2010 Broadway St, Suite 200,
Redwood City, CA 94063
Ph: 650-521-5449

Website and Client Services Privacy Policy

Effective Date: January 16, 2014

This Website and Client Services Privacy Policy (“Privacy Policy”) covers “Personal Information” collected by Comprehend from clients and client systems as well as through the operation of websites by Comprehend Systems, Inc. and its subsidiaries (“Comprehend,” “we,” and “us”), including http://www.comprehend.com.  The Privacy Policy describes how Comprehend collects, uses, and discloses “Personal Information.”

Personal Information” means information that alone or when in combination with other information may be used to readily identify, contact, or locate you, such as: name, address, email address, or phone number. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual.

About Comprehend

Comprehend provides its customers with services and tools that allow them to analyze and report on clinical data pulled from multiple, disparate data sources through a single interface. These tools and services are not a part of our corporate website. Comprehend serves as a data processor for the customers who use these tools and services. More specifically, Comprehend does not own the information that is submitted to us through our services and tools. The information that is submitted through our client services relationships will be held subject to the requirements specified by our customers.

This Privacy Policy does not reflect the privacy practices of Comprehend’s customers and Comprehend is not responsible for its customers’ privacy policies or practices. Comprehend does not review, comment upon, or monitor its customers’ privacy policies or their compliance with their respective privacy policies, nor does Comprehend review its customer’s instructions to determine whether they are in compliance or conflict with the terms of a customer’s published privacy policy. Accordingly, we operate as a data processor for our customers. Comprehend’s customers act as data controllers. Comprehend maintains only that Personal Information which its customers have asked it to process.

Safe Harbor Certification and Processing of EU Data

Comprehend complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.  Comprehend has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  To learn more about the Safe Harbor program, and to view Comprehend’s certification, please visit http://www.export.gov/safeharbor/

This Privacy Policy does not apply to the practices of companies for which Comprehend does not manage business, or of persons that Comprehend does not employ or manage. However, the Safe Harbor Principles apply, in part, to third-parties requiring that the third party provide at least the same level of privacy protection as is required by the relevant Principles in the case of the onward transfer of personal data. All provisions of the Safe Harbor Principles and Frequently Asked Questions apply where they are relevant.

Collection and Use of Personal Information Through Comprehend Client Services and Website

You may visit the websites of Comprehend without revealing any Personal Information. However, in some instances, Comprehend may require certain Personal Information, such as business contact information, to respond to your inquiries or provide you with requested information.

We also collect information provided by our customers to provide services to those customers. This information may include Personal Information about individuals, including health information collected as part of clinical trials. Comprehend will use this information as directed by its customers and for internal and service-related purposes.

Because of the nature of its services, Comprehend operates as a data processor for its customers. Comprehend’s customers act as data controllers. Individuals involved in clinical studies may interact directly with Comprehend’s customers rather than with Comprehend. Comprehend maintains only that Personal Information its customers have asked Comprehend to process. It is the Comprehend customer’s responsibility to ensure that the data the customer collects can be legally collected in the country of origin. The Comprehend customer is responsible for giving its employees and customers the appropriate level of notification that Personal Information is being collected and maintained.

We may anonymize and aggregate data collected through the website, tools, and services, and use it for any purpose.

Comprehend may automatically receive and record certain non-Personal Information from website users and the users of its tools and services. Comprehend may use this information to provide certain functionality, improve the tools and services, and monitor the use of the tools and services.

Information Sharing and Disclosure

Comprehend may disclose Personal Information to its agents and partners who assist the Company in providing services to customers. We will share Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information.

Comprehend may otherwise disclose Personal Information when:

  • we have express consent to share the information for a specified purpose;
  • required in response to subpoenas, court orders, law enforcement requests, or such other legal process;
  • we need to protect the personal safety of the users of our systems or defend the rights or property of Comprehend; or
  • we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider.


By accessing the tools and services of Comprehend and voluntarily providing us with the requested Personal Information, including through this website, users consent to the collection and use of the information in accordance with this Privacy Policy, including transfers from the European Economic Area (EEA) to the United States. Individuals who do not consent to the collection, use, or disclosure of their Personal Information as outlined in this policy should not provide any Personal Information to Comprehend. If an individual has provided Personal Information to Comprehend or its customers, and no longer consents to its use or disclosure as outlined herein, please notify Comprehend at privacy@comprehend.com.

Onward Transfer

We are a global corporation with operations in several countries. We have developed global data practices designed to assure Personal Information is appropriately protected. While our primary data centers are in the United States, we may transfer Personal Information to Comprehend offices outside of the United States now or in the future. In addition, we may employ other companies and individuals to perform functions on our behalf. If we disclose Personal Information to a third party or to Comprehend employees outside of the United States, we will ensure that such party has agreed to abide by the Safe Harbor principles, or can otherwise assure adequate protection of such Personal Information.

Data Integrity

Comprehend will use Personal Information only in ways compatible with the purpose for which it was collected or authorized by our customers, or as requested in connection with website user usage as described in this Privacy Policy.

Information Retention

Comprehend’s collection, use, and disclosure of information is generally governed by service agreements with our business customers. Information relied upon to provide these services to our business customers is retained only for as long as we have a valid business purpose and in accordance with applicable law.


In most cases, when Comprehend obtains Personal Information, it does so on behalf of another company (as an agent or data processor). To request access to, correction, amendment, or deletion of this Personal Information, a customer or end user should contact the company to which the data was provided.  For other inquiries, please contact us at privacy@comprehend.com.


Comprehend has a Privacy Officer who is responsible for Comprehend’s compliance with and enforcement of this Policy. Comprehend’s Privacy Officer is available to any of its employees, customers, vendors, business partners, or others who may have questions concerning this Privacy Policy or data security practices. Comprehend’s Privacy Officer may be contacted by email at privacy@comprehend.com.

Any questions, comments, or complaints about the data practices of a customer for which Comprehend processes data should be directed to that customer (including, without limitation, compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement), although Comprehend will make reasonable efforts to comply or assist with such requests.  If Comprehend and its customers are unable to resolve your complaint, Comprehend has agreed to cooperate with the European Union data protection authorities to resolve any privacy complaints related to Personal Information.


No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. Once we receive your transmission, we take steps to ensure security on our systems. Please note this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such safeguards.

Comprehend has adopted appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal Information we process. Comprehend strives to protect the privacy of the Personal Information it processes, and to avoid inadvertent disclosure.

If Comprehend learns of a security system’s breach, Comprehend maintains an incident response policy that includes notifications consistent with applicable law.

By using this website or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website.

Changes and Updates

Comprehend will maintain Personal Information in accordance with this Privacy Policy. If Comprehend decides to change this Policy, Comprehend will post the changes on this page so our customers and/or their employees and users are aware of what types of Personal Information Comprehend processes, how Comprehend uses it, and under what circumstances, if any, Comprehend discloses it. Comprehend will continue to process Personal Information consistent with its obligations to its customers.

Contacting Comprehend

If you have any questions, comments, or concerns about Comprehend or this Privacy Policy, please email us at privacy@comprehend.com.

Postal Mail Address:

2010 Broadway St.
Suite 200
Redwood City, CA 94063

We can be reached via e-mail at privacy@comprehend.com or you can reach us by telephone at (650)521-5449.