The meaning of Personal Data
“Personal Data” is defined in data protection laws applicable in your country. It includes any information relating to an identified or identifiable natural person. This means any individual who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifiers (for example, IP addresses – if they can be used to identify you) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Put simply, this includes data which either by itself or with other data held by us or available to us, can be used to identify you.
Important notice about international transfers
We are part of the Aspen Group which has databases in different jurisdictions. We may transfer your data to one of the Group’s databases outside your country of domicile. These other countries will either have different data protection laws than your country of residence or they will not have data protection laws. They may not be deemed by the UK or the European Commission as providing adequate protection for Personal Data. Even if the country to which the data is to be transferred does not require us to provide adequate protection for your data, we will nonetheless seek to ensure that data transfers to Aspen Group databases in that country are adequately protected.
The categories of Personal Data we may collect, the purpose and the lawful basis
Personal Data collected from you include the following:
|Categories of Personal Data||Purpose||Lawful basis|
|Contact information, adverse event notification, other data disclosed to us as part of a notification.||Compliance with our legal obligations regarding patient safety, pharmacovigilance, adverse reactions, product complaints||Legal obligation, legitimate interest (processing for the benefit of patient safety).|
|Contact details (e.g. full name, postal address, e-mail address, employer/company and occupation details, job title, telephone, and fax numbers).||Management and response to your request||Contract performance and legitimate interests – it is important that we can respond to your questions.|
|Browsing information (IP address, browser information)||Monitoring and producing statistical information regarding the use of our platforms and analysing and improving their functionality.||Legitimate interests – we need to perform this limited routine monitoring to make sure our website work properly, to diagnose any problems with our server and administer our Site|
|All information||Establishing and enforcing our legal rights and obligations and monitoring to identify and record fraudulent activityComplying with instructions from law enforcement agencies, any court or otherwise as required by lawFor our general record- keeping and customer relationship managementManaging the proposed sale, restructuring or merging of any or all part(s) of our business, including to respond to queries from the prospective buyer or merging organisationResolving any complaints from or disputes with you||Legitimate interest (see column on left)|
In summary, we need certain categories of Personal Data because that is necessary in order to administer any contract with you (where relevant). Certain other Personal Data is processed for our legitimate interests in cases where this does not result in an undue prejudice to you, and finally further information is processed so that we can comply with our legal obligations.
Data anonymisation and use of aggregated information
We may convert your Personal Data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports.
In particular, we use technology to collect anonymous information about the use of this Site. For example:
1. we use technology to track which pages of our Site visitors view. We also use technology to determine which web browsers our visitors use. This technology does not identify you personally, it simply enables us to compile statistics about our visitors and their use of our Site.
2. certain pages of this Site may contain hyperlinks to other pages of it. We may use technology to track how often these links are used and which pages on our Site our visitors choose to view. Again, this technology does not identify you personally — it simply enables us to compile statistics about the use of these hyperlinks.
We use this anonymous data to improve the content and functionality of this Site and consider areas and subjects which are attracting interest so that we can focus our e-mail updates (for those that wish to receive such communications), on the basis of our legitimate interests in better understanding our Site visitors’ interest areas generally and therefore to improve our Site and products and services we offer.
Cookies and analytic tools
The cookies that our Web sites may deploy can be divided into four categories: 1. Strictly Necessary Cookies
These cookies are essential, because they enable you to move around our Web sites and use certain features, e.g., to access secure areas of the Web site or in connection with information searches. Without these cookies, certain services you may ask for could not be provided.
2. Performance Cookies
These cookies may be used to collect information about how you use our Web sites, for example which pages you visit most often. These cookies do not collect information that identifies you. These cookies are only used to learn how our Web sites are performing and make relevant improvements.
3. Functionality & Profile Cookies
These cookies may be used to allow our Web sites to store information about choices that you make and provide you with more personal features. We may also use such cookies to ensure that onsite marketing and experience is relevant to you. The information these cookies collect may be anonymous and they cannot track your browsing activity on other Web sites.
4. Advertising Cookies
These cookies may be used to deliver advertisements that are more relevant to you and your interests. They are usually placed by advertising networks with our permission.
We use Google Analytics on our Site with the extension “anonymizeIP()”, IP addresses being truncated before further processing in order to rule out direct associations to persons.
You can disable cookies using your Internet browser settings. Please consult your browser’s help function for information on how to disable cookies. Note that if you disable cookies, certain features of our Site may not function properly.
We use the “Facebook Pixel” from Facebook Inc. (“Facebook”).
This allows user behaviour to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. This data is also stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/ . You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
Additionally, this feature enables us to display personalized advertisements (“Facebook Ads”) to website users, when they visit Facebook or other websites that also use this feature. We are interested in showing you personalized advertisements in order to make our website more interesting to you. We do not use “Facebook Custom Audience Customer List”. Due to “Facebook Custom Audiences Pixel”, your browser automatically establishes a direct connection to the Facebook server. We have no control over the extent and the further use of the data, which are collected by the use of this feature by Facebook and inform you therefore according to our knowledge level: By the integration of “Facebook Custom Audiences Pixel” Facebook receives the following information: HTTP-Header, pixel-specific data, button-click data, optional information and form field name (for details please seehttps://www.facebook.com/business/gdpr). If you are registered with Facebook, Facebook can assign your visit to our website to your account. Even if you are not registered with Facebook or have not logged in, there is a chance that Facebook will find out and store your IP address and other identifying features in order to track you.
You may opt-out of participation in “Facebook Pixel” by clicking https://www.facebook.com/settings?tab=ads.
The legal basis for the processing of your personal data is Art. 6 (1) (f) GDPR. For more information about data processing through Facebook, please visithttps://www.facebook.com/about/privacy. Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Disclosure of your Personal Data to third parties
We may disclose your Personal Data to third parties, including but not limited to as follows:
2. to third parties who supply services to us and who help us and our group of companies to operate our business. For example, sometimes a third party may have access to your Personal Data in order to support our information technology;
3. to our legal and other professional advisers;
4. as necessary in order to comply with a legal requirement, to protect vital interests, to protect the security or integrity of our databases or this Site, to take precautions against legal liability;
5. to regulatory authorities, courts and governmental agencies to comply with legal orders, legal or regulatory requirements and government requests; and
6. as explained above in relation to advertising cookies.
Security of Personal Data
We endeavour to use appropriate technical and physical security measures to protect Personal Data which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access, in connection with our Site. These measures include computer safeguards and secured files and facilities. Our service providers are also selected carefully and required to use appropriate protective measures. In certain areas, Aspen uses industry-standard SSL-encryption to protect data transmissions. Most current browsers support the level of security needed to use these areas.
In particular, we endeavour to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including as appropriate: (a) pseudonymisation (such as where data is separated from direct identifiers so that linkage to an identity is not possible without additional information that is held separately) and encryption, (b) ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process your Personal Data, (c) ensuring the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (d) ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational security measures.
Retention period or criteria used to determine the retention period
We keep the Personal Data collected through the Site for as long as it is necessary to do so to fulfil the purposes for which it was collected as described above.
The criteria we use to determine data retention periods for Personal Data includes the following: (i) Retention in case of queries. We will retain it for a reasonable period after the relationship between us has ceased in case of queries from you; (ii) Retention in case of claims. We will retain it for the period in which you might legally bring claims against us, for example in relation to any contract we have entered into with you; (iii) Retention in accordance with legal and regulatory requirements. We will consider whether we need to retain it after the period described in (ii) because of a legal or regulatory requirement.
We may delete data before these timeframes have been reached where the data is no longer necessary to be retained, as part of our normal data retention and disposal processes.
If you would like further information about our data retention practices, please contact us (see “Contact Us” below).
Your rights under data privacy laws
You have various rights under data privacy laws in your country. These may include (as relevant): the right to request access to the Personal Data we hold about you; the right to rectification including to require us to correct inaccurate Personal Data; the right to request restriction of processing concerning you or to object to processing of your Personal Data, the right to request the erasure of your Personal Data where it is no longer necessary for us to retain it; the right to data portability including to obtain Personal Data in a commonly used machine readable format in certain circumstances such as where our processing of it is based on a consent; the right to object to automated decision making including profiling (if any) that
has a legal or significant effect on you as an individual; and the right to withdraw your consent to any processing for which you have previously given that consent.
Please see “Contact Us” if you wish to exercise any of these rights (as relevant).
Links to Other Websites
Public Scientific Service Phone: +44 1748 828391
If you remain dissatisfied, please note that you can also lodge a complaint with the Information Commissioner’s Office. Further information is available at https://ico.org.uk/make-a-complaint/.
Be sure to include your email address and telephone number with your correspondence.
Alternatively, write to: Aspen Pharmacare UK Limited, 6 Bell Street, Maidenhead, Berkshire, SL6 1BU
Last updated: February 2022