Data Privacy Statement
This Privacy Notice describes how Boehringer Ingelheim International GmbH (hereafter “Boehringer Ingelheim”, “we”, “our”, “us”) uses, stores and discloses (together “process”) the personal data we collect about you through this website. In any event, we will only process your personal data in accordance with applicable data protection and privacy laws (i.e. the General Data Protection Regulation - GDPR).
1. Use of Data and Legal Basis
1.1 Contact form or other requests
We process your data in order to provide you with the agreed or requested services on this website:
- if you register and log in;
- if you take part in training courses or events;
- if you send us inquiries about products or possible adverse event.
The legal basis is Article 6 (1) b) GDPR. If you send information about possible adverse events the legal basis is Article 6 (1) c) GDPR (see section 3 for specific information about adverse events).
1.2 Log data
1.3 Cookies and similar Technologies
1.3.1 Essential Cookies
Essential Cookies are necessary for the website to function properly. Such Cookies make a website usable by providing basic functions such as page navigation and access to secure areas of the website or language settings. Due to their importance for the website's functioning, you cannot opt-out from this kind of Cookies. We base the related processing of personal data on Art. 6 (1) b GDPR, the contractual provision of our services.
Essential Cookies we use to provide this website include Cookies, which
- detect whether a user uses Java Script,
- allow a visitor to receive site content from one out of multiple servers as the user browses the site,
- determine whether a user has accepted which category in the Cookie banner,
- maintain the status of the user for all page requests.
Session cookies: Session cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit. Session cookies are combination of one or more temporary cookie files, which are erased when you close your browser. When you restart your browser and go back to the site that created the cookie, the website will not recognize you. You will have to log back in (if login is required) or select your preferences/themes again if the site uses these features.
Target Group: This is a special cookie to define the visibility of specific content to specific groups of users (i.e. HCPs, patients or journalists) when they want to see a different ‘version’ of the website. This specifies which audience should be able to see which content in the website. For instance, if a content contains specific scientific information, which should not be visible to the public, tagging it to be viewed by a healthcare professional audience will mean this content will only be visible to those who have identified themselves as healthcare professional.
The lifetime of essential Cookies we use extends from the respective session up to one year.
1.3.2 Cookies for Website Optimization
We use the following services of third-party providers:
Adobe Analytics (Omniture)
The analyses help us to improve our services.
The Cookies related to this service allow us for example to
- Create a unique ID for users and enabling us to track visitors across our different domains,
- Determine, if Cookies are enabled,
- Captures statistics about the user's visits to the website,
- Identify the time (in days) between two visits by the same visitor,
- Learn about the number of visits by a single user.
1.3.3 Marketing Cookies
We use Marketing Cookies which allow us to follow users to other websites to show ads that are relevant and engaging to the individual user. We base this processing on your consent (Art. 6 (1) a GDPR), which you may withdraw at any time with future effect and without detriment amending your settings under this link.
We use the following services of third-party providers:
Facebook & Instagram (Facebook Pixel):
We use the Facebook pixel in the basic version to display personalized ads by us and third parties for you on the Facebook and Instagram platforms. Facebook and Instagram are operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook").
For this purpose, we provide Facebook with information about your user activity on our website and certain other personal data (such as your user-ID) via a pixel. This data includes but is not limited to so called http headers (e.g. your IP address and information about your browser) and click data (i.e. the buttons clicked on our website as well as their descriptions and the web pages visited). This allows users of our website, when visiting the social network Facebook or Instagram or other websites that also use this function to display interest-based ads ("Facebook Ads" / "Instagram Ads") and us to make our website even more interesting for you.
Due to the marketing tools used, your browser automatically builds a direct connection with the Facebook server. We have no influence on the extent and further use of the data collected by Facebook using the pixel. Through the integration of Facebook Custom Audiences, Facebook receives the information that you have visited and viewed one of our online offers or learns that you have clicked an ad shown by us. If you are registered with one of Facebook's services, Facebook can assign the visit to your respective private account. Even if you are not registered by Facebook, or have not logged in, there is the possibility that the provider can discover and store your IP address and further identifiers. The Facebook pixel enables us to measure, evaluate and optimize the effectiveness of Facebook ads for statistical and market research purposes. We only receive anonymous reports from Facebook.
Twitter (Conversion Tag):
We have also included the remarketing function of the Twitter service on our website. It is provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. With the Twitter remarketing function we can offer you advertising based on your interests on the Twitter platform. For this purpose, Twitter uses so-called "tags". This tag is used to record visits on our website as well as usage data (e.g. all interactions relating to the advertising displayed such as clicking on links, retweets or likes) in a pseudonymous, non-personal way. If you subsequently visit Twitter, integrated ads are displayed based on your interests. Twitter will then receive information from your browser that our website has been accessed by your device. If you are registered with a Twitter service, Twitter can assign the visit to your account. Even if you are not registered on Twitter or have not logged in, it is possible that the provider may learn and store your IP address and other identifiers. The information generated by the tags about your use of our services is transferred to a Twitter server in the USA and stored there.
For more information on how to disable this feature on Twitter, see https://help.twitter.com/de/safety-and-security/privacy-controls-for-tailored-ads. For more information about Twitter’s data processing, please visit https://twitter.com/de/privacy.
We also use conversion tracking on our website with LinkedIn Insights Tag, a tool from LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. For this purpose, the LinkedIn Insight tag is integrated on our website and a cookie is set on your device by LinkedIn. LinkedIn is informed that you have visited our website and your IP address is collected. Timestamps and events such as page views are also stored. This enables us to statistically evaluate the use of our website in order to constantly optimize it. We learn, for example, which LinkedIn ad or interaction on LinkedIn brought you to our website. This allows us to better control how our ads are displayed.
Shariff solution for social media platforms:
We have included buttons from various social media platforms (Facebook, Twitter, YouTube, LinkedIn, Instagram and Pinterest) on our website. When you click on one of the buttons you will be forwarded to our company page on the respective platform. To protect your privacy, we have integrated the so-called Shariff solution: Only if you click on the button of one of the social media provider (e.g. Facebook) on our website your browser establishes a direct connection to the servers of the respective provider, which may be located in the USA. If you are logged into your user account with the respective provider, your profile data may be supplemented by information gained about your use of our content. The respective provider is responsible for the processing of your personal data. Further information on the processing of personal data can be found on the website of the respective provider.
1.3.4 Adobe DTM (website statistics)
We use the services of Adobe Systems Software Ireland Limited ("Adobe") to compile general statistics on the use of our website, to understand user behaviour in general and to improve our website if necessary (legal basis is Art. 6 (1) f) DSGVO). No data will be collected from your end device and no data will be stored with which you will be recognised on subsequent visits.
1.4 Further purposes for which we process your personal data
We process your personal data to:
- live existing and new business relationships and we will retain the personal data for the time of this business relationship. During the business relationship, we may use contact details and information regarding professional qualification (publication etc.). Some of the information is being collected via publicly available sources and internet sites. The legal basis for the processing of this data is Art. 6 (1) b) and f) of the GDPR.
- meet our legitimate interests, including to:
(i) complete a corporate transaction (e.g., corporate restructuring, sale or assignment of assets, merger); and
- meet our legal obligations, any court order or other binding decision;
- with your consent for other purposes, such as, the subscription to a newsletter; in this case you have the possibility to withdraw your consent at any time.
2. Data Transfer
We may share personal information with third-parties.
2.1 Reporting obligations to regulatory authorities and enforcement of rights
We may share personal data in pharmacovigilance cases as specified in Section 6.
In order to protect our rights or the rights of third-parties, we may also disclose data to rights holders, consultants and authorities in accordance with legal provisions.
2.2 Service provider
We engage service providers to process your personal data for the purposes described in this data protection information. These service providers process the data only on our behalf, in accordance with our instructions and under our control in accordance with this data privacy declaration.
One of these service providers is Adobe Systems Software Ireland Limited, 4-6 River-walk, Citywest Business Campus, Dublin 24, Ireland, providing data and web analytics services.
2.3 Boehringer Ingelheim companies
As part of a global group of companies, we involve other Boehringer Ingelheim companies that support us in data processing. These group companies process the data exclusively for the purposes stated in this data protection declaration.
2.4 Data transfer to recipients outside the EU
Some of these service providers and Boehringer companies process personal data outside the EU. In these cases, we ensure an adequate level of data protection to comply with European law (usually through EU standard contractual clauses published by the European Commission).
3. Specific Privacy Notice for Pharmacovigilance
If you report adverse events or other pharmacovigilance relevant information to a Boehringer Ingelheim product we will use and share this data solely for pharmacovigilance purposes. (Pharmacovigilance is the detection, assessment, understanding and prevention of adverse effects or any other medicine-related problem.)
All reports will be shared with Boehringer Ingelheim International GmbH who is operating the global pharmacovigilance database.
Boehringer Ingelheim is obliged to report pharmacovigilance relevant information to health authorities worldwide (including to countries that may have another level of data protection compared to the EU). Legal basis: Art. 6 (1) c), and for transfers outside EU Art. 6 (1) f) and Art. 49 (1) e) GDPR.
The reports will contain details about the incident but only limited personal data:
- For Patients, the report will only contain, age, gender and initials as provided, but never the patient's name.
- For the reporting individuals, the report will include the name, profession (e.g. physician, pharmacist), initials or address, e-mail and phone number as provided. The contact information is required to be able to follow-up with the reporter to gain high quality and complete information on adverse events. If the reporter does not wish to provide his contact details to Boehringer Ingelheim or authorities, “Privacy” is entered in reporter's names field.
Where your data is shared with other Boehringer Ingelheim companies, business partners or service providers outside of the EU, we will provide an adequate protection of personal data.
As reports about adverse events are important for public health reasons, reports are kept for minimum of 10 years after withdrawal of the product in the last country where the product is marketed.
Boehringer Ingelheim processes your personal data for as long as necessary for the purpose of the processing, which mainly is the provision of our services requested by you. This means for example that we send you newsletters for as long as you did not withdraw your subscription or that we store your user account data (login, profession, name etc.) for as long as you maintain a user account with us.
We will retain personal information for as long as necessary for the particular business purpose or purposes for which it was collected. If you revoke your consent, delete user accounts or object to data processing, we will delete the data collected in a timely manner.
In some cases we are obliged to keep data to comply with statutory retention periods (e.g. in the context of pharmacovigilance). In such a case, we will ensure that your data will only be used to comply with the retention obligations and not for other purposes.
5. Your Rights
Subject to limitations in applicable law, you have a right of access, rectification, restriction, erasure, and portability of your personal data, as well as the right not to be subject to automated individual decision-making.
You also have the right to withdraw your consent at any time.
Right to object:
To the extent we base the processing on our legitimate interests, you may opt-out from such processing at any time. In this case, we will not process such personal data any longer unless our interests prevail. You can object to the use of data for direct marketing purposes at any time. You may also object to the processing of your personal data for the transfer to authorities outside the EU described above in Section 6 for pharmacovigilance cases unless the interests of Boehringer Ingelheim prevail.
Please send your request or any question you have in relation to our processing of your personal data to:
Boehringer Ingelheim International GmbH
– Data Protection Officer –
Binger Strasse 173
D-55216 Ingelheim am Rhein
If you still have concerns, you may have a right to lodge a complaint to the supervisory authority for privacy in your country or responsible for BI:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz, Hintere Bleiche 34, 55116 Mainz, firstname.lastname@example.org