iMedidata Medidata Privacy Policy

Last Modified on Feb 27, 2017 | 0 Comments

Privacy Policy

Medidata Solutions, Inc. and our subsidiaries ("Medidata", "We" or "Our") comply with the EU-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.Medidata has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

Please click here to view our Privacy Shield Notice (which is part of this Privacy Policy) and learn more about Medidata's obligations and your rights under the Privacy Shield.

Medidata is committed to protecting the privacy of both (A) individuals who visit our websites, and (B) individuals who use our platform or applications (including individuals about whom our platform or applications capture information) (Customer Data, discussed below). We have created this Privacy Policy to explain the Personal Information we collect, how we protect it, with whom we share it, and your choices regarding your Personal Information. If you have any questions regarding this Privacy Policy, please contact or see the “Contact Us” section later in this Policy. If you have questions about our websites, please see our marketing department contact information below.


Personal Information Definition: Personal Information is (1) any non­public data that (2) identifies or may identify an individual, as set forth under the Data Protection Directive 95/46/EC, the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, or any successor laws or regulations.

Individuals Who Visit Our Websites

The following discloses our information gathering and dissemination practices for the website(s) located at the URLs, any successor websites, and any websites to which Medidata may link this Privacy Policy (collectively, the "Websites" or "Sites"). By visiting our Websites or otherwise providing us with your personal information, you consent to the collection, processing, and storage of your Personal Information as described in this Privacy Policy.

What Information We Collect and How We Use That Information

Contact Information – Some areas of our Sites request or require contact and other information. During the registration process and in other instances, we may collect information such as your name, mailing address, and email address.

Internet Protocol (IP) Address – We may collect an IP address from visitors to our Sites. We may use IP addresses to help diagnose problems with our server(s), to administer our Websites, and to monitor activities on and interactions with our Websites, user preferences, and other computer and connection information relating to your use of our Sites. We may also use log files, cookies, and similar technologies (described below) to collect information about the pages you view, links you click on, and other actions you may take when accessing our Sites.

We may combine other publicly available information, such as information related to the organization for which you work, with the Personal Information that you provide to us through our Sites.

Use and Sharing of Your Personal Information – Medidata uses the Personal information we collect from you:

  • to contact you in connection with your registration or your use of the Site or our products or services;
  • to contact you in response to your inquiries, comments, and suggestions;
  • to contact you otherwise when necessary;
  • for the specific purpose for which it was volunteered;
  • to ask for your participation in brief surveys;
  • to complete any purchases or other transactions you may perform;
  • to notify you about updates, promotions, special offers, etc., regarding products and services provided by us or our affiliates or partners;
  • to be provided to our affiliates or third parties (e.g., data processors or other service providers) in connection with our legitimate business purposes;
  • to generate aggregate statistical studies;
  • as further required by law or regulation, or as requested by government authorities;
  • in connection with an acquisition, merger, sale or other transfer of all or substantially all of our business or portion thereof; and 
  • for our other business purposes.

Medidata does not share, sell, rent, or trade your Personal Information collected through our Sites with third parties for their sole promotional purposes without your express consent. As set forth above, Medidata may share your Personal Information with third party service providers contracted by us to provide services on our behalf, these providers may only use information we provide to them as instructed by us.

Use of Cookies

Our Site may use cookies to enhance your experience while using our Site. Cookies are pieces of information that some websites transfer to the computer that is browsing that website and are used for record ­keeping purposes at many websites. Use of cookies makes web­surfing easier by performing certain functions such as saving your passwords, your personal preferences regarding your use of the particular website and to make sure you don’t see the same ad repeatedly. Many consider the use of cookies to be an industry standard.

Your browser is probably set to accept cookies. However, if you would prefer not to receive cookies, you can alter the configuration of your browser to refuse cookies. If you choose to have your browser refuse cookies, it is possible that some areas of our Site will not function properly when you view them.


Our Site has security measures in place to protect against the loss, misuse and alteration of the information under our control. However, it is not possible to guaranty the security or integrity of information you disclose online since a sufficiently powerful attack from an unauthorized third party could compromise your data.

Access, Choice and Opt Out

You may, at any time, "opt out" of receiving communications from us related to our products and services and/or to request the removal of your contact information from our database by writing to us at the postal or email address set forth below. However, Medidata cannot withdraw any previous disclosures made with your authorization, and we reserve the right to retain and disclose your information as permitted or required by law or regulation. You may also at any time request access to your personal data by writing to us at the postal or email address set forth below.

Marketing Manager
Medidata Solutions, Inc.
350 Hudson Street, 9th Floor New York, NY 10014


If any of your contact information changes or is incorrect, please email with your new, correct information.

Contacting the Site


If you have any questions about this Privacy Policy, the practices of this Site or your dealings with this Site, you can contact:


Marketing Manager
Medidata Solutions, Inc.
350 Hudson Street, 9th Floor New York, NY 10014
United States


+1 212 918 1800
+1 212 918 1818 (Fax)


You can also email

Applicable Law

This Privacy Policy covering individuals who visit our Sites will be construed under the laws of the State of New York, USA, without giving effect to any conflict of law provisions. You agree to submission of any dispute to the state and federal courts located in New York, New York, USA.


By providing us with your information, you consent and agree to the terms of this Privacy Policy. Any Personal Information collected about EU visitors via our Sites is processed in the United States by Medidata or by a third party acting on our behalf. Our websites are hosted in the United States.

Individuals Who Use Our Applications (Customer Data)


As part of Medidata’s platform, applications and services, our customer’s employees and authorized users may enter Personal Information, including Personal Information from or about their authorized users, employees, and clinical trial subjects (together, “Customer Data”), into our servers.


Medidata processes Customer Data as instructed by our customers, and has no direct control or ownership of the Personal Information it processes. Our customers are responsible for complying with regulations or laws regarding notice, disclosure and/or obtaining consent prior to transferring the data to Medidata for processing purposes.


Medidata will not share or distribute Customer Data except as provided in the contractual agreements between Medidata and our customers. These agreements may provide Medidata with the rights to process or use Personal Information for Medidata’s business purposes including providing or developing the Medidata platform and applications, preventing or addressing service issues, support or technical problems, responding to our customer’s instructions, or as may be required by law.


Please direct any questions regarding access, correction, amendment, or deletion of your Personal Information to the customer (the data controller) for which you work or which collected your Personal Information using our platform or applications. If our customer requests us to remove the Personal Information to comply with data protection regulations, Medidata will respond to their request within 30 business days. We will refer any request for disclosure of Personal Information by a law enforcement authority to our customer unless prohibited by law, and will make such disclosures where we conclude that we are legally obligated to do so.

Additional Sections of This Privacy Policy

The below sections of this Privacy Policy apply both to individuals who visit our websites, and individuals who use our platform or applications.

Safe Harbor

Medidata complies with the US­-Swiss Safe Harbor Framework as set forth by the United States Department of Commerce regarding the collection, use and retention of personal information from Switzerland. Medidata adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. Learn more about the Safe Harbor program and view Medidata's certification.

Dispute Resolution

In compliance with the Privacy Shield Principles, Medidata commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union with inquiries or complaints regarding our Private Shield policy should first contact Medidata at

As set forth in our Privacy Shield Notice, Medidata has selected a third party to serve as its independent recourse mechanism (IRM) for dispute resolution arising from certain transfers or processing of Personal Information (non­-HR data) under Privacy Shield. Medidata has further committed to refer unresolved Privacy Shield complaints to the Council of Better Business Bureaus (CBBB), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the CBBB at for more information or to file a complaint. The services of CBBB are provided at no cost to you.

In compliance with the US­-Swiss Safe Harbor Principles, Medidata commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Medidata at

Medidata has further committed to refer unresolved privacy complaints under the US­-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint.

The EU Data Protection Authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC) will be used for dispute resolution for unresolved complaints involving human resources data. Medidata commits to cooperate with the EU DPAs and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.

Changes to This Privacy Policy

Medidata reserves the right to change this Privacy Policy at any time by posting a new privacy policy at this location; Medidata will provide notification of any material changes through our Sites at least thirty (30) business days prior to the change taking effect. Therefore, you are responsible for periodically checking our Privacy Policy for changes.


Medidata has appointed a Chief Privacy Counsel responsible for overseeing the implementation of this Privacy Policy. You may contact us at

Last updated: September 30, 2016