the processing is submitted,

 

 

Please be advised that the given periods of personal data processing for individual processing purposes may change, among others, as a result of amendments to the law or internal organizational changes.

 

10. Under what circumstances is the provision of personal data a statutory or contractual requirement or a requirement necessary to enter into a contract?

 

Please be advised that providing personal data is:

 

No. Purpose of processing Lawfulness of processing Processing
1.

NDA

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the confidentiality agreement (NDA))

1) in the case of natural persons: art. 6 (1) b), f) GDPR,

2) in the case of legal persons: art. 6 (1) f) GDPR,

a) processing of personal data in order to prepare, conclude and implement the provisions of a confidentiality agreement (NDA) – providing personal data is contractual, and failure to provide personal data will result in the inability to prepare, conclude and implement the provisions of the contract,

b) processing of personal data for purposes related to the investigation of claims between the parties to the contract for the performance of the provisions of the contract (NDA) – it is voluntary, and failure to provide personal data will result in the inability to pursue claims,
2.

Arrangement

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the contract)

1) in the case of natural persons: art. 6 (1) b), c), f) GDPR,

2) in the case of legal persons: art. 6 (1) c), f) GDPR,

a) processing of personal data in order to prepare, conclude and implement the provisions of the contract – providing personal data is contractual, and failure to provide personal data will result in the inability to prepare, conclude and implement the provisions of the contract,

b) in the case of financial settlements, it is of a statutory nature and failure to provide personal data will result in the inability to meet the obligations arising from the applicable law on the Controller,

c) processing of personal data for purposes related to the investigation of claims between the parties to the contract for the performance of the provisions of the contract – it is voluntary, and failure to provide personal data will result in the inability to pursue claims,
3. Personal data processed for contact purposes – replying to received correspondence

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

 1) is voluntary, but failure to provide personal data will result in the inability to respond to inquiries or correspondence received,
4. Personal data processed in order to prepare and present an offer in relation to own products and services

1) art. 6 (1) a) GDPR – consent of the data subject,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

 1) is voluntary, and failure to provide personal data will result in the inability to prepare and send the offer,
5. Personal data processed for the purpose of sending commercial information in relation to own products and services by electronic means

1) art. 6 (1) a) GDPR – consent of the data subject [art. 10 Act on the provision of electronic services]

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

 1) is voluntary, and failure to provide personal data will result in the inability to prepare and send commercial information,
6. Personal data processed in connection with the process related to the submission of offers (in response to inquiries)

1) art. 6 (1) a) GDPR – consent of the data subject

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

 1) is voluntary, and failure to provide personal data will result in the inability to submit and consider the offer,
7. Personal data processed in connection with the exercise of rights in the field of personal data protection

1) art. 6 (1) c) GDPR – legal provisions,

2) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller

1) is voluntary, and failure to provide personal data will result in the inability to exercise the rights of the person in the field of personal data protection,

2) is of a statutory nature, and failure to provide personal data will result in the inability to comply with the provisions of the law in the area of personal data protection imposed on the Controller,

 

11. Processing of personal data based on the consent of the data subject

 

Please be advised that in the case of processing personal data based on the consent of the data subject (Article 6 (1) (a) of the GDPR):

 

No. Purpose of processing Lawfulness of processing Art. 6 (1) a) GDPR
1. Personal data processed in order to prepare and present an offer in relation to own products and services 1) art. 6 (1) a) GDPR – consent of the data subject,

The data subject has the right to withdraw their consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Withdrawal of the consent granted should be reported to the e-mail address: privacy@expertrials.com

 
2. Personal data processed for the purpose of sending commercial information in relation to own products and services by electronic means 1) art. 6 (1) a) GDPR – consent of the data subject [art. 10 Act on the provision of electronic services]
3. Personal data processed in connection with the process related to the submission of offers (in response to inquiries) 1) art. 6 (1) a) GDPR – consent of the data subject,

 

 

12. The processing of personal data based on the legitimate interest pursued by the Controller (processing is necessary for the purposes of the legitimate interests pursued by the controller)

 

Please be advised that in the case of processing personal data based on the legitimate interest pursued by the Controller (Article 6 (1) f) of the GDPR processing is necessary for the purposes of the legitimate interests pursued by the controller):

 

No. Purpose of the processing Lawfulness of the processing Art. 6 (1) f) GDPR
1.        

NDA

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the confidentiality agreement (NDA))

1) in the case of natural persons: art. 6 (1) f) GDPR,

2) in the case of legal persons: art. 6 (1) f) GDPR,

Please be advised that in the case of processing personal data of natural persons and natural persons representing or acting on behalf of a legal person, the legitimate interest pursued by the Controller is considered to be:

a) processing in order to prepare, conclude and implement the provisions of a confidentiality agreement (NDA),

b) processing for purposes related to the investigation of claims between the parties to the contract for the performance of the provisions of the contract (NDA) – if applicable – the legitimate interest pursued by the Controller is the processing of personal data for the purpose of seeking claims for the implementation of the provisions of the contract (NDA),

c) processing for internal management purposes – the legitimate interest pursued by the Controller is the control and archiving of documentation in connection with the conclusion of the contract,
2.        

Arrangement

(Personal data processed in connection with the preparation, conclusion and implementation of the provisions of the contract)

1) in the case of natural persons: art. 6 (1) f) GDPR,

2) in the case of legal persons: art. 6 (1) f) GDPR,

Please be advised that in the case of processing personal data of natural persons, natural persons representing or acting on behalf of a legal person, the legitimate interest pursued by the Controller is considered to be:

a) processing in order to prepare, conclude and implement the provisions of the contract,

b) processing for the purpose of financial settlements – activities related to the monitoring and payment of payments,

c) processing for purposes related to the investigation between the parties to the contract of claims arising from the performance of the provisions of the contract – if applicable – the legitimate interest pursued by the Controller is the processing of personal data for the purpose of seeking claims for the implementation of the provisions of the contract,

d) processing for internal management purposes – the legitimate interest pursued by the Controller is the exercise of control and archiving of documentation in connection with the conclusion of the contract,
3. Personal data processed for contact purposes – replying to received correspondence 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller The legitimate interest of the controller is the processing of personal data in order to answer the received correspondence, inquiries – ongoing contact with the data subject,
4. Personal data processed in order to prepare and present an offer in relation to own products and services 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller A legally legitimate interest is considered to be a binding relationship, including a business relationship, an ongoing contract with the data subject and data processing for internal administrative purposes, also in relation to the exercise of the rights of data subjects in connection with the possibility of exercising the rights of persons to whom data concern and provided for by law (e.g. documenting withdrawal of granted consent),
5. Personal data processed for the purpose of sending commercial information in relation to own products and services by electronic means 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller A legally legitimate interest is to the exercise of the rights of data subjects in connection with the possibility of exercising the rights of persons to whom data concern and provided for by law (e.g. documenting withdrawal of granted consent),
6. Personal data processed in connection with the process related to the submission of offers (in response to inquiries) 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller A legally legitimate interest is considered to be a binding relationship, including a business relationship, an ongoing contract with the data subject and data processing for internal administrative purposes, also in relation to the exercise of the rights of data subjects in connection with the possibility of exercising the rights of persons to whom data concern and provided for by law (e.g. documenting withdrawal of granted consent),
7. Personal data processed in connection with the exercise of rights in the field of personal data protection 1) art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller A legally legitimate interest is considered to be a binding relationship, including a business relationship, an ongoing contract with the data subject and data processing for internal administrative purposes, also in relation to the exercise of the rights of data subjects in connection with the possibility of exercising the rights of persons to whom data concern and provided for by law (e.g. documenting withdrawal of granted consent),

 

13. Disclosure of personal data by the Controller

 

We hereby inform that personal data is or may be disclosed by the Controller:

  • disclosed to data recipients providing services to the Controller pursuant to art. 28 GDPR – Data Processing Agreement. Depending on the purpose of personal data processing, the categories of data recipients may be: IT infrastructure providers (software and hardware), website hosting, tools for conducting meetings, conferences, online webinar, external recruiting companies. The list of the processors to whom the Controller entrusts the processing of personal data is available at the request of the data subject,
  • disclosure of data to recipients cooperating with the Controller. Depending on the purpose of personal data processing, the categories of recipients to whom personal data may be disclosed are entities operating in the field of audits, postal services, courier services, law offices. We would like to inform you that after disclosing personal data, the data recipient becomes the Controller. The list of recipients to whom the Controller discloses personal data is available at the request of the data subject,
  • disclosure of data to recipients who are public / state authorities. Depending on the purpose of personal data processing, the categories of data recipients may be such bodies as the Tax Office, Police, courts, the Supervisory Authority or other entities to which the Controller discloses personal data under applicable law. Please be advised that after disclosing personal data, their recipient becomes the Controller of the data. The list of recipients to whom the Controller discloses personal data is available at the request of the data subject,
  • disclosure of personal data to third parties. The list of third parties to whom the Controller discloses personal data is available at the request of the data subject.

 

14. Transferring personal data to a third country (i.e. outside the EEA)

 

  1. Please be advised that personal data may be transferred to a third country, i.e. outside the EEA. In the event of transferring personal data outside the European Economic Area, such transfer may only take place on the terms set out in Chapter V of the GDPR:
  • pursuant to art. 45 GDPR – transfer based on an adequacy decision,
  • pursuant to art. 46 GDPR – transfer subject to appropriate safeguards, including the use of standard data protection clauses adopted by the European Commission,
  1. We hereby inform that the transfer of personal data outside the EEA may involve the risk of not ensuring sufficient security of personal data. In the event of a risk related to the transfer of personal data outside the EEA, the Controller provides such information in this Privacy Policy,
  2. Please be advised that the list of entities outside the EEA to which the Controller discloses personal data is available at the request of the data subject,
  3. List of entities that may transfer personal data outside the EEA, which may not provide sufficient protection of personal data provided for in the GDPR:

 

No. The name of the entity Link to information The risk related to the transfer of data outside the EEA and the negative effects that may arise for the data subject
1. LinkedIn https://www.linkedin.com/legal/user-agreement

1) unauthorized access to data,

2) loss of control over your data,

3) no possibility of exercising the rights under the GDPR,

4) other, negative effects indicated in recital (75) of the preamble to the GDPR: material and non-material effects,
2. Google Maps https://policies.google.com/privacy?hl=en-US

1) unauthorized access to data,

2) loss of control over your data,

3) no possibility of exercising the rights under the GDPR,

4) other, negative effects indicated in recital (75) of the preamble to the GDPR: material and non-material effects,

 

15. What are the rights of the data subject?

 

We would like to inform you about the right to request the Controller to exercise the following rights:

  • the right to access personal data relating to the data subject,
  • the right to rectify personal data,
  • the right to delete personal data (erasure of personal data),
  • the right to limit the processing of personal data (restriction of processing),
  • the right to object to the processing,
  • the right to transfer data (the right to data portability),
  • the right to receive a copy of your personal data,
  • the right to lodge a complaint with the supervisor authority.

Please be advised that due to the individual purposes of processing listed in this Cookie Policy, the exercise of the rights of data subjects may be fully or partially limited, e.g. due to applicable law, which obliges the Controller to process them.

 

16. Who is the supervisory authority?

 

We would like to inform you about the right to lodge a complaint to the supervisory body, i.e. National Commission for Information Technology and Civil Liberties (CNIL), 3 place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France: https://www.cnil.fr/fr.

 

17. Information on automated decision making, including profiling

 

  • Please be advised that by entering the website of the Controller, you are not subject to automated decision making, including profiling.
  • Please, be advise that Controller can use the cookies on the website. Please, see below the list of the cookies.

 

Functional, technical and operational cookies : The Controller uses the functional, operational and technical and cookies described below on the website for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or Internet user, or for the sole purpose of transmitting a communication over an electronic communications network. Please be advised that in the case of the following cookies, the legal basis for the processing of personal data is Art. 6 (1) f) GDPR – processing is necessary for the purposes of the legitimate interests pursued by the controller.

Please be noted that the actions described below are considered as the legitimate interest of the Controller. All cookies listed as “Functional” are enabled by default on expertrials.com, without requiring the explicit user’s consent.

 

Analytical and profiling cookies for Statistics : The Controller uses the analytical, and profiling cookies described below on the website exclusively for statistical purposes. Please be advised that in the case of the following cookies, the legal basis for the processing of personal data is Art. 6 (1) a) GDPR – consent of the data subject.

Please be advised that consent on all cookies listed as “Statistics” is voluntary, and failure to do so will mean that cookies will not be used for the purposes for which they were provided. Withdrawal of the consent granted for analytical and profiling cookies is carried out by deleting them in the web browser and/or changing the user’s preferences in the expertrials.com cookie panel.

Third party cookies (Marketing) : Please be advised that the Controller uses the marketing/third party cookies described below on the website to create profiles of Internet users in order to send advertisements, or to track the Internet user on a website or on several websites with similar marketing purposes. Please be advised that in the case of the following cookies, the legal basis for the processing of personal data is Art. 6 (1) a) GDPR – consent of the data subject.

Please be advised that consent on all cookies listed as “Marketing” is voluntary, and failure to do so will mean that cookies will not be used for the purposes for which they were provided. Withdrawal of the consent granted for analytical and profiling cookies is carried out by deleting them in the web browser and/or changing the user’s preferences in the expertrials.com cookie panel.

WordPress

Functional

Usage

We use WordPress for website development. Read more

Sharing data

This data is not shared with third parties.

Functional

Name
WP_PREFERENCES_USER_*
Expiration
persistent
Function
Store user preferences
Name
wpEmojiSettingsSupports
Expiration
session
Function
Store browser details
Name
wp-settings-time-*
Expiration
1 year
Function
Store user preferences
Name
wp-settings-*
Expiration
persistent
Function
Store user preferences
Name
wordpress_test_cookie
Expiration
session
Function
Read if cookies can be placed
Name
wordpress_logged_in_*
Expiration
persistent
Function
Store logged in users
Name
wp_lang
Expiration
session
Function
Store language settings

Google Analytics

Statistics

Usage

We use Google Analytics for website statistics. Read more

Sharing data

For more information, please read the Google Analytics Privacy Statement.

Statistics

Name
_ga_*
Expiration
1 year
Function
Store and count pageviews
Name
_ga
Expiration
2 years
Function
Store and count pageviews
Name
_gid
Expiration
1 day
Function
Store and count pageviews

Complianz

Functional

Usage

We use Complianz for cookie consent management. Read more

Sharing data

This data is not shared with third parties. For more information, please read the Complianz Privacy Statement.

Functional

Name
cmplz_policy_id
Expiration
365 days
Function
Store accepted cookie policy ID
Name
cmplz_consented_services
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_marketing
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_statistics
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_preferences
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_functional
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_banner-status
Expiration
365 days
Function
Store if the cookie banner has been dismissed

Twitter

Functional, Marketing

Usage

We use Twitter for display of recent social posts and/or social share buttons. Read more

Sharing data

For more information, please read the Twitter Privacy Statement.

Functional

Name
local_storage_support_test
Expiration
persistent
Function
Provide load balancing functionality

Marketing

Name
metrics_token
Expiration
persistent
Function
Store if the user has seen embedded content

LinkedIn

Functional, Marketing, Statistics, Preferences

Usage

We use LinkedIn for display of recent social posts and/or social share buttons. Read more

Sharing data

For more information, please read the LinkedIn Privacy Statement.

Functional

Name
sdsc
Expiration
session
Function
Provide load balancing functionality
Name
li_gc
Expiration
6 months
Function
Store cookie consent preferences
Name
BizographicsOptOut
Expiration
10 years
Function
Store privacy preferences

Marketing

Name
lms_ads
Expiration
30 days
Function
Store and track visits across websites
Name
_guid
Expiration
90 days
Function
Store and track a visitor's identity
Name
li-oatml
Expiration
1 month
Function
Provide ad delivery or retargeting
Name
li_sugr
Expiration
90 days
Function
Store and track a visitor's identity
Name
UserMatchHistory
Expiration
30 days
Function
Provide ad delivery or retargeting

Statistics

Name
lms_analytics
Expiration
30 days
Function
Store and track a visitor's identity
Name
AnalyticsSyncHistory
Expiration
30 days
Function
Store and track visits across websites

Preferences

Name
li_alerts
Expiration
1 year
Function
Store if a message has been shown
Name
bcookie
Expiration
1 year
Function
Store browser details
Name
lidc
Expiration
1 day
Function
Provide load balancing functionality
Name
bscookie
Expiration
1 year
Function
Store logged in users

18. What is the source of the data?

 

Personal data may:

  • come directly from the data subject,
  • come indirectly from the data subject. The source of personal data may be publicly available registers. Personal data may come from a legal entity that provides personal data of persons designated on behalf of the legal entity to represent it or to contact it, or to implement the provisions concluded between the parties.

 

19. What scope of personal data is processed?

 

The Controller processes personal data to the extent necessary to achieve the purposes of processing indicated in the Privacy Policy. In accordance with the principle of minimization, we process only the scope of personal data necessary to achieve the purpose of processing.

 

20. How do we secure personal data?

 

Please be advised that in order to protect privacy and personal data, the Controller has implemented appropriate physical, technical, organizational and legal measures to ensure the security of personal data processing and to ensure the implementation of the rights and freedoms of natural persons.

 

21. Processing of personal data using social media

 

  1. Please be advised that the Controller runs a fanpage on social media. Please be noted that the Controller is responsible for the processing of personal data only to the extent to which he decides about the purposes and means of processing personal data via the fanpage,
  2. Please be advised that using the above-mentioned fanpage, information on the processing of personal data is available at the following links:

 

No. Entity name Link
1. LinkedIn https://www.linkedin.com/legal/privacy-policy
2. X https://x.com/en/privacy

 

22. Personal data breach notifications

 

We hereby inform that pursuant to Art. 34 GDPR, in the event of a breach of personal data protection that may result in a high risk of violation of the rights or freedoms of natural persons, the Controller shall notify the data subject of such a personal data breach without undue delay. Please be advised that pursuant to Art. 34 GDPR, personal data may be processed in connection with the personal data breach referred to above. Please be noted that the legal basis for the processing of personal data is art. 6 sec. 1 lit. c) GDPR. Please be advised that in the event of a personal data breach, the Controller will take all possible and available technical and organizational measures to meet the requirements set out in art. 33 and art. 34 GDPR.