December 11, 2017
NeuroCog Trials [also referred to as ‘NCT Holdings, Inc.’ that includes NeuroCog Trials (NCT) and NCT Linguistics (NCTL)] is a clinical and cognition assessment services company that offers consulting, site screening, translation, rater training and certification, data review, and statistical analysis services to companies for clinical trial data that is collected from global sites.
The Federal Trade Commission has jurisdiction over NCT Holdings, Inc.’s compliance with the Privacy Shield. NCT Holdings, Inc. submits to being subject to the investigatory and enforcement powers of the FTC, the Department of Transportation, or any other U.S. authorized statutory body with regards to our self-certification and implementation of the Principles, and acknowledges the right of the EU individual to invoke binding arbitration, at no cost to the individual, in filing a complaint disputing NCT’s adherence to these practices with the EU DPA (European Union Data Protection Authority). The authority of the Swiss FDPIC (Federal Data Protection and Information Commissioner) will substitute for that of the EU DPA’s authority throughout the Swiss – U.S. Privacy Shield.
“Local Language Experts” means NeuroCog Trials employees or contractors who provide translation services to NCT and their sponsors for test data, queries for the data or translation of other project materials including instructional videos and manuals.
“NCTL Certified Linguists” means NCTL employees or contractors who provide translation services to NeuroCog Trials or other clients. NCTL Certified Linguists specialize in translation, interpretation, voice-over, training and localization. The primary distinction between LLEs and NCTL Certified Linguists is that NCTL Certified Linguists are required to pass a more stringent nationally and internationally recognized certification process.
“Personal Information” or “Information” means information that (1) is transferred from the EU, Switzerland or other countries to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked directly or indirectly to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric data processed as a means of unique identification, or that concerns an individual’s health, or as relates to the commission of a criminal offense.
“Site Rater” will mean the clinical site staff that is trained to conduct cognitive and clinical test assessments and to collect the information from those assessments which will be transferred to the Study Sponsor and NCT to be used for clinical trials.
“Study Sponsor” will mean a party that NCT has entered into a formal agreement with where NCT will provide assistance in processing cognitive or other clinical data that will be used to support a clinical research study.
“Third Party” means any party that has entered into an agreement with NeuroCog Trials for the purpose of collecting, processing, translating, analyzing or storing personal data either manually or electronically. NCT stipulates in any agreement with a third party agent that the third party must subscribe to the Privacy Shield Principles and Framework to ensure data privacy is preserved.
“Translation Client” means any party that has entered into an agreement with NCT/NCTL for the purpose of translating personal data either manually or electronically.
Types of Information Gathered by NCT:
- The NCT website is: http://www.neurocogtrials.com/
And the NCTL website is: http://www.nctlinguistics.com/
If you visit either website, no personal information is collected unless you choose to contact us using the website ‘Contact Us’ link. The only information we collect is your ‘Name’, ‘Email’ and your ‘Question / Comments’ as it is entered by you. We only use this information to address your inquiry or comment. We will not disclose any personal data offered via the contact information on the NCT or NCTL websites.
NCT uses Visual Visitor or similar products to collect information about how many visitors we get, where they come from and how they use our website. Visual Visitor collects public information and provides it in a report form. It does not identify the specific individual accessing the website. The results help us to improve the services offered on our website.
- Cognitive and Clinical Assessment Test Data for Clinical Trials:
NCT collects, processes, translates, analyzes and stores cognitive and clinical test data from clinical trials for their Study Sponsors. This test data may be captured on paper or electronically and it may include personal information from the subject or site raters. NCT works with the Study Sponsor to ensure that the subjects and site raters understand what type of data is being collected and to clarify the purpose for collecting the data. NCT works with the Study Sponsor and site rater(s) to limit the collection of any personal data that is not relevant to the study. In these types of studies, only the Study Sponsor will have the ability to contact an individual directly in order to allow them to opt out of any disclosures of personal data that are not previously authorized.
The electronic data captured for studies may include audio or video recordings of the cognitive test assessments. Video recordings are used to provide feedback to the site rater on their performance of testing and to correct errors in the data that is collected. Video recordings are never used to identify a subject. NCT ensures that the site staff are trained to take all measures possible to conceal the identity of the subject during these recordings. Other biometric data may be captured in order to ensure the integrity of data collected in clinical studies, however NCT has implemented measures to eliminate all access to this data in its original state in order never to compromise an individual’s personal information.
In some cases NCT may collect the data for a research study on their own (e.g. under a research grant). In these cases NCT will work with an Investigational Review Board (IRB) or Ethics Committee (EC) to ensure that subjects and raters understand what type of data is collected and to clarify the purpose for collecting the data. In these types of studies, NCT will limit the collection of any personal data for individuals participating in the study that is not relevant to the study.
- Human Resource and Financial Information:
Most NCT employees are located at the NCT office in Durham, North Carolina, United States but our Local Language Experts (LLEs) or NCTL Certified Linguists may be located in any country. LLEs/NCTL Certified Linguists provide translation services for NCT and our sponsors. NCT collects human resource and financial information from the LLEs/NCTL Certified Linguists as needed to continue their employment with NCT.
For any human resources data of EU citizens accessed, NCT agrees to cooperate and comply with the EU Data Protection Authorities (DPAs) to provide a recourse mechanism for any complaints regarding the handling of this data.
NCTL Certified Linguistics offers translation services for their translation clients. The translation services include written/verbal translations, localization, narration, etc. for all industries.
NCT collects cognitive and clinical assessment test information from clinical sites for the purpose of clinical research, translations and statistical analysis. This information is collected and prepared for NCT’s Study Sponsors unless the research is solely conducted by NCT (e.g. Grants). NCT and the Study Sponsor use standard processes (e.g. consent forms) to inform study participants about the purpose of the clinical research and the intended use of data that is collected for those studies. The data that is collected by NCT may be shared with the Study Sponsor, a vendor (Third Party) hired by NCT to assist with the trial, regulatory agencies, or other affiliates, subsidiaries or agents of the Study Sponsor as required by study contracts or as required by law (e.g. lawful requests by public authorities or to meet national security or law enforcement requirements).
NCT will work with Study Sponsors to offer individuals the opportunity to affirmatively consent or explicitly dissent (opt-out) to the disclosure of their Personal Information to a third party or for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal Information, NCT will not process any such information relating to individuals for any purpose other than that for which it was originally or subsequently authorized by the individual without first receiving prior explicit consent (opt-in), or as required or permitted, or where not prohibited by law or regulation.
NCT reserves the right to disclose information as required by law, or if deemed necessary to prevent physical harm, financial loss, or in connection with an investigation or legal proceeding.
NCT takes very seriously an individual’s right to choice regarding Personal Information, as far as required by applicable law, and will facilitate all reasonable and appropriate means to allow such access.
Prior to disclosing Personal Information to a third party, NCT or their Study Sponsor will notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. NCT will ensure that any third party for which Personal Information may be disclosed subscribes to the Principles and will enter into a contract with the third party that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles. NCT will take reasonable and appropriate steps to ensure that any third party agent effectively processes the personal information transferred in a manner consistent with our obligations under the Principles, and upon notice, will take reasonable and appropriate steps to stop and remediate unauthorized processing. NCT will require said agent to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles. NCT will also provide a summary or representative copy of the relevant privacy provisions of its contract with that agent to the Department upon request.
NCT will remain liable under the Principles if its third party agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
Additionally, NCT will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.
If NCT leaves the Privacy Shield Framework at any point, it must annually certify its commitment to apply the Principles to information received under the Privacy Shield Framework if it chooses to keep such data or provide “adequate” protection for the information by another authorized means.
NCT will take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. NCT has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration or destruction. NCT cannot guarantee the security of Information on or transmitted via the Internet.
NCT will only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, NCT will take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use. NCT will adhere to the Principles for as long as it, or any contracted third party acting on its behalf, retains such information.
NCT will allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, or to allow access to Personal Information processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
If a complaint or dispute cannot be promptly resolved through our internal process, we agree to co-operate with the European Data Protection Authorities (DPAs) dispute resolution procedures.
NCT will respond promptly to inquiries and requests by the Department for information relating to Privacy Shield and will respond expeditiously to complaints regarding compliance with the Principles referred by EU Member State authorities through the Department and will respond to consumer complaints within 45 days of receipt of the complaint. NCT, in cooperation with DPAs, will respond directly to such authorities with regard to the investigation and resolution of complaints and will comply with any advice given by the DPAs where the DPAs take the view that NCT needs to take specific action to comply with the Privacy Shield Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles, and will provide the DPAs with written confirmation that such action has been taken.
Information Subject to Other Policies
In compliance with the Privacy Shield Principles, NCT commits to resolve complaints about our collection or use of your personal information, whether of a human resources nature or not. European Union or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact NCT Holdings, Inc. (NCT & NCTL) at:
Attn: Privacy Officer
3211 Shannon Road, Suite 300
Durham, NC 27707 Email:
Please use the following link to learn more about the Privacy Shield program and to view the NCT certification: https://www.privacyshield.gov
Please use the following link to learn more about the U.S.-Swiss Safe Harbor Program and to view the NCT certification: https://safeharbor.export.gov/swisslist.aspx
NCT Holdings, Inc. (NCT & NCTL) commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by the panel with regard to data transferred from the EU or Switzerland, whether of a human resources nature or not. To file a complaint, free of charge, regarding potential mishandling of EU or Swiss data by NCT Holdings, Inc. for citizens of the countries listed below, you may refer to the following websites to locate the specific emails, websites, mailing addresses, and phone numbers for your corresponding country’s Data Protection Authority or the Swiss FDPIC:
• Czech Republic
• United Kingdom
• Or to contact the European Data Protection Supervisor
To file a complaint regarding Swiss data privacy concerns, you may contact the Swiss Federal Data Protection and Information Commissioner to oversee any potential dispute resolution. You may reach the FDPIC via the following contact information:
Swiss Federal Data Protection and Information Commissioner
telephone: +41 (0)58 462 43 95 (mon.-fri., 10-12 am)
fax: +41 (0)58 465 99 96
An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. The following is a link to Annex I for additional information:
Please note that at the first annual review, the Department of Commerce will work with the Swiss Government to put in place the binding arbitration option in Annex I of the Swiss-U.S. Privacy Shield Framework.
Version 8.0, 11 Dec 2017