Privacy Statement for Healthcare Professionals (HCPs)

In your capacity as a Healthcare Professional, Fresenius Kabi will process certain personal data from you, when you provide a service to us, or when we interact with you otherwise.

 

Protecting your data personal data is important to us. We would like to inform you how personal data about you is collected, processed and used by the Fresenius Kabi legal entity contracting or otherwise interacting with you (hereinafter “Fresenius Kabi” “we”, or “us”).

 

Processing of personal data by us is governed by the General Data Protection Regulation of the European Union (“GDPR”).

 

Privacy Statement for Healthcare Professionals (HCPs)

Data protection information for HCPs providing a service or otherwise interacting with us

Last updated June 2020, previous version May 2019

In your capacity as a HCP providing a service or otherwise interacting with Fresenius Kabi Limited (we), we will process certain personal data from you.

This data protection statement informs you about the processing of personal data in connection with your relationship with us as HCP.

Protecting your data personal data is important to us. Processing of personal data by us is governed by the Data Protection Act 2018 and the General Data Protection Regulation of the European Union (GDPR).

Please be aware that we also may process your personal data in other contexts, e.g. when you visit our website www.fresenius-kabi.com/gb or when you are a business partner for products or services. Please see the specific information on the processing of your personal data in such situations.

 

Why we collect and use your data

We process and use your data for the following purposes:

  • carrying out the contract with you including payment transfers to you
  • maintaining a database of HCPs with whom we already collaborated or may collaborate in the future
  • contact management and communicating with you including virtual video or audio interactions with you
  • assess and categorise which specific business needs match best with your abilities (e.g. when we look for a key opinion leader in a certain field or for specific products, the extent you belong to the group of scientific input providers, based on scientific or professional experience
  • best practice sharing
  • meeting our compliance requirements, such as anti-corruption laws, anti-money laundering laws and other laws on economic crime, regulatory and pharmacovigilance and medicines laws, as well as disclosure requirements resulting from applicable laws and self-regulatory codes of conduct as a result of our membership in trade associations

We might process your data on servers in different countries within the European Union. Therefore, your data might be processed in a country outside of your country of residence.

 

What data we collect and how we do that 

 Information you provide to us

 We collect your personal data depending on the types of interactions you have with us. Such data may include the following:

  • First and last name
  • Gender
  • Contact and address information, including address, email address, phone number, fax number
  • Country of residence
  • Curriculum vitae information, including information on your professional experience, your engagement with us and other companies, events you attended, publications etc.
  • Pictures of you
  • Audio-visual recordings of your voice and appearance, if a presentation of yours is recorded
  • Your areas of expertise and your areas of professional interest as an HCP
  • Employer name and employer address
  • Information on payments made and benefits granted to you
  • Your bank account number
  • Your tax identification number
  • Payments made or benefits granted to you
  • Contracts made between you and us
  • Satisfaction surveys (if appropriate)

Information that we collect from publicly available sources

Even before we enter into an interaction with you we may collect information about you and your professional experience from publicly available sources, such as the internet, social media platforms, sanction lists and other online and print publications. Such data may include:

  • First and last name
  • Curriculum vitae information, including information on your professional experience, your engagement with other companies, events you attended, publications etc.
  • Business address
  • Pictures and audio-visual recordings of you

Legal basis for the data processing 

We process your personal data, as the case may be:

  • the processing of your personal data is necessary in order to carry out the concluded contract between you and us (Art. 6.1 b, GDPR).
  • the processing of your personal data is necessary for us in order to comply with a legal obligation we are subject to (Art. 6.1 c, GDPR). We are specifically obliged to comply with national and, if applicable, international laws and regulations relating to fight against corruption, money laundering and other economic crime, have to assess the appropriateness of the remuneration and other payments made and other support granted to you and are subject to certain documentation, publication and reporting obligations and therefore, can be obliged to disclose the remuneration paid or other support in kind availed to you as a speaker or other service provider, to your employer or to competent regulatory authorities, criminal prosecutors and other recipients responsible for the implementation of transparency rules upon request, or make such payments and in kind support available publicly. This includes particularly documentation, disclosure and reporting obligations in connection with medicines, medical devices and healthcare regulations, transparency laws, laws on anti-money laundering and self-regulatory regimes such as industry and patient codes.
  • the processing is necessary for purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data. (Art. 6.1 f, GDPR).
    • These legitimate interests are the maintenance of a database that contains all HCPs with whom we already collaborated or may collaborate in the future, to manage the interactions with you and other HCPs.
    • Establishment, exercise or defence of legal claims.
  • you have been given us your consent for the intended processing of your personal data (Art. 6.1 a, GDPR).


You can withdraw your consent at any time. You can withdraw your consent to all processing, or for individual purposes of your choice. Withdrawal of consent will not affect the lawfulness of processing based on your consent before the withdrawal.

You can withdraw your consent by sending an email to consentukire@fresenius-kabi.com

 

We share your data 

We collaborate with other organisations to achieve our purposes.  Therefore, we may send your personal data in part or as a whole to other organisations.

We may transfer your personal data in parts or as a whole to recipients in third countries, which are not Member States of the European Union. Such countries can be around the world and where the Fresenius group is active. Please refer to the overview of the locations in which Fresenius Kabi is active. The data will be shared only on a need-to-know basis. This applies particularly to payment and other financial data and contract data that will be accessible only to a very limited number of recipients who have a need to know the data for the fulfilment of their tasks, subject to any disclosure obligations.

Such recipients may include:

  • other Fresenius Group companies if such a transfer of personal data is required for the specific purpose or that may be interested in working with you.  Please refer to the https://www.fresenius-kabi.com/company/locations-worldwide in which Fresenius Kabi Group companies are active
  • service providers which process personal data on our behalf (e.g. for hosting or maintenance services) and have to follow our instructions on such processing; these service providers will not be allowed to use your personal data other than for our purposes;
  • competent regulatory authorities, criminal prosecutors and other recipients responsible for the implementation of transparency rules as well as criminal laws and administrative laws
  • authorities, courts, parties in a litigation to the extent required to meet any applicable law, regulation, legal process or enforceable governmental request
  • the general public to the extent we are obliged to publicly disclose payments made to you and other benefits provided to you, e.g. meals, travel and lodging as well as other hospitality. Where there is no statutory legal basis for public disclosure including the identity of the recipient, you may choose to withhold your consent to such disclosure, and we would then disclose the payments and benefits on an anonymous aggregated basis
  • Professional advisors or auditors, such as tax advisors, financial auditors, lawyers, insurers, banks and other external professional advisors in the countries in which we operate.
  • our third party customer relationship management system and database provider to the extent that they process personal data on our behalf and on our instructions and with appropriate contractual provisions in place

International Data Transfers 

We may send your personal data in parts or as a whole to Fresenius Group recipients in countries, which are not member states of the European Union or to international organisations, for the purposes listed above. Please refer to the overview of the locations in which Fresenius Kabi is active.

We may send data to the following countries for which the European Commission has determined an adequate level of data protection to be in place that matches the level of data protection within the European Union in which Fresenius entities are established: Argentina, Canada, Japan, New Zealand, Switzerland or Uruguay.

With regards to such international data transfers to third countries, for which the European Commission has not decided that an adequate level of data protection exists, we have provided appropriate safeguards in order to secure your personal data to a degree that equals the level of data protection in the European Union. 

Safeguards used are:

  • Standard Contractual Clauses that have been issued by the European Commission.
  • Participation in the EU-US-Privacy Shield.

You can obtain a copy of these Standard Contractual Clauses online, or upon request.

 

How long we retain the data 

The personal data related to your interactions with us, e.g. contract entered between you and us, payments made or benefits granted to you, will be deleted after ten years after the completion of the last interaction with you, unless we are legally required to retain the data.

 

Rights of the data subject 

Depending on the situation you have certain rights regarding your personal data. You have the right to:

  • Request access to your personal data
  • Request rectification of your personal data
  • Request erasure of your personal data,
  • Request the restriction of processing of your personal data
  • Data portability
  • Object on grounds specific to your situation

You can exercise these rights online by using the Data Protection Contact Form or by contacting our UK Local Data Protection Adviser on data.protection-UK@fresenius-kabi.com

You also have the right to lodge a complaint with our Data Protection Officer or the supervisory authority.

 

Data Protection Officer:

Fresenius Kabi Limited
Data Protection Officer
Else-Kröner-Straße 1
61352 Bad Homburg
Germany
E-mail: dataprotectionofficer@fresenius-kabi.com

 

Data Protection Authority:

If you’re unhappy with the outcome of your enquiry, then you can contact the ICO:

The Information Commissioner’s Office

https://ico.org.uk/global/contact-us/

Tel: 0303 123 1113

Requirement to provide personal data 

Your personal data is a requirement necessary to enter into the relevant interaction with you. If you fail to provide your personal data, we may be required to refrain from entering into an interaction with you, as we could be unable to meet our due diligence and disclosure requirements under applicable laws and self-regulatory codes.

 

Changes to this data protection information 

As our collection and processing of your data may change over time, we might also modify this Data Protection Information to always correctly reflect our data processing practices. We encourage you to review it from time to time.

 

Controller and contact 

The controller and responsible entity for processing of personal data is the Fresenius Kabi legal entity contracting with you or, if there is no contract in place, Fresenius Kabi Deutschland GmbH, Else-Kröner-Straße 1, 61352 Bad Homburg, Germany.

We have designated a data protection officer. You can contact the data protection officer for all requests and questions concerning your personal data via: dataprotectionofficer@fresenius-kabi.com.