ElixirTrials, Inc. — Website Privacy Policy

Effective Date: June 1, 2026  ·  Last Updated: June 1, 2026

IMPORTANT: BY ACCESSING OR USING ELIXIRTRIALS, INC.'S ("COMPANY," "WE," "US," OR "OUR") WEBSITE AVAILABLE AT WWW.ELIXIRTRIALS.COM AND THE SERVICES, FEATURES, AND CONTENT THEREIN (COLLECTIVELY, THE "WEBSITE"), YOU ("YOU") CONSENT TO THE TERMS AND CONDITIONS OF THIS WEBSITE PRIVACY POLICY ("PRIVACY POLICY") AND CONSENT THAT ALL PERSONALLY IDENTIFIABLE INFORMATION ("PII") THAT YOU SUBMIT OR THAT IS COLLECTED THROUGH THE WEBSITE MAY BE PROCESSED BY THE COMPANY IN THE MANNER AND FOR THE PURPOSES DESCRIBED HEREIN.

WE DEFINE "PII" TO MEAN ANY INFORMATION RELATING TO AN IDENTIFIED OR IDENTIFIABLE NATURAL PERSON, INCLUDING BUT NOT LIMITED TO A NAME, EMAIL ADDRESS, IP ADDRESS, OR OTHER ONLINE IDENTIFIER.

YOU ARE NOT LEGALLY REQUIRED TO PROVIDE US WITH PII. HOWEVER, CERTAIN FEATURES OF THE WEBSITE MAY REQUIRE YOU TO DO SO. IF YOU CHOOSE TO WITHHOLD PII REQUESTED BY US, YOU MAY NOT BE ABLE TO ACCESS CERTAIN FEATURES OF THE WEBSITE. IF YOU DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT USE THE WEBSITE.

ElixirTrials, Inc. is a Delaware corporation that operates an AI-powered clinical trial platform for community hospitals. We recognize that privacy is important. This Privacy Policy applies to all information collected through the Website and covers how PII that the Company collects and receives is treated. If you have any questions about this Privacy Policy, please contact us at: privacy@elixirtrials.com.

1. Scope

This Privacy Policy covers PII collected through our Website and direct business interactions. It does not cover protected health information ("PHI") generated or maintained during clinical trials. ElixirTrials operates as a HIPAA Business Associate. We deploy on-premises AI infrastructure within hospital environments; all PHI remains on hospital-controlled infrastructure at all times. ElixirTrials does not receive, store, access, or process PHI on its own corporate systems. If you are a clinical trial participant and have questions about your health data, please contact the privacy office of the hospital where you enrolled in the trial (see Section 9 below).

2. Information We Collect and How We Use It

(a) Information You Provide. When you use our contact form or correspond with us, we may collect your name, email address, phone number, organization name, and message content. When we engage with business partners, sponsors, or vendors, we collect business contact information exchanged during those relationships.

(b) User Communications. When you send an email or other communication to the Company, we may retain those communications in order to process your inquiries, respond to your requests, and improve our Website. If you subscribe to our mailing list, we collect your email address. You may opt out of promotional communications at any time by emailing privacy@elixirtrials.com or using the unsubscribe link in any promotional email. Opting out does not affect transactional or administrative communications.

(c) Information Collected Automatically. When you visit the Website, we may automatically collect information from your browser or device, including: IP address, browser type, device identifiers, operating system, pages visited, referring URL, date and duration of visit, and language preferences. We use this information to understand usage trends, improve the Website, and maintain security.

(d) Aggregate and Analytical Data. We may conduct research on user demographics, interests, and behavior based on PII and other information provided to us. This research may be compiled and analyzed on an aggregate basis. Aggregate information does not identify you personally. We may disclose aggregated user statistics to describe our services to current and prospective business partners and for other lawful purposes.

We do not collect sensitive health information, Social Security numbers, financial account numbers, or biometric data through our Website.

3. How We Use Your Information

We use the PII we collect for the following purposes:

  • Responding to inquiries submitted through our contact form or by email
  • Communicating with business partners, sponsors, and vendors
  • Analyzing website traffic to improve site performance and user experience
  • Sending promotional communications (with your consent, where required)
  • Maintaining the security of our Website and systems
  • Complying with legal obligations

We do not sell your personal information.

4. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Website:

  • Essential Cookies are necessary for the Website to function and cannot be disabled.
  • Analytics Cookies (e.g., Google Analytics) help us understand how visitors interact with the Website by collecting information in an aggregated form.

You may set your browser to block or alert you about cookies. If you block cookies, certain features of the Website may not function properly. We may also use web beacons (pixel tags) in emails to determine whether messages have been opened and links clicked.

We honor Do Not Track ("DNT") signals where technically feasible.

5. Links

The Website may contain links to third-party websites, services, or applications provided as a convenience to our users. The Company is not responsible for the privacy practices or content of those third-party sites. This Privacy Policy applies solely to PII collected through our Website.

6. Information Sharing

We share PII only when necessary and in the following circumstances:

(a) Service Providers. We may share PII with third-party service providers who assist us in operating the Website and conducting our business (e.g., hosting, analytics, email services), under contractual obligations to protect your data and use it only for the purposes for which it was disclosed.

(b) Legal Compliance. We may disclose PII when required by law, regulation, subpoena, court order, or other valid legal process, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or investigate fraud.

(c) Business Transfers. In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, PII may be transferred as part of the transaction. We will notify you via email and/or a prominent notice on our Website of any change in ownership or use of your PII.

(d) With Your Consent. We may share your PII for other purposes with your express consent.

We do not sell or rent PII to third parties for their marketing purposes.

7. Information Security

We maintain administrative, technical, and physical safeguards designed to protect PII against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit and at rest, role-based access controls, and regular security assessments. Our security program is audited under SOC 2 criteria.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your PII, we cannot guarantee absolute security.

8. Data Integrity and Retention

We process PII only for the purposes for which it was collected and in accordance with this Privacy Policy. We take reasonable steps to ensure that PII is accurate, complete, and current, but we depend on our users to update or correct their PII when necessary.

We retain PII only as long as reasonably necessary for the purposes described in this Privacy Policy or as required by applicable law. When PII is no longer needed, we delete or anonymize it in accordance with our data retention schedule.

9. Clinical Trial and Regulatory Data

ElixirTrials provides AI-powered technology infrastructure for clinical research conducted under FDA oversight. Our software operates on hospital infrastructure, and all patient health information remains under the sole control of the healthcare institution conducting the trial (the HIPAA Covered Entity) at all times. ElixirTrials does not maintain, access, or store patient health information on its own corporate systems.

If you are a clinical trial participant, your privacy rights regarding your health data are governed by the hospital's Notice of Privacy Practices under HIPAA. Please contact the privacy office of the hospital or study site where you enrolled. ElixirTrials cannot fulfill requests related to PHI because we do not hold it.

To the extent ElixirTrials holds any non-health personal information about you (such as a contact email provided through our website), we will process any request regarding that information in accordance with Section 10 below.

Where applicable, certain data associated with clinical research may be subject to mandatory retention requirements under FDA regulations (21 CFR Part 312) and ICH-GCP guidelines, which may limit the ability to fulfill deletion requests for regulatory data held by hospital study sites.

10. Your Rights

You may exercise the following rights by sending a request to privacy@elixirtrials.com:

(a) Right of Access and Rectification. You have the right to know what PII we hold about you and to request a copy of that information. You also have the right to request correction of PII that is inaccurate, incomplete, or out of date. We may ask you to verify your identity before processing your request.

(b) Right to Delete or Restrict Processing. You have the right to request deletion of your PII or to restrict its processing. We may postpone or deny your request if your PII is in current use for legitimate purposes such as compliance with legal obligations.

(c) Right to Withdraw Consent. You have the right to withdraw your consent to the processing of your PII at any time. Exercising this right will not affect the lawfulness of processing based on your consent before its withdrawal.

(d) Right of Data Portability. Where technically feasible, you have the right to request that your PII be provided to you in a structured, commonly used, machine-readable format.

We will respond to verified requests within 30 calendar days. If a request is unusually complex, we may extend the response period by an additional 15 calendar days and will notify you of the extension and the reason for it. We will not discriminate against you for exercising any of these rights.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act:

  • Right to Know what personal information we collect, use, disclose, and sell (we do not sell personal information)
  • Right to Delete your personal information, subject to certain exceptions
  • Right to Opt-Out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising)
  • Right to Non-Discrimination for exercising your privacy rights

Clinical trial exemption: Personal information collected in the context of clinical trials conducted under federal human-subject protection requirements is exempt from CCPA pursuant to California Civil Code Section 1798.145(t). This section of our Privacy Policy applies to personal information we collect through our Website from California residents.

To exercise your California privacy rights, email privacy@elixirtrials.com or write to:

ElixirTrials, Inc.
Attn: Privacy Lead
1610 Highmeadow Lane
Algonquin, IL 60102

We will verify your identity before processing your request and will respond within 45 calendar days, with one 45-day extension permitted if reasonably necessary (with notice).

12. Children

Our Website is not directed at children under the age of 16. We do not knowingly collect PII from children under 16. If you are a parent or guardian and believe that your child has provided us with PII without your consent, please contact us at privacy@elixirtrials.com and we will promptly delete that information.

13. International Users

ElixirTrials, Inc. is headquartered in the United States. Our subsidiary, ElixirTrials France, provides engineering and technical support services only and does not independently process personal data of EU residents for its own purposes.

If you provide information to us from outside the United States, your PII may be transferred to and processed in the United States, which may have different data protection laws than your country of residence. By submitting your PII through the Website, you consent to this transfer and processing. Where required by applicable law, we will implement appropriate safeguards for international data transfers.

14. Enforcement

The Company regularly reviews its compliance with this Privacy Policy. If you have questions or concerns regarding this Privacy Policy or our treatment of your PII, please contact us at privacy@elixirtrials.com. When we receive formal written complaints, it is our policy to contact the complainant regarding their concerns. We will cooperate with the appropriate regulatory authorities, including applicable data protection authorities, to resolve any complaints that cannot be resolved directly.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified by posting the updated policy on this page with a revised effective date, and where appropriate, by sending notice to the email address you have provided. Your continued use of the Website after changes are posted constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

16. Contact

For privacy questions, to submit a data subject request, or to exercise any of your rights under this Privacy Policy:

Email: privacy@elixirtrials.com
Entity: ElixirTrials, Inc., a Delaware corporation

ElixirTrials

Trials belong
where patients are.

ElixirTrials operates as a network of site-centric clinical trial operations designed to expand clinical trial access to underserved and geographically distributed patient populations. All participating hospital sites undergo formal feasibility assessment, regulatory documentation review, and protocol-specific staff training prior to site initiation.

Data collection, patient safety monitoring, and adverse event reporting are conducted in accordance with 21 CFR Part 11 and applicable Good Clinical Practice standards. ElixirTrials maintains full audit trail capability across all site activities via the Cauldron platform.

ElixirTrials is an integrated research organization operating in compliance with ICH-GCP guidelines and applicable FDA and EMA regulations. All trial activities are conducted under institutional review board (IRB) oversight.

Cauldron is a proprietary clinical trial management platform developed by ElixirTrials Inc. Site partnerships are subject to executed master service agreements.

Privacy Policy

ElixirTrials

ElixirTrials

Trials belong
where patients are.

ElixirTrials operates as a network of site-centric clinical trial operations designed to expand clinical trial access to underserved and geographically distributed patient populations. All participating hospital sites undergo formal feasibility assessment, regulatory documentation review, and protocol-specific staff training prior to site initiation.

Data collection, patient safety monitoring, and adverse event reporting are conducted in accordance with 21 CFR Part 11 and applicable Good Clinical Practice standards. ElixirTrials maintains full audit trail capability across all site activities via the Cauldron platform.

ElixirTrials is an integrated research organization operating in compliance with ICH-GCP guidelines and applicable FDA and EMA regulations. All trial activities are conducted under institutional review board (IRB) oversight.

Cauldron is a proprietary clinical trial management platform developed by ElixirTrials Inc. Site partnerships are subject to executed master service agreements.

Privacy Policy