Roche Privacy Notice (Health Care Professionals, Customers, Business Partners)

Last Revised: August 20th, 2024

 

General Privacy Statement 

At F. Hoffmann-La Roche Ltd and all Roche’s subsidiaries (“Roche”), we are committed to protecting your personal information in accordance with the applicable data protection laws. This Privacy Notice outlines the types of personal data Roche may collect, the means by which Roche may collect, use, or share your personal data; steps Roche takes to protect your personal data; and choices you are provided with respect to the use of your personal data. This Privacy Notice applies to Personal Data collected from Healthcare Professionals and Business Partners by Roche through different channels, including physical meetings, digital platforms or websites that link to this Privacy Notice or other sources as described below.

For the purposes of this Privacy Notice, “Personal Data” is any information by which you can be individually identified both directly and indirectly, including, but not limited to, your name, address, e-mail address, and telephone number. 

 

Minors 

Our processing activities described in this Privacy Notice are not designed or intended to collect Personal Data from  children under the age of 18 unless explicitly advertised in the platform. We do not knowingly collect any Personal Data on this site from anyone under the age of 18 without the prior, verifiable consent of a parent or guardian. Such parent or guardian may have the right, upon request, to view the information provided by the child and require that it be deleted. Moreover, all minors should seek their parent’s or guardian’s permission prior to using or disclosing any Personal Data on this website or online resource. 

 

Identity and Contact Details of the Data Controller

F. Hoffmann-La Roche Ltd and the Roche subsidiary or Roche’s appointed business partner based in the country in which you are resident are acting as joint data controllers (also referred to as “Roche” or “we”) for the processing activities described in this Privacy Notice. They agreed to jointly ensure an efficient management of customer relationships across different regions and entities within Roche to best serve customer needs. Please refer below to the identity and contact details of your Data Controller:

 

Roche Pharmaceuticals Middle East FZCO - Dubai Branch

The Galleries, Building 4, Floor 5, Jebel Ali Downtown, P.O. Box 27309, Dubai, UAE

 

Company activity: Pharmaceuticals

 

You may contact the data controller by email at dubai.privacy@roche.com

 

Categories of personal data processed

We may collect the following personal data: 

  1. Contact details: includes your  name, professional email address, telephone number, employing health care organization.
  2. Professional Information: includes your biographical information (CV), professional society memberships, affiliations/profession, job title, therapeutic area, qualifications or experience, education and scientific/medical activity.
  3. Financial/Transaction information: includes your bank account number, credit card, customer account information, order history.
  4. Transfer of value: includes the nature, value, date of any financial/non-financial transfers to you by Roche.
  5. Interaction Information: includes professional interactions between Roche and you, records of your collaborations, registration and participation in Roche’s event or related activity, clinical trials in which you served or are serving as an investigator.
  6. Profile data: includes information about your contact and product preferences, languages, marketing preferences, qualifications or experience, collaborations, publications, posts, demographic data, feedback and interest. 
  7. Technical and usage data: includes your online user ID, IP address, geographic information, viewing data, other information regarding your usage and interactions with our websites, applications, emails, and advertisements.

 

How and Why We Process Your Personal Data 

Several places on our platforms require Personal Data if you choose to use them, including surveys, registration, and content sharing features (i.e., “E-mail to a Friend” links). Roche and its business partners collect this information about you only if you voluntarily provide it to us. Please be aware that certain features in our platform may not be available to you if you elect not to provide certain Personal Data. Any Personal Data you provide to us on our platform will be used in accordance with this Privacy Notice. 

 

More Information on our Processing Activities

This table outlines each processing activity and provides information on the categories of information collected for each activity. Furthermore, this table defines the categories of Personal Data for each of these processing activities that you consented. 
Purpose Categories of Personal Data

Responding to Requests or Inquiries.  

We may use the information that you provide to us to take the steps necessary to respond to your request, for example, you may submit a medical information request, inquire about a product, subscribe to one of our mailing lists, or to create an account and/or profile in Roche’s portals or websites. 
  1. Contact Details
  2. Professional Information

 

Completing Transactions and fulfilling contractual obligations. 

We may collect the Personal Data to fulfill services that you have requested, for example register for and use an account, to administer and manage your registration and participation at Roche’s events, to fulfill business relationships with you, including processing payments, notifying you of your order status and any associated order status issues.
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information

Managing business relationships with you.

We collect and process Personal Data to facilitate Roche’s decision making when it comes to identifying suitable therapeutics area experts for its various medical/ and/or scientific engagements and collaborations (including speakers at internal or external medical educational events, advisory boards, training, etc.) or to prepare our meetings and interactions with you. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you to manage business relationships with you,  for selecting the most appropriate therapeutic areas experts and to prepare the meetings and interactions with you. You can object to this processing activity at any time by using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to have a consolidated view of your professional and scientific engagements and personalized our interactions with you. No automated decisions are made that would result in legal effects or similarly significantly affect. 
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data

Managing and personalizing communication with you  

We collect and process your Personal Data to verify your username and password, to send you a welcoming email, website updates, information about Roche’s programs, products and services, notices regarding relevant medical conditions and treatment, or other information responsive to the data that you provide to us. We may communicate with you via post, phone, email, social media platforms or other channels. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you, your preferences, expertise, collaborations, and how you have interacted with us in the past in order to understand your interest, needs and preferences in our products and services so that we can best serve and communicate with you. 

You can object to this processing activity at any time using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to send you tailored information in line with your interests and preferences. No automated decisions are made that would result in legal effects or similarly significantly affect.
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data

Transparency obligation.

Roche may be obligated to disclose transfers of value made to healthcare professionals and healthcare organizations, as may be advisable or required under applicable global, regional and local rules and regulations and best industry practices and standards.  
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  4. Transfer of value

To Run, Maintain and improve our Websites, Platforms and Products. 

We use this information to secure, maintain and improve our websites, network systems, and other assets. 
  1. Technical and usage data

Responding to Requests or Inquiries.  

We may use the information that you provide to us to take the steps necessary to respond to your request, for example, you may submit a medical information request, inquire about a product, subscribe to one of our mailing lists, or to create an account and/or profile in Roche’s portals or websites. 

Completing Transactions and fulfilling contractual obligations. 

We may collect the Personal Data to fulfill services that you have requested, for example register for and use an account, to administer and manage your registration and participation at Roche’s events, to fulfill business relationships with you, including processing payments, notifying you of your order status and any associated order status issues.

Managing business relationships with you.

We collect and process Personal Data to facilitate Roche’s decision making when it comes to identifying suitable therapeutics area experts for its various medical/ and/or scientific engagements and collaborations (including speakers at internal or external medical educational events, advisory boards, training, etc.) or to prepare our meetings and interactions with you. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you to manage business relationships with you,  for selecting the most appropriate therapeutic areas experts and to prepare the meetings and interactions with you. You can object to this processing activity at any time by using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to have a consolidated view of your professional and scientific engagements and personalized our interactions with you. No automated decisions are made that would result in legal effects or similarly significantly affect. 

Managing and personalizing communication with you  

We collect and process your Personal Data to verify your username and password, to send you a welcoming email, website updates, information about Roche’s programs, products and services, notices regarding relevant medical conditions and treatment, or other information responsive to the data that you provide to us. We may communicate with you via post, phone, email, social media platforms or other channels. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you, your preferences, expertise, collaborations, and how you have interacted with us in the past in order to understand your interest, needs and preferences in our products and services so that we can best serve and communicate with you. 

You can object to this processing activity at any time using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to send you tailored information in line with your interests and preferences. No automated decisions are made that would result in legal effects or similarly significantly affect.

Transparency obligation.

Roche may be obligated to disclose transfers of value made to healthcare professionals and healthcare organizations, as may be advisable or required under applicable global, regional and local rules and regulations and best industry practices and standards.  

To Run, Maintain and improve our Websites, Platforms and Products. 

We use this information to secure, maintain and improve our websites, network systems, and other assets. 
  1. Contact Details
  2. Professional Information

 
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  4. Transfer of value
  1. Technical and usage data

Responding to Requests or Inquiries.  

We may use the information that you provide to us to take the steps necessary to respond to your request, for example, you may submit a medical information request, inquire about a product, subscribe to one of our mailing lists, or to create an account and/or profile in Roche’s portals or websites. 

Completing Transactions and fulfilling contractual obligations. 

We may collect the Personal Data to fulfill services that you have requested, for example register for and use an account, to administer and manage your registration and participation at Roche’s events, to fulfill business relationships with you, including processing payments, notifying you of your order status and any associated order status issues.

Managing business relationships with you.

We collect and process Personal Data to facilitate Roche’s decision making when it comes to identifying suitable therapeutics area experts for its various medical/ and/or scientific engagements and collaborations (including speakers at internal or external medical educational events, advisory boards, training, etc.) or to prepare our meetings and interactions with you. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you to manage business relationships with you,  for selecting the most appropriate therapeutic areas experts and to prepare the meetings and interactions with you. You can object to this processing activity at any time by using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to have a consolidated view of your professional and scientific engagements and personalized our interactions with you. No automated decisions are made that would result in legal effects or similarly significantly affect. 

Managing and personalizing communication with you  

We collect and process your Personal Data to verify your username and password, to send you a welcoming email, website updates, information about Roche’s programs, products and services, notices regarding relevant medical conditions and treatment, or other information responsive to the data that you provide to us. We may communicate with you via post, phone, email, social media platforms or other channels. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you, your preferences, expertise, collaborations, and how you have interacted with us in the past in order to understand your interest, needs and preferences in our products and services so that we can best serve and communicate with you. 

You can object to this processing activity at any time using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to send you tailored information in line with your interests and preferences. No automated decisions are made that would result in legal effects or similarly significantly affect.

Transparency obligation.

Roche may be obligated to disclose transfers of value made to healthcare professionals and healthcare organizations, as may be advisable or required under applicable global, regional and local rules and regulations and best industry practices and standards.  

To Run, Maintain and improve our Websites, Platforms and Products. 

We use this information to secure, maintain and improve our websites, network systems, and other assets. 
  1. Contact Details
  2. Professional Information

 
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  4. Transfer of value
  1. Technical and usage data
Purpose

Responding to Requests or Inquiries.  

We may use the information that you provide to us to take the steps necessary to respond to your request, for example, you may submit a medical information request, inquire about a product, subscribe to one of our mailing lists, or to create an account and/or profile in Roche’s portals or websites. 

Completing Transactions and fulfilling contractual obligations. 

We may collect the Personal Data to fulfill services that you have requested, for example register for and use an account, to administer and manage your registration and participation at Roche’s events, to fulfill business relationships with you, including processing payments, notifying you of your order status and any associated order status issues.

Managing business relationships with you.

We collect and process Personal Data to facilitate Roche’s decision making when it comes to identifying suitable therapeutics area experts for its various medical/ and/or scientific engagements and collaborations (including speakers at internal or external medical educational events, advisory boards, training, etc.) or to prepare our meetings and interactions with you. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you to manage business relationships with you,  for selecting the most appropriate therapeutic areas experts and to prepare the meetings and interactions with you. You can object to this processing activity at any time by using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to have a consolidated view of your professional and scientific engagements and personalized our interactions with you. No automated decisions are made that would result in legal effects or similarly significantly affect. 

Managing and personalizing communication with you  

We collect and process your Personal Data to verify your username and password, to send you a welcoming email, website updates, information about Roche’s programs, products and services, notices regarding relevant medical conditions and treatment, or other information responsive to the data that you provide to us. We may communicate with you via post, phone, email, social media platforms or other channels. 

We may combine Personal Data you provide with other information collected through our websites and online resources, Roche’s offline records and information provided to us by third parties. This processing activity involves the creation of a profile about you, your preferences, expertise, collaborations, and how you have interacted with us in the past in order to understand your interest, needs and preferences in our products and services so that we can best serve and communicate with you. 

You can object to this processing activity at any time using the contact details described in the list of Data Controllers. If you opt out for this processing activity, Roche won’t be able to send you tailored information in line with your interests and preferences. No automated decisions are made that would result in legal effects or similarly significantly affect.

Transparency obligation.

Roche may be obligated to disclose transfers of value made to healthcare professionals and healthcare organizations, as may be advisable or required under applicable global, regional and local rules and regulations and best industry practices and standards.  

To Run, Maintain and improve our Websites, Platforms and Products. 

We use this information to secure, maintain and improve our websites, network systems, and other assets. 
Categories of Personal Data
  1. Contact Details
  2. Professional Information

 
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Interaction Information
  4. Profile data
  5. Technical and usage data
  1. Contact Details
  2. Professional Information
  3. Financial/Transaction information
  4. Transfer of value
  1. Technical and usage data

Sources 

  1. Roche uses different methods and channel to collect personal data from you and about you including: 
  2. Directly from you;
  3. Direct interactions with you, including information obtained from you through physical or virtual meetings, collaborations, services, feedback, requests, inquiries, surveys, etc.; 
  4. Automated information collected through our websites and online sources; 
  5. Third parties or publicly available sources, including websites, social media networks, journals, and third party platforms.

 

Adverse events reporting

For adverse events within the rest of the GCC and Levant, please reach out to your local representatives from the list here. For adverse events within the Kingdom of Saudi Arabia, use this link.

 

Use of Data for Marketing

We do not sell or transfer the Personal Data to any non-affiliated entity for their own direct marketing use unless we provide clear notice to you and obtain your explicit consent.

 

Information Sharing / Recipients of Personal Data 

 

Recipients of your Personal Data

Roche may share the Personal Data with Roche’s subsidiaries around the world. Our Roche subsidiaries will use the Personal Data for the same purposes as the data Controller does, for example to contact you for a potential collaboration or event. A list of Roche’s subsidiaries is available in the current “Roche finance report in the list of subsidiaries and associates section”, which can be found in the Investors section of www.roche.com. 

 

Furthermore, we may also share the Personal Data with third parties, for the following purposes: 

  • To F. Hoffmann-La Roche Ltd and other Roche’s subsidiaries for support and maintenance of our platforms and processing activities;
  • To IQVIA Ltd, 210 Pentonville Road, London N1 9JY, England, UK for IT support, maintenance and business continuity purposes.
  • To business partners: service providers, including market research agencies, events organizers, or other third parties who provide certain services to Roche;
  • To cloud providers or services provider for storing purposes and to conduct technical maintenance of our platform and other web platforms; 
  • To communication providers, including marketing platforms, electronic communication providers, social media platforms in order to send you relevant information and communicate with you
  • To facilitate a merger, consolidation, transfer of control or other corporate reorganization in which Roche participates, or pursuant to a financial arrangement undertaken by Roche; 
  • To respond to appropriate requests of legitimate government authorities, or where required by applicable laws, court orders, or government regulations; and
  • Where needed for corporate audits or to investigate or respond to a complaint or security threat. 

 

 

International Transfers of the Personal Data 

Roche may transfer the Personal Data in the following countries and regions that imposes privacy obligations similar with your country of origin: European Union including Germany, France and Ireland. 

If your Personal Data is covered by the GDPR/UK GDPR/Swiss FADP: For transfers of personal data within the Roche Group and Roche’s processors or business partners, contracts containing the EU Standard Contractual Clauses according to the EU Commission decision of 04 June 2021 (C(2021) 3972), constitutes appropriate and suitable safeguards to ensure compliance with GDPR/UK GDPR/Swiss FADP, including supplementary measures where required. 

 

Data Security

We have implemented commercially reasonable precautions to protect the Personal Data we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Data security measures include data encryption and data access management and controls. Please be aware that despite these measures, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your phone and your computer by, among other things, signing off after using a shared computer, locking your phone and keeping your information private.

 

Retention / Storage Period of Your Personal Data

The length of time in which we will store your Personal Data will differ depending on the purpose for which we have collected and are processing your data. In most cases, we will keep the data for five (5) years following our last interaction with you. We may, however, maintain your data for a longer period of time if we are required by law to maintain your data, e.g. due to tax law or accounting requirements. 

 

Information About Your Rights Regarding Your Personal Data

You may have certain rights regarding our use and processing of your Personal Data. 

If data processing is based on consent, note that you have the right to withdraw your consent at any time unless applicable laws or regulations or judicial requirements require otherwise. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal, or unless applicable laws or regulations or judicial requirements require otherwise. In order to withdraw your consent you can either use the mechanism as individually explained when we asked for your consent or in any case send an email to the data controller as indicated in “Identity and Contact Details of the Data Controller” section above.

 

Your rights in accordance with applicable laws.

 

Further information about your privacy rights can be found in our Data Privacy Rights by applicable laws.

 

Updates to This Privacy Notice

From time to time, we may revise this Privacy Notice. Any such changes to this Privacy Notice will be reflected on this page. The date on which this notice was last revised is located at the top of this notice.
Da li ste sigurni?