25 January 2019
Pledge on privacy
How and why Personal Information are collected and processed
The main purpose of this website is to provide users with information and documents offered and to allow users to report adverse events or possible adverse events. Personal Information that may directly identify users may be collected by means of requests for users to provide data like name, contact information or any other information that may enable Lupin to identify users directly. Personal Data may be collected that may identify users indirectly by identifying the specific device used to access this website, regardless of the device used.
Personal Data collected are processed for various reasons. These processing activities, the respective category of Personal Data processed and the legal basis of processing for each activity are outlined below:
Respond to user requests or inquiries:
- Personal Data are collected when users submit requests for Medical Information, to receive information about a specific product, or to order delivery of Patient Alert cards. The information volunteered by the user in these instances may be used to respond to solicited requests, inquiries or orders. Depending on the activity, Lupin may collect contact information like name, address (both mailing and email), telephone number, specialty, preferences (when requesting product or Medical Information) and any additional information users may provide voluntarily. The lawful bases for collecting and processing such Personal Data include user consent and Lupin’s legitimate interests (such as to improve its products and materials).
- Track and monitor various activities related to pharmacovigilance, including adverse events:
Personal Data that are related to adverse events and pharmacovigilance are collected in accordance with Lupin’s legal obligations, and will be used to detect, assess, understand and prevent adverse events or other problems related to Lupin medicines. This information may also be used for reporting to regulatory authorities and to improve Lupin’s products and materials.
- Personalize user experience:
Lupin may collect Personal Data that may include your preferences and a history of past interaction with this website to personalize current and future user experiences. This may include information about user contact and product preferences, language and demographic data and marketing preferences. Information may either be collected automatically and as a result of using this website, in which case Personal Data is collected and processed for legitimate business interests, or voluntarily following unsolicited requests by LUPIN website users, in which case the volunteering of information confirms user consent.
- Maintain this LUPIN website:
Some information, like user IP Addresses, geographical location or resources accessed, may be collected automatically for legitimate business interest like securing this website, network systems and other assets.
- Perform website analytics and to measure website performance:
Cookies and other web trackers
This website may collect user information that does not directly identify users, but may match a specific user identity, or link a user to a specific device. This information provides insights into how this website is used to improve and manage the administration of the sites. This information may also be used to personalize user experiences, based information on interests and preferences collected through the use of this website. The collection of this information is mostly automated, though some jurisdictions require user consent before collecting or using this type of information. Please refer to individual section below for more information on Cookies and other Web Trackers.
As described above, this website may use “cookies”, which are small data files placed on user computer hard drives by websites. These Cookies allow the tracking of repeat visits to this website by individual users, and to automatically recall information previously shared by a specific user. Cookies are either placed on your computer by Lupin, or by Lupin third party vendors like those providing web analytic or advertising services.
- Web Beacons:
Web beacons are being used on certain Lupin web pages or in emails to track whether emails sent by Lupin are opened and acted upon. This technology may also be used to measure the number of visitors using this website, or how many users use certain key functionalities on this website. This information is useful to analyze the effectiveness of this website.
- Social Plugins:
This website may use social plugins, for instance like the Facebook “Like” button. These plugins allow users to share information with others directly from this website. These third-party vendors operating these social plugins may place a cookie on users using these plugin’s computers to enable to recognize users who previously visited this website. If users previously logged onto the relevant social media platform or website (like Facebook in this example) prior to browsing this website, the plugin used on this website may, regardless of user interaction with plugins on this website (i.e. clicking “Like” button) allow the specific social media website to receive the described information about these users. The information collected by these social media plugins allows the particular social media websites to share collected information about user activities on this website with other users of the same social media website. Please refer to specific social media website’s privacy policies for further information about the information shared via specific social media plugins.
In some cases, other websites, browsers or programs may share user preferences about the collection and use of Personal Data and user online activities. Lupin does not currently respond to these signals.
Using information collected for marketing
Sharing of Personal Data
Recipients of Personal Data:
User Personal Data may also be shared with external third parties, including contracted data processors, to:
- Help fulfill Lupin’s business transactions;
- Maintain this website;
- Facilitate any activities related to transfer of control (i.e. a merger or consolidation) or other corporate reorganization undertaken by Lupin or Lupin Affiliates;
- Fulfill legal or regulatory requirements, like responding to requests from governmental authorities or court orders or reporting adverse events;
- Fulfill corporate audit requirements or investigate and respond to complaints or security threats.
International transfers of collected Personal Data
Personal Data of users of this website, collected either directly or indirectly, may be transferred or stored in a country other than the user’s country of origin. Lupin however endeavors to only transfer or store information to countries within the European Economic Area. Where Lupin does transfer Personal Data to persons outside the European Economic Area, any such transfer will be conducted in compliance with applicable law. The country to which the data is transferred may impose different (less restrictive) privacy obligations than under GDPR.
Where Lupin transfers Personal Data to third parties outside the European Economic Area, it ensures that the recipients sign contracts containing the EU Standard Contractual Clauses according to the EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010)593) designed to constitute appropriate and suitable safeguards to ensure compliance with GDPR.
Retention / storage period of Personal Data
The period of time that Personal Data will be stored following a user’s last interaction with this website depends on the purpose of collecting and processing specific information, for instance pharmacovigilance related information shared are kept for a minimum of ten years after the withdrawal of the product in the last country where the product is marketed.
User rights regarding Personal Data
User rights regarding Personal Data collected either directly or indirectly from the use of this website is covered by GDPR, which means users may have additional rights to the use and processing of Personal Data, including the right to:
- Request access to Personal Data regarding the user collected, processed and stored by Lupin;
- Request an explanation of the processing that LUPIN undertakes of the Personal Data regarding the user Lupin holds;
- Request the rectification or correction of Personal Data regarding the user;
- Request copies of Personal Data regarding the user in electronic format to transfer to third parties, or to request that Lupin to directly transfer information to third parties;
- Refuse the processing and use of Personal Data regarding the user for marketing and other purposes;
- Request the deletion of Personal Data when it is no longer required for the purposes for which information was shared or limit the processing of Personal Data where deletion is not possible. Users therefore have the right to withdraw consent at any time if processing of information is based on consent, provided that the withdrawal of consent does not affect the lawful processing based on consent prior to withdrawal. A copy of a user’s Personal Data may be retained following a request to delete information for record-keeping purposes and to prevent entering of deleted Personal Data in Lupin systems following a request to delete information.
Lupin may ask the person seeking to exercise any of these rights to verify their identity.
Users are entitled to lodge a complaint with the relevant GDPR supervisory authority if a user feels that Lupin’s data processing does not comply with GDPR.
Lupin and its business partners take steps to protect Personal Data accessed or collected through the use of this website from loss, misuse and unauthorized access, disclosure, alteration or destruction. Regardless, Lupin cannot guarantee the security of Personal Data and denies all liability and damages legally permissible that could arise from loss, misuse and unauthorized access, disclosure, alteration or destruction. Lupin recommends that all users take all available precautions to protect Personal Data submitted to this website.
This website, and the information provided on this website, are not designed or intended for use by children 16 years and younger. Lupin also do not knowingly collect, process or store any Personal Data from any users under the age of 16 without the verifiable consent of a parent or guardian prior to collecting, processing or storing information collected either directly or indirectly through the use of this websites. Parents or guardians of minors may have the right to request to view or delete Personal Data provided by the child either directly or indirectly through the use of this website. Lupin recommends that all minors seek permission from parent/s or guardians prior to using or providing any Personal Data on any Lupin website.
Identity and contact details of the data controller
The data controller and EU representative of Lupin is Lupin Europe GmbH, Hanauer Landstraße 139 – 143, 60314 Frankfurt am Main, Germany.
You may contact the data controller by mail at Hanauer Landstraße 139 – 143, 60314 Frankfurt am Main, Germany or email at customerserviceLEG@lupin.com.