Privacy Policy

SAFIRA Clinical Research Ltd
Privacy Notice 
Effective Date: 5/NOV/2025
1. Introduction
SAFIRA Clinical Research Ltd  is committed to protecting the privacy and
personal data of all individuals with whom we interact, including clients,
partners, contractors, and study participants whose data may be processed in
the course of our activities.
This Privacy Notice explains how we collect, use, store, share, and protect
personal data in accordance with applicable data protection laws, including
the EU General Data Protection Regulation (GDPR) and other relevant
national legislation.
2. Who We Are
SAFIRA Clinical Research Ltd Barnagouloge, Cloughjordan, Co. Tipperary,
E53 VW10, Ireland Email:
privacy@safira.partners
We provide specialized clinical research and regulatory support services,
including data-driven project management, user acceptance testing, and
software validation activities for the life sciences industry.
3. Categories of Personal Data We Process
Depending on the nature of the engagement, SAFIRA may process the following
categories of personal data:
  • Client and Vendor Representatives: names, business contact details,
    position, and correspondence records.
  • Employees and Contractors: identification data, professional
    qualifications, training and performance records, payroll and HR
    information.
  • Clinical Study Personnel (e.g., investigators, site staff): names,
    contact information, qualifications, and training documentation.
  • Clinical Study Participants (if applicable): coded or pseudonymized
    data (never directly identifying information).
  • Website Visitors: limited technical data (e.g., IP address, browser
    type, cookies as detailed in our Cookie Policy).
4. How We Collect Personal Data
We collect personal data through:
  • Direct interactions with clients, vendors, and employees.
  • Contractual documentation and communications.
  • Regulatory and compliance activities.
  • Technology platforms used for service delivery (e.g., GLOAT platform).
  • Publicly available sources, when relevant and lawful.
5. Purpose and Legal Basis for Processing
We process personal data for the following purposes:
Purpose
Legal Basis (GDPR)
Contract performance and service delivery
Article 6(1)(b) – Contractual necessity
Compliance with legal and regulatory obligations (e.g., GCP, GDPR,
employment law)
Article 6(1)(c) – Legal obligation
Quality assurance, audit, and risk management
Article 6(1)(f) – Legitimate interests
Communication with clients, vendors, and authorities
Article 6(1)(f) – Legitimate interests
Recruitment and human resource management
Article 6(1)(b) and 6(1)(c)
Security and incident monitoring
Article 6(1)(f)
Consent-based processing (e.g., marketing communications)
Article 6(1)(a) – Consent
6. Data Retention
Personal data are retained only for as long as necessary to fulfil the
purposes for which they were collected and in line with applicable legal,
contractual, and regulatory obligations.
Retention periods are defined in SAFIRA’s internal
Data Retention and Disposal Framework, which ensures secure archiving
and destruction of data when no longer required.
7. Data Protection and Security
SAFIRA implements a comprehensive Quality Management System (QMS) that
includes documented procedures for data protection, information security,
access control, incident response, and data retention.
Our internal framework aligns with:
  • ISO 9001 quality management principles
  • ISO/IEC 27001 information security standards
  • ICH-GCP E6 (R2) and GDPR data integrity principles
Technical and organizational measures include:
  • Access control and role-based permissions
  • Encrypted data transfer and storage
  • Secure system backups and disaster recovery plans
  • Regular staff training on data protection and cybersecurity
  • Vendor risk assessment and monitoring
8. Data Sharing and International Transfers
SAFIRA does not sell personal data. We may share data with:
  • Authorized employees and contractors bound by confidentiality obligations
  • Regulatory authorities when required by law
  • Approved third-party service providers supporting our business operations
    (e.g., hosting, auditing, or training platforms)
Where data transfers outside the European Economic Area (EEA) occur, they are
safeguarded by EU Standard Contractual Clauses (SCCs) or equivalent
transfer mechanisms.
9. Data Subject Rights
Individuals whose personal data are processed by SAFIRA have the following
rights under the GDPR:
  • Right to access their data
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority
Requests to exercise these rights can be submitted to:
10. Personal Data Breach Notification
In the unlikely event of a data breach, SAFIRA will assess the risk and, where
required, promptly notify:
  • The relevant Data Protection Authority, and
  • Affected customers or individuals, in accordance with GDPR Articles 33 and
    34.
11. Updates to This Notice
This Privacy Notice may be updated from time to time to reflect regulatory
developments or changes in our processing activities. The latest version will
always be available on our website:
https://safiracr.com/privacy-policy/
12. Contact
For any questions about this Privacy Notice or SAFIRA’s data protection
practices, please contact:
Data Protection Officer (DPO) Francis Gon
dpo@safira.partners
Barnagouloge, Cloughjordan, Co. Tipperary, Ireland

Gauri Nagrani

Gauri Nagrani, founding partner of Safira, brings more than 15+ years of experience within the clinical research field, where she has held leadership roles within the data management and eClinical groups.

Gauri pursued her graduate degrees in Biochemistry, Pharmacology and Pharmaceutical Research & Development in Canada at McGill University. She started her professional career by supporting research, operations and programming at Chiltern and AstraZeneca.

After some mergers and acquisitions she managed Covance´s FSP team for eCOA services until she started her own consultancy in 2018.

Her work and enthusiasm was recognized in 2023 when she was listed in PharmaVoice100.

Willie Muehlhausen

Willie Muehlhausen is a founding Partner of SAFIRA. He has more than 25 years of experience in global technology companies supporting clinical trials with a focus in patient-facing technologies.

Before he co-founded SAFIRA in 2021, Willie Muehlhausen worked as a technology consultant supporting eCOA companies and sponsors. He held the position of VP Innovation at ICON from October 2012 through July 2018 where he led several initiatives to prepare ICON for Decentralized Clinical Trials. Prior to this role he was ICON´s Executive Director eCOA and established a team of experts who managed all ICON eCOA projects. From September 2006 through October 2011 Willie Muehlhausen led the ePRO development for VIASYS Healthcare, which was ultimately acquired by ERT (now CLARIO) as Product Owner and was elected to lead the ePRO Consortium as the inaugural Vice Director Industry.

Throughout his career, he initiated a multitude of research projects on eCOA topics to improve the overall knowledge across the industry and he co-authored a leading ePRO Implementation Handbook, which is now available in a 2nd edition.

His research papers have been widely referenced and in 2022 was referenced in the “FDA Guideline for Patient-Focused Drug Development Part 3”.

Mr Muehlhausen began his career as Veterinary Surgeon after he graduated from the Free University in Berlin, Germany in 1996. In 2015 he was recognized as an Innovation leader by PharmaVoice 100 and as Top20 Innovator CenterWatch in 2018.

Ready to start your project now?

 

Request your free quote

get in touch