Research Policy

Deallus Holdings Limited, together with any of its affiliates, subsidiaries, parent and other related entities,  (“Deallus”, ”we” or “us”) are committed to protecting and respecting your privacy. We are committed to maintaining compliance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA) and any associated data protection regulations that come into force as and when required.

This Research policy together with our Privacy Policy sets out the basis for how personal information will be processed by Deallus as part of business development and specifically, our research activities.

Personal information can be obtained from third parties, publicly available sources or that we obtain directly from. Please read the following policy carefully to understand our views and practices regarding your personal data and how we will treat it.


Fundamentally, our business model evolves around providing our clients with best in-class insights and analysis which can involve using personal data to contact individuals and gain intel. We use personal information that we collect to identify and recruit individuals to participate in research activities. We may also use personal information to seek your participation in future research activities.

The personal data that is used for research activities and our contacts databases could be professional information about you including name, job title, company name, contact details provided directly from you to us, from publicly available information or third-party sources. Third-party sources could include study and hospital websites, conference programs, academic articles, government databases, Google and LinkedIn.

This information is processed on the grounds of legitimate business interest for the purposes of:

  • Facilitating research and providing the services requested by our clients
  • Identifying if you are key-decision maker or influencer in the industry
  • Ensuring that the information we hold about you is relevant, accurate and up to date.

Deallus also engages in regular business development activities and operates client relationship management databases which include details of individual contacts employed by our current, former and prospective clients together with other professional contacts associated with our clients’ business. The information we hold includes individual contact details, details of our interactions, past work and work opportunities. This information is processed for our legitimate business purpose of marketing our services to current and prospective clients, conducting research as part of our business operations and managing client and external relationships.

We periodically email our clients and contacts with our surveys, marketing materials or to share news and updates regarding our business practices or developments in the life sciences and biotech industry.  We welcome feedback and you can also opt out of future mailings at any time by emailing us at


We do not systematically share marketing information with third parties. We may share your information:

  • With third-party service providers that perform business operations on our behalf
  • With clients in relation to the research work performed
  • To protect and defend Deallus (including enforcing our Terms and Conditions)
  • When required by law and/or government authorities

Deallus has offices in the US and Asia to which we may transfer personal data from our UK office. The relevant legal entities have signed standard contractual clauses as a requirement of these cross-border transfers. Deallus may use suppliers in several countries to ensure the best services are available to our clients. We have signed vendor agreements with each of them to ensure they treat any personal data with the same privacy principles that we at Deallus uphold.


Personal records are held in our databases for the lifespan of our relationship or while it may serve future research purposes. Records are reviewed and purged once a year by our senior leadership team to remove contacts whose data is no longer deemed relevant, either because it is no longer accurate or because the likelihood of continued business interactions or research activities are deemed to be minimal. If you would prefer not to be included in our customer relationship management databases or research databases, please let us know by emailing us at


Deallus retains Personal Data, as necessary, for the duration of the relevant business relationship or activity. We may also retain Personal Data for longer than the duration of the business relationship or activity to protect ourselves against legal claims, use the data for analysis or historical recordkeeping or comply with our information management policies and schedules. For more information about our data retention and disposal practices, please reach out to


We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


Questions, comments and requests regarding this privacy policy are welcomed by us and should be addressed to

You have the right of access, rectification and erasure and, although we would hope that you would address any queries directly to us in the first instance so that we can resolve them, you may complain to the UK Information Commissioner.