Privacy Policy

---

Last Updated: 17 October 2025 

At PROBr, your privacy is our priority. We are committed to protecting personal information and research data while enabling trusted collaboration between researchers and participants.

This Privacy Policy (“Policy”) explains how we collect, use, store, and protect your information in connection with your use of the PROBr app, website, and related services. By using PROBr, you agree to this Policy.

1. Who We Are

PROBr is a digital research and data management platform that connects researchers with participants for clinical and health-related studies.

We provide tools for:

• Research participant recruitment and engagement
  
   
• Project management, including cloud storage and trial documentation
  
   
• Secure collaboration between research teams
  
   

PROBr acts as:

• A Data Processor under GDPR and HIPAA, processing information on behalf of research organizations.
  
   
• A Business Associate under HIPAA when supporting U.S.-based covered entities.
  
   

We comply with:

• GDPR (UK/EU)
  
   
• HIPAA (U.S.)
  
   
• Good Clinical Practice (GCP)
  
   
• ALCOA+ data integrity principles
  
   

2. Information We Collect

We collect information to operate and improve PROBr’s research facilitation and project management features.

a. 

Information You Provide

• Name, contact details, and account credentials
  
   
• Professional or organizational affiliation
  
   
• Health-related or demographic information (for study-matching only)
  
   
• Uploaded documents (e.g., trial master files, reports, participant logs)
  
   
• Payment and billing details (where applicable)
  
   

b. 

Automatically Collected Data

• Device and browser information
  
   
• IP address and session data
  
   
• Usage analytics and crash reports
  
   

c. 

From Third Parties

We may receive limited information from verified research partners (e.g., academic institutions, CROs, or ClinicalTrials.gov).

3. How We Use Information

We process your information to:

• Match participants with suitable research studies
  
   
• Enable researchers to manage and store project data securely
  
   
• Facilitate collaboration and communication
  
   
• Monitor app usage to improve performance and security
  
   
• Support regulatory and audit compliance for research teams
  
   

We do not sell or use your data for advertising purposes.

4. Research Data Ownership

Research data—including participant records, trial master files, reports, and study outcomes—remain the sole property of the researcher or sponsoring organization.

PROBr:

• Provides secure storage, access control, and audit logging.
  
   
• Acts solely as a data custodian and does not review, modify, or use research content.
  
   
• Follows validated data integrity standards (ALCOA+) for audit trails and metadata protection.
  
   

5. Data Storage and Security

All data is securely stored using Amazon Web Services (AWS), a HIPAA-eligible and GDPR-compliant infrastructure provider.

Security measures include:

• End-to-end encryption (AES-256, SSL/TLS)
  
   
• Role-based access control and MFA
  
   
• Regular penetration testing and security audits
  
   
• Data redundancy and recovery protocols
  
   

6. Data Transfers

Your data may be securely transferred between the U.S., U.K., and E.U. for hosting and research collaboration.

Transfers are governed by Standard Contractual Clauses (SCCs) and Business Associate Agreements (BAAs) to ensure legal protection.

7. Data Retention

We retain your information only as long as necessary to:

• Maintain active projects or accounts
  
   
• Fulfill regulatory or contractual obligations
  
   
• Support audit or compliance requirements
  
   

Researchers may delete or export their data at any time, and participants can request erasure of personal data not tied to active studies.

8. Your Rights

Under GDPR and HIPAA, you have the right to:

• Access, correct, or delete your data
  
   
• Withdraw consent at any time
  
   
• Request copies of stored information
  
   
• Restrict or object to data processing
  
   
• Receive breach notifications in line with GDPR/HIPAA timelines
  
   

Requests can be sent to info@probr.co

9. Cookies and Tracking

We use cookies to improve platform performance and maintain login sessions. You can disable cookies via browser settings, though some features may not work as intended.

10. Data Breach Protocol

If a breach occurs, PROBr will:

• Notify affected users and authorities within 72 hours (GDPR) or 60 days (HIPAA)
  
   
• Contain and assess the breach
  
   
• Implement corrective and preventive actions
  
   

11. Updates to this Policy

We may update this Policy periodically. Changes will take effect immediately upon posting in the app or on our website.

12. Contact Us

If you have questions about this Policy or your data rights:

📧 info@probr.co

🌍 www.probr.co