Privacy Policy

How we collect, use, and protect your information. Your privacy is fundamental to everything we do.

Last Updated: March 1, 2026
HIPAA Compliant GDPR Compliant

Table of Contents

1. Information We Collect

Information You Provide

We collect information you provide directly to us when you create an account, use our platform, contact our support team, or otherwise communicate with us. This may include your name, email address, phone number, company name, job title, and any other information you choose to provide.

Clinical Trial Data

As a clinical trial management platform, Clincove processes clinical trial data on behalf of our customers. This data may include study protocols, site information, regulatory documents, and de-identified patient data. All clinical trial data is processed in accordance with applicable regulations including HIPAA and GDPR.

Automatically Collected Information

When you access or use our platform, we automatically collect certain information, including your IP address, browser type, operating system, device identifiers, pages viewed, links clicked, and the date and time of your visit. We collect this information using cookies, web beacons, and similar technologies.

2. How We Use Your Information

Service Delivery

We use the information we collect to provide, maintain, and improve our clinical trial management platform, including processing and managing clinical trial documents, facilitating regulatory compliance workflows, and delivering the features you request.

Communication

We may use your information to send you technical notices, updates, security alerts, and administrative messages. With your consent, we may also send you marketing communications about products, services, and events offered by Clincove.

Analytics and Improvement

We use aggregated and de-identified information to analyze usage patterns, monitor platform performance, and improve the functionality and user experience of our services. We do not use Protected Health Information (PHI) for analytics or marketing purposes.

Legal and Compliance

We may use your information to comply with applicable laws, regulations, and legal processes, including FDA 21 CFR Part 11 requirements for electronic records and signatures.

3. How We Share Your Information

Service Providers

We share information with third-party service providers who perform services on our behalf, such as cloud hosting, data analytics, email delivery, and customer support. All service providers are contractually bound to protect your information and are prohibited from using it for any purpose other than providing services to Clincove.

Legal Requirements

We may disclose your information if we believe disclosure is required by applicable law, regulation, legal process, or governmental request, including to meet national security or law enforcement requirements.

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our platform of any change in ownership or uses of your personal information.

With Your Consent

We may share your information with third parties when you have given us explicit consent to do so. We will never sell your personal information to third parties.

4. Data Security

Technical Safeguards

Clincove implements industry-leading security measures to protect your data. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. We maintain SOC 2 Type II certification and undergo regular third-party security audits.

HIPAA Compliance

Clincove is fully HIPAA compliant. We implement the administrative, physical, and technical safeguards required under the HIPAA Security Rule. We execute Business Associate Agreements (BAAs) with all customers who process Protected Health Information (PHI) through our platform.

Access Controls

We employ role-based access controls (RBAC), multi-factor authentication (MFA), and comprehensive audit trails to ensure that only authorized personnel can access sensitive data. All access is logged and monitored continuously.

5. Your Rights

GDPR Rights (EEA Residents)

If you are located in the European Economic Area, you have the right to access, correct, update, or request deletion of your personal information. You also have the right to object to or restrict processing of your personal data, the right to data portability, and the right to withdraw consent at any time.

CCPA Rights (California Residents)

California residents have the right to know what personal information is collected, disclosed, or sold, the right to request deletion of personal information, the right to opt out of the sale of personal information, and the right to non-discrimination for exercising these rights.

Exercising Your Rights

To exercise any of your data protection rights, please contact our Data Protection Officer at privacy@clincove.com. We will respond to your request within 30 days, as required by applicable law. We may need to verify your identity before processing your request.

7. Data Retention

Retention Periods

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Clinical trial data is retained in accordance with applicable regulatory requirements, which may require retention for a minimum of 15 years following the completion of a clinical trial.

Deletion

When personal information is no longer required, we will securely delete or anonymize it. You may request deletion of your account and associated personal data at any time by contacting us at privacy@clincove.com, subject to any legal retention requirements.

8. Contact Information

Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer at privacy@clincove.com or by mail at Clincove, Attn: Data Protection Officer, 123 Market Street, Suite 400, San Francisco, CA 94105.

Supervisory Authority

If you are located in the European Economic Area and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

Related Policies

Review our other policies for complete transparency

Terms of Service

Review the terms governing your use of Clincove

Cookie Policy

Learn about how we use cookies and tracking technologies

Questions about your privacy?

Join leading biopharmas, global pharmas, and research clinics who have unified their clinical operations. Deploy in weeks, not months.

Contact Us Security & Compliance
No credit card required
SOC 2 & HIPAA compliant
14-day free trial
You're subscribed!