Privacy Policy for Professionals

 

This Privacy Policy is intended for healthcare professionals or other experts who collaborate with OrPha Swiss GmbH.
We are aware that data privacy matters to you. We undertake to handle your personal data with care and integrity.
This Privacy Policy informs you how OrPha Swiss GmbH (“OrPha Swiss”, “we”, “our(s)”, “us”) will treat your personal data in accordance with the Swiss Federal Data Protection Act (“SFDPA”; in German: Schweizerisches Bundesgesetz über den Datenschutz, DSG).

1 Identity and Contact Details of the Controller

The data controller in accordance with the Swiss Federal Data Protection Act (SFDPA) is:
OrPha Swiss GmbH
Untere Heslibachstrasse 41a
CH-8700 Küsnacht
info@orphaswiss.com
Tel. +41 44 910 33 33

2 Our Products, Services, and Communication

2.1 Description and Extent of Data Processing

Whenever you use our services or purchase products from us, enter into contracts of any other nature with us, communicate with us, or otherwise have a relationship with us, we collect personal data from you and store it in our internal CRM system. These include in particular:

  • Personal information, such as name (including name affix, degree, or title), pseudonym, gender, age or date of birth, your preferred language, and your contact details (mailing address, email address, phone №);
  • qualifications and professional information, including CV, photographs, academic information and qualifications, your interests (e.g., specific health topics on which you request information from OrPha Swiss), specialties, practice location, professional registration №, and medical license №; 
  • financial information, such as your account №, credit or debit card №s, and other financial and compensation details;
  • information regarding conflicts, i.e. any circumstances that may give rise to a conflict of interest, such as whether you or a close family member is/are an appointee or employee of a political party or a candidate for public office or hold(s) a position in a government agency or government;
  • travel and other identification information, including your passport or ID №, driver’s license №, tax identification №, and travel preferences; and
  • information about your product use, including, without being limited thereto, information about your use of our products, your interactions with us, your preferred form of communication with us, and, if applicable, the services you use.

We obtain this personal information on the one hand directly from you, particularly when you contact one of our representatives or Medical Science Liaison Managers, or our Customer Service Department; when you contact us for assistance or to provide feedback; when you participate in any of our on-line events or a personal meeting of or with us (e.g., advisory panels or conferences); when you participate in any of our surveys; when you report adverse events or make requests for medical information; or when you share or use your social media profile to contact us.

On the other hand, we receive personal data about you from third parties, in particular from data companies providing healthcare data services (e.g. SM Marketing), patient organizations, marketing partners, event management agencies, travel agencies, and social media platform providers (e.g. LinkedIn). Finally, we collect your personal information from publicly available sources and from directories of healthcare providers. Your personal data will be processed by us in particular for the following purposes:
(1) Provision of our products and services, as well as the related contract handling;
(2) communication with you, particularly in order to respond to your questions, to provide you with information you request, or to inform you about our products and services when we think this may be of interest to you. We will send you marketing communications only to the extent permitted by applicable law and, where necessary, after obtaining your consent. You can revoke this consent at any time;
(3) analysis and market research and segmentation in order to understand your preferences, and to improve our products and services and our communication with you;
(4) contact as well as relationship management with representatives or Medical Science Liaison Managers; and
(5) notification of adverse events, which you have reported to us, to the responsible body.

2.2 Data Recipients

For the above purposes, we will disclose your personal data to the following recipients (in accordance with applicable law):
(a) External service providers (e.g. IT service providers, event and marketing service providers, media service providers, etc.);
(b) contractors (to the extent that the disclosure arises from such contracts), in particular healthcare providers who collaborate with us and suppliers who manage adverse event reports;
(c) professional societies and associations;
(d) competent authorities, including tax authorities and courts (in Switzerland and abroad, if we are legally obliged or entitled to do so or it appears necessary for protection of our interests);
(e) legal and professional advisors, including legal representatives, accountants and auditors; and
(f) transaction partners and advisors (e.g., in connection with mergers, acquisitions or other business transactions into which we are involved).

3 Improving and Managing Our Processes and Business Operations

3.1 Description and Extend of the Data Processing

Furthermore, we use the personal data listed in item 2.1 in the context of improvement and management of our processes and business operations, and process the personal data in particular for the following purposes:
(1) Taking action in response to reports of potential side-effects related to any of our products, and monitoring the safety of our products;
(2) keeping of records relating to our relationships with health care workers; and
(3) compilation of management reports, and preparation and performance of analyses (including analytics and metrics).

3.2 Data Recipients

For the above purposes, we will disclose your personal data to the following recipients (in accordance with applicable law):
(a) External service providers (e.g. IT service providers, event and marketing service providers, media service providers, etc.);
(b) contractors (to the extent that the disclosure arises from such contracts), in particular healthcare providers who collaborate with us and suppliers who manage adverse event reports;
(c) professional societies and associations;
(d) competent authorities, including tax authorities and courts (in Switzerland and abroad, if we are legally obliged or entitled to do so or it appears necessary for protection of our interests);
(e) legal and professional advisors, including legal representatives, accountants and auditors; and
(f) transaction partners and advisors (e.g., in connection with mergers, acquisitions or other business transactions into which we are involved).

4 Safeguarding and Fulfilling Our Legal Rights and Obligations

4.1 Description and Extent of the Data Processing

Finally, we use the personal data listed in item 2.1 to fulfill our legal rights and obligations, and process them in particular to achieve the following purposes:
(1) Compliance with applicable laws and regulations;
(2) handling of regulatory inquiries;
(3) notification of any changes to our terms and conditions and policies;
(4) exercise of our rights or defense of OrPha Swiss against potential, threatened or actual litigation; and
(5) investigation and actions against unlawful or harmful conduct.

4.2 Data Recipients

For the above purposes, we will disclose your personal data on the one hand to the competent authorities, including tax authorities and courts (in Switzerland and abroad, if we are legally obliged or entitled to do so or it appears necessary for protection of our interests), and on the other hand to legal and professional advisors, including legal representatives, accountants and auditors. This will be done in accordance with the applicable legal provisions.

5 Website Provision (Log Files)

5.1 Description and Extent of the Data Processing

Whenever you access our website, i.e. even if you do not wish to register or otherwise transmit information, information of a general nature will be captured automatically. This information (server log files) includes e.g. the web browser type, the operating system used, the domain name of your internet service provider, your IP address, referrer URL, date and time of access, and similar details.

These data will be processed, in particular, for the following purposes:
(1) To ensure trouble-free connection to the website;
(2) to ensure smooth use of our website;
(3) to ensure and evaluate system security and stability, in particular to detect any abuse; as well as
(4) to provide for technically error-free display and optimization of our website.

The data will likewise be saved in the log files of our system. These data will not be saved together with the user’s other personal data. We will not use your data to draw any conclusions about your person. However, we reserve the right to subsequently review the server log files, if specific evidence indicates illegal use.

5.2 Data Recipients

We use service providers who act as our processors for the operation and maintenance of our website. All service providers are contractually obliged to treat your data confidentially.

6 Use of Cookies

6.1 Description and Extent of the Data Processing

A cookie is a small data set which is generated when a website is visited, and saved temporarily on the user’s system. If this website’s server is called again by the same system, the browser sends the previously received cookie back to the server. The server can analyze the information received through this process. In particular, navigation on a website can be made easier by cookies.

Cookies thus help to make a website usable, as they facilitate basic functions, such as site navigation and access to secure areas of the website.

You can delete the cookies placed on your device by the website at any time. For the deactivation of cookies, most web browsers allow you to control the use of cookies. The web browser’s technical settings include information on how you can delete or deactivate the cookies used.

6.2 Use of Technically Necessary Cookies

Some functions of our website cannot be offered without use of cookies. These require recognition of the browser even after a changing of the page.

The following data are saved and transferred in session cookies:
(1) Language settings
(2) Items in a shopping cart
(3) Log-in information
(4) Registration

7 Cross-Border Transfer of Personal Data

Collaboration with service providers and partners may result in data transfer to EU countries and thus abroad within the meaning of the SFDPA. The EU offers a similarly high level of data protection as Switzerland does. All service providers and partners are contractually obliged to treat your data confidentially.

8 Storage Periods and Deletion

We process and store personal data for as long as our processing purposes, the statutory retention periods, and our legitimate interests in documentation require, taking into account what is technically feasible. Except in the case of conflicting legal or contractual obligations, we will delete or anonymize your personal data after the storage or processing period has expired.

9 Data Privacy

We take appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. Please note that these security measures cannot completely eliminate the security risks associated with the processing of personal data.

10 Changes to this Privacy Statement

This Privacy Policy is not part of any contract with you, and we may change it at any time. The version published on our website is the version currently in force.

This Privacy Policy Statement was partially compiled with the assistance of www.activemind.ch.