Privacy Policy

1. Introduction

Trial Announcer ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our clinical trial notification service available at trialannouncer.co.uk.

Trial Announcer is operated as a personal project in England and complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

• Name and email address (via Clerk authentication)
• Payment information (processed securely by Stripe)
• Clinical trial search criteria (age, BMI, location preferences)
• Communication preferences (Discord username, Telegram ID, notification settings)

2.2 Technical Information

• IP address and browser type
• Device information and operating system
• Usage data and interaction with our service

2.3 Cookies

We only use essential cookies necessary for authentication (Clerk) and payment processing (Stripe). These cookies are exempt from consent requirements under PECR as they are strictly necessary for the service you have requested.

3. How We Use Your Information

We use your information to:

• Provide and maintain our clinical trial notification service
• Match your criteria with available clinical trials
• Send notifications via your preferred channels (email, Discord, Telegram, web push)
• Process payments and manage subscriptions
• Communicate with you about service updates and support
• Improve our service and develop new features
• Comply with legal obligations

4. Legal Basis for Processing (UK GDPR)

We process your personal data under the following legal bases:

• Contract: To provide the services you have signed up for
• Consent: For sending you clinical trial notifications and marketing communications
• Legitimate Interests: To improve our service and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations

5. Data Sharing and Third Parties

We share your data with:

• Clerk: Authentication service provider (US-based, EU-US Data Privacy Framework certified)
• Stripe: Payment processing (UK-based entity)
• Discord/Telegram: For delivering notifications if you opt-in
• Email service providers: For sending email notifications

We do not sell your personal data to third parties. All third-party processors are carefully selected and contractually bound to protect your data.

6. International Data Transfers

Some of our service providers are based outside the UK/EEA. Where we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions.

7. Your Rights Under UK GDPR

You have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain types of processing
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected]

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. When you close your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption, access controls, and regular security assessments.

10. Children's Privacy

Our service is intended for users aged 18 and over. We do not knowingly collect data from children under 18.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our service.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us at:

13. Supervisory Authority

If you have concerns about how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):