This Business Associate Privacy Policy (the “Policy”) describes how m360 Research uses Personal Data relating to the personnel or representatives (“Representatives”) of our clients, suppliers and other entities with whom we have entered, or may enter, business transactions (“Business Associates”). This Policy describes how we may obtain Representatives’ personal data, the types of personal data we may obtain, how we use, share and protect the personal data, the rights of Representatives with respect to their personal data, and how to contact us about our privacy practices.
This Policy does not apply to personal data other than the personal data relating to Representatives. For the Privacy Policy for all other personal data, please see our market research Privacy Policy.
We may revise this Privacy Policy at any time, without notice to you. You are responsible for reviewing it regularly. Your access of the Sites following the posting of changes means you agree to abide by those changes.
This Policy was last revised on December 3, 2025.
m360 Research and Affiliates operate ISO 20252 certified market research panels with the highest quality data collection and project management capabilities that cover the spectrum of quantitative and qualitative research techniques utilized today. m360 Research is the trading name for the market research activities provided by M3 USA Corporation and its affiliates, including M3 (EU) Ltd, M3 Medical Holdings Ltd, M3 Global Research, Qualitative and Quantitative Fieldwork Services AB (QQFS), Ekas Marketing Research Services (Ekas), M-Panels Research Services Private Limited (m360 Research), pharma-insight GmbH, Med Planet, M3-MI, All Global Circle and Michael Allen Company.
The M3 Group, named to represent Medicine, Media, and Metamorphosis, was founded with the goal of changing the world of medicine through full use of the power of the Internet. The M3 Group operates in the US, Asia, Europe and Australia with over 2 million physician members globally via its physician websites such as: m3.com, mdlinx.com, m3globalresearch.com, m-panels.com, doctors.net.uk, ekas.com.au, networksinhealth.com, medigate.net, medlive.cn, pharma-insight.com, medplanet.biz, michaelallencompany.com and allglobalcircle.com.
M3 Inc. is a publicly traded company on the Tokyo Stock Exchange (jp:2413) with subsidiaries in major markets including USA, UK, European Union, Japan, S. Korea, India, Australia and China. M3 Group provides services to healthcare and the life science industry. In addition to market research, these services include medical education, ethical drug promotion, clinical development, job recruitment, and clinic appointment services. M3 has offices in Tokyo, Fort Washington, PA, London, Gothenburg, Lyon, Solingen, Chatswood, Bangalore and Seoul.
m360 Research obtains personal data of Representatives that is disclosed or otherwise processed by m360 Research upon entering into and performing agreements, communicating with Business Associates in relation to agreements and making and receiving payments under agreements. We also may obtain Representatives’ personal data from public sources in anticipation of a prospective business relationship.
We use a variety of public sources to collate information about potential Business Associates we believe may be suitable for our services. We may also receive a referral from one of your colleagues and process that information in a similar way. Personal data is any information that allows an individual (in this case, the Representative) to be identified.
We may process the following types of personal data about Representatives:
As a matter of practice, we will not collect any sensitive (special category) personal data relating to Representatives. To the extent that there is a need for us to process sensitive personal data, we will obtain the Representative’s prior written consent.
This data is used to manage our contact with you, so that, for example, multiple attempts to contact you regarding the same services are eliminated or you are not re-contacted after informing us you are not interested in our services. We also use it as we generate lists of potential Business Associates to contact.
We process personal data based on our legitimate interest (i.e., we have a valid business reason) and we have carefully balanced your individual rights against this need.
We will only process your personal data for the purpose it was first collected. If we process the personal data for a new purpose, we will ensure it is either compatible with your original purpose or gain your consent.
We may use the personal data we obtain about Representatives to:
m360 Research does not sell, rent, or trade Representatives’ personal data. We may share your personal data only with:
Our website may contain links to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other websites and these other websites are not governed by this privacy policy. You should exercise caution and look at the privacy statement applicable to the website in question.
Our website may contain links to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other websites and these other websites are not governed by this privacy policy. You should exercise caution and look at the privacy statement applicable to the website in question.
m360 Research endeavours to apply suitable safeguards to protect the privacy and security of your personal data and to use it only in ways that are consistent with your relationship with m360 Research and the practices described in this Privacy Policy. Because of the global nature of our business, there may be times when we need to transfer your Personal Data to a country outside of the country you reside.
m360 Research uses cloud and physical servers in the UK, EU, USA, India, and Australia. UK and EU Personal Data will only be stored and processed in UK, EU or USA.
For transfers of UK or EEA personal data outside of these jurisdictions, m360 Research uses EU Standard Contractual Clauses or UK International Data Transfer Agreements to additionally safeguard data from the EEA and UK to countries outside of these locations.
As laid out in this Privacy Policy, we may from time to time share limited information with carefully selected partners. This may involve transferring your personal data to countries outside of the country you reside and is done within the legal restrictions of data protection laws and regulations including but not limited to the General Data Protection Regulations (GDPR) and US State privacy laws, and with m360 Research remaining in contractual control of the data.
We maintain appropriate technical and organizational security safeguards designed to protect Representatives’ personal data against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure, or use. We update and test our security technology on an ongoing basis. We limit access to your personal data to those employees who need access to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your personal data.
We store Representatives’ personal data for as long as necessary to fulfil the purposes for which we collect the data (see “How We Use the Personal Data We Obtain”), except if required otherwise by law. Your personal data may be kept for 10 years after the working relationship has ceased.
As our organization, membership and benefits change from time to time, this Privacy Policy and our Terms of Use is expected to change as well. We reserve the right to amend the Privacy Policy and Terms of Use at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy and Terms of Use at this Site. We may e-mail periodic reminders of our policy and terms and will e-mail Representatives of material changes to it, but you should check our Site frequently to see the current Privacy Policy and Terms of Use that are in effect and any changes that may have been made to them.
The European Union’s General Data Protection Regulation, the UK Data Protection Act, the California Consumer Privacy Act, as well as other countries and State privacy laws provide certain rights for data subjects. Explanations of them (in English) are available at (i) the EU GDPR website (ii) the website of the United Kingdom’s Information Commissioner’s Office (iii) the website of the State of California Department of Justice and (iv) the website of the Swiss Federal Data Protection. For individual US State Privacy Laws, please visit the website of the State Governor.
Additional information for California residents can be found in our California Privacy Policy
If you wish to confirm that m360 Research is processing your personal data, or to have access to the personal data m360 Research may have about you, please contact our Data Protection Officer using the email below.
You may request information about:
You have a right to:
To exercise your rights, you can write the Data Protection Officer at dpo@m360research.com.
Reasonable access to your personal data will be provided at no cost to you upon your request. m360 Research will provide the information to you within the legal time frame. If for some reason access is denied, m360 Research will provide an explanation as to why access has been denied.
If you feel we have not processed your personal data according to this policy or within the realms of the data protection laws and regulations you may make a complaint directly to our Data Protection Officer at dpo@m360research.com. We will acknowledge receipt within 30 days and investigate your complaint, keeping you informed of progress and any remedial action taken.
You may also complain directly to the UK/EU Supervisory Authority or other Data Protection Authority in either your home country or the country your data has been processed if you feel we have not dealt with your complaint adequately.
If you have questions about this Privacy Policy, please email m360 Research’s Data Protection Officer at dpo@m360research.com.