Privacy Notice: Genesis Research Group LLC
Genesis Research Group LLC (“GRG”) is committed to respecting your privacy and protecting your personal information in line with data protection laws. This Privacy Notice explains how we collect and use your personal information and tells you about your privacy rights.
This Privacy Notice applies if you use any of our products, services, website or applications, or if you contact or interact with us in any other way.
1. How we collect personal information
Personal information relates to a person who has been, or could be, identified from the information. Examples may include a person’s name, contact details and other details relating to the individual. Personal information may be collected:
- when you use one of our websites or applications;
- when you engage with us about a product or service; or
- when we receive personal information from other sources, such as third parties.
In many situations we act as the data controller responsible for how and why personal information is used. Sometimes we process personal information on behalf of other organisations, acting as their data processor.
2. The types of personal information we collect
The personal information we routinely collect includes:
- Your identity and contact information. For example, your name, email address and telephone number. For business contacts, we may also store your job title and details of the organisation you work for.
- Customer contact history, such as records of enquiries, services provided and any queries or complaints.
- Your marketing preferences.
- Website identifiers. If you visit one of our websites, we may also collect other identifiers, such as your IP address, so we can recognise you and your preferences if you return.
- Any information collected via our RPR Payer Portal. This may include personal opinions.
We do not knowingly collect personally identifiable information from minors under the age of 13. If we become aware that we have collected personal information from anyone under the age of 13 without verification of parental consent, we will take steps to delete that information.
3. How we use personal information
We only use your personal information when we have a valid lawful basis for doing so. The table below sets out purposes for using personal information and which lawful bases we rely on. Please note more than one lawful basis might apply in some situations.
| When | Lawful basis and why we use the data |
| Providing products and/or services to you when there is a contract in place with you. | Contract – We use your data to provide the relevant services to you, in line with a contract. |
| Processing payments and refunds for our products or services. | Contract – We use your data to process payments and refunds in line with a contract. |
| To contact you as part of delivering contracted products or services to a business you work for. | Legitimate interests – If a business you work for (e.g. a life sciences company) is in contract with us, and you are a named contact, we may contact you, when appropriate, as part of delivering our services for that business. |
| Dealing with enquiries, complaints or claims and giving you the opportunity to provide reviews of our services. | Legitimate interests – We may need to use your data to help us deal with any enquiries, complaints or claims raised by you or others. |
| Marketing our products and services. | Consent – if you sign-up to receive a specific communication from us, such as to join our email list, we will ask for your consent (opt-in).Legitimate interests – we identify specific business contacts within the life sciences sector who we feel may be interested in our products and services. We contact these people based on our legitimate interests.
You always have the right to opt-out of receiving marketing communications from us. |
| Improving our customers’ experience of our services and websites. For example, we use information about your visits to our websites to help us understand how different people use them and how long they spend on particular pages. | Legitimate interests – We use your data to help us understand how you use our services so we can improve them. |
| Carrying out market research and analysis. | Legitimate interests – We may use your data and responses to research. This may take place in the form of questions we ask professionals to respond to as part of our RPR product research, or separately in the form of market research to help us to improve the range of products and services we offer. |
| Managing your RPR online profile (Manufacturers & Payers). |
Contract – If you have an RPR account, we need to hold personal information to manage your account and authenticate you when you log in. |
| Maintaining security. | Legitimate interests – we sometimes need to use certain personal information to protect our website, property, security and personal safety. This includes the use of CCTV in certain locations to protect people and property. |
| Preventing and detecting crime. | Legitimate interests – we sometimes need to use certain personal information to protect individuals and our business from crime. For example, we also adopt appropriate vetting of applicants and adopt fraud prevention measures for these purposes. |
| Preventing illegal or unauthorised sharing or processing of personal information and confidential information. | Legitimate interests – We sometimes need to monitor and block communications between our staff and others to protect the security of personal information and confidential information. |
| Meeting legal requirements. | Legal obligation – we may need to use your personal information to help us carry out our legal obligations. |
4. RPR Payer Portal
Users of RPR Payer Portal can review their personal information and amend it if it has become outdated. Payers can view but not change their profile details by visiting the My Profile section or their account. Certain requests for changes must be approved by us to ensure the integrity of the RPR services is not adversely affected.
Payers may close their RPR Payer account. Information on closed accounts may still need to be maintained on our database for a certain period, however, personal information will not be used for any further purposes and will not be sold or shared with third parties, except as necessary to prevent fraud or assist law enforcement.
5. About our marketing activities
We would like to keep in touch with relevant individuals and business contacts by email about our products, services and offers that might be of interest you. You can sign-up to receive specific communications from us, such as opt-in to our email list. In this situation our lawful basis will be consent.
We have a legitimate interest in promoting our products and services to relevant business contacts which we have balanced with those individuals’ interests. Anyone who receives our marketing communications can opt-out at any time by clicking the Unsubscribe link on our emails or you can contact us to opt-out at compliance@genesisrg.com.
6. Who do we share personal information with
We do not share your personal information with any other businesses for them to use for their own marketing purposes. We may disclose your personal information, if required to do so, by law enforcement, such as a request from the police. We may also share your personal information with other organisations for fraud-prevention purposes.
We use external service & technology providers to support the efficient running of our business. These service providers handle your personal information on our behalf, and we have appropriate contractual arrangements in place covering these relationships which ensure the protection of those whose data is processed.
7. Sharing personal information overseas
When we process the data of UK or EU citizens, there are further restrictions regarding international data transfers where we appoint a service provider based overseas. Any transfer of personal information shall be based on appropriate and lawful data transfer safeguards.
8. How long we keep personal information for
When GRG processes personal information as a service provider for one of our clients (e.g. life sciences businesses), we will only keep it as long as the client deems to be necessary.
When we process personal information for our own purposes, we only keep your data for as long as necessary for the purposes specified above. The retention period will depend on the purposes. In some situations, there are legal requirements for us to keep personal information for a certain length of time. But where this period is not stated in law, we will only keep it for as long as necessary.
If you sign-up to receive our marketing communications, we will keep your details for a period of 5 years.
9. Your privacy rights
Depending on where you are based, you may have various legal rights in relation to your personal information.
Your local Supervisory Authority for data protection / privacy can provide full details of the rights which apply in your location. These rights may include:
- Informed: You have the right to be informed about how we handle your personal information. This Privacy Notice is one of the ways we do this.
- Access: You have the right to ask for a copy of the personal data we hold about you and the purposes for which we are using it. Personal data is any information which can directly, or indirectly, identify you.
- Rectification: You have the right to ask us to change any details which are incorrect or need updating.
- Erasure: You have the right to ask us to delete your personal information. We will assess any deletion request on a case-by-case basis. If you are a subscriber to an email list, we will quickly fulfil your request, but in other circumstances there may be reasons why we need to keep information about you.
- Object: You have the absolute right to object to receiving direct marketing from us. You also have the right to raise an objection about how we are handling your personal information.
- Restriction: You have the right to ask us to restrict or suppress your personal information. This would mean we would store it but not use it.
- Portability: You have the right to obtain and reuse your personal information for your own purposes across different services. Due to the nature of our business and the limited nature of the personal information we handle, we do not believe this right is likely to apply.
We do not carry out any activities which involve automated decisions being made about individuals.
10. How to contact us
You can contact our Data Protection Officer at: compliance@genesisrg.com.
Our address is: Genesis Research Group, 111 River Street, Ste. 1120, Hoboken, New Jersey 07030 USA.
Should you wish to report a complaint you may contact our Data Protection Officer, but you also have the right to complain to your local Supervisory Authority for data protection.
11. Keeping personal information secure
We have strong security measures in place to protect personal information from loss or unauthorised use at all times and we retain a Certified Chief Information Security Officer to provide advice and guidance.
12. Our website and use of cookies
We use cookies and similar technologies on our website. To find out more about these and to give us your cookie preferences, please click on the blue ‘Cookie Consent Preferences’ icon, shown at the bottom left corner of our website. The icon looks like this:
13. Changes to this Privacy Statement
We review this Privacy Notice regularly and post any updates on this web page. This Privacy Notice was last updated on 7 February 2024.
