Privacy Policy
Your privacy, trust, and compliance are our foundation.
Effective Date: October 24, 2025
•Last Updated: October 24, 2025
At CareShift™, powered by NexTrial.ai, your privacy, trust, and compliance are at the core of how we design, operate, and scale our platform. We follow HIPAA (U.S.), GDPR (EU/UK), LGPD (Brazil), and GxP (Good Practice in Life Sciences) to ensure data security and transparency.
1. What We Collect
- User data (name, email, organization)
- Usage logs for compliance and audit-readiness
- Public registry metadata (e.g., clinicaltrials.gov, NPI)
- Feedback and communications
No PHI: We do not collect or store Protected Health Information.
2. How We Use Your Information
- Operate and improve our AI-powered readiness platform
- Maintain traceability, audit logs, and regulatory alignment
- Support communication and product feedback
- Analyze anonymized data for performance and compliance
We never sell or share your personal data.
3. Data Sharing
Shared only under lawful bases:
- With explicit consent
- For legal compliance
- With trusted subprocessors (AWS, analytics, email providers) under DPA
4. Data Security
- AES-256 encryption, TLS 1.3 transport
- Role-based access
- SOC 2 and ISO 27001-aligned infrastructure
- GxP traceability and FDA Part 11 compliance
5. Your Rights
You may request access, correction, or deletion of your data at any time by emailing privacy@nextrial.ai.
6. Retention & Transfers
- Retained only as long as required for compliance
- Cross-border transfers under Standard Contractual Clauses and LGPD adequacy
7. Updates
We'll notify users of material changes via the platform or email.
8. Contact
Data Privacy & Compliance: privacy@nextrial.ai
Legal: legal@nextrial.ai
Address: NexTrial.ai, 2121 Biscayne Blvd, Miami, FL 33137, USA