Last modified: June 3rd, 2020
Qdossier Services, a trademark of Qdossier B.V.; Qdossier Consultancy, a trademark of eCTDconsultancy B.V.; Qdossier Solutions, a trademark of Qdoor B.V., hereafter to be named “Qdossier”. In the remainder of this statement any reference to “we”, “our” or “us” means Qdossier. Any reference to “you” means the individual person in relation to whom we hold personal information.
Qdossier are the controllers of your personal data within the meaning of the General Data Protection Regulation (“GDPR”). We are therefore responsible for the implementation and compliance with the GDPR.
Our contact details are
5141 GL Waalwijk
When you share information with us, for example by visiting our website or creating a Dossplorer Account, we want you to be clear how we are using information and the ways in which you can protect your privacy.
- What information we collect and why we collect it
- How we use that information
- The choices we offer, including how to access and update information
What personal data we process and why
We collect personal data that we need for the provision of our services. Some of this personal information is required to allow you to make use of our services. We also collect additional personal data to tailor our services to your specific wishes. It is your responsibility that the personal data provided is accurate and relevant.
We collect, among other things, the following data and documents with personal data included therein:
1) Customer (customer contact person)
- To be able to contact our customers we collect the first name, last name, email address, telephone number and address data of our customer contact person;
- In order to invoice for our services we process your payment details;
- In order to create an Dossplorer account we also collect the name of company you work for and your role
- You will receive e-mails from us as soon as you have placed an order. We keep you informed of the progress of your order via these e-mails
2) Website visitor
When you use our website, we will automatically receive data from you. We collect this information via cookies to gain more insight into the use of our website and to improve our website.
- Information about the browser used (type, version, screen resolution, etc.);
- IP address;
- Language preferences;
- Data related to the use of the website.
3) Dossplorer account
- To create a Dossplorer account, Qdossier staff collects information about the company you are affiliated to and the role held within that company. We store your user name, user roles assigned, user account status and account creation date. The email-address provided can be used to inform you about upcoming changes or improvements of the tool.
- User activity is logged in Dossplorer to allow customers for maintaining an audit trail, as required by regulations such as CFR 21 part 11. The activities captured as part of the audit trail are:
- User events; login/logout, confirm account, enrollment date and set password, IP address and browser used
- Dossier events; import and deletion of dossiers and sequences and, the creation, modification and deletion of metadata, date modified, reason for modification, modified by.
- User roles: changes to the user roles assigned to Dossplorer accounts, including the role(s), date assigned, date modified, modified by and assigned by
- A Dossplorer business administrator will receive e-mails from Qdossier as soon as a new order for additional Dossplorer credits is placed. Qdossier keeps the person informed of the progress of the order via these e-mails.
- When support tickets are generated by a Dossplorer user, those contact details need to be stored and processed to be able to respond. It is also important to track support tickets and who raised those, to be able to set priorities to Dossplorer improvements.
4) Contact Us
- When you contact us, we keep a record of your communication to help solve any issues you might be facing.
Legal basis for processing personal data
We base the processing of your personal data on different legal grounds. These are:
1. Performance of a contract (art. 6 (1) (b) GDPR)
We process a large part of the personal data that we collect from you because the processing of these data is necessary for the execution of your agreement with us. These personal details are necessary, for example, to be able to contact you.
2. Compliance with a legal obligation (art. 6 (1) (c) GDPR)
There are several laws that we will have to comply with. Based on these regulations, we are required to process certain personal data about you. We may also be obliged to provide your data to third parties for this reason.
3.Legitimate interest (art. 6 (1) (f) GDPR)
We would like to offer you the best possible service. In order to do so we process your personal data. This is the case, for example, when sending e-mails regarding the progress of your order and by visiting our website. In doing so, we always take your privacy interest into account.
4. Your explicit consent (art. 6 (1) (a) GDPR)
For everything else, we will only use your data with your explicit consent.
With whom we share your personal data
We sometimes use third parties to process your personal data on our behalf. These parties are called “processors”. When we do so, we put in place strict obligations to ensure that these processors solely process your personal data in accordance with our strict instructions. We do not use the services of processors that are located outside the EU.
We will also share your personal data with third parties in the following circumstances:
- Where we are required to do so by law (for example pursuant to a court order or where we have a statutory obligation to disclose your personal data);
- Where we have your consent to do so;
- Where disclosure of your personal data is necessary in connection with legal proceedings.
- A Dossplorer user with the role ‘business administrator’ can see user names, roles assigned, account status and account creation date. Users with the role of business admin may be able to:
- change your account password
- suspend or terminate your account access
- access or retain information stored as part of your account
- receive your account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request
- restrict your ability to delete or edit information or privacy settings
- A Dossplorer user with the role ‘audit’ may view or receive audit trail information related to your account information in order to satisfy applicable law, regulation, legal process or enforceable governmental request. The Dossplorer user with the role ‘audit’ can see:
- user events; login/logout, confirm account, enrollment date and set password, IP address and browser used
- dossier events; import and deletion of dossiers and sequences and, the creation, modification and deletion of metadata, date modified, reason for modification, modified by.
- user roles: changes to the user roles assigned to Dossplorer accounts, including the role(s), date assigned, date modified, modified by and assigned by
How long we save your personal data
We keep your personal data as long as necessary for the purpose for which we use your data. And for as long as the law obligates us to store your data. The time period that applies depends. Ranging from several months to many years.
How we secure your personal data
We consider your privacy to be of paramount importance. Therefore we process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Under the GDPR, you have the right to access, rectify, port and erase your data. You also have the right to object to and restrict certain processing of your data.
You can exercise your rights by sending an e-mail to email@example.com. In order to verify your identity, we request a copy of your identity with your national security number and photo made invisible. Following this request for access, you can request us to correct or delete your personal data. If you believe that we do not handle your personal data carefully, you can contact us via the above contact details. You also have the right to submit a complaint to the Dutch Data Protection Authority (“DDPA”).
It is also possible to object to the processing of your personal data by us if your personal data are used for purposes other than necessary for the execution of an agreement or are necessary for the fulfilment of a legal obligation. For example, you can object to the use of your personal data for marketing and sales activities. You can do this by sending an e-mail to firstname.lastname@example.org. You also have the so-called right to data portability. This means that you have the right to obtain the personal data that you have provided to us in a clear form. You can therefore also send an e-mail to info(at)qdossier.com.
Other Dossplorer related terms