Privacy Policy
Effective date: May 19, 2026
This Privacy Policy explains how ASAP Trial Technologies LLC ("Company," "we," "us," or "our") collects, uses, and protects information when you use ASAP Trial Ready and its associated applications (the "Service").
1. Information We Collect
Account information: name, email address, and authentication credentials you provide when registering.
Customer Content: documents, exhibits, notes, medical records, and other materials you upload or generate within the Service.
Usage data: log data, device information, IP address, browser type, and interactions with the Service, collected automatically to operate and improve the Service.
Cookies: we use cookies and similar technologies for authentication, session management, and analytics.
2. How We Use Information
- Provide, maintain, and improve the Service.
- Authenticate users and secure accounts.
- Communicate about updates, security, and support.
- Monitor usage, detect abuse, and prevent fraud.
- Comply with legal and regulatory obligations, including HIPAA where applicable.
3. HIPAA, PHI, and Business Associate Agreements
Users may upload Protected Health Information ("PHI") only under a signed Business Associate Agreement ("BAA") with ASAP Trial Technologies LLC. Without an executed BAA in place, uploading PHI to the Service is strictly prohibited and constitutes a material breach of these terms. Unauthorized PHI uploads are grounds for immediate suspension or termination with no refund.
Users are responsible for de-identifying records (consistent with 45 CFR §164.514) before upload if no BAA is in place.
We implement HIPAA Security Rule safeguards, including:
- Encryption in transit (TLS 1.2 or higher) and at rest (AES-256).
- Least-privilege access controls and role-based authorization.
- Comprehensive audit logging of access and changes to PHI.
- Multi-factor authentication (MFA) for administrative access.
- BAAs with sub-processors that handle PHI on our behalf.
- A documented breach-notification process providing notice without unreasonable delay and in no case later than 60 days, as required by 45 CFR §164.410.
4. Sharing of Information
We do not sell personal information. We may share information with:
- Service providers that host, store, or process data on our behalf under confidentiality and, where PHI is involved, BAA obligations.
- Legal authorities when required by law, subpoena, or to protect our rights and users.
- Business transfers in connection with a merger, acquisition, or asset sale.
5. Data Security
We implement administrative, technical, and physical safeguards designed to protect information, including the HIPAA safeguards described above. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
We retain personal data and Customer Content for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.
7. Your Rights
Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at the email below.
8. Children's Privacy
The Service is not directed to children under 16, and we do not knowingly collect personal data from them.
9. International Transfers
Your information may be processed in the United States or other countries where we or our service providers operate. We take appropriate measures to protect international transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email.
11. Contact
For privacy questions or to exercise your rights, contact ASAP Trial Technologies LLC at privacy@asaptrialready.com.
