This notice describes how Mundipharma Pty Limited and its network of independent associated companies (referred to here as “Mundipharma”, “we” or “us”) use your personal data.
Personal data means information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.
We may collect and hold personal data about you, including the following information:
- Contact details such as your name, professional title, email address, user names, phone numbers
- Professional details such as data included in your CV, information about your qualifications, expertise, jobs, employers, professional affiliations, medical practitioner number or government issued ID, service and performance metrics, and scientific publications
- Communication records such as emails and call notes with our staff and representatives
- Information regarding your preferencesspeciality, interests, experiences, memberships and thought leadership, including your responses to surveys that you participate in
- [Information about your visits to our Sites, including the type of browser and operating system that you use, access times, pages viewed, URLs clicked on, your IP address and the page you visited before navigating to our Sites, and login credentials
- Information about your interactions with our emails (using web beacons), such as whether an email was opened, clicked on or sent to spam, forwarded, and time stamps of these actions.
- Device information, such as your IP address, device ID, device attributes and location information
- Certain information from your social media account where you have chosen to connect your social media account with your account with us.
- Information relevant to assisting Mundipharma meet its work health and safety obligations, including your vaccination status in relation to COVID-19 and other widespread infectious disease/s
We collect personal data directly from you when you communicate with us and our representatives and interact with our websites and other digital platforms (each, a “Site”). We also collect personal data from various public and private sources:
- Private and public registers and directories of healthcare professionals
- Third party data enrichment providers, such as Veeva and IQVIA
- Third party medical advertising sites such as WebMD’s Medscape website
- Published journals and event materials
- Websites of healthcare organisations used by you or your employers or associations affiliated with your employers
We may combine information that we have collected from various sources, including the information that you have provided to us, and use it for the purposes described below.
We use your personal data to operate our business and manage our relationship with you. We only process data where we have a legal basis for doing so. The table below outlines the different purposes for which we process your personal data, and the legal bases we rely on:
- Keeping you updated about Mundipharma products, services and events, including providing the latest company news, industry insights, disease awareness information, safety updates, training, important notices and other information that may be of interest
- Sending personalised communications tailored to your expertise and interests, including monitoring and analysing the use of our Sites and emails to understand which content is of the most interest and avoid sending you redundant information.
- Improving our products, services and digital communications, including the use of data analytics to improve the way we do things
- Responding to your queries or requests, accommodating certain personal requirements or preferences and handling complaints
- Our legitimate interests, except where we need your consent
- Checking your eligibility to access or provide certain services, for example when accessing content or platforms intended only for healthcare professionals, or when entering a contract with you
- Our legitimate interests, unless required to perform and manage our contract with you.
- Evaluating your suitability to participate in our clinical trials, observational studies, market research, advisory boards and the provision of other research and/or services
- Setting up and assessing fair market value criteria, including remuneration for services, donations, sponsorship or grants
- Administering a contract we have entered into with you
- To perform and manage our contract with you or for our legitimate interests. In some circumstances, this is also needed to comply with our legal obligations or is in the public interest.
- Complying with our legal and ethical obligations, internal company policies and industry standards, for example, disclosing information about payments or other transfers of value to you to meet our transparency obligations
- Detecting and investigating harmful behaviour, including any abuse or attacks on our networks, allegations of misconduct or other behaviour that is harmful to our business, and taking proactive measures to prevent such behaviours
- Due diligence, conflict checks, and information disclosure exercises in conjunction with legal proceedings, the purchase or disposal of business assets or operations, or to respond to requests for information from government or regulatory authorities
- To comply with our legal obligations, where the processing is in the public interest, or for our legitimate interests. We may seek your consent to disclose payments made to you on an individual basis.
If you do not provide the personal data requested, we may be unable to provide you with access to certain Sites or services, and we may not be able to enter into a contract with you.
Webinars: Sometimes we record remote meetings and events so that others have the benefit of viewing them or where we need to show who was in attendance. If an event is being recorded we will notify you in advance. You may have the option of sharing your image and audio during the session. If you choose to do so, this will also be captured in the recording. Some events may also feature Q&As. If you submit Q&As, your identity and comments may be published to others and form part of the recording.
Cookies and other technologies: A cookie is a small text file sent to your computer when you visit a website. Cookies perform various tasks, such as letting you navigate between pages efficiently, storing your preferences and generally improving your experience of our website.
If you opt-out of personalization on emails, the data collected using web beacons in MundipharmaPro.com emails will be anonymized and the content may be of less relevance to you. We may continue to collect a more limited set of data (for example email delivery status, open rate and click rate) from other emails. If you wish to avoid web beacons in your emails, check your settings in your email reader program and disable the functionality that enables remote images to load, and refrain from clicking on links.
If you would like to opt-out of having your data used by Google Analytics, you can opt out here (https://tools.google.com/dlpage/gaoptout).
Third-Party Advertising and Online Behavioral Advertising: We may advertise our products and services on third-party websites that use online behavioral advertising, which link to our Sites. We only receive aggregated data from these third-party websites about people navigating to our Sites. If these third-party advertisers use personal data for their own purposes, they should identify themselves to you and let you know about how they are using your personal data.
Other purposes: There may be other purposes for which we use your personal data, and a separate information notice will be available about this use. For details in relation to reporting adverse events and transparency reporting, please see the information notices located on our Sites. More information about our data processing activities can be found in the privacy notice(s) on our Sites.
We share your personal data with Mundipharma companies located inside and outside the United Kingdom and European Economic Area, including Japan where the information will be hosted as well as Singapore, UAE and China where IT support and other services such as HR, Finance and Corporate Communications will be provided as well as to the following recipients:
- Our agents, service providers and business partners where they have a need to know for the purposes of providing services to Mundipharma, such as:
- Events and marketing agencies;
- Technology suppliers who help with the hosting, development, management and support of our online platforms and services, for example Veeva Inc and Salesforce Inc;
- Providers of healthcare professional databases, where we need to confirm and have agreed to assist them with the accuracy of your personal data;
- Healthcare service providers who work with us;
- Suppliers managing adverse event reports or product complaints;
- Government authorities, regulators and other public bodies;
- The general public in the context of our transparency obligations;
- Our legal advisors, auditors, accountants, lenders, insurers, consultants and others providing similar services;
- Another corporate, partnership or other commercial enterprise (and their advisors) in the context of a business transfer, asset purchase or change in ownership of relevant Mundipharma entities.
International transfers: Where we transfer your personal data from Australia, we will use suitable measures, such as standard contractual clauses and (where appropriate) supplementary measures, to protect your personal data being shared outside of your country to countries that do not offer a suitable level of protection. We may need to share your personal data with a government authority, regulator or to otherwise comply with our legal obligations.
We will retain your personal data in accordance with our records retention policy. In general, we will retain it for a minimum of 7 years after a transfer of value has been made to you in case of any legal proceedings or investigations. We will only retain personal data for the period required to fulfil the purposes for which the personal data was collected, unless a longer retention period is required or permitted by law or we have justifiable reasons for doing so.
The controller for your information is Mundipharma Pty Limited.
You have the following rights:
- To ask about the processing of your personal data;
- To request a copy of your personal data and its correction;
- If you have provided consent for us to process your personal data, you may withdraw it with limited exceptions. The withdrawal of consent shall not affect any processing based on consent before its withdrawal;
- If you provided your personal data for a contract or with your consent, or it is processed by automated means, you can also request receipt or transmission of your personal data to another organisation in a machine-readable form;
- You can object to the processing where the processing is for direct marketing purposes, a task in the public interest, or for our legitimate interests. This right is not absolute;
- In certain cases you can request a restriction on the processing of your personal data, for example where your wish to verify the accuracy of your personal data or where you object to the processing.
If you would like to exercise any of these rights, you can get in touch with using the contact information in the “Contacting us” section of this notice.
If you are unhappy with how we process your personal data, you can complain to your local supervisory authority being the Office of the Australian Information Commissioner. We would, however, appreciate the chance to deal with your concerns, so please contact us in the first instance.
Where you successfully request deletion or restriction rights, or object to or withdraw consent for our processing of your personal data for certain purposes, we may not be able to continue offering certain services to you or have a contractual relationship with you. We may be able to continue to process your personal information to the extent required or where otherwise permitted by law, for example to register your request to opt out of communications or in connection with our regulatory obligations, such as adverse effect reporting.
You may contact Mundipharma Privacy Officer at firstname.lastname@example.org in case of any questions or concerns regarding the processing of your personal data, including where you would like to exercise any of your rights. To help us efficiently deal with your request, it would be helpful if you could state in your communication your relationship and/or interactions with us, as well as the specifics of your query when contacting us.
Direct marketing: Whilst we aim to only send relevant information, you can choose to change your preferences or opt out of our mailing lists at any time by contacting email@example.com.
This information notice is reviewed and updated from time to time.
Last updated: October, 2021