Privacy Policy
In this section
(Last updated: 7 September 2021)
The purpose of this full Privacy Policy (“Policy”) is to provide you detailed information about what kind of data, and how we process your data about you when you visit the schizoprenialife.dk website (“Website”). Data Subjects below the age 16 (hereinafter “Minors”) are not eligible to use our Services and we ask that minors do not submit any personal data to any of the Companies. Please read this Policy in conjunction with our general Terms of Use. We may revise the Policy at any time by updating this posting and we will obtain your consent to the changes when necessary. You can determine when the Policy was last revised by referring to the “Last updated” legend at the top of this Policy.
This Website may contain links to third party websites. These linked websites are not under our control and are regulated by their own privacy policies. We are not responsible for the privacy practices of any such linked websites.
DATA CONTROLLERS | The Data Controller is Recordati AB, with registered office in Jan Stenbecks Torg 17 S – 16440 Kista, Sweden (hereinafter “Recordati”) since it determines the purposes and means of the processing of the personal data carried out through the schizoprenia.life website (hereinafter, the “Website”) and, therefore, is responsible for their legitimate and correct processing. |
WHAT IS THE PURPOSE OF PROCESSING THE DATA? | We will use your data for the purposes of • Website operation : the processing of your data is necessary for the performance of the Website’s Terms of Use and for the regular operation of this Website. • Adverse effect notification : in relation to adverse effect notifications, the legal basis of data processing is our legal requirement to comply with European and national pharmacovigilance laws. We will inform you in a separate privacy notice on pharmacovigilance, once you submit a report to us. Newsletter subscription : in order to send you newsletters with marketing material and medical information we need your title, first name, last name, e-mail address, specialty and country of residence. |
WHAT PERSONAL DATA WE PROCESS ABOUT YOU? | For the purposes outlined above we process the data categories indicated below: • Website visitor’s personal data : for the above purpose “Website operation” your browser’s type and version, the operating system you use, the website from which you are visiting us (referrer URL), webpage(s) you are visiting on our Website, date and time of accessing our Website, and internet protocol (IP) address. • Healthcare professional’s data : for authenticated users only – DocCheck authentication result, salutation, gender, title, forename, surname, street, country, address type where the healthcare professional lives, the languages the healthcare professional may speak, the profession, discipline (for physicians only), activity, e-mail address, unique key related to the healthcare professional and the status of confirmation. Recordati shall have no access to such data, which shall be processed by DocCheck. • Analytics data : logins, pages viewed, and documents downloaded. • Adverse effect notification data : we do not process any personal data relative to any adverse effect notification on the Schizoprenialife.dk website. The provision of your personal data as a healthcare professional, based on your consent is voluntary. |
THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA | To process your personal data, we may rely on the legal bases below: • Your consent provided to us under the EU Regulation 679/2016 (“GDPR”) Article 6 (1) a) (Consent). You, as a data subject have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. • The processing of your personal data is necessary for the performance of a contract with You under the GDPR Article 6 (1) b) (Contractual Basis). • The processing of your personal data is possible based on our legitimate interest under the GDPR Article 6 (1) f) (Legitimate Interest). • We may process your personal data based on our legal obligations pursuant to Article 6(1) (e) of the GDPR (Legal Obligation). We may process your personal data for the purposes and legal bases indicated below: Purpose of data processing Categories of personal data processed Legal Basis Website operation • Website visitor’s personal data • Healthcare professional’s data (for authenticated users only) Contractual Basis Legitimate Interest Marketing analysis • Website visitor’s personal data • Healthcare professional’s data Consent Marketing communication • Website visitor’s personal data • Healthcare professional’s data Consent Adverse effect notification • Adverse effect notification data Legal Obligation |
OUR LEGITIMATE INTEREST | We have conducted the balancing test to conclude our prevailing legitimate interests. We considered the extent to which your interests, rights and freedoms may be impacted by our data processing activities, as well as the organizational structure and operation of the Companies and the privacy guarantees provided by us. On this basis, we have concluded that our relevant data processing activates (as outlined below) do not disproportionately restrict your interests, personal rights and freedoms. Processing activity Balancing test Website operation Website operation. Each of us have assessed their legitimate interest and concluded that if you visit our Website then we have a legitimate interest to process your personal data to the extent that is strictly necessary for the provision and performance of the Website. We collect your personal data as an unidentified website visitor for analytical purposes based on your freely given consent (as regards analytical cookies) for the purpose to better our services and our websites. For more information regarding our legitimate interests, please find our contact information at the contact page . |
HOW LONG DO WE KEEP YOUR PERSONAL DATA? | Taking into consideration that your personal data shall be processed for the purpose of accessing the Website and, afterwards, it shall be available in anonymous form for the purposes above indicated only, we will retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means and the applicable legal requirements. To this extent, please consider that we will anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you. We will process and store personal data in relation with your visit of our Website for 6 months after your visit. For the purpose of sending newsletter the personal data will be stored for 2 years from the collection of your consent. |
WHO MAY ACCESS TO YOUR DATA? | We will not disclose any of your personal data to third parties, any external bodies or organizations, except as set out below, or unless you consent to data transfer or the data transfer is required or permitted by law. We may engage third party vendors as data processors to provide services to us and share your personal data with such third parties as well as with legal and other advisors, consultants that assist us. Nonetheless, in such a case, we will always ensure confidentiality of your personal data, for example by concluding a confidentiality and non-disclosure agreement. We may transfer your personal data outside the EU/EEA. In this case we rely on appropriate safeguards, such as EU standard contractual clauses. At the time of this Privacy Policy the following third-parties may access to your Data: • Gullers Grupp AB – Gullers Grupp AB Box 7004 103 86 Stockholm. • DocCheck – DocCheck Community GmBH, Industry Services, Vogelsanger Str. 66, D-50823 Köln. |
YOUR RIGHTS | You are entitled to exercise your rights indicated below: (i) Right of access: You have a right to ask whether or not we have personal data about you and, if that is the case, request information on what personal data we have. We will also have to respond to questions about inter alia why we are using your personal data, details about what data we have and to whom we have provided access to the data. However, this is not an absolute right and the interests of other individuals may restrict your access rights. (ii) Right to rectification: We are required to rectify inaccurate personal data, or to complete personal data that is incomplete, on request. (iii) Right to erasure (right to be forgotten): We are in some circumstances required to erase personal data on request by the data subject. (iv) Right to restriction of processing: We are in some circumstances required to restrict our use of personal data on request by the person concerned. In such cases, we may only use the data for certain limited purposes set out by the law. (v) Right to data portability: You may have the right to receive your personal data to which we have access, in a structured, commonly used and machine-readable format and such persons may then have a right to transmit those data to another entity without hindrance from us. (vi) Right to object: You have the right to object to the processing of your personal data for any reason relating to your situation, and in this case, we may not be able to process your personal information. If you have the right to object and the exercise of this right is justified, your personal data in concern will not be further processed for the purposes of the objection. The exercise of this right does not entail any costs. (vii) Right to complaint: If you consider that your privacy and data protection rights have been infringed you may contact the competent data protection regulatory authority located in the European Union’s relevant Member State where your habitual residence, place of work or place of the alleged infringement is. This is the relevant data protection authority in Denmark: Datatillsynet, www.datatilsynet.dk |
DATA PROTECTION OFFICERS | For more information about this Privacy and Cookie Policy and regarding privacy and data protection inquiries and requests by Data Subjects, please find our contact information at the contact page . The Recordati Group Data Protection Officer can be contacted by writing an e-mail to: GroupDPO@recordati.com |