Privacy Policy

1.INFORMATION WE COLLECT AND HOW WE USE IT

PERSONAL INFORMATION: The type of information we collect from you depends on how you use our Sites and whether or not you are a former employee. Generally, when using our Sites, we may collect personal information in two ways: (i) you provide it to us, or (ii) it is collected automatically.

(i) Information provided by you

You may provide personal information to us, such as your first and last name, contact information, email address, image, Username, physical address, and contents of your communication. You may also provide payment information to our third-party payment processors. Information that could be used to identify or contact you is considered “Personal Information” under this Privacy Policy.

We may use your information, including your Personal Information, for the following purposes, and we only collect the minimum amount of Personal Information about you that we consider necessary for achieving these purposes:

 

To better understand how Users access and use our Sites, both on an aggregated and individual User basis, on individual Sites and across them in order to improve our Sites and respond to User desires and preferences, and for other research and analytical purposes;

To provide our services to you, which may include communicating with you about your use of our Sites and services, responding to your inquiries, troubleshooting problems, working with our third-party providers to process your orders and for other customer service purposes;

To tailor the content and information that we may send or display to you, provide personalized help and instructions, and to otherwise personalize your experiences while using the Sites;

With your consent, for marketing, and promotional purposes, including, for example, to send you news and newsletters, promotions;

To contact you about projects, opportunities or information we think may interest you provided you have opted into receiving such communications from us;

To administer surveys and questionnaires;

To protect our own rights and interests, such as to resolve any disputes, enforce our Terms of Use, and to respond to legal requests;

In the interests of educational research around DSCS values and teachings such as human-centered approaches and design thinking. DSCS has affiliations with many educational establishments including but not limited to Harvard and Stanford University for this purpose; and,

To allow you to access and register for our services more easily (e.g., in the setting up of personal profile accounts through third-party accounts and social media applications to which you may be already subscribed.

To collect personal correspondence, such as email, from you or other Users or third-parties corresponding about your activities or postings on the Site

To collect, process, and share Personal Information sent in response to a job posting (e.g., your resume) solely for the purpose of evaluating of your job application.

Categories of personal information collected from UK and EU residents processed on basis of EU and UK GDPR

Please refer to the charts in Section 5 for the categories and uses of personal data.

Health related market research in the UK/EU/EEA

When DSCS performs market research in the UK/EU/EEA for a client in the medical or healthcare sector, the research may include participants like:

people with specific health conditions,

people who use certain healthcare services, medicines or medical devices,

people who act as carers for people referred to in (a) or (b) above, and

healthcare professionals.

If you join such research and you tell DSCS about:

 

an adverse event,

a product complaint; or

a serious reporting situation,

in respect of medicines and medical devices, DSCS may need to report the details that you have told us about to the company that asked us to perform the research.

 

This reporting enables the company to comply with its legal pharmacovigilance obligations, which aim to ensure the safety of such products.

 

When making a report, DSCS may include your contact information - such as your name and contact details, the country in which you are located, if you are a healthcare professional, your professional details. However, such information will only be shared by DSCS in accordance with the law or with your consent.

 

Sharing this information helps the company that asked us to perform research learn more about the adverse event or other issue that you shared with DSCS. This also enables the company to comply with its legal pharmacovigilance obligations, which aim to ensure the safety of such products.

 

NON-IDENTIFYING INFORMATION:

Certain information that does not identify you (“Non-Identifying Information”) could be considered a part of your Personal Information if it were combined with other identifiers (for example, combining your first name with your last name) in a way that enables you to be identified. But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other Non-Identifying Information (for example, your country and gender). We may combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other Users of the Sites to attempt to provide you with a better experience, to improve the quality and value of the Sites, and to analyze and understand how the Sites are used. We may also use the combined information without aggregating it to serve you specifically, for instance to deliver a product or service to you according to your preferences or restrictions, or to send you User surveys or requests for feedback. We may collect any Personal Information you provide through such surveys or calls for feedback.

 

(ii) Information collected automatically

In general, DSCS will gather some technical information automatically, such as to improve our Sites’ performance on your browser. This information includes your Internet Protocol (“IP”) address (often associated with the portal through which you enter the Internet, like your Internet service provider (“ISP”), your company or your university), browser type, referring/exit pages, the files viewed on our Site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. DSCS gathers this information using third-party services such as Google Analytics and HubSpot for the purpose of monitoring website performance and determining customer service and Site needs. Please visit the privacy policies of these third parties to learn about their privacy practices and your opt-out choices.

 

SOCIAL MEDIA INFORMATION:

When you have interacted with DSCS Sites content or even employees, through channels such as social media channels we may collect this information using an automated marketing tool, Hubspot. This means that where you have provided certain information (e.g., your email address) to us before and/or have opted in to receiving communications from DSCS, we may use your interactions with us on social media, combined with information we already have about you to establish your preferences and provide more targeted content. Hubspot may retain details of your publicly available social media handle such as your @address pursuant to its Privacy Policy(https://legal.hubspot.com/privacy-policy). Please see our DSCS Newsletters and Events section for further detail around Hubspot and our marketing practices.

 

COOKIES AND SIMILAR TRACKING TECHNOLOGIES:

When you visit the Sites, we and our partners may use cookies or similar technologies to analyze trends, administer the Sites, gather demographic information about our User base as a whole, and track Users’ movements around the Sites, including, in the case of cookies such as Hotjar, activity on individual pages in real-time (you may opt out of Hotjar here). A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you browse our Sites; cookies contain information that is transferred to your computer's hard drive. Our Sites use cookies to distinguish you from other Users of our Sites. This helps us to provide you with a positive experience when you browse our Sites and also allows us to improve our Sites and services.

 

We use the following categories of cookies:

 

Strictly necessary cookies: These are cookies that are required for the operation of our Sites. They include, for example, cookies that enable you to log into secure areas of our Sites.

Analytical/performance cookies: They allow us to recognize and count the number of visitors and to see how visitors move around our Sites when they are using them. This helps us to improve the way our Sites work, for example, by ensuring that Users are finding what they are looking for easily.

Functionality cookies: These are used to recognize you when you return to our Sites. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Targeting cookies: If you opt in, these cookies record your visit to our Sites, the pages you have visited and the links you have followed. We will use this information to make our Site more relevant to your interests, but also to ensure that we are aligning our Site in the best way with our target visitors. Our third-party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. Please note you will continue to receive generic ads.

Most browsers are initially set up to accept cookies, but you can set your cookie preferences in the banner that appears on all DSCS websites listed above or reset your browser to refuse all cookies or to indicate when a cookie is being sent. If you choose to disable cookies, it may limit your use of certain features or functions on our Sites or services. If you wish to restrict or block the cookies that are set by any website you should do this through each individual browser setting and on each device you use to access the Internet (for these Sites, you can set those preferences in the cookie banner that appears on all DSCS Sites listed above). You can allow cookies from specific websites by making them “trusted websites” in your Internet browser. For more information on how to do this, and how to change your browser settings, you may visit: www.allaboutcookies.org.

 

LOG DATA:

When you visit the Sites, whether through an account or as a non-registered User browsing, we automatically track certain information that your browser sends whenever you visit our Sites. We use this information to do internal research on our Users’ demographics, interests, and behavior to better understand and protect you and our community. This information may include the URL that you just came from, which URL you go to next, access times and dates, your computer browser information, your IP address, and other statistics (“Log Data”). We use Log Data to monitor and analyze the use of the services on the Sites and for the Sites’ technical administration, to increase our Sites’ functionality and User-friendliness, and to better tailor the Sites to our Users’ needs. For example, some of the information is collected so that when you visit the Sites again, we will recognize you and provide you with information appropriate to your interests. We also use the information to verify that the visitors to our Sites met the criteria to process their requests.

 

OPT-OUT MECHANISMS:

Currently, our systems recognize browser “do-not-track” requests. You may also disable certain tracking as discussed in this section (e.g., by disabling cookies) and you may opt-out of Internet-based advertising by following the instructions above in this Cookies section.

 

REGARDING CHILDREN AND MINORS:

We do not knowingly collect Personal Information from Users under the age of 13 or the applicable age established by the laws in your jurisdiction (“Child” or “Children”). If DSCS learns that a Child’s Personal Information has been collected, we will delete the account. If parents or guardians believe that we have unintentionally collected their Child’s Personal Information, they should contact us to request the deletion of the information at privacynotice@DSCS.com.

 

2. DISCLOSURE OF YOUR INFORMATION

OTHER CORPORATE ENTITIES:

We may share your information, including your Personal Information, Non-Identifying Information and Log Data, with our affiliates, subsidiaries, and branch offices in the United States and internationally, and with third parties who provide services on our behalf to help with our business activities such as providing email distribution services, customer service, or technical support. These companies are authorized to use your Personal Information only as necessary to provide these services to us pursuant to our written agreements with them. To the extent that these entities have access to your information, they will treat it at least as protectively as they treat information they obtain from their other Users. These entities follow privacy practices no less protective of our Users than our practices described in this Privacy Policy, to the extent allowed by applicable law. We do not share or sell your email address or contact information or any third parties’ email addresses with any third parties outside of the terms stated in this section of our Privacy Policy (“Disclosure of Your Information”).

 

We may share some or all of your Personal Information with another business entity should we plan to reorganize, spin out, merge with, acquire, or be acquired by that business entity. Should such an event occur, we will require that the new or combined entity follow this Privacy Policy with respect to your Personal Information. If your Personal Information will be used contrary to this Privacy Policy, you will receive prior notice as provided herein.

 

DSCS ADVERTISING ON AND USE OF DATA WITH THIRD PARTY PLATFORMS:

We may share data collected on the Sites, including email addresses, to show you and others personalized advertisements on third party websites and online services such as Facebook(Meta), Google, Adobe and LinkedIn, including their advertising and analytics services. The categories of third-party websites are as follows:

 

Providers of web analysis tools

Web hosting and web development providers

Service providers for IT development services

Ticket and customer support software providers

Marketing and Advertising agencies

Sales service providers

Payment service providers

Logistics service providers

Receivables management and collection service providers

Cloud services

Conference and Webinar Software

Service providers for online surveys

Service provider for chat software

Service providers for bookkeeping and invoicing

Providers for external document management

Provides for application management software

Social Media advertising platforms

Online software design collaboration software platforms

In order to facilitate this, we may share data collected on the Sites with third parties who will help us identify user profiles to target in our advertising campaigns, and analyze and maximize the effectiveness of the Site and our advertising and marketing outreach initiatives. This works because third party providers have aggregated information based on trends and behaviors of its users linked to information they hold about users like yourself, such as an email address. Some of these advertisements may be for DSCS services such as DSCS U and other ads may be to recruit survey participants and feedback providers.

 

You may be able to opt out of receiving personalized advertisements from online services such as Facebook. However, when you opt out of personalized advertising, you may continue to see online advertising from DSCS. For more information on Facebook ads, please visit https://www.facebook.com/about/ads. This does not affect your rights to Personal Data deletion, removal or amendment under applicable law.

 

You have the option to register for and access some of our services using third party social media sites such as Google or Facebook, when we ask you to “Sign up through Facebook” or “Continue with Facebook.” These are sites which you have chosen to share your information with independently of DSCS in accordance with their terms and conditions. When you choose to register with our Sites using services such as Facebook, DSCS will obtain information such as your email address and in some cases, profile picture information, automatically through your social media provider which provides this information to us.

 

LinkedIn Page

We operate a LinkedIn Page (“Business Services”) on LinkedIn, a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter “LinkedIn”).

 

We use our company page to contact and communicate with LinkedIn members and visitors(“Member”), to provide information about our company and its products and services. If you contact us, we may view the information you have posted on LinkedIn as a LinkedIn member. If you share, like or comment on our content or if you mention our company profile on LinkedIn, we can also access to this information.

 

When a Member visits, follows or engages with the Page, LinkedIn processes personal data to provide Page Insights to us. It enables us to improve our marketing activities.  LinkedIn will process data that was provided by the Member to LinkedIn, such as job function, country, industry, seniority, company size, and employment status data from a member’s profile. Additionally, LinkedIn will process information on how a member has interacted with our company page.

 

We have concluded an agreement with LinkedIn, the Page Insights Joint Controller Addendum (the “Addendum”). This user agreement is incorporated into the LinkedIn Pages Terms and sets out the responsibilities of LinkedIn and us with respect to the processing of Page Insights. The Page Insights Joint Controller Addendum is available here: https://legal.linkedin.com/pages-joint-controlleraddendum.

 

For more information about Page Insights and how to exercise your data subject rights, please see the "Page Insights Information". For more detailed information about how LinkedIn processes what personal data, including how you can exercise your data subject rights against LinkedIn, please see LinkedIn’s privacy policy is published here: https://www.linkedin.com/legal/privacy-policy.

 

Facebook Fanpage

We operate a Facebook page (so-called "Fanpage") on Facebook, a service of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta").

 

During your visit to the Fanpage, personal data is processed not only by us but also by Meta, even if you do not have a profile on Facebook or are not logged in. While using our Fanpage, user data (such as contact data), content data (such as entries in forms), usage data (such as websites visited, interests in content, access times), communication data (such as device information, IP addresses), are processed. On the one hand, this is done for the purpose of informing you and for communication, for example via contact requests and feedback forms, as well as for marketing.

 

If you are logged in when you open our Fanpage, we can view the information contained in your public Facebook profile. Meta also provides us with anonymous usage statistics ("page insights"). We use these to improve the user experience. However, we do not have access to the usage data that Meta uses to create the statistics.

 

We are jointly responsible with Meta for collecting data from visitors to our fan page and forwarding it to Meta (this includes information on the types of content viewed, interactions with content, actions taken, technical information such as IP address, operating system, browser type, language settings, cookie data). Interests can be derived from this, and user profiles can be formed, but we cannot draw any conclusions about individual users from this. Meta also uses the data to provide "page insights", which can be used to gain knowledge about interaction with the pages and the associated content. We have therefore entered into a joint responsibility agreement with Meta regarding the processing of your data in accordance with art. 26 GDPR. The agreement with Meta also regulates which security measures Meta must observe. The data subject rights, such as information or other requests, are also to be fulfilled by Meta. You can view the terms of this agreement with Meta here: https://www.facebook.com/legal/terms/page_controller_addendum. The further processing by Meta is not our joint responsibility.

 

Meta also stores so-called cookies on your end device when you visit our fan page, even if you do not have a Facebook profile or are not logged in there. This enables Meta to create user profiles based on your preferences and interests and to display advertising tailored to these preferences within and outside of Facebook. Cookies remain on your end device until you delete them. The details of this can be found in Meta's privacy policy (see below).

 

The data processing is carried out with your consent based on art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future via our consent management platform, which you can access here, without affecting the lawfulness of the processing carried out based on the consent until revocation. Furthermore, you can revoke your consent by setting your browser accordingly or as a logged-in user of the social network Facebook at https://www.facebook.com/settings/?tab=ads#_. You can also deactivate user-based advertising via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/), via http://www.youronlinechoices.com/de/praferenzmanagement/ or the US website (http://www.aboutads.info/choices).

 

As a logged-in Facebook user, you can make an objection and further settings in the Advertising Settings section.

 

It cannot be guaranteed that Meta does not transfer data to the USA for the purpose of storage and further processing. If such data transfer to the USA takes place, it is based on the standard contractual clauses of the EU Commission: https://facebook.com/help/566994660333381. Read more in the Meta EU data transfer addendum: https://www.facebook.com/legal/EU_data_transfer_addendum

 

For more information about Page Insights and how to exercise your data protection rights, please see the "Page Insights Information". For more detailed information on how Meta processes what personal data, including how to exercise your data subject rights against Meta, please refer to Meta's Data Policy at https://www.facebook.com/about/privacy.

 

Instagram Business Account

We operate an Instagram Business Account on Instagram (hereinafter “Instagram”), a service of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta") with whom we jointly use technologies, systems, insights, and information.

 

During your visit, personal data is processed not only by us but also by Meta, even if you do not have a profile on Instagram or are not logged in. While visiting our Instagram profile, user data (such as contact data), content data, usage data (such as websites visited, interests in content, access times), communication data (such as device information, IP addresses) are processed. On the one hand, this is done for the purpose of informing you and for communication, for example via contact requests and feedback forms, as well as for marketing.

 

If you are logged in when you open our Instagram profile, we can view the information contained in your public Instagram profile. Meta also provides us with anonymous usage statistics ("Insights"). We use these to improve the user experience. However, we do not have access to the usage data that Meta uses to create the statistics.

 

We are jointly responsible with Meta for collecting data from visitors to our Instagram page and forwarding it to Meta (this includes information on the types of content viewed, interactions with content, actions taken, technical information such as IP address, operating system, browser type, language settings, cookie data). Interests can be derived from this, and user profiles can be formed, but we cannot draw any conclusions about individual users from this. Meta also uses the data to provide "page insights", which can be used to gain knowledge about interaction with the pages and the associated content. We have therefore entered into a joint responsibility agreement with Meta regarding the processing of your data in accordance with art. 26 GDPR. The agreement with Meta also regulates which security measures Meta must observe. The data subject rights, such as information or other requests, are also to be fulfilled by Meta. You can view the terms of this agreement with Meta here. The further processing by Meta is not our joint responsibility.

 

Meta also stores so-called cookies on your end device when you visit our Instagram business profile, even if you do not have an Instagram profile or are not logged into it. This enables Meta to create user profiles based on your preferences and interests and to display advertising tailored to these preferences within and outside of Instagram. Cookies remain on your end device until you delete them. The details of this can be found in Meta's privacy policy (see below).

 

The data processing is carried out with your consent based on art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future via our consent management platform, which you can access here, without affecting the lawfulness of the processing carried out based on the consent until revocation. Furthermore, you can revoke your consent by setting your browser accordingly or as a logged-in user of the social network Instagram at the privacy and security settings. You can also deactivate user-based advertising via the deactivation page of the network advertising initiative (http://optout.networkadvertising.org/), via

http://www.youronlinechoices.com/uk/your-ad-choices or the US website (http://www.aboutads.info/choices). As a logged-in Instagram user, you can make an objection and further settings in the privacy and security settings.

 

It cannot be guaranteed that Meta does not transfer data to the USA for the purpose of storage and further processing. If such data transfer to the USA takes place, it is based on the standard contractual clauses of the EU Commission:

 

https://www.facebook.com/legal/EU_data_transfer_addendum and https://facebook.com/help/566994660333381.

 

For more information about Page Insights, please see the "Page Insights Information". For more detailed information on how Meta processes what personal data, including how to exercise your data subject rights against Meta, please refer to Meta's Data Policy at https://www.facebook.com/about/privacy and https://help.instagram.com, as well as the cookie policy at: https://help.instagram.com/1896641480634370/?helpref=uf_share .

 

LEGAL REQUESTS:

DSCS cooperates with law enforcement inquiries, as well as other third parties to enforce laws and intellectual property rights. Therefore, in response to a verified request by law enforcement, an applicable regulator, or other government officials relating to a criminal investigation or alleged illegal activity, we can disclose your name, city, state, telephone number, and email address. Without limiting the above, in an effort to respect your privacy, we will not otherwise disclose your Personal Information to law enforcement or other government officials without a subpoena, court order or substantially similar legal procedure, except when we believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss; report suspected illegal activity; or in response to a regulator’s request for information regarding compliance with applicable law.

 

Requirements processing personal data on basis of EU GDPR, UK GDPR

‍

 

Legal Basis

We base the processing of your data on the following legal bases:

 

Your consent, if you have given us such consent (Art. 6 para. 1 lit. a) GDPR)

The initiation or execution of a contract with you (Art. 6 para. 1 lit. b) GDPR)

The fulfillment of legal obligations (Art. 6 para. 1 lit. c) GDPR)

The implementation of our legitimate interests (Art. 6 para. 1 lit. f) GDPR)

Legitimate Interests

When processing your data, we may pursue the following legitimate interests:

 

To provide our services to you or our clients and to appropriately manage projects and relationships with you or our clients

The development and improvement of our services and websites

Protection of our business interestsMeasuring and improving the effectiveness of our marketing efforts across different channels and platforms

Protection of our systems against misuse

On the production of statistics

For the storage of our correspondence with you

Requirement or Obligation to Provide Data

Unless this is expressly stated, the provision of your data is not required or obligatory.

 

3. STORAGE AND TRANSFER OF YOUR INFORMATION

Depending on the DSCS Site you are using, or where you contact us, your information is stored on the servers of our service providers. Please note that information we collect from you may be stored and processed in the United States or any other country in which we or our service providers maintain facilities. We or our service providers may transfer information that we collect about you, including Personal Information across borders and from your country or jurisdiction to other countries or jurisdictions around the world. 

 

Requirements for processing personal data on basis of EU GDPR, UK GDPR: Data is being transferred to countries outside the European Economic Area and the United Kingdom. We only transfer personal data to so called “third countries” where the EU Commission and the UK Information Commissioner’s Office have confirmed an adequate level of protection or where we can ensure the careful handling of personal data by means of contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security standards, which you can review on request.

Retention periods:

We store your data,

if you have consented to the processing, until you revoke your consent;

if we need the data for the execution of a contract, for as long as the contractual relationship with you exists;

if we use the data on the basis of a legitimate interest, for as long as your interest in deletion or anonymisation does not outweigh the need for the data;

insofar as statutory storage obligations exist, until the end of the statutory retention period.

​

4. SECURITY OF YOUR INFORMATION

We use reasonable physical, procedural, technical and administrative security measures to protect your Personal Information against loss or theft as well as unauthorized access and disclosure to protect your privacy. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.