Yendou is a clinical trials management platform that provides teams at sponsor and site level with the tools to orchestrate their study startup. At Yendou, our mission is your mission. We’re committed to protecting your privacy rights, so you can focus on the work that matters most to your business — with peace of mind.
This Privacy Policy describes how Yendou GmbH collect, process and manage your information and explains the choices available to you with respect to your information. If you have any questions or concerns about how Yendou processes your information or about this Privacy Statement, you can email us any time at privacy@yendou.io. Additionally, if you’re looking to exercise your privacy rights, just send us an email at privacy@yendou.io.
In situations where our users are subject to our Subscriber Agreement, Enterprise Master Services Agreement, or other Master Services Agreement to use Yendou’s services, Yendou is the processor/service provider (a provider that processes personal data on behalf of or at the direction of a controller, or other similar designation under the law) and our customer (usually a company or organization) is the controller/business (the entity that decides how and why information is processed) of the information provided to Yendou via their use of Yendou. In all other cases, Yendou is the controller of the information.
For example, if you create an account with
Yendou can be used by companies, Organisations (like SMOs, site networks, research sites) or by individual users within a research site:
If you’re using Yendou through your company, educational institution, or with your company email address, your company or educational institution’s own Yendou’s administrator is responsible for the accounts associated with that company or institution and can: restrict, suspend, or terminate your access to or ability to use the services, access information about you, access or retain information stored with us (including your workspace content and log data about your use of Yendou), and restrict your ability to edit, restrict, modify, or delete information associated with your use of our products and services.
Yendou processes information we receive directly from you, automatically collected when you use Yendou or visit one of our websites, and collected by Yendou from third parties. However, please note that this Privacy Policy does not apply to the processing of your information by third parties through your use of any third-party integrations available via our services. Please visit those third-party websites directly for more information on their privacy and data protection practices.
This includes information that is needed for Yendou to create an account for you and manage your ability to log in and out of Yendou:
We may also collect the following:
Yendou uses your information to operate our products and services, communicate with you, and to comply with the law. Specifically, we may process your information to:
In addition, we use information about your use of Yendou, account information (such as your email address and name), and information related to third-party integrations to:
To provide important notices and updates, product changes, and other necessary notices such as security and fraud alertsTo advertise or market Yendou services to you. You have the ability to unsubscribe from promotional communications at any time
Unless otherwise prohibited by law, we may combine the information that we collect through your use of our products and services with information that we receive from other sources, both online and offline, and use that combined information as set out above.
We may aggregate and/or de-identify information related to your use of Yendou (such as how many feasibilities you participated in (as research site) or study projects you created (as sponsor)) so that such information can no longer be linked to you or your device.
We need to disclose the information we collect about you to make our products and services run smoothly and to operate our business under the following conditions:
We use and disclose the categories of information we collect from and about you consistent with the various business purposes we discuss throughout this Privacy Policy. We do not disclose your information to third parties for their own direct marketing purposes. For more information, see our GDPR Commitment in section 8.
Security
Yendou takes technical and organizational measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet and no means of electronic or physical storage is absolutely secure, so we cannot ensure or warrant the security of that information. We are constantly updating and improving our safeguards and you can read up to date information about our security practices by visiting our Trust page.
Storage
When you use Yendou, some information about you will be stored in the EU.
Transfer of your information out of EEA, UK, Switzerland, and Japan
When you use our products and services, information about you will be transferred to Belgium where the majority of Yendou’s data processing occurs. In compliance with GDPR, We may also transfer information that we collect about you to third party processors across borders from your country or jurisdiction to other countries or jurisdictions around the world.
Data Retention
We will retain your information for the period necessary to fulfil the purposes outlined in this Privacy Statement, to make our products and services available to you, or as instructed by you, unless a longer retention period is required or permitted by law.
Use by children under 16
If you are under the age of 16, you may not have a Yendou account or use Yendou’s products or services. We do not knowingly process any information from, or direct any of our products or services to, children under the age of 16.
Marketing Practices and Choices
If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data, such as when you open our message or click on any links or banners within our emails. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions, and special events that might appeal to your interests by contacting us via the methods listed in the Contact Us and Privacy Questions section. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails.
Please note that, regardless of your request, we may still use and disclose certain information as permitted by this Privacy Policy or as required by applicable law. For example, you may not opt out of certain transactional, operational, or service-related emails, such as those reflecting our relationship or transactions with you.
Global Privacy Control and Do Not Track
Yendou honors the Global Privacy Control (GPC) signal.
Some web browsers incorporate a “Do Not Track” feature. Our online resources do not currently alter their practices when they receive Do Not Track signals. To learn more about Do Not Track, you can do so here.
Legal Bases for Processing Your Information
The laws in some jurisdictions require us to inform you of our legal bases for processing your information. Our legal bases for collecting and using your information described above will depend on the particular type of information and the specific context in which we collect it. However, some examples of legal bases for processing that we rely on:
Yendou users from around the world use our products to bring clarity to their work. Regardless of what country you’re located in, we respect your ability to know, access, correct, export, restrict the processing of, and delete your information, and have extended those rights globally. We will not discriminate against you for exercising your privacy rights.
Upon your request, and subject to applicable legal exceptions, we will:
If you request these rights, we will need to verify your identity and may need to verify your relationship with Yendou (for example, if you’re an administrator of a Yendou organization, division, or workspace and you’re making a request on behalf of another individual) for security and to prevent fraud.
We may take additional steps to verify that you are authorized to make the request. If you are an end user of Yendou’s services and not a direct customer of Yendou (for example, your company uses Yendou and you’re an employee or authorized representative of that company), you should direct requests relating to your information to the administrator of your company’s Yendou account. We will redirect you to your administrator or notify the administrator directly. To exercise your privacy rights, please make a request by sending us an email to privacy@yendou.io .
Please note, however, that certain information may be exempt from such requests in some circumstances (for example, if we need to keep processing your information for our legitimate interests or to comply with a legal obligation). Depending on applicable law, you may have the right to appeal our decision to deny your request. If we deny your request, we will provide you with information on how to appeal the decision, if applicable, in our communications with you.
Yendou do not share information about your device and online browsing activities with any third-party advertising providers.
Yendou is committed to protecting and honoring your privacy rights. In light of a number of jurisdictions having enacted laws that affect how companies handle personal information, we wanted to take a moment to share what measures Yendou has put into place to comply with the General Data Protection Regulation (GDPR):
The GDPR is a European law establishing protections for the personal data of EU residents that came into force on May 25, 2018. Under the GDPR, organizations that collect, maintain, use, or otherwise process EU residents’ personal data (regardless of the organization’s location) must implement certain privacy and security safeguards for that data. Yendou has established a comprehensive GDPR compliance program and is committed to partnering with its customers and vendors on GDPR compliance efforts. Some significant steps Yendou has taken to align its practices with the GDPR include:
Below, we provide additional details about the core areas of Yendou’s GDPR compliance program and how customers can use Yendou to support their own GDPR compliance initiatives.
EU data protection laws require organizations to use a recognized legal mechanism to transfer data from the EU to countries that do not have a similar data protection framework, including the United States.
Yendou’s Customer Data are exclusively stored in the EU.
The regulatory guidance in this area continues to evolve, and we are tracking additional guidance from data protection authorities closely. Yendou remains committed to the privacy of our customers and will continue to work to make sure we comply with data protection laws.
The GDPR gives individual data subjects in certain circumstances the rights to, among other things, access, delete, and make corrections to their personal data. Yendou is committed to facilitating data subject requests consistent with the GDPR, as further described here.
At its core, the GDPR is focused on transparency, fairness, and accountability. Accordingly, the law requires organizations to maintain documentation about their privacy practices and their decisions about how they handle individuals’ personal data. Yendou shares the GDPR’s commitment to these principles.
The GDPR requires organizations to use appropriate technical and organizational measures to protect the security, confidentiality, and integrity of personal data. Security continues to be a priority for Yendou.
At Yendou, we implemented a variety of safeguards to protect the security of our platform, including encrypting web connections to protect data transmissions, and replicating our databases to support reliability of the platform. Yendou also offers customers the ability to use additional security controls to further enhance the security of their teams’ data. For more information, please check our Security page.
If you would like to exercise your rights under the GDPR, please submit your request to privacy@yendou.io.
We will update this Privacy Statement to make sure it accurately reflects our data collection and use practices, our amazing features, advances in technology, or as applicable laws require. We will comply with applicable legal requirements regarding providing you with notice and/or consent when we make such changes, depending on the type of change made. We also provide information about how our Privacy Policy has changed over time below.
Yendou is located at ℅ Zina Sarif, Wichertstraße 53, 10439 Berlin, Germany. If you wish to contact us or if you have any questions about or complaints in relation to this notice, please contact us at privacy@yendou.io. To contact our Data Protection Officer, please email dpo@yendou.io.
No history