Data Protection Statement for Healthcare Professionals 2021

We collect and use your data for the following purposes:

• Carrying out the contract with you, including payment transfer to you
• Maintaining a database of HCPs with whom we have already collaborated with and/or may collaborate with in the future
• Contact management and communication with you including virtual video or audio interactions with you
• Access and categorise which specific business needs match best with your abilities (e.g. when we look for a key opinion leader in a certain field or for specific products, the extent you belong to the group of scientific input providers, based on scientific or professional experience
• Best practice sharing
• Meeting our compliance requirements, such as anti-corruption laws, anti-money laundering laws and other laws on economic crime, regulatory and pharmacovigilance and medicines laws, as well as disclosure requirements resulting from applicable laws and self-regulatory codes of conduct as a result of our membership in trade associations

We may collect and use your personal data in the following situations:

Information you provide to us

We collect your personal data depending on the different types of interactions you have with us. Such personal data:

• First and last name 
• Gender
• Contact and address information, including address, email address, phone number, fax number
• Country of residence
• Curriculum vitae information, including information on your professional experience, your engagement with us and other companies, events you attended, publications
• Pictures of you
• Audio-visual recordings of your voice, appearance and statements, if a presentation of yours is recorded
• Your areas of expertise and your areas of professional interest as an HCP 
• Information on payments made and benefits granted to you
• Your bank account number 
• Your tax identification number
• Contract entered between you and us 
• Payments made, or benefits granted to you

Information we collect from publicly available sources 

Before we enter into an interaction with you, we may collect information about you and your professional experience from publicly available sources, such as the internet, social media platforms, sanction lists and other online and print publications. Such data may include:

• First and last name 
• Curriculum vitae information, including information on your professional experience, your engagement with other companies, events you attended, publications etc. 
• Business address
• Pictures and audio-visuals recordings of you

We process your personal data on one or more of the following legal bases:

• The processing of your perosnal data is necessary for the performance of a contract (to be) concluded between you and us (Art. 6.1 b, GDPR)
• The processing of your personal data is necessary for us in order to comply with a legal obligation we subject to (Art. 6.1 c, GDPR). More specifically we are obliged to comply with national and, if applicable, international laws and regulations relating to the fight against corruption, anti-money laundering, anti-terrorism financing and other economic crime. We have to assess the appropriateness of the remuneration and other payments made and other support granted to you and are subject to certain documentation, publication and reporting obligations and there, can be obliged to disclose the remuneration paid or other support in kind availed to you as a speaker or other service provider, to your employer or to competent regulatory authorities, criminal prosecutors and other recipients responsible for the implementation of transparency rules upon request, or make such payment and in kind support available publicly. This includes particularly documentation, disclosure and reporting obligations in connection with medicines, medical devices and healthcare regulations, transparency laws, laws on anti-money laundering and self-regulatory regimes such as industry and patient codes
• The processing is necessary for purposes of the legitimate interests pursued by us or by a thrid party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data (Art. 6.1 f, GDPR). These legitimate interests are:
  • Maintenance of a database that contains all HCPs with whom we already collaborated with or may collaborate with in the future, to manage the interactions with you and other HCPs 
  • Establishment, exercise or defense of legal claims
• You have given us your consent for the intended processing of your personal data (Art. 6.1 a, GDPR)

You can withdraw your consent at any time. You can withdraw your consent to all processing or for individual purposes of your choice. The withdrawal of consent will not affect the lawfulness of processing based on your consent before the withdrawal. You can withdraw your consent by sending an email to consentukire@fresenius-kabi.com.

We collaborate with other organisations to achieve our purposes. Therefore, we may send your personal data in parts or as a whole to other organisations.

This applies particularly to payment and other financial data and contract data that will be accessible only to a very limited number of recipients who have a need to know the data for the fulfilment of their tasks, subject to any disclousre obligations. 

Such recipients are:

• Other Fresenius Group companies if such a transfer of personal data is required for the specific purpose, or that may be interested in working with you (please refer to the overview of the locations in which Fresenius Kabi group companies are active);
• Service providers which process personal data on our behalf (e.g. for hosting or maintenance services or so we can develop our products and services to benefit our customers) and have to follow our instructions on such processing; the service providers will not be allowed to use your personal data for other than our purposes;
• Competent regulatory authorities, criminal prosecutors and other recipients responsible for the implementation of transparency rules as well as criminal laws and administrative laws;
• Authorities, courts, parties in a litigation to the extent required to meet any applicable law, regulation, legal process or enforceable governmental request 
• The general public to the extent we are obliged to publicly disclose payments made to you and other benefits provided to you, e.g. meals, travel, and lodging as well as other hospitality. Where there is no statutory legal basis for public disclosure including the identity of the recipient, you may choose to withhold your consent to such disclosure, and we would then disclose the payments and benefits on an anonymous aggregated basis;
• Professional advisors or auditors, such as tax advisors, financial auditors, lawyers, insurers, banks and other external professional advisors in the countries in which we operate
• Our third party customer relationship management system and database provider to the extent that they process personal data on our behalf and on our instructions and with appropriate contractual provisions in place 

International data transfers

We may send your personal data in parts or as a whole to Fresenius Group recipients in countries, which are not member states of the European Union or to international organisations, for the purposes listed above. Please refer to the overview of the locations in which Fresenius Kabi Group companies is active. 

We may send data to the following countries for which the European Commission has determinded an adequate level of data protection to be in place that matches the level of data protection within the European Union in which Fresenius entities are established: Argentina, Canada, Japan, New Zealand, Switzerland and Uruguay. 

With regards to such international data transfers to third countries, for which the European Commission has not decided that an adequate level of data protection exists, we have provided appropriate safeguards in order to secure your personal data to a degree that equals the level of data protection in the European Union. 

Safeguards used are:

• Standard Contractual Clauses that have been issued by the European Commission

You can obtain a copy of these standard contractual clauses online, or upon request. 

The personal data related to your interactions with us will be deleted ten years after the completion of the last interaction with you, unless we are legally required to retain the data. 

Depending on the situation you have certain rights regarding your personal data. You have the right to:

• Request access to your personal data 
• Request rectification of your personal data 
• Request erasure of your personal data 
• Request the restriction of processing of your personal data 
• Data portability 
• Object on grounds specific to your situation 

You can exercise these rights online by using the data protection contact form or by contacting our Local Data Protection Advisor on data.protection-uk@fresenius-kabi.com

Controller and Contact

The controller and responsible entity for processing of personal data is:

Fresenius Kabi Limited

Cestrian Court, Eastgate Way, Manor Park, Runcorn, WA7 1NT

Email: data.protection-uk@fresenius-kabi.com

You also have the right to lodge a complaint with our data protection officer or the supervisory authoritiy.

Data Protection Officer:

Fresenius Kabi AG

Data Protection Officer

Else-Kröner-Straße 1, 61352 Bad Homburg, Germany

Email: dataprotectionofficer@fresenius-kabi.com

Data Protection Authority 

If you're unhappy with the outcome of your enquiry, then you can contact the ICO:

The Information Commissioner's Office https://ico.org.uk/global/contact-us/

Tel: 0303 123 1113

Requirements to provide personal data 

Your personal data is required to enter into the respective interaction with you. If you do not provide your personal data, we may be required to refrain from entering into an interaction with you, as we could be unable to meet our due diligence and disclosure requirements under applicable laws and self-regulatory codes.

Changes to this data protection statement

As our collection and use of your data may change over time, we may also modify this data protection statement to always correctly reflect our data processing practices. We encourage you to review it from time to time.