Sections in privacy policy
Introduction
This EEA (European Economic Area) Privacy Notice for Health Care Professionals (“HCP Privacy Notice” or " Privacy Notice”) describes the Personal Data that EEA Pfizer companies named in the Contact Us section below (hereinafter "Pfizer", "we” or “us”) collect about you as a healthcare professional (“HCP”), when we interact with you; how we use this data; how we protect it and the choices you may make with respect to your Personal Data. We encourage you to review this HCP Privacy Notice and to click on the available links or select “Learn more” if you want additional details on a particular topic.
If you are interacting with us online, please also refer to the Privacy Notice posted on the website or app you are using.
Personal data
"Personal Data" is data that identifies you as an individual or relates to an identifiable individual. We will collect Personal Data when we meet with you, when you participate in our programs, activities, industry events, trade shows or in connection with your inquiries and communications with us. We also collect Personal Data from data companies providing information services in the healthcare sector, publicly accessible sources of professional information and joint marketing partners.
Personal Data that we may collect includes:
- Name
- Contact information (postal address, telephone numbers, email address, fax number)
- Your preferred language
- Professional photograph, as well as your image and voice for both online and recorded events
- Your interests (such as in health care topics about which you request information from us)
- Professional biography including data related to your education, licensures, specialties, professional affiliations (e.g., memberships in medical societies or HCP networks), publications, credentials, and other professional achievements
- Data related to your use of our products, your interactions with us, your preferred method of communications with us, and services for those you care for
- Financial and banking data that you provide to us to pay you for services and provide reimbursement for professional fees, travel, accommodation and out of pocket expenses
- National ID number, passport number, tax identification number
- Travel preferences
When you are asked to provide Personal Data, you may decline. However, if you choose not to provide data that is necessary for us to provide requested services or perform our contractual obligations, we may not be able to provide you those services or perform those contractual obligations.
If you provide, or permit us, to collect any Personal Data relating to another person, including adverse event data, you are telling us that you have the authority to share that data and permit us to use this data as described in this EEA HCP Privacy Notice.
How do we use personal data
We use Personal Data in order to:
- Interact and engage with you when we have a contractual relationship or a legitimate interest.
Interacting and engaging with you includes:
- Responding to your inquiries and your requests.
- Enforcing the contractual terms and conditions that govern our relationship with you (e.g., medical events face-to-face or online, publications, advisory meetings, etc.) and, where applicable, paying you for defined or agreed upon services or reimbursing your expenses, planning calls, meetings, trips and other related interactions with you, sending administrative information to you, such as but not limited to SMS regarding the logistical details of the meeting, and documenting our interactions with you.
- Creating and maintaining Pfizer’s database of health care providers to identify and, if applicable, engaging with you (by digital or other means) as a scientific expert or a key opinion leader in various health care fields based on your professional expertise and opinions, and where applicable, your past interactions with us, such as:
- inviting you to attend congresses/panels, HCP professional meetings and educational activities
- reaching out to you for your professional expertise by communicating information about our products through our professional representatives or in the context of surveys relating to pharmaceutical products or services.
- Operate our business to comply with our legal obligations, for statistical purposes or to meet our legitimate interests in maintaining our business.
Operating our business includes:
- Complying with our regulatory monitoring and reporting obligations, including those related to adverse events, product complaints and product safety.
- Verifying your eligibility to access certain products, services and data that may be provided only to licensed HCPs or otherwise conducting background checks to ensure we are not precluded from working with you.
- Conducting training and ensuring quality control.
- Detecting, preventing, or investigating misconduct.
- Complying with anti-corruption and transparency obligations.
- Analysing or predicting HCP preferences in order to identify aggregated trends to develop, improve or modify our products, services and business activities.
- Protecting our rights, privacy, safety or property, and/or that of our affiliates, you or others.
- Provide you with marketing and promotional communications on scientific or health subjects (digitally or otherwise), which can be customised according to your professional field and your interests should we have your consent or a legitimate interest.
How do we disclose personal data
We disclose Personal Data as follows:
- To the other Pfizer companies (see for the list of our companies) for the purposes described in this EEA HCP Privacy Notice.
- To our third-party service providers, to provide services such as data analysis, data technology and related infrastructure provision, customer service, auditing and other services.
- To data companies providing information services in the healthcare sector to ensure your data remains up to date and accurate.
- To other companies with which we collaborate regarding joint development, distribution and/or marketing of particular products or services.
- To comply with a regulatory requirement, judicial proceedings, court order, government request or legal process served on us.
- To take legal action or otherwise protect the safety, rights or property of our customers, the public, Pfizer and our affiliates.
- To prepare, complete and implement any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Disclosure of transfers of value
A Pfizer company in the country of your professional practice will make public disclosures of the transfers of value that you receive from any Pfizer company according to the EFPIA (European Federation of Pharmaceutical Industries and Associations) Transparency Code of Conduct and/or applicable local laws (such as payment of professional fees, travel, accommodations and out of pocket expenses).
Unless otherwise required by law, we will disclose your identity, city and country of professional practice and the date, nature and amount of value that you receive from Pfizer. Your ID or social security number will only be published if required by local law. These disclosures will be published on our websites and/or EFPIA local pharmaceutical industry association websites. When legally required, disclosure will also occur on relevant government websites. The data, once published, will be available for 3 years (unless another legal period applies in your country).
We disclose this data pursuant to consent, law or legitimate interests.
The publication of this data serves multiple legitimate interests of society, including patients, health care systems, the pharmaceutical industry, and to you as an HCP by:
- Instilling public confidence in the integrity and independence of HCPs.
- Helping safeguard public health by promoting HCP accountability to patients for decisions about their treatment.
- Demonstrating a commitment to continual education of HCPs which helps provide better care to patients.
Individual Rights
If you would like to review, correct, update, supress, restrict, object or delete Personal Data that you have provided to us, or if you would like to request to receive an electronic copy of such Personal Data for purposes of transmitting it to another company, you may contact us as indicated in the Contact Us section. We will respond to your request consistent with applicable law.
In your request, please tell us what Personal Data you would like to have changed, whether you would like to have it suppressed from our database, or otherwise let us know what limitations you would like to put on our use of it. As a protective measure, we may verify your identity before proceeding with your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
Data security
We seek to use reasonable organisational, technical and administrative measures to protect your Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
Retention period
We will retain your personal data for as long as needed or permitted in light of the purpose(s) for which it was obtained, and as outlined in this Privacy Notice. The criteria used to determine our retention period include:
(i) the length of time we have an ongoing relationship with you and provide the Site to you;
(ii) whether there is a legal obligation to which we are subject ; or
(iii) whether retention is advisable in light of our legal position (such as in regard to the enforcement of the Site Terms of Use, applicable statutes of limitations, litigation or regulatory investigations).
Cross-border transfers
The data that we collect through the Site may be stored and processed in any country where we have facilities or in which we engage service providers, including in the United States and were our affiliates operate.
Some non-EEA countries are recognised by the European Commission as providing an adequate level of data protection according to the EEA standards (the full list of these countries is available here). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as ensuring that the recipient is bound by EU Standard Contractual Clauses, to protect your Personal Data. You may obtain a copy of these measures by contacting us as described in the Contact Us section below.
To obtain a copy of these measures, please visit this website.
Data of minors
The Site is not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Data from such individuals. If you are under the relevant age of consent in your jurisdiction, you will need your parent’s or legal guardian’s permission to use the Site. Please consult with your parent or legal guardian before using the Site.
If you are providing us with Personal Data of individuals under the age of sixteen (16), you represent that you have the appropriate authority to do so, and that you can demonstrate such authority to Pfizer upon request.
Updates
This Privacy Notice may be updated from time to time. Any change will become effective when we post the revised Privacy Notice on the Site. This Privacy Notice was last updated as of the “Last Updated” date shown above.
Contact us
The company responsible for collection, use and disclosure of your Personal Data under this Privacy Notice is Pfizer SA and Pfizer PFE Belgium SPRL, Boulevard de la Plaine 17, 1050 Brussels, Belgium
If you have any questions about this Privacy Notice or if you would like to request to exercise any individual rights, please contact us at [email protected], or write to us at the following address:
Pfizer Clinical Research Unit, Route de Lennik 808, 1070 Brussels, Belgium
Lodging a complaint with the Data Protection Authority
You may lodge a complaint with a data protection authority competent for Belgium:
Data Protection Authority
Rue de la Presse 35, 1000 Brussels
Tel.: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
Email: [email protected]
https://www.dataprotectionauthority.be/contact-us
Country-specific notice
*In the paragraph “Personal data that we may collect”, it is indicated that we collect your national identity number.
Regarding healthcare professionals active in Belgium, we will collect the professional identification number (such as the INAMI number) rather than the national identity number (such as the national registry number); in accordance with applicable legislation except for healthcare professionals active in Belgium who do not have such a professional identification number and are subject to the agreement of the Privacy Protection Commission. The same applies to the paragraph entitled "Disclosure of Transfers of Value".