Doctor’s Guide Publishing Limited, 1, rue Hildegard von Bingen, L-1282 Luxembourg, Luxembourg is the controller of your personaldata. “We” in this document refersto this entity. Our data protection officer’s name and contact details are as follows: Dr.Sebastian Kraska, Marienplatz 2, 80331Munich, Germany; firstname.lastname@example.org. Our UK GDPR-specific representative contact details are as follows: Rickerts Services Ltd UK, PO Box 1487, Peterborough, PE1 9XX, UnitedKingdom; email@example.com.
We rely on the following legal bases to process your personal data, as appropriate:
More information is provided below. For additional details regarding the lawful bases that we rely on to process your personal data specifically, please contact us using the contact details at the end of this Privacy Statement.
Purposes of Use or Disclosure
Manage our relationship with you, including to:
● Create an account for you for the Services upon request;
● Respond appropriately to your inquiries;
● Update you regarding your account;
● Provide you with, maintain, secure, and improve ourServices;
● Provide you with a customized experience in connection with our Services;
● Collect personal data about you from public resources, such as national or local registries of physicians, national or local medical associations, the public websites of hospitals, medical offices, clinics and educational institutions, academic journals, and professional social networking platforms such as LinkedIn, to validate your identity and better understand which medical news, education activities and surveys may be of most interest to you.
Improve the accuracy and relevance of the results you see when you interact with the search engine and the search engine's integrated chatbot functionality that is part of our Services.
Legal Bases of Processing and, if applicable, Legitimate Interests
● If we are contractually obligated to perform the processing based on the terms that apply to the applicable Service, Contract PerformanceLegal Basis.
● If the GDPR requires us to perform the processing to comply with the GDPR, Legal Obligations Legal Basis.
In all other cases, Legitimate Interest LegalBasis—namely, to provide you and our other users with a good experience with our Services, prevent fraud and illegal conduct, administer and enforce our contractual and legal rights, and manage and improve our business operations and relationships with third parties.
● Discharge our contractual obligations to you.
● Contract Performance Legal Basis.
● Comply with any legal obligations that apply to us.
● If you are in the UK and the legal obligation emanates fromUK law, or if you are in the EEA and the legal obligation emanates from a lawof a Member State or the EEA, Legal Obligations Legal Basis. An example is tocomply with the GDPR.
● Otherwise, Legitimate Interest LegalBasis—namely, to ensure that our Services comply with all applicable laws.
Send you invitations, newsletters and other related information as part of our Services, including:
● Invitations to participate in online medical education activities, including accredited continuing medical education activities, and information about medical activities and promotional communications;
● Invitations to learn more about and request information from us about patient assistance resources, such as sample activities and co-pay incentive activities;
● Medical newsletters including the top medical news in your field of interest and medical alerts; and
● Invitations to complete market research surveys, typically in exchange for honoraria.
● If consent is not legally required and you would reasonably expect to receive such information, Legitimate Interest Legal Basis—namely, to deliver to you invitations, newsletters and other related information that we believe may be relevant to you, to help pharmaceutical and other life sciences companies reach a greater audience, and increase medical professionals’ awareness of relevant education activities, patient assistance resources, and medical news.
● Otherwise, Consent Legal Basis.
● If consent is not legally required and you would reasonably expect us to engage in such processing, Legitimate Interest Legal Basis—namely, to provide you with a better experience on our Services, to help us improve our Services, and to take steps to confirm whether an individual wishes to continue to receiving our electronic communications if they are not opening them and potentially delete their personal data if appropriate.
● Otherwise, Consent Legal Basis.
If you respond to a survey, we process your personal data to: (i) verify your eligibility to participate in a study; (ii) validate your identity and responses; (iii) process your honoraria payment; (iv) provide anonymized survey results to third parties; and (v) identify a particular respondent to comply with applicable legal requirements, such as adverse events reporting requirements.
● Where we are contractually obligated to perform the processing based on the terms that apply to our administration of the survey,Contract Performance Legal Basis.
● If you are in the UK and the legal obligation emanates fromUK law, or if you are in the EEA and the legal obligation emanates from a law of a Member State or the EEA, Legal Obligations Legal Basis. An example is to comply with local adverse event reporting laws as applicable.
● In all other cases, Legitimate Interest LegalBasis—namely, to prevent duplicate or fraudulent responses, to maintain the integrity of the responses to the survey, to provide anonymized survey results to third parties to help inform their business activities, and to comply with legal requirements outside of your jurisdiction, such as adverse event reporting requirements, as applicable.
If you participate in a medical education activity that we publish and thereby obtain a continuing medical education or similar certificate, we may disclose the fact that you participated in the activity to the medical school or institute that accredited the activity for the purposes of complying with professional accreditation record keeping requirements.
● Legitimate Interest Legal Basis—namely, to allow the medical school or institute to comply with professional accreditation record keeping requirements and to assist you in meeting your professional accreditation record keeping requirements.
If we publish an activity from another medical education provider, and thereby obtain a continuing medical education or similar certificate, we may disclose the fact that you participated in the activity to the medical education provider for the purposes of complying with professional accreditation record keeping requirements.
Disclosures of personal data to courts and public authorities to protect you, us, or third parties from harm, such as fraud.
● Legitimate Interest Legal Basis—namely, to allow the medical education provider to comply with professional accreditation record keeping requirements and to assist you in meeting your professional accreditation record keeping requirements.
● Legitimate Interest Legal Basis—namely, to protect you, us or third parties from harm, such as fraud or the effects of illegal conduct. These circumstances are rare and we may provide you with additional information prior to such processing where required by applicable law.
Disclosures of personal data to our agents and service providers for the purposes described above.
● See the legal bases and, where applicable, the legitimate interests described above.
3. Personal Data Transfers Outside of the EEA or UK
Some recipients of your personal data are located in Canada and Ireland. In this case, the transfer is thereby recognized as providing an adequate level of data protection from anEEA and UK data protection law perspective (pursuant to Article 45 of the GDPR).
Some recipients of your personal data are located in the U.S. and Mexico. By entering into appropriate data transfer agreements based on the Standard Contractual Clauses approved by the authorities of your jurisdiction, we have established that such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer is subject to appropriate onward transfer requirements as required by the applicable contract or law.
You can ask for a copy of such appropriate data transfer agreements by contacting us as set out at the bottom of this notice.
4. Data Retention
We will delete, erase or anonymize your personal data within one month after your personal data is no longer necessary for us to provide you with any information or services you have requested, pursue any of the legitimate interests specified herein where the legitimate interest is not overridden by your interests or fundamental rights and freedoms, comply with any legal obligations to which we are subject, or defend any legal claim against us or support any legal claim made by us, including any potential appeal.
5. Data Subject Rights
Under the conditions set out under applicable law, you have the following rights:
● Right to withdraw your consent: If you have declared your consent regarding certain types of processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.
● Right of access: Under Article 15 of the GDPR, you have the right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to the personal data. The access information includes, among other things, the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. You have the right to obtain a copy of the personal data undergoing processing.
● Right to rectification: Under Article 16 of the GDPR, you have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
● Right to erasure: You have the right to ask us to erase your personal data where one of the grounds set forth inArticle 17 of the GDPR applies, including where the personal data is no longer necessary in relation to the purposes for which we collected or otherwise process it.
● Right to restriction of processing: You have the right to request restriction of processing of your personal data where one of the grounds in Article 18 of the GDPR applies, in which case, it would be marked and processed by us only for certain purposes.
● Right to data portability: Under Article 20 of the GDPR, you have the right to receive your personal data which you have provided to us in a structured, commonly used, and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us.
● Right to object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us, in accordance with Article 21 of theGDPR. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us.
● Right to submit complaints: You have a right to lodge a complaint with a supervisory authority.
Please note that these rights may be limited under the applicable national data protection law. To exercise your rights please contact us as stated below.
6. Your Choices
You are not required to provide any personal data to us, but if you do not provide us with the personal data that we request from you, you may not be able to use or receive the Services. You can use the Services without consenting to cookies that are not strictly necessary; the only consequence is that the Services will be less tailored to you.
7. Contact Us.
For more information or to exercise your rights as described herein, please contact us at firstname.lastname@example.org