EFIC Privacy policy 2019

Last updated: 7th August 2019

This Privacy Policy applies to Shionogi’s data processing activities conducted in respect of those who provide their contact details to Shionogi during the EFIC Congress 2019 for the purpose of responding to questions that cannot be answered on the day of the Congress

 

  1. WHO WE ARE AND PURPOSE OF THIS PRIVACY POLICY

We are Shionogi B.V. (“Shionogi”, “we”, “our”, “us”) – the European Headquarters of Shionogi & Co., Ltd., which is a global research-driven pharmaceutical business headquartered in Osaka, Japan. We are dedicated to developing medicines that address unmet needs in the core areas of pain, infectious diseases, metabolic disorders, oncology and women’s health.

Your trust is important to us and we are committed to protecting your personal data. This Privacy Policy explains how and why Shionogi collects, uses and protects your personal data. It also explains the privacy rights and choices that are available to you with respect to your personal data.

  1. WHO WE ARE AND PURPOSE OF THIS PRIVACY POLICY
  2. DATA WE MAY COLLECT ABOUT YOU
  3. HOW WE USE YOUR PERSONAL DATA
  4. TO WHOM AND WHEN MAY WE SHARE YOUR PERSONAL DATA
  5. INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA
  6. HOW WE KEEP YOUR PERSONAL DATA SECURE
  7. HOW LONG DO WE RETAIN YOUR PERSONAL DATA
  8. EXERCISING YOUR LEGAL RIGHTS
  9. UPDATES TO THIS PRIVACY POLICY & INFORMING US OF CHANGES TO YOUR PERSONAL DATA
  10. COMPLAINTS AND HOW TO CONTACT US

This Privacy Policy applies to Shionogi’s data processing activities conducted in respect of those who provide their contact details to Shionogi during the EFIC Congress 2019 for the purpose of responding to questions that cannot be answered on the day of the Congress.  

If you deal with Shionogi in any other capacity, additional privacy notices and/or consent forms will, if necessary, be communicated to you relating to specific situations where Shionogi may process your personal data.

Full name and contact details of the data controller:

 Our name: Shionogi B.V.

Registered office: Kingsfordweg 151, 1043GR, Amsterdam, Netherlands

Data Protection Lead: dataprotectionlead@shionogi.eu

If you have any concerns or questions about our use of your personal data, or would like to exercise any of your privacy rights or choices, please contact us as set out in the “How to contact us” section below.

 

  1. DATA WE MAY COLLECT ABOUT YOU

 Shionogi collects personal data about the following types of individuals: Congress delegates attending the EFIC Congress 2019. Shionogi will collect your contact details, including your full name, address, telephone number and email address.   

 

  1. HOW WE USE YOUR PERSONAL DATA

Shionogi uses your personal information in accordance with data protection legislation, this Privacy Policy and primarily for the following purposes:

  • Managing our relationship with you and conducting our business operations, including answering questions raised during the EFIC Congress 2019.
  • Complying with applicable laws, regulations, industry codes and guidance:including responding to adverse events, product safety concerns and complaints, medical information enquiries; investigating illegal activity or misconduct, breaches of our company policies or terms and conditions governing the use of our products, services and/or digital platforms; enforcing our other legal rights or in connection with litigation.
  • Complying with requests from regulators, data protection supervisory bodies, government investigations, courts and law enforcement authorities.

We may aggregate and/or de-identify any data we collect such that the information no longer identifies you as a specific individual. We may process such information for our own legitimate business purposes, without restriction (including for analysing engagement trends and other statistical analysis and business planning).

 

On what legal basis do we process your personal data?

Our legal basis for processing your personal data for the purposes described above will be as further described below:

  • consent to collect and process your personal data for the purpose of responding to you. You can withdraw your consent at any time by contacting us as set out in the “How to contact us” section below.
  • Contract administration. Processing is necessary to perform our obligations under a contract with you.
  • Legal obligations. Processing is necessary to comply with our legal and regulatory obligations.
  • Processing is necessary for reasons of public interest in the area of public health (including ensuring high standards of quality and safety of health care and of medicinal products or medical devices).
  • Processing is necessary to protect the vital interests of an individual.
  • Legitimate Interests. Processing is necessary for our legitimate interests, where these do not prejudice or harm your rights and freedoms.

 

  1. TO WHOM AND WHEN MAY WE SHARE YOUR PERSONAL DATA

We may share your personal data with the following categories of recipients for the purposes set out in this Privacy Policy or as notified to you when we collect your personal data:

  • our Shionogi group companies. Details are available here.
  • our third party service providers. Examples include: providers of product quality services, pharmacovigilance service providers; product recall service providers; providers of patient support programmes; call centres; market research programme providers; technology suppliers; data storage and analytics suppliers; event planning and travel organisations; payment providers; shipping and fulfilment providers; auditors; lawyers and insurers.
  • third parties (including other Shionogi group companies) in connection the sale, transfer or reorganisation of our business or assets (or any similar business changes).
  • worldwide regulatory bodies, data protection supervisory authorities, law enforcement bodies, government authoritiescourts, tribunals, arbitrators or other judicial committees.
  • Commercial partners with whom we develop, sell, market or distribute products and services. If you have raised a question in relation to a country where Shionogi has entered into an arrangement with a third party for the purpose of product commercialization, and you have raised a question which can only be answered by Shionogi’s partner, your personal data will be transferred so that our commercialisation partner can respond. When your data is transferred to a commercialisation partner, that party is the controller of your personal data and we strongly encourage you to review the privacy notice issued by that company.

 

  1. INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

From time to time, Shionogi may transfer your personal data to our Shionogi group companies or to our third party service providers and partners in accordance with applicable data protection laws and for the purposes described in this Privacy Policy or as notified to you when we collect your personal data.  Some of these entities and their databases may be based outside the EEA or UK in countries that do not offer an equivalent level of protection for personal data as the laws of your home country.

Specifically, we may transfer personal data from the EEA or UK to:

  • countries that the European Commission have deemed to adequately safeguard personal data by issuing an adequacy decision; or
  • third countries where the European Commission has not issued an adequacy decision where: (a) the recipient has entered into the EU standard data protection contractual clauses; (b) the recipient is certified under the EU-US Privacy Shield; (c) the recipient has regulator approved Binding Corporate Rules; (d) you have given your consent to the transfer; or (e) as otherwise permitted by EU law.

 

  1. HOW WE KEEP YOUR PERSONAL DATA SECURE

Shionogi maintains safeguards to protect your personal data from accidental, unlawful or unauthorised access, loss, alternation, disclosure or use. We limit access to your personal data on a need-to-know basis and take measures such as data encryption and pseudonymisation wherever possible. However, we cannot guarantee that the measures we maintain will ensure the security of your personal data. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

  1. HOW LONG DO WE RETAIN YOUR PERSONAL DATA

Shionogi has a records retention policy that specifies how long we will keep your personal data. In general, we will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you. 

In determining the appropriate personal data retention periods, we consider the amount, nature and sensitivity of the personal data; the potential risk of harm from unauthorised use or disclosure of your personal data; the purposes for which we process your personal data and whether we can fulfil those purposes through other means; and applicable legal, regulatory, tax, accounting or other requirements.

If you are a healthcare professional, we normally expect to retain your personal data for two years after our last interaction with you, or for longer if required by law or regulations. We will then anonymise your information and keep it for analysis of engagement trends.

 

  1. EXERCISING YOUR LEGAL RIGHTS

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

  • to request to have accessto your personal data, known as a “subject access request”. This enables you to receive a copy of the personal data Shionogi holds about you and to check we are lawfully processing it.
  • to request the correctionof your personal data. This enables any incomplete or inaccurate data we hold about you to be corrected, though we may need to verify the accuracy of the new data you provide to us.
  • to request erasureof your personal data. You have the right to ask us to delete your personal data where there is no good reason for us continuing to process it, or where you have successfully exercised your right to object to processing (see below), where we may have processed your personal data unlawfully or where we are required to erase your personal data to comply with local law. Note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • to object to the processing of your personal data where Shionogi is relying on a legitimate interest (or those of a third party) and you feel that our processing of your personal data impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • to restrict the processing of your personal data where: you want us to establish the data's accuracy; our use of the data is unlawful but you do not want us to erase it; you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; and/or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • to request the transfer of your personal data to a third party in a structured, commonly used and machine-readable format. Note that this right only applies to automated information.
  • to withdraw your consent to the processing of your personal data in circumstances where Shionogi is relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before your consent was withdrawn. If you withdraw your consent we may not be able to provide certain products or services to you and we will advise you if this is the case at the time you withdraw your consent.
  • to make a complaint at any time about our processing of your personal data. We would appreciate the opportunity to resolve your concerns in the first instance. You can also make a complaint to the Information Commissioner’s Office at ico.org.uk.

You can exercise these rights by contacting us as set out in the “How to contact us” section below and we will respond in accordance with applicable data protection laws. We may need to request specific information from you to help us confirm your identity and to discuss your request as there may be circumstances where we are legally entitled to continue processing your personal data or refuse your request.

 

  1. UPDATES TO THIS PRIVACY POLICY & INFORMING US OF CHANGES TO YOUR PERSONAL DATA

We may update this Privacy Policy from time to time in response to changing legal, technical or business developments, or in order to reflect, for example, changes to our practices or for other operational reasons. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

  1. COMPLAINTS AND HOW TO CONTACT US

If you have concerns about how Shionogi is handling your personal data, please email our Data Protection Lead at dataprotectionlead@shionogi.eu. We would appreciate the opportunity to resolve your concerns in the first instance.  You can also make a complaint to the Information Commissioner’s Office at http://www.ico.org.uk.

 

If you have any questions regarding this Privacy Policy, or would like to exercise any of your data protection rights, please contact our Data Protection Lead at dataprotectionlead@shionogi.eu.

If you would prefer to contact us by mail, please use the following address: 33 Kingsway, London, WC2B 6UF, United Kingdom and mark the correspondence for the attention of the Data Protection Lead.