George Clinical Pty Ltd, together with its subsidiaries worldwide (George Clinical) is committed to handling personal information (including health and other sensitive information) in accordance with applicable privacy laws, including the Australian Privacy Principles set out in the Australian Privacy Act 1988 (Cth) and, where relevant, the EU General Data Protection Regulation ((EU) 2016/679) (GDPR). A reference to personal information includes "personal data" as defined in the GDPR.

By completing this form and ticking the attestation box below, you are confirming agreement to George Clinical collecting, storing, using, disclosing and transferring your personal information, in accordance with this notice and consent.


    This notice and consent explains the types of personal information we collect about you, why we need to collect it, and how it will be stored and used:
    • in clinical trials or research projects that you are working on with us; and
    • for the purposes of potential future collaborations with you.

    Personal data collected and purpose

    We may collect and retain the following personal information about you:
    • your name, address, contact details, job title, organisation address, professional qualifications, experience, professional registrations (Your Information and My Information).

    We will collect Your Information either directly from you, or via the regional coordinator or institution that you work for or contract with in relation to a clinical trial or research project involving us.

    We may collect, hold and use Your Information for the purpose of administration, management, evaluation and operation of clinical trials and research projects that you are working on with us (this is to ensure that such studies and projects are properly conducted) and to assess your suitability to potentially collaborate with us on future studies and projects.

    We may also use Your Information to:
    • contact you for potential work or collaboration on other studies or research activities;
    • contact you to ensure that the information we hold is kept accurate and up to date; and
    • refer or recommend you and your professional expertise to other research institutions, collaborators, sponsors and CROs

    The lawful basis for processing Your Information

    If you are member of a study or project research team, your consent is not required to process Your Information for the purpose of administration, management, evaluation and operation of that study or project. In these circumstances processing is necessary for compliance with our legal obligations under GCP and other regulatory requirements to ensure research team members are properly qualified, experienced and registered with appropriate professional regulation bodies, and have not been disbarred or prohibited from working on clinical trials or research projects.

    In all other circumstances stated in this notice and consent, we rely on your consent to process Your Information.

    For individuals located in the EEA

    If you are located in the European Economic Area (including the United Kingdom) (collectively the EEA) you will have certain rights under the GDPR as described below. Comparable (though not exactly the same) rights are available under the APPs, regardless of your country of residence.

    The right to be informed

    You have the right to be provided with clear, transparent and easily understandable information about how we use Your Information and your rights.

    The right of access

    You have the right to obtain access to Your Information that we are processing and certain other information.

    The right to rectification

    You are entitled to have Your Information corrected if it is inaccurate or incomplete.

    The right to erasure

    This is also known as 'the right to be forgotten' and enables you to request the deletion or removal of Your Information if there is no compelling or legal reason for us to keep using it. This is not a general right to erasure, as there are exceptions.

    The right to restriction of processing

    This right enables you to ask us to suspend the processing of Your Information, for example if you want us to establish its accuracy or the reason for processing it.

    The right to object to processing

    You have the right to object and to ask us to stop processing Your Information however we may not be able to comply with your request if this conflicts with our regulatory or legal obligations.

    The right to lodge a complaint

    You have the right to lodge a complaint about the way we handle or process Your Information with a supervisory authority.

    The right to data portability

    You may obtain Your Information from us and direct us to send Your Information to a third party. We will do our best to provide the information in an easy-to-read format.

    The right to withdraw consent

    If you have given (and we are relying on) your consent to anything we do with Your Information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with Your Information or with your consent up to that point is unlawful).

    If you would like us to stop processing Your Information, please contact us. Our contact details are further below.

    How long we keep your personal data

    We will keep Your Information for a minimum of 15 years for regulatory purposes in relation to a study or project you are working on with us. Beyond that period, Your Information will remain with the study or project file, until the file is securely destroyed.

    For purposes outside of a study or project that you are working on, we will keep Your Information indefinitely unless you notify us that you withdraw your consent for processing.

    Who we share your personal data with

    We may disclose Your Information to our staff and relevant third parties, such as other research institutions, collaborators, sponsors and CROs (Collaborators).

    Disclosure may also be required to comply with legal, regulatory, ethical committee or insurance obligations or applications for funding or initiating projects or studies.

    We may also share Your Information with third-party service providers (such as database providers) which host our databases and the databases of our Collaborators.

    Third parties will be required to respect the security of Your Information and to treat it in accordance with the law.

    We may transfer Your Information outside the EEA, even if you are located in the EEA. If we do and you are located in the EEA, you can expect a similar degree of protection in respect of Your Information, as required under GDPR.

    Processing data outside of the European Economic Area (EEA)

    We will transfer Your Information to where our own databases and/or those of our Collaborators are held (including outside the EEA). These databases are located in Australia, United States and elsewhere in the world. There is not an 'adequacy decision' by the European Commission for some of these countries, meaning some of these countries are not deemed to provide an adequate level of protection for personal information under GDPR.

    We have however put in place appropriate measures to ensure that Your Information is treated in a way that is consistent with and meets privacy law requirements. For processing that is subject to GDPR, this may include the EU Model Clauses and reliance on the US Privacy Shield.

    We will endeavour to ensure our Collaborators provide details to us of the security measures that they have in place to protect Your Information.

    Data security

    We have put in place measures to protect the security of Your Information, and to prevent Your Information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access (by physical and technical safeguards) to Your Information to those employees, agents, contractors and other third parties who have a business or legal need to know. We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

    Access to and Correction of Your Information

    You may request access to, or seek correction of, Your Information that is held by us, or exercise other rights available under GDPR.

    You will generally not have to pay a fee to access or correct Your Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

    We will respond to acknowledge your request and, where relevant, provide you with the information requested within a reasonable period of time (generally within one month of receiving your request).

    How we contact you

    We may communicate with you via email, telephone, post and on occasion SMS. You may also update your contact details at any time by contacting us.

    Our contact details

    If you have any queries, questions or concerns about Your Information or how we are handling it please contact:

    George Clinical Level 5, 1 King Street, Newtown NSW 2042, Australia. Tel no: + 61 2 8052 4300; OR
    The Privacy Officer: email: [email protected]

    If you are located in the EEA you may also wish to write to our EU based representative: George Clinical (UK) Limited (No. 08951276) of Centrum House, 36 Station Road, Egham, Surrey, TW20 9LF, United Kingdom, Tel no: +44 7789 376 306, email: [email protected]

    Acknowledgement and Consent
George Clinical

[email protected]

Profits from George Clinical support the work of The George Institute for Global Health.

Add George Clinical to your network