GO Main Menu Go Main Contents Go Bottom Menu

Privacy Notice for Adverse Events Report, Complaints and Queries

Last Updated: March 8, 2022



INTRODUCTION

This Privacy Notice is for individuals who report adverse events, submit complaints or request medical information, or are the subject of such reports/submits/requests.

This Privacy Notice is provided by Celltrion Healthcare Co., Ltd. (hereinafter "Celltrion Healthcare" or "we") and its subsidiaries/branches to explain who we are, how we collect, share and use personal data about you, as well as how you can exercise your privacy rights. If you have any questions or concerns about our use of your personal data, or would like to exercise any of your rights — including, but not limited to, objecting to the processing of your personal data in the methods that we describe here — then please contact us using the details provided at the end of this Privacy Notice. Celltrion Healthcare does its best to protect your privacy rights.



WHO WE ARE

Celltrion Healthcare is a global pharmaceutical company, whose ultimate parent company is headquartered in Incheon, Republic of Korea (South). For more information about us, please visit our website at https://www.celltrionhealthcare.com



PERSONAL DATA

"Personal Data" may refer to any data that identifies one as an individual or relates to an identifiable individual.


Personal Data that we may collect and use includes:

• Information regarding individuals that report adverse events or make medical information queries or product quality complaints, such as healthcare professionals and caregivers. It includes your name, phone number, email and/or postal address, and place of work (for healthcare professionals);

• Information about the patient, including name, hospital record numbers, age, date of birth, sex, weight, height, race, whether pregnant and/or breastfeeding, and strictly necessary occupational data for the evaluation of the adverse event; or

• Strictly necessary or relevant data, for the purposes described in this Privacy Notice, refers to patient health or lifestyle data including, but not limited to, the nature of adverse effects, examination results, personal or family medical history, diseases or associated events, risk factors, information about the use of medicines and therapy management, physical exercise, diet, eating behavior, sexual life/contraception, and consumption of tobacco, alcohol, and drugs.

We may ask for additional information as needed. If we ask you to provide any other personal information not described above, then the specific information requested and the reasons why we require them will be made clear to you at the point we collect your personal information.


Providing us with, or giving us permission to collect, any Personal Data relating to individuals other than yourself requires you to have valid authority to do so pursuant to relevant legislation.

In general, we will use the personal information we collect from you only for the purposes described in this Privacy Notice; for any other purpose not mentioned, we will explain to you at the time your personal information is collected. However, we may also use your personal information for other purposes that are not incompatible with the purposes we have disclosed to you (such as archiving purposes, scientific or historical research purposes, or statistical purposes) if and where this is permitted by applicable data protection laws.



HOW WE USE PERSONAL DATA

We will only process your personal data as required by contractual or legal/regulatory obligations; or for our legitimate interest


We use Personal Data in order to:

• Monitor the safety of medicinal products and medical devices, which includes detecting, assessing, following up on and preventing adverse events, and reporting adverse events to health authorities;

• Respond to queries regarding medical information including, but not limited to, relation to availability of products, clinical data, dosing and administration, formulation and stability, and interactions with other drugs, foods, and conditions;

• Respond to quality complaints regarding our products, such as any fault of quality and/or effectiveness, stability, reliability, safety, performance, or usage;

• Answer other questions or requests and improve our products and services;

• Comply with our policies and local legal, regulatory, and compliance requirements; or

• Conduct audits and defend litigation.

The Personal Data that you and other individuals provide may be aggregated. We may use and disclose such aggregated data for any purpose. Aggregated data does not personally identify you or any other individual.



HOW WE DISCLOSE PERSONAL DATA

We do not share or transfer personal data to third parties other than those indicated in this Privacy Notice.


Personal data may be accessed by or transferred to:

• Our employees (including those at Medical, Quality, Legal and Compliance Departments) and other Celltrion Group companies (especially Celltrion Inc., the manufacturer of our products)

• Other pharmaceutical and medical device companies if the adverse event, request for information, or complaint relates to one of their products

• Service providers acting on behalf of us and our subsidiaries/affiliates, such as IT system and data hosting providers, and adverse event processing service providers. These third parties are contractually and legally obliged to protect the confidentiality and security of personal data, in compliance with applicable law


Personal data may be shared with:

• Healthcare professionals involved in an adverse event, request for information, or complaint

• A national and/or international regulatory, enforcement, public body or court where we are required to do so by applicable law or regulation or at their request; Including The European Medicines Agency (EMA) which controls the EudraVigilance database (for more information visit https://www.ema.europa.eu), the U.S. Food and Drug Administration (FDA) which controls the Adverse Event Reporting System (for more information visit https://open.fda.gov/data/faers/) and the Korea Institute of Drug Safety & Risk Management (KIDS) which controls the Korea Adverse Event Reporting System (for more information visit https://kaers.drugsafe.or.kr/)


We also disclose your Personal Data as we believe to be necessary or appropriate:

• (i) To comply with applicable law, as well as our regulatory monitoring and reporting obligations (which may also include laws outside your country of residence), (ii) to respond to requests from both public and government authorities (which may also include authorities outside your country of residence), (iii) to cooperate with law enforcement, or (iv) for other legal purposes.

LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION (EEA personal only)

If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information as described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will generally collect personal information from you only where we have your consent to do so, where it is required to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some case, we may need to collect personal information from you to satisfy legal obligations or in order to protect your vital interests or those of another person (e.g. to inform patients of possible adverse side effects related to medication they are taking).

If we ask you to provide personal information to comply with a legal requirement or for contacting purposes, we will make this clear at the relevant time and advise you whether or not the provision of your personal information is mandatory (as well as of the possible consequences of not providing your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will alert you and clarify what those legitimate interests are at the relevant time

If you have any questions or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the details provided under the "CONTACT US" heading below.



INDIVIDUAL RIGHTS

If you would like to request to review, correct, update, suppress, restrict or delete Personal Data that you have provided to us, or if you would like to request to receive an electronic copy of such Personal Data for the purpose of transmitting it to another company, you may contact us as indicated in the "CONTACT US" section. We will respond to your request in compliance with applicable law.

In your request, please tell us what Personal Data you would like to have changed, whether you would like to have it suppressed from our database, or set certain limitation on our use of your data. We may need to verify your identity before implementing your request. We will try our best to respond to your request as soon as reasonably practicable.

When asked to provide Personal Data, you may decline. However, choosing not to provide necessary information may limit our ability to supply you with requested services.

Please note that we may need to retain certain type of Personal Data for record keeping purposes.



DATA SECURITY

We seek to use reasonable organizational, technical and administrative measures in order to protect your Personal Data. This includes encrypting your personal information in transit and at rest.



DATA RETENTION PERIOD

We will retain your Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained and as outlined in this Privacy Notice. The criteria used to determine our retention periods include: (i) the length of time you maintain an ongoing relationship with us; (ii) whether or not there is a legal obligation to which we are subject; or (iii) whether or not retention is advisable in light of our legal position (such as in regard to the applicable statutes of limitations, litigation or regulatory investigations).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, if your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until it can be safely deleted.



INTERNATIONAL DATA TRANSFER

Your personal information may be transferred to, and processed in, countries other than the one in which you are resident. These countries may have data protection laws that are different from the laws in your country.

However, we have taken appropriate safeguards to ensure that your personal information will remain protected in accordance with this Privacy Notice. This includes implementing the European Commission's Standard Contractual Clauses for transfers of personal information between our group companies, which requires all group companies to protect personal information they process from the EEA in accordance with European Union data protection laws.

Appropriate safeguards have also been implemented with our third-party service providers and partners. Further details, along with our Standard Contractual Clauses, can be provided upon request.



UPDATES

We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you of the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws. This Privacy Notice was last updated as of the "Last Updated" date shown above.



CONTACT US

If you have any questions or concerns about our use of your personal information, please contact our data protection officer using the following details: DPO.CTHC@celltrionhc.com

If you are a resident of the EEA, you may also contact our data protection officer for the EU/EEA region at DPO.CTHC@celltrionhc.com (Privacy Praxis: Chau. de Louvain 498, C5 1380 Lasne, Belgium, +32 2 318 05 30).

You also have the right to file a complaint with your local data protection authority: (such as https://edpb.europa.eu/about-edpb/board/members_en for EEA residents).

A cookie-technológia segít abban, hogy a lehető legjobb élményt nyújtsa Önnek, amikor meglátogatja ezt a weboldalt. Ha a beállítások megváltoztatása nélkül folytatja, elfogadja a webhelyen található sütiket. Ha többet szeretne megtudni a sütikre vonatkozó irányelveinkről, kérjük, olvassa el az adatvédelmi irányelveinket az oldal alján található link segítségével.