Personal Information provided to Everest may be used for the following purposes, each a “Purpose”:

• To respond to your request about a career opportunity.
• To deliver services and information about Everest that you request.
• To provide you with access to protected areas of the Everest website.
• To provide you with a user account to facilitate your participation in a clinical trial conducted by Everest.
• To include your information in an investigators registry so that it may be provided to Everest clients for consideration to participate in their Clinical Trials.

We will obtain your consent if we wish to use your information for any other Purpose. We will not release your personal information to other persons unless one of the following conditions apply:

• Where we have your consent.
• Where we are required by law, regulation, subpoena, or judicial or government order to be disclosed, provided Everest shall promptly notify you upon such request for disclosure and prior to such disclosure to permit you to oppose such disclosure by appropriate legal action.

Everest is the owner of all information collected on this website. If your personal information is collected and processed for the Purpose of your participation in a clinical trial, the clinical trial sponsor is the owner of this personal information collected. Everest processes this personal information according to the written agreement between Everest and the clinical trial sponsor.

Everest understands the importance of protecting the privacy of personal information. We limit the information we collect to what is needed for the Purpose, and we will only process it for the Purpose. Data is retained for as long as it is needed for the Purpose, or as permitted by law.

Personal information collected may include your name, email address, home or business address and phone number, current position title, and IP address (through navigation on our website). Our website collects personal information from you in the following ways:

• You may submit your personal information in response to a career opportunity within Everest.
• You may provide your personal contact information so that we can provide you with information to a specific request or service.
• In submitting a request for access to protected areas of our website, you will be required to provide personal contact information.
• If registering in our Investigator Registry, you will be required to provide personal contact information.
• While navigating through the Everest website, information is collected electronically for analytical purposes; information collected includes IP address, browser type, operating system, and access times. This information is collected so that we may analyze usage in an effort to continually improve our website and user engagement.

Data collected to provide the individual with a user account to facilitate participation in a clinical trial conducted by Everest may be accessed by clinical trial sponsor representatives and applicable regulatory authorities and is provided to the clinical trial sponsor at the end of the clinical trial. The Data may be stored on servers in Canada, U.S.A., and Germany. Third party vendors may process and store the Data during the clinical trial conduct. When third party vendors are involved, they will ensure that (1) the Data may only be processed for the limited and specified Purposes consistent with the consent provided by the individual; (2) they will provide the same level of protection to the Data as Everest provides; and (3) they will notify Everest if they can no longer meet this obligation. If the third party vendor notifies Everest that they can no longer meet this obligation, the third party vendor ceases processing or takes other reasonable and appropriate steps to remediate. These steps are in place because Everest has responsibility for the processing of personal information it receives under the EU-US and Swiss-US Privacy Shield Framework and the subsequent transfers of such personal information to a third party acting as an agent on its behalf (e.g., a vendor). Everest shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Everest proves that it is not responsible for the event giving rise to the inconsistency. Procedures are in place to ensure privacy breach incidents are communicated and followed up consistent with all applicable regulatory requirements, and according to Everest’s Policy EV.102 “Operational Policies Covering Confidentiality, Privacy, and Security”.

Data collected through the Investigator Registry information gathering page may be accessed by clinical trial sponsors who are Everest clients.

In the unlikely event that a U.S. Law Enforcement agency requests Data to be released, this Data will be provided as required by law. Data collected and/or processed by Everest may be subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). The FTC has jurisdiction over Everest’s compliance with the EU-US and Swiss-US Privacy Shield Framework. Everest is required to disclose personal information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements. Everest commits to notify individuals of the requirement to disclose personal information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements, and its liability in cases of onward transfers to third parties.