Patient safety is the most important value for the Gedeon Richter Group. Thus monitoring adverse drug events occurring during pharmacotherapy is especially important for us. We offer to
DATA CONTROLLER AND DATA MANAGEMENT
The controllers of personal data processed within the website is Gedeon Richter Polska Sp. z o.o. with its registered office in Grodzisk Mazowiecki, ul. Ks. J. Poniatowskiego 5, 05-825 Grodzisk Mazowiecki. Your data are protected in an appropriate way and in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR; Polish: RODO).
The Company may collect information about Website Users, such as information about the devices and IT systems used by the Users, IP addresses, locations etc. The data collected by us within the framework of Website operation is mainly intended for statistical purposes and more effective management of the contents of our website, development of the level of service or contents of the Website, providing the users with some guidance tips, useful information as well as information about products and services.
The Company may also collect and process personal data of Website Users to the extent necessary to achieve the objectives specified below.
We process the Users’ personal data in order to be able to provide you with the services you need. These objectives include:
(i) to process your requests via our website (the “Website”), to respond to your queries and requests;
(ii) to publish job advertisements on our website and administering job applications from potential employees;
(iii) to provide a channel of communication for the reporting of adverse reactions in relation to pharmacovigilance (hereinafter jointly referred to as the “Services”).
The personal data collected from Data Subjects are processed by our employees, protected against unauthorised access and used by us for lawful and justified purposes of providing our services, including:
We may also periodically process your personal information for other purposes after we have communicated such intention to you – as long as such purposes are directly related to and consistent with the purposes set out in the Privacy Notice.
LEGAL BASIS FOR DATA PROCESSING
Unless otherwise indicated in this Privacy Notice, the processing of your personal data is voluntary and based on your voluntary consent. You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing carried out on the basis of the consent given before the withdrawal. Failure to provide us with the required personal data may result in our inability to provide you with our Services.
With regard to the transmission of information on adverse reactions, the legal basis for the processing is Article 24(1)(a), (b) and (c). 1 point 2 of the Act of 6 September 2001 (Pharmaceutical Law – Journal of Laws 2016 item 2142).
WHAT TYPE OF PERSONAL DATA CAN WE PROCESS?
In carrying out our activities, we process (collect) the following personal data about you for the purposes that have been specified earlier:
Our services are not intended to collect specific categories of personal data from Data Subjects, except for adverse reaction information (health data) for pharmacovigilance purposes and the data specified in application forms.
WHICH COOKIES DO WE USE?
A cookie is a small file consisting of letters and numbers which we store in your browser or on the hard drive of your computer or mobile device (if you agree to it). The cookies contain information that is transferred to your computer’s hard drive or mobile device.
We can use the following types of cookies:
You can block a cookie by activating appropriate settings on your browser so that you can reject all or some cookies. However, if you set your browser to block all cookies (including the permanent cookies), you may not be able to view the content of the various areas of our Website. For more information about cookies and how to block or delete them, please visit www.allaboutcookies.org.
WHERE ARE OUR DATA STORED, AND WHO CAN ACCESS THEM?
Your personal data will be accessed only by authorised persons and authorised departments of the Company for whom the information will be necessary for the performance of their duties. We will not disclose your personal information to any third party, entity or organisation, except with your consent or when mandatorily required.
In the case of adverse reaction reports, such data are sent to email@example.com to the Company’s Medical Department, which will process the personal data or other data related to the adverse event as the sole data controller.
Once we have a confidentiality agreement or non-disclosure agreement in place, we may employ third parties to process your information as part of our service provided to you.
FOR HOW LONG ARE THE PERSONAL DATA STORED?
We retain your personal data for as long as we need them for the purposes for which they are processed (collected), except where we are required by applicable laws to process your personal data for a longer period of time.
We will delete the collected personal data if:
(i) you withdraw your consent to the processing of your personal data and there is no other legal basis for the processing of such data;
(ii) if you object to the processing of your personal data and there is no legitimate ground for rejecting your objection, or if you object to the processing of your personal data for the purposes of direct marketing;
(iii) the personal data must be deleted in order to comply with a legal obligation on the part of the Company.
The data shall not be deleted to the extent that their processing is necessary to enable the Company to fulfil their legal obligation to process data by the Company or to perform public interest tasks or to perform public tasks entrusted to the Company (if any); to archive in the public interest, for scientific or historical research or statistical purposes; or to establish, pursue or defend legal claims of the Company.
The data included in the job applications of candidates for employment are stored for the time necessary to close the recruitment process in the Company – except for the situation when you agree to our storing your personal data for the purpose of possible future recruitments.
ARE THE DATA TRANSFERRED OUT OF THE EUROPEAN ECONOMIC AREA?
We do not transfer your personal data to countries or territories outside the European Economic Area.
HOW DO WE CARE FOR THE INTEGRITY OF PERSONAL DATA?
We take all reasonable steps to ensure that the personal data we keep are accurate. We ask you to keep your personal information up to date and to inform us of any changes.
HOW DO WE PROTECT PERSONAL DATA?
We will take all necessary steps to ensure the security of your personal information and to prevent any unauthorised or accidental access, collection, use, disclosure, copying, modification, disclosure, erasure or any other unauthorised use. It should be borne in mind that the electronic transmission of information is never entirely secure.
WHAT RIGHTS AND LEGAL MEASURES ARE YOU ENTITLED TO?
You have the right to delete, update, mark or block personal data that is incomplete, incorrect, incorrect or outdated. Each User is also entitled to access their personal data and revoke their consent to the processing of personal data for the future. However, this may result in not being able to use the functionality of the Website. If you believe that any personal information we store is incomplete, incorrect or outdated, you may contact us and we will make the necessary amendments immediately. We will also take all reasonable steps to ensure that the personal data we hold are accurate. You may request that we delete your personal information, but we may have a legal obligation to retain such information and not to delete it (or to block it or mark it for a certain period of time, in which case we will only process your request for deletion after we have done so).
You have the right to know what personal data related to you are being processed. We will respond to such a request as soon as possible and no later than 30 (thirty) days after the request is made. We may ask for additional information to allow us to verify your identity. You have the right to object to the processing of your personal data if the processing or transfer of your personal data is necessary only for the performance of a contractual obligation, necessary to enforce our justified interest, the interests of the data recipient or of another third party (except when the processing is mandatory); and where permitted by law. You have the right to transfer your personal data as far as it is technically possible in a standardised format.
If you believe that your privacy or right for your data protection has been violated, you can contact the President of the Office of Personal Data Protection (Stawki 2, 00-193 Warszawa, tel. +48 22 531 03 00, email: firstname.lastname@example.org) or you may file a lawsuit against the Company (or against another data controller) in which you may also claim compensation for damages suffered as a result of unlawful processing of personal data or as a result of a breach of data protection requirements.
This Website may contain links to websites of third parties. We have no control over the linked sites and we are not responsible for the privacy practices of such sites.
HOW CAN YOU CONTACT US WITH QUESTIONS ABOUT THIS MESSAGE?
Any information on queries and applications concerning the data protection and the execution of rights submitted by Data Subjects is provided by the Company’s employee at the following e-mail address: RODO@grodzisk.rgnet.org. Please submit your queries by post or in person at the registered office of the Company.