HEALTH CARE PROFESSIONALS AND ADVERSE EVENT REPORT PRIVACY NOTICE

 

  1. INTRODUCTION

Inceptua S.A. and all its affiliates, branches and subsidiaries. (“we”, “us”, “our”, “INCEPTUA”) are committed to protecting your privacy and we treat all your personal data in accordance with the applicable laws regulations and our internal Policies.

At Inceptua we recognize the importance of, and are fully committed to protecting, the privacy of information related to Health Care Professionals (HCPs) and Patients. This notice explains why and how your personal data is processed. It also explains your rights in relation to your personal data. Also, this notice explains how we use the personal data we receive in connection with a suspected adverse event.

When a suspected adverse event concerning one of the medicinal products supplied by us is reported to us, we will collect certain information that can be used to identify you (“personal data”).

 

  1. WHO DOES THIS PRIVACY NOTICE APPLY TO?

This notice applies to you if you are:

  • using any of our products
  • or because we recently turned to you to discuss the possibilities of
    using our products
  • identified in a report of a suspected adverse event or product complaint; or
  • you are reporting a suspected adverse event or product complaint on behalf of you or someone else

The provision of your personal data is voluntary (unless you are a healthcare professional who is obliged to report adverse events), however if you do not provide your personal data, we will not be able to address your query.

 

  1. INFORMATION WE MAY PROCESS ABOUT YOU

If you are an HCP:

Inceptua collects and processes your Personal Data, which can come directly from you, publicly available sources (for example, academic journals you may have published an article in), or other sources such as, data companies, publicly accessible databases, marketing partners with whom we contract, social media platforms and other third parties.

We only keep information about you that is necessary for managing our relationship with you. Depending on the relationship, we may process information about you including:

  • Personal details (such as your name, age, gender)
  • Contact details (such as postal address, telephone numbers, email address)
  • Your interests, such as health conditions and topics about which you request information from us)
  • Professional details such as your place of practice, job title, licensures, the medical field in which you are active, your professional qualifications, affiliations, publications and other scientific activities.
  • Adverse event data
  • Data related to your interactions with us, your knowledge of and questions you have had on our business and products, what kind of material we have displayed to you and any feedback that you have provided, as well as your opinions and routines on prescribing, routines regarding your patients and diagnosis, and similar information.

If you are not an HCP and you are reporting an adverse event:

  • Name, contact details and occupation, address of the reporting person.
  • Regarding patients the report may contain initials, birth date and gender, and some personal data related to health and medical history of the person undergoing an adverse event, if required.

 

  1. LEGAL BASIS OF THE DATA WE COLLECT

Inceptua processes relevant Personal Data, including special categories of personal data, in accordance with the GDPR, based on:

  • Consent: where we have obtained it explicitly
  • Legitimate interests: in maintaining a relationship with you and managing our interactions with you regarding our products and services
  • Legal obligations: In specific circumstances, we may need to process your Personal Data to comply with a relevant law/regulation or to fulfill our obligations under a contract to which you are subject.
  • Vital interests: to protect your vital interests, or the vital interests of other individuals that may be impacted by the suspected adverse event.
  • Public interest: where it is needed in the public interest, such as protecting against serious threats to health and ensuring high standards of our medicinal products and related healthcare.

 

  1. WHY WE PROCESS YOUR INFORMATION

We will only process information for purposes permitted by applicable laws. We may process information about you in order to:

  • Engage with you as an HCP when we have a contractual relationship or a legitimate interest
  • Asses and verify your eligibility to access certain products, services and data that may be provided only to certain licensed HCPs
  • To seek your views on products and services promoted by us or business partner for development and improvement purposes
  • Inviting you to our events or to participate in our activities, advising on activities involving HCPs, Health Care Organizations (HCOs), patient organizations, individual patients and clinical studies organizations.
  • Comply with legal, regulatory, industry best practices and ethical obligations
  • Conduct security and fraud detection and prevention
  • Any other purpose that is relevant in the relationship between Inceptua and HCPs.
  • Pharmacovigilance: we collect personal data directly from you when you report a suspected adverse event or product complaint directly to us. We may also collect personal data about you indirectly from third parties when they report a suspected adverse event.

 

  1. TO WHOM AND WHEN WILL WE DISCLOSE OR SHARE YOUR PERSONAL DATA?

 Your data will be disclosed only in accordance with applicable laws, and appropriate safeguards will be established, where possible, to protect your information We will share or disclose your Personal Data with the following entities:

  • Our global affiliates
  • Third parties that provide services to us (such as conducting audits, IT services, assisting in studies or health care compliance activities), business partners and collaborators
  • Government agencies, auditors, and authorities.
  • Potential or actual third party purchasers. We will require that any such purchasers treat your Personal Data consistently with this Privacy Notice.

In certain special cases where permitted by local law, we may disclose your personal data:

  • In the event of a merger, acquisition, consolidation, asset sale or in the unlikely event of bankruptcy.

 

  1. WHAT RIGHTS DO YOU HAVE?

Under certain circumstances you have the right to:

  • Request access to your personal data.
  • Request correction or erasure if the data is inaccurate or processed for purposes not stated above.
  • Object to processing, in certain circumstances.
  • Request the restriction of processing, under certain circumstances.
  • Request that we transfer personal data that you have provided to us to you or another party.
  • Request information on the identities or categories of third parties to which your personal data is transferred,
  • Lodge a complaint with the data protection authority in your country.

 

  1. TRANSFER OF PERSONAL DATA OUTSIDE OF EUROPE

For the purpose outlined above, Inceptua may transfer your personal data to a third-party. Some of the third parties referred to above may process your personal data outside of your country. If that is the case, we only transfer your personal data either to countries where the EU Commission has decided that they have an adequate level of data protection, or we take measures to ensure that all recipients provide an adequate level of data protection. For example, by entering into appropriate data transfer agreements.

 

  1. HOW LONG WE RETAIN YOUR INFORMATION

We aim to retain your information for no longer than is necessary for the specific business purpose or purposes for which it was collected. Information may be retained for a longer duration where applicable laws or regulations require, or allow us to do so.

 

  1. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered or disclosed in an unauthorized way. This includes encryption of data and use of pseudonymisation, whenever applicable.

We have put in place procedures to deal with suspected data security breaches and will notify you and any applicable regulators of breaches in accordance with relevant legal requirements.

We do not use automated decision-making or profiling as part of our business operations in relation to suspected adverse event reporting.

 

  1. CONTACT US

If have any questions about how we process your personal data or want to exercise one of your rights, you can contact us writing us to: privacy@inceptua.com

 

LAST UPDATED: August 2020