Skip to content

Coming Together For Cures

Consider joining one of our current and future clinical trials.

Coming Together

Coming Together is a network of condition-specific online groups aimed at educating patients and caregivers about their health and creating awareness of clinical trials currently enrolling and upcoming. Coming Together is managed by Safira Clinical Research, a clinical study partner. Join one of our every-growing Coming Together Facebook communities by clicking on the logo below.

Privacy Policy

SAFIRA Clinical Research Ltd
Privacy Notice 
Effective Date: 5/NOV/2025
 
1. Introduction
SAFIRA Clinical Research Ltd  is committed to protecting the privacy and
personal data of all individuals with whom we interact, including clients,
partners, contractors, and study participants whose data may be processed in
the course of our activities.
This Privacy Notice explains how we collect, use, store, share, and protect
personal data in accordance with applicable data protection laws, including
the EU General Data Protection Regulation (GDPR) and other relevant
national legislation.
 
2. Who We Are
SAFIRA Clinical Research Ltd Barnagouloge, Cloughjordan, Co. Tipperary,
E53 VW10, Ireland Email:
privacy@safira.partners
We provide specialized clinical research and regulatory support services,
including data-driven project management, user acceptance testing, and
software validation activities for the life sciences industry.
 
3. Categories of Personal Data We Process
Depending on the nature of the engagement, SAFIRA may process the following
categories of personal data:
  • Client and Vendor Representatives: names, business contact details,
    position, and correspondence records.
  • Employees and Contractors: identification data, professional
    qualifications, training and performance records, payroll and HR
    information.
  • Clinical Study Personnel (e.g., investigators, site staff): names,
    contact information, qualifications, and training documentation.
  • Clinical Study Participants (if applicable): coded or pseudonymized
    data (never directly identifying information).
  • Website Visitors: limited technical data (e.g., IP address, browser
    type, cookies as detailed in our Cookie Policy).
4. How We Collect Personal Data
We collect personal data through:
  • Direct interactions with clients, vendors, and employees.
  • Contractual documentation and communications.
  • Regulatory and compliance activities.
  • Technology platforms used for service delivery (e.g., GLOAT platform).
  • Publicly available sources, when relevant and lawful.
5. Purpose and Legal Basis for Processing
We process personal data for the following purposes:
 
Purpose
Legal Basis (GDPR)
Contract performance and service delivery
Article 6(1)(b) – Contractual necessity
Compliance with legal and regulatory obligations (e.g., GCP, GDPR,
employment law)
Article 6(1)(c) – Legal obligation
Quality assurance, audit, and risk management
Article 6(1)(f) – Legitimate interests
Communication with clients, vendors, and authorities
Article 6(1)(f) – Legitimate interests
Recruitment and human resource management
Article 6(1)(b) and 6(1)(c)
Security and incident monitoring
Article 6(1)(f)
Consent-based processing (e.g., marketing communications)
Article 6(1)(a) – Consent
6. Data Retention
Personal data are retained only for as long as necessary to fulfil the
purposes for which they were collected and in line with applicable legal,
contractual, and regulatory obligations.
Retention periods are defined in SAFIRA’s internal
Data Retention and Disposal Framework, which ensures secure archiving
and destruction of data when no longer required.
 
7. Data Protection and Security
SAFIRA implements a comprehensive Quality Management System (QMS) that
includes documented procedures for data protection, information security,
access control, incident response, and data retention.
Our internal framework aligns with:
  • ISO 9001 quality management principles
  • ISO/IEC 27001 information security standards
  • ICH-GCP E6 (R2) and GDPR data integrity principles
Technical and organizational measures include:
  • Access control and role-based permissions
  • Encrypted data transfer and storage
  • Secure system backups and disaster recovery plans
  • Regular staff training on data protection and cybersecurity
  • Vendor risk assessment and monitoring
8. Data Sharing and International Transfers
SAFIRA does not sell personal data. We may share data with:
  • Authorized employees and contractors bound by confidentiality obligations
  • Regulatory authorities when required by law
  • Approved third-party service providers supporting our business operations
    (e.g., hosting, auditing, or training platforms)
Where data transfers outside the European Economic Area (EEA) occur, they are
safeguarded by EU Standard Contractual Clauses (SCCs) or equivalent
transfer mechanisms.
 
9. Data Subject Rights
Individuals whose personal data are processed by SAFIRA have the following
rights under the GDPR:
  • Right to access their data
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority
Requests to exercise these rights can be submitted to:
 
10. Personal Data Breach Notification
In the unlikely event of a data breach, SAFIRA will assess the risk and, where
required, promptly notify:
  • The relevant Data Protection Authority, and
  • Affected customers or individuals, in accordance with GDPR Articles 33 and
    34.
11. Updates to This Notice
This Privacy Notice may be updated from time to time to reflect regulatory
developments or changes in our processing activities. The latest version will
always be available on our website:
https://safiracr.com/privacy-policy/
 
12. Contact
For any questions about this Privacy Notice or SAFIRA’s data protection
practices, please contact:
 
Data Protection Officer (DPO) Francis Gon
Barnagouloge, Cloughjordan, Co. Tipperary, Ireland