MCRA, LLC (“MCRA”, “we”, “us”, or “our”) recognizes the importance of protecting the privacy of our online visitors. It is our intent to balance our legitimate interest in collecting and using information received from you and about you with your reasonable expectation of privacy. This privacy policy (“Privacy Policy”) applies to all information that may be collected or otherwise provided by you to MCRA and its service providers from your visit to our website available at www.MCRA.com (the “Site”).  

PLEASE REVIEW THIS PRIVACY POLICY CAREFULLY. When you submit information to or through the Site, you consent to the collection and processing of your information as described in this Privacy Policy. By using the Site, you accept the terms of this Privacy Policy.

When you visit our website, our web servers will regularly store the IP of your Internet service provider, the website you came from, the pages of our website that you browse, and the date and duration of your visit. This information is a prerequisite for the technical transfer of the website and securing server operations. This data will not be analyzed for personal information.

If you disclose data to us via our contact form, this information will be stored on our servers for the purpose of data backup. Your information will be used exclusively for processing your request. Your personal information will be treated in strict confidence and will not be disclosed to third parties. 

Information Collection And Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • First name and last name
  • Email and postal address
  • Cookies and Usage Data

We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information, such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used include beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, this may restrict the functionality and your use of our website and you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies: We use Session Cookies to operate our Service.
  • Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies: We use Security Cookies for security purposes.
  • Use of Data

As a general rule, if you use any of our services, we will only collect information that is required for the provision of our service to you. We may ask you for additional information that may be disclosed on a voluntary basis. Whenever we process personal data we will do so to be able to offer you our services or to pursue our business objectives.

We use the collected data for various purposes

  • To provide and maintain the Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer care and support
  • To provide analysis or valuable information so that we can improve the Service
  • To monitor the usage of the Service
  • To detect, prevent and address technical issues
  • Transfer Of Data

Your information, including Personal Data, may be transferred to, and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside of the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

MCRA will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your data and other personal information.

If you are a resident of the United Kingdom, European Economic Area, or Switzerland, please see the additional European disclosures set forth in the section entitled “Additional Disclosures for Data Subjects in Europe” below.

Disclosure of Data

Legal Requirements:

MCRA may disclose your Personal Data when there is a  good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of MCRA
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics

In particular, we use Google Analytics to help analyze how users use the Site.  Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:https://policies.google.com/privacy?hl=en

Recruiting Management

We collect various types of information in connection with job applications. In particular, this includes any personal information you provide us, including your contact data and a description of your education, work experience, and skills. In addition, you may submit electronically stored documents such as certificates, diplomas, or cover letters.

We do not require any information from you that may not be processed in accordance with the General Equal Treatment Act (race, ethnic origin, sex, religion or belief, disability, age, or sexual orientation). Please do not submit any information on diseases, pregnancy, ethnic origin, political views, philosophical or religious beliefs, membership in a trade union, physical or mental health, or sexual activities. The same applies to any content that may infringe on third-party rights (e.g., copyrights, press rights, or general third-party rights).

Any personal information provided to us will only be collected, stored, processed and used for purposes that are related to your interest in a current or future employment with us, or the processing of your application. It will not be disclosed to third parties. In the course of the online recruitment process data such as name, postal address, phone number, email address, etc. will be collected. This data will be used to contact you in connection with your application.

If your application is successful, the disclosed data may be used for administrative tasks concerning your employment.

Your online application will be exclusively read and processed by our relevant contact persons. All employees assigned with data processing tasks are bound to data secrecy. In no event will third parties take notice of your data. The processing of personal information will only take place in the United States.

If we should be unable to offer you a position, we will retain the information you submitted, in accordance with the retention periods permitted by state laws for the purpose of answering questions regarding your application and our rejection of your application. In addition, we will retain and store your information to consider you for future job opportunities.

MCRA uses the applicant tracking system of ClearCompany, a third-party service provider, to manage the recruitment life-cycle. Information collected during this process and how it is handled by ClearCompany can be found in their Privacy Policy. The site allows candidates to delete their own data at any time, or change their preferences after they have applied to a position via the same login method they use to originally create an application.

Marketing Permissions

MCRA will use the information you provide on this form to communicate with you and to provide updates and marketing.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at DPO@mcra.com . We will treat your information with respect.

Security of Data

MCRA uses reasonable security measures designed to prevent unauthorized intrusion to the Site and the alteration, acquisition or misuse of Personal Data, however, no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security and we will not be responsible for loss, corruption or unauthorized acquisition or misuse of Personal Data that you provide through the Site that is stored by us, or for any damages resulting from such loss, corruption or unauthorized acquisition or misuse.

Data Retention

We seek to retain your information only as needed to fulfill the purposes described in this policy unless a longer retention period is required by law or regulations

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third-party’s site. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. MCRA is not responsible for the content or data collection activities that take place on these third-party sites. We strongly advise you to review the privacy policy of every site you visit.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18 years old. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Updates

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. 

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Do Not Track

Our Site does not currently take any action when it receives a Do Not Track request. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on Do Not Track, visit www.donottrack.us.

Contact Us

If you have any questions about this Privacy Policy or the status and accuracy of your information, please email DPO@mcra.com or write to:

Privacy Officer
MCRA, LLC.
505 Park Avenue, 14th Floor
New York, NY 10022

Special Notice to CA Residents

California law provides California consumer’s the right to request certain details about the categories of personal information that is collected, how certain types of their information are shared with third parties and for what business/commercial purpose. They also have the right to request that their personal information be deleted. If a California resident would like to submit a Consumer Access request they would use this link to submit their request, or email their request to MCRA Data Protection Officer mailbox DPO@mcra.com, complete the online form or use our toll free number (866) 460-9409.

Additional Disclosures for Data Subjects in Europe

1.         European Residents

European nations have implemented laws including the General Data Protection Regulation (“GDPR”) for nations within the European Economic Area, the Data Protection Act of 2018 (“UK DPA”) for the United Kingdom, and the Federal Act on Data Protection (“FADP”) in Switzerland (with the GDPR, UK DPA and FADP collectively referred to herein as the “European Data Protection Laws”). If you are a resident in a country where any of the European Data Protection Laws apply, this additional disclosure is intended for you and provides you with information about how we process your Personal Data and your rights with respect to such Personal Data.

2.         MCRA’s Role under Data Protection Laws.

European Data Protection Laws distinguish between organizations that process Personal Data for their own purposes (known as “controllers”) and organizations that process Personal Data on behalf of other organizations (known as “processors”).

MCRA, in limited circumstances, may act as a controller with respect to Personal Data collected as you interact with our websites, emails, and our advertisements. However, in most instances, MCRA acts a processor on behalf of a client—a separate legal entity—which is the controller. Please visit the applicable client’s privacy policy for information about their privacy practices. Any questions that you may have relating to the processing of personal data by MCRA on behalf of the client and your rights under European Data Protection Laws should be directed to the client as the controller, not to Company.

Where information is collected by MCRA as a controller, please contact us via the contact information provided in the section entitled “Contact Us” above.

3.         Lawful Basis for Processing.

European Data Protection Laws require a “lawful basis” for processing Personal Data. Our lawful bases include, where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our service providers, partners, or customers; (b) processing is necessary for the performance of a contract with you; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of a legitimate interest(s) pursued by us or a third party and your interests and fundamental rights and freedoms do not override those interests.

4.         Research

We may obtain and create Personal Data directly from you or from our client specifically for research purposes as allowed under European Data Protection Laws (such specific information referred to herein as “Study Data” which is a subset of Personal Data).

During the whole lifecycle of the research, your Study Data will be processed for various purposes based on a different legal basis of processing as provided in section 3 above. Related researchers will process your Study Data either for safety and reliability purposes in order to comply with their legal obligations, or for scientific research purposes based on Researcher’s legitimate interest in conducting clinical trials and performing valuable scientific and medical research.

We may process health data or other sensitive data which are part of your Study Data and are designated as “special categories” under the European Data Protection Laws, when the processing is necessary for reasons of public interest in the area of public health and based on your explicit consent.

The specific grounds on which we process Study Data, including your health data, may vary somewhat from the above in order to comply with the requirements of applicable local laws in jurisdictions where Research is run. We try and ensure that legal requirements of applicable jurisdictions are met, and if you have any questions regarding specific requirements or rights, please contact us at the address set out in the “Contact Us” section above.

5.         Data Transfer and Standard Contractual Clauses.

We may transfer your Personal Data to our research site(s) or service provider(s) located in the United States or in another country that does not have the same level of Personal Data protection as the EEA or the UK. In such a case, we will take all reasonable steps to protect the confidentiality of your Personal Data and put in place suitable safeguards, such as the EU Commission’s approved standard contractual data protection clauses. 

6.         Your Data Subject Rights.

If you reside in the UK, EU, or EEA, the applicable European Data Protection Laws give you rights relating to your Study Data, including the right to: 

  • Request access;
  • Rectification;
  • Erasure;
  • Restrict processing;
  • Data portability;
  • Object to processing;
  • Not be evaluated on the basis of automated processing; and
  • Withdraw consent.

You may exercise your rights by submitting a written request to us at the address set out in the “Contact Us” section above. We will respond to your request within 30 days. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

Please note that we retain information as necessary to fulfill the purposes for which it was collected and may continue to retain and use information to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If your Personal Data has been processed by us on behalf of a client and you wish to exercise any rights you have with respect to such Personal Data, please inquire with our client directly. If you wish to make your request directly to us, please provide the name of our client on whose behalf we processed your Personal Data. We will refer your request to that client and will support them to the extent required by applicable law in responding to your request.

With respect to Study Data your rights above might be limited for various processing activities we perform related to research, depending on the relevant legal basis. For instance, erasure or restriction of processing is only possible if and to the extent that the processing of your Study Data is based on consent or legitimate interest. Also, due to the Researchers’ legal obligations related to safety reporting, in the context of an inspection by national competent authority, or the retention of clinical trial data in accordance with archiving obligations, the Researchers may not be able to erase or restrict processing of your Study Data.

When the processing activities are based on consent, your right to withdraw your consent at any time does not affect the lawfulness of processing based on (i) consent before its withdrawal or (ii) other lawful grounds, but in particular, legal obligations to which the Researcher is subject such as the ones related to safety purposes.

7.         Complaints

If you have a complaint about our use of your Personal Data or response to your requests regarding your Personal Data, you may submit a complaint to the data protection regulator in your jurisdiction. We would, however, appreciate the opportunity to address your concerns before you approach a data protection regulator, and would welcome you directing an inquiry first to us. In addition to the contact information above, please contact our Data Protection Officer: DPO@mcra.com