Information notice for the healthcare professionals
As a data controller, SERVIER processes your personal data mainly on the basis of its legitimate interest to promote its products along with relevant medical information or on the basis of your prior consent when applicable but also in order to comply with its legal obligations related to pharmacovigilance and transparency. In certain cases (e.g. when you visit SERVIER’s premises), your personal data may be also processed in relation to security management, whereas, in case you act as an investigator in the field of clinical research your personal data will also be processed for the execution of your contract with SERVIER.
Data protection contacts
|to ask questions and exercise your rights||SERVIER Local DPO: email@example.com||Name, address, e-mail address as mentioned on the documentation provided by SERVIER|
(ICF, information notice…)
|Data Controller||responsible of the use of your personal data||L’Institut Servier||Name, address, e-mail address as mentioned on the documentation provided by SERVIER|
(ICF, information notice…)
|Local/National Data Protection Authority||to lodge a complaint||Commission Nationale de l’Informatique et des Libertés (CNIL)||Name, address, e-mail address as mentioned on the documentation provided by SERVIER|
(ICF, information notice…)
Your personal data are collected and processed by SERVIER for the following purposes:
Monitoring of the scientific medical liaison with healthcare professionals (HCP);
Management of medical information delivery;
Communication and relationship management and promotional activities (contacts with HCP) including interactions, contractual relationships management, congress and meetings management, therapeutic area experts databases, social media, E-services (e-conferencing, etc.);
Relationship management activities with HCP in connection with clinical trials and pharmacovigilance activities;
Transparency management (disclosure of transfers of value from SERVIER to health stakeholders);
Security of visitors and premises (in case you visit SERVIER’s premises);
Premises and car park access management video surveillance system management to ensure security of persons and premises.
Your personal data processed by SERVIER will only be accessible by a limited list of recipients on a need to know basis or where required by law.
Thus, the main categories of recipients will be SERVIER’s authorized employees and departments acting within their scope of activities including but not limited to:
Clinical Operations Department of the coordination
Medical Affairs Department;
Information Technology Department where necessary.
Other services and individuals may need to have access to your personal data in relation to specific purposes of data processing, such as:
The Security service and the General Services department for issues related to the use and the security of the premises (premises and car park access management);
The Safety service for video surveillance system management.
SERVIER also uses third party providers (e.g. hosting providers) and business partners (e.g. contractual research organizations, travel and conferences agencies, agencies, hotels, air carriers etc.) who may also access to your personal data in order to provide their services. Finally, SERVIER shall communicate some of your personal data to the competent authorities such as health authorities.
Your personal data may be transferred to other SERVIER entities, and to third-parties providers and health authority which may be located inside or outside the EEA, including in the countries which do not have the same level of protection of personal data as in the EEA, in particular for hosting and IT support purposes. In such cases, SERVIER ensures that such transfers are carried out in compliance with the applicable data protection laws and regulation. Data transfers to other SERVIER entities are covered by the Group’s Binding Corporate Rules submitted to the CNIL, French Data Protection Authority, for approval in December 2017 whereas transfers to third-party providers outside the EEA are secured through appropriate contractual guarantees such as the EU Commission’s Standard Contractual Clauses or an adherence to the Privacy Shield for transfers to the USA where applicable. You may request and receive copy of such documents.
Your personal data collected by SERVIER are kept in a form which permits your identification for no longer than is necessary for the purposes for which the personal data are processed. More specifically:
Personal data collected for scientific medical liaison with health-care are kept for 5 years after your last interaction with SERVIER, then data are archived for 5 years and deleted;
Personal data collected for clinical trials management activities with HCP are kept until the study product is marketed or until the final research report or until the publication of the research results. They are then archived in paper or electronic form for a period in accordance with applicable laws and regulations;
Personal data collected for medical information management are kept for 3 years after your request, then data are deleted;
Personal data collected for communication and relationship management and promotional activities (contacts with HCP) are kept for 5 years after your last interaction with SERVIER, then data are archived for 5 years and deleted;
Personal data collected for pharmacovigilance activities are kept for 10 years after the relevant marketing authorisation has ceased to exist, then data are deleted or archived in an anonymised form, unless otherwise provided by mandatory local regulations;
Personal data related to transparency management are kept, archived and deleted in accordance with applicable laws and regulations;
The images of the video surveillance system are kept for 30 days;
Data related to security of visitors and premises are kept no longer than 3 months.
As a data subject, you have the right at any time to request from SERVIER as far as permitted by applicable laws and regulations, access to and rectification or erasure of your personal data. On legitimate grounds, you are also entitled to request a restriction of the processing of your personal data or to object to such processing. When a data processing is based on a contractual relationship with SERVIER, you may also have the right to receive the personal data concerning only you which and which you alone have provided to SERVIER in a structured, commonly used, machine-readable and interoperable format, and to transmit it to another Data Controller (data portability).
Finally, you are entitled to lodge a complaint with the Data Protection Authority, related to SERVIER’s compliance with the applicable data protection laws and regulation.