At Teddy Lab, we care about your privacy. Please refer to our policy and we are at your disposal for further questions.
Teddy Clinical Research Laboratory (Shanghai) Co., Ltd (Teddy or Teddylab) is a leading contract research organization (CRO) in China dedicated to provide professional full clinical trial services. Teddylab respects the privacy of all individuals whose personal information may be processed in the performance of our services and our business operations.
This Policy is effective as of 2019 and will remain in effect expect with respect of any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
Our website is operated in China. By using our website you may provide us with your personal information that personally identifies you (‘Personal Information’ or ‘data’) or allows us to contact you.
By using this website and services, and/or submitting your Personal Information, you agree to this collecting, processing, and storing of your data to and in China.
If you are located in the European Union or provide us with Personal Information through our website, you are entitled to receive accurate information about the processing of your Personal Information by Teddylab and to exercise specific rights regarding the aforementioned processing as they are stipulated by the General Data Protection Regulation (GDPR).
2. What information do we collect?
We may collect and process the following Personal Information about you:
- information that you provide by filling in forms on the Website (e.g., the ‘Fill in your project requirements or contact us’ forms) such as first name, last name, e-mail address, position, telephone number etc.;
- we may also ask you for Personal Information (such as when you report a problem with the website);
- if you contact us, in writing, by email or other electronic means, we may keep a record of that correspondence.
The information can also include the collection of non-personally identifiable information through tracking systems. This includes information about your devices, including your IP address, location of the device, browser information, operating system, usage data, pages you visited on the website, tally page views throughout our websites, or other technical identifiers. This information enables us to better provide services and content and to respond to our users’ needs. To know more information, see Section 4.
3. How do we use your personal information?
All Personal Information is processed and stored securely, for no longer than is necessary, in light of the purposes for which it was first collected. When your information is no longer required, we will ensure it is disposed of or deleted in a secure manner.
Using your Personal Information is only going to take place based on a lawful basis, either because it is necessary for the execution of a contract with you, because you have consented to our use of your Personal Information (e.g., subscribing to emails), or because it is in our legitimate interests.
We may use your information for any business purposes, including, but not limited to, communicating with you, providing announcements, offering or providing products and services. Specifically, we may use your information for the following purposes:
- personalizing your experience on our website;
- supplying our services to you (please note that we require your Personal Information in order to enter into a contract with you);
- replying to emails from you;
- inform you about other services, news or information that may be in your interest (you may unsubscribe or opt-out at any time by clicking on the unsubscribe button on the footer of each communication);
- analyzing your use of our website and gathering feedback to enable us to continually improve our site and your user experience.
You have the right to withdraw your consent given to us for using your Personal Information at any time and to request that we delete it. Please find more info about your right to withdraw consent and to obtain the deletion of your Personal Information at Section 11 below.
Cookies cannot be used to link any personal information while on our website.
An IP address is a number that is automatically assigned to your computer that you are using by your Internet Service Provider so you can access the Internet. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Site. Although we do receive IP addresses, we do not use them to identify you personally or disclose them to others.
Most web browsers enable the control of cookies through browser settings. You can set your preferences whether to accept cookies, reject cookies, or to notify you each time a cookie is sent to your browser. If your browser is set to reject cookies, websites that are cookie-enabled will not recognize you when you return to the website, and some website functionality may be lost. To find out more about cookies, visit https://www.aboutcookies.org/
5. Do We Share Your Information?
We may disclose your Personal Information to the following third parties as follows:
- our subsidiaries and affiliates subject to the terms of this Policy. We reserve the right to disclose, share or otherwise transfer any information to our affiliates and subsidiaries;
- our contractors and service providers which support the running of the website and implied services;
- if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business;
- if we or our assets are acquired by a third party, in which case your personal data may be one of the transferred assets;
- if we are under a duty to disclose or share your personal data to comply with any legal obligation.
Under the circumstances mentioned above, we ensure to take appropriate technical and organizational measures to ensure a level of security appropriate to the risk and to prevent unauthorized or unlawful processing and to protect against accidental loss, destruction or damage by any third parties and affiliates.
6. How do we manage your Information?
When we appoint third party service providers to help us manage efficient systems within the business, some of these systems may, for operational reasons, be located in countries overseas.
We will only transfer your information to service providers who help manage our systems, or overseas, where we are satisfied this is lawful and that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy laws.
7. Children’s Privacy
Teddylab does not knowingly collect personally identifiable information from children under the age of 18 and does not target its website to children under 18.
8. Retaining the Information
We retain Personal Information in accordance with our general practices and as required or permitted by law. We will store your Personal Information only for as long as is required to fulfill the purposes set out above.
9. Third-Party websites
Our websites may provide links to third party websites and resources. Such links are provided as a convenience to you and for informational purposes only. We do not endorse them and are not responsible for and cannot control these third-party websites and resources and are not responsible for their availability, content, or delivery of services. Our website may contain social media widgets including Wechat, Weibo and LinkedIn, and other features that may collect data and/or utilize cookies. Third party websites and resources are not bound by this Policy; they may have their own policies or none at all. We encourage you to read such other third-party websites’ privacy policies.
While we maintain the security of personal information, and protect the integrity of such information, with a commercially reasonable degree of care, we cannot guarantee the security of any information you disclose online. If any breach occurs we are going to take measures to stop the consequences impacting the security of your Personal Information, investigate how the breach occurred, and when appropriate, contact law enforcement and/or government agencies. Please have in mind that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. We disclaim any and all liability for unauthorized access or use or compromise of your Personal Information to the maximum extent permitted by applicable laws. You make any disclosure of information to us at your own risk. We urge you to take every precaution to protect your information when you are on the internet, including when visiting our website.
11. Your Rights
Right to be informed
Right to data access
You have the right to obtain from Teddylab, upon request and free of charge, a confirmation of the fact that the Personal Information concerning you are being processed (on condition that the claims are not abusive or teasing).
Right to rectification
You shall have the right to rectification of inaccurate data processed by Teddylab, as well as to completion of incomplete data. In that end, you shall inform Teddylab on any time you wish to rectify or complete your data and you shall receive an answer within 30 days from the date of the request. Teddylab shall communicate the changes to any third parties that need to operate these changes.
Right to erasure “right to be forgotten”
If you are located in European Union and where GDPR is applicable, you may request the erasure of data: on expiry of the processing, if the data are no longer necessary in relation to the purpose of the processing, if the consent is withdrawn and there is no other legal ground for the processing, if you oppose to the processing and there are no legitimate reason that shall prevail, if the processing is illegal, if the erasure is mandatory according to law.
Right to restriction of processing or to oppose to the processing
Where GDPR is applicable, you shall have the right to restriction of processing your personal data.
Teddylab is entitled to continue the restriction of data processing, if it is necessary for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person, but only with the your consent.
Teddylab shall communicate to you any rectification or erasure of personal data or restriction of data processing, unless this proves impossible or involves disproportionate effort.
Right to data portability
If you are located in European Union, you shall have the right, by request, to have your personal data transmitted directly to another controller where technically feasible. Teddylab takes no responsibility for the data processing by that recipient.
Right to object
If possible, Teddylab shall cease your data processing if you objects to it, based on the legitimate interest of Teddylab or in case of circumstances that determine the exercise of this right (including profiling).
However, the legitimate ground of the fulfillment of Teddylab’s legal obligations or the processing in the purpose of the establishment, exercise or defense of legal claims, shall prevail.
Right to withdraw the consent
You have the right to withdraw your consent at any time, without however affecting the legality of processing before the withdrawal or based on other grounds.
Right to submit/lodge a complaint
Without affecting the possibility to lodge a complaint with the supervisory authority of Teddylab, you shall have the right to initiate court proceedings for the protection of all rights guaranteed by law.
However, any claim can be submitted directly to us since we are open to amicably resolve any issue deriving from the processing of your personal data.
To exercise any of these rights above, you shall refer to contact information at Section 13. We will assess your request in accordance with our internal policies and subject to applicable laws and will respond within the relevant legal time limits.
13. Contacting Us
We have established a dedicated personal information protection department (or personal information protection officer), and you can contact them at: DPO@tigermedgrp.com.
In general, we will respond within 30 days.
Teddy Clinical Research Laboratory (Shanghai) Co., Ltd