1. Subject of this data protection information
We are pleased about your interest in our internet presence and our offers on these web pages. The protection of your personal data (hereinafter referred to as "data") is of great and very important concern to us. In the following we would therefore like to inform you in detail about which data is collected during your visit to our website and the use of our offers there and how this data is processed by us. Furthermore, we would like to inform you about the rights you are entitled to and the technical and organisational protective measures we have taken with regard to the processing of your data.
2. Name and address of the data controller and service provider
The responsible person with regards to GDPR is Daiichi Sankyo Ireland Limited (hereinafter also referred to briefly as "Daiichi Sankyo" or "we"), Unit 29, Block 3, Northwood Court, Santry, Dublin 9, see also our imprint.
If you have any questions or comments about this data protection information or data protection in general, please send them to the following e-mail address: Datenschutz@daiichi-sankyo.eu
3. Collection and use of your data
The extent, type and use of your data will differ depending on whether you visit our website only to access information, or use services offered by us or log into a protected area for health care professionals (HCP):
a. Informational use
For the informational use of our website it is generally not necessary for you to provide personal data.
Rather, in this case we collect and use only those of your data that your Internet browser automatically transmits to us. These are in particular the following:
- Date and time of access to one of our Internet pages
- Your browser type
- the last page you visited
- the transferred data volume and the access status (file transferred, file not found, etc.) as well as
- Your IP address.
The data is stored in log files on the server for 12 months. Except for the IP address, we only process this data in non-personal form during an informational visit. This is done in order to enable you to access and use the website and to be able to check whether our websites are optimally displayed to you. The processing is carried out on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR and in our interest in order to be able to display our website to you reliably and as trouble-free as possible. The data arising during the informational use including your IP address are stored in order to ensure the operation of the website and to be able to react to problems. A personal evaluation of the data does not take place. Only statistical evaluations of the use of the website are made, as described further below in this data protection information.
b. Use of the contact form
If you would like to contact us via our contact form, we collect the following data from you:
- Title *
- First name *
- Surname *
- e-mail address *
- business concern
- street address
- town
- ZIP CODE
- nation
- phone
- telefax
- Subject *
- Question/ concern *
- Department *
- Attachments/Files
- Captcha *
Mandatory Information
We use this data to forward your inquiry to the department responsible at our company and to be able to answer it by e-mail or, if necessary, by telephone, post or fax. In addition, we can use your details to personalize our response and provide you with specific information for your business.
We process the captcha request to verify that it is a real request and not a "login robot" or automated spam requests. Your entry there will only be used for this check and will not be stored.
If your inquiry relates to an existing contractual relationship with you or if you are interested in concluding a contract, e.g. with regard to a consultant activity, the data processing is carried out on the legal basis of Art. 6 para. 1 sentence 1 b) GDPR (contract fulfilment and initiation).
Otherwise, the data will be processed on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR (balancing of interests). It is in our interest to be able to answer your inquiry with the information relevant to you by our internal department. The data processing of the captcha query is in our interest in order to prevent automated logins via logon robots or spam requests. We store the data collected via the contact form for processing and answering the respective inquiry.
c. Login to the non-public area
We may also offer registered users the opportunity to log in to the non-public area. This is reserved for members of medical circles (health care professionals).
The processing of your data on our website for registration in the non-public sector is based on the legal basis of Art. 6 para. 1 sentence 1 c) DSGVO (legal obligation) in connection with our obligation to verify that only members of medical professionals have access to information on prescription products.
d. Data processing of reports of adverse reactions
If you contact a Daiichi Sankyo national subsidiary to report an adverse reaction, you can do so anonymously, i.e. without your name or other identifier, or you can provide personal information. You will find the name and contact data for Daiichi Sankyo national subsidiaries as well as contact data for their respective Data Protection Officers under section 2.
If your report includes personal information, the company stores the data you provide. In addition to the report of the adverse reaction itself, the company generally stores your name, address and contact data as well as the date and time of the report. The purpose is to receive reports of adverse reactions in accordance with the prescribed rules and to be able to contact you with questions. The legal basis for such data processing is Arts. 6 (1) lit c, (2) and (3) GDPR, (1) lit. d GDPR and (1) lit. f GDPR.
This personal data are not transferred to a different location. The Pharmacovigilance Department of the respective national subsidiary processes the report internally and anonymises the data before forwarding it to a global database.
The data are deleted when the specific report is no longer relevant from any conceivable perspective. In general, this will occur 10 years after the expiration of the marketing authorisation for the medicine to which the adverse reaction report relates.
If the report is made anonymously, the national subsidiary does not collect or process any personal data relating to you. In other respects, the report of an adverse reaction will be processed and stored / deleted in accordance with the aforementioned procedure.
If you contact a Daiichi Sankyo national subsidiary to report an adverse reaction, you can do so anonymously, i.e. without your name or other identifier, or you can provide personal information. You will find the name and contact data for Daiichi Sankyo national subsidiaries as well as contact data for their respective Data Protection Officers under section 2.
If your report includes personal information, the company stores the data you provide. In addition to the report of the adverse reaction itself, the company generally stores your name, address and contact data as well as the date and time of the report. The purpose is to receive reports of adverse reactions in accordance with the prescribed rules and to be able to contact you with questions. The legal basis for such data processing is Arts. 6 (1) lit c, (2) and (3) GDPR, (1) lit. d GDPR and (1) lit. f GDPR.
This personal data are not transferred to a different location. The Pharmacovigilance Department of the respective national subsidiary processes the report internally and anonymises the data before forwarding it to a global database.
The data are deleted when the specific report is no longer relevant from any conceivable perspective. In general, this will occur 10 years after the expiration of the marketing authorisation for the medicine to which the adverse reaction report relates.
If the report is made anonymously, the national subsidiary does not collect or process any personal data relating to you. In other respects, the report of an adverse reaction will be processed and stored / deleted in accordance with the aforementioned procedure.
e. Data processing in case of medical enquiries
If you contact Daiichi Sankyo to enquire about product information in the medical field, Daiichi Sankyo stores the personal data which you provided at the time of contact. To ensure we are dealing with an HCP, this data includes your name, professional details and contact data as well as the date and time of this contact. The purpose of this storage is to be able to respond to your medical enquiry.
You will find the name and contact data for Daiichi Sankyo national subsidiaries as well as contact data for their respective Data Protection Officers under section 2.
The legal basis for such data processing is Arts. 6 (1) lit. d and (1) lit. f GDPR. The data is deleted when the specific enquiry is no longer relevant from any conceivable perspective. In general, this will occur 10 years after the expiration of the marketing authorisation for the medicine to which the enquiry relates or earlier, should you request deletion.
4. Use of Cookies
a. Which cookies do we use?
We use the technology of cookies for our Internet presence. Cookies are small text files that are sent from our web server to your browser during your visit to our website and are stored on your computer, tablet computer or smartphone for later retrieval.
We use the following cookies on our websites:
Own cookies:
- fe_typo_user] Function: This cookie is only used on the page with our contact form and is set as a temporary cookie to allow the use of the contact form. It contains an alphanumeric sequence of numbers as an identifier. The cookie is only stored until the end of the session and is a so-called first-party cookie, i.e. a cookie that is controlled from our website.
– [acceptedCookiePolicy] Function: The cookie is only used to display or hide the cookie banner itself. The cookie is only set after the cookie banner has been accepted. This is a so-called first-party cookie, i.e., a cookie that is controlled from our website.
Use of cookies for Google Analytics (see below in detail):
- [_gat] Function: This cookie is part of Google Analytics and is used for statistical analysis of user behavior on our websites. With the help of this cookie the query rate of the website usage is controlled. It typically contains a number and is stored for 10 minutes. The cookie is a so-called first-party cookie which is controlled from our website.
- [_ga] Function: This cookie is part of Google Analytics and is used for statistical analysis of user behavior on our websites. It contains an individual Google Analytics identification number and is stored for 2 years. The cookie is a so-called first-party cookie which is controlled from our website.
- [_gid] Function: This cookie is part of Google Analytics and is used for statistical analysis of user behavior on our websites. It contains an individual Google Analytics identification number and is stored for 24 hours. The cookie is a so-called first-party cookie which is controlled from our website.
Third-party cookies:
- Additional cookies may be set by third parties using their plug-ins.
Information on these cookies can be found under the respective sub-item of this data protection declaration as well as under the data protection declarations of the respective third party provider linked there.
b. Disabling cookies
Whether cookies can be set and retrieved can be determined by the settings in your browser. For example, you can completely deactivate the storage of cookies in your browser, limit it to certain websites or configure your browser so that it automatically informs you as soon as a cookie is to be set and asks you for feedback. You can block or delete individual cookies. For technical reasons, however, this can lead to some functions of our Internet presence being impaired and no longer functioning completely.
5. Use of Google Analytics
It is important for us to design our Internet pages as optimally as possible and thus to make them attractive for our visitors. To do this, we need to know which parts of it reach our visitors and how.
This website uses Google Analytics, a web analysis service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). Google Analytics also uses cookies, which are text files placed on your device, to help the website analyze how users use the site. The information generated by the cookie about your usage of this website is usually transferred to a Google server in the USA and stored there. IP anonymisation has been activated on our website so that Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us as website operator with other services relating to website usage and internet usage.
The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
You can find Google's privacy policy here: https://www.google.com/policies/privacy/partners/?hl=en.
The processing of your data is carried out on the legal basis of art. 6 par. 1 p. 1 f) GDPR (weighing of interests) and in our interest in order to be able to evaluate how our website is used and to adapt and optimise our website on the basis of the results.
Your Google Analytics data will be deleted after 18 months.
6. Google Maps
We also use Google Maps content on our website to display environmental maps.
By visiting our website, Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") receives the information that you have called up the corresponding page of our website.
In addition, the data referred to in point 3 a) of this declaration will be transmitted. This happens regardless of whether you are logged into a Google user account or whether no user account exists. If you are logged into a Google Account, this information will be directly associated with your account. If you do not wish to be associated with your profile, you must first log out of your Google Account.
Google has a so-called EU-U.S. Privacy Shield certification. The EU-U.S. Privacy Shield Agreement is a data protection agreement designed to ensure an adequate level of data protection for data transfers to certified U.S. companies. The EU Commission has established the adequacy of the guaranteed data protection level according to the EU-U.S. Privacy Shield Agreement by decision of 12.07.2016 (Az. C(2016) 4176).
The decision of the EU Commission can be viewed here: http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=uriserv:OJ.L_.2016.207.01.0001.01.DEU.
The current status of Google's certification according to the EU-U.S. Privacy Shield Agreement can be found here: https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI.
For more information on the purpose and scope of data collection and processing by Google, please see Google's privacy policy: www.google.com/intl/de_en/policies/privacy/. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
The processing of your data is carried out on the legal basis of art. 6 par. 1 p. 1 f) GDPR (weighing of interests) and in our interest, in order to be able to show you the maps offered by Google Maps on our website.
7. Google fonts
We use fonts from Google Fonts on our website. By visiting our website, Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") receives the information that you have called up the corresponding page of our website.
In addition, the data referred to in point 3 a) of this declaration will be transmitted. This happens regardless of whether you are logged into a Google user account or whether no user account exists. If you are logged into a Google Account, this information will be directly associated with your account. If you do not wish to be associated with your profile, you must first log out of your Google Account.
Google has a so-called EU-U.S. Privacy Shield certification. The EU-U.S. Privacy Shield Agreement is a data protection agreement designed to ensure an adequate level of data protection for data transfers to certified U.S. companies. The EU Commission has established the adequacy of the guaranteed data protection level according to the EU-U.S. Privacy Shield Agreement by decision of 12.07.2016 (Az. C(2016) 4176).
The decision of the EU Commission can be viewed here: eur-lex.europa.eu/legal-content/DE/TXT/.
The current status of Google's certification according to the EU-U.S. Privacy Shield Agreement can be found here: www.privacyshield.gov/participant.
For more information on the purpose and scope of data collection and processing by Google, please see Google's privacy policy: www.google.com/intl/de_en/policies/privacy/. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
The processing of your data is carried out on the legal basis of art. 6 par. 1 p. 1 f) GDPR (weighing of interests) and in our interest in order to be able to use the fonts offered by Google Fonts on our website.
8. YouTube Videos
We use videos and plug-ins from YouTube on our website. YouTube is a service provided by YouTube LLC (901 Cherry Ave., San Bruno, CA 94066, USA; "YouTube"). YouTube LLC is a subsidiary of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google).
We use the so-called "extended data protection mode" of YouTube. This means that when you visit our website, only a picture (so-called "thumbnail") of the embedded video is called up by YouTube or Google and only the data mentioned in Section 3 a) of this declaration are transmitted to YouTube or Google.
Only when you call up the video with a click, further data is transmitted to YouTube or Google and cookies are set by these third-party providers. If you are logged in to a YouTube or Google account, additional data can be assigned directly to your account via the video call, depending on your account settings. If you do not wish to be associated with your profile, you must first log out of your YouTube or Google account.
Google has a so-called EU-U.S. Privacy Shield certification, which according to this certification includes the wholly-owned subsidiaries of Google LLC in the USA and thus currently also includes YouTube. The EU-U.S. Privacy Shield Agreement is a data protection agreement designed to ensure an adequate level of data protection for data transfers to certified U.S. companies. The EU Commission has established the adequacy of the guaranteed data protection level according to the EU-U.S. Privacy Shield Agreement by decision of 12.07.2016 (Az. C(2016) 4176).
The decision of the EU Commission can be viewed here: eur-lex.europa.eu/legal-content/DE/TXT/.
The current status of Google's certification according to the EU-U.S. Privacy Shield Agreement can be found here: www.privacyshield.gov/participant.
For more information on the purpose and scope of data collection and processing by YouTube and Google, please see Google's privacy policy: www.google.com/intl/de_en/policies/privacy/. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.
The processing of your data is carried out on the legal basis of art. 6 par. 1 p. 1 f) GDPR (weighing of interests) and in our interest in order to be able to make the videos available to you on our website and at the same time to relieve our servers.
9. Involvement of service providers and transfer of data to third parties
Your data will be passed on to technical service providers supporting us (e.g. website hosting and support) for the provision of this website and for the aforementioned purposes, which we have of course carefully selected and commissioned in writing.
These service providers are bound by our instructions and are regularly checked by us.
Otherwise, your data will only be passed on to other third parties if expressly stated in this data protection declaration or if we are legally obliged to do so.
10. Referral to external websites and services
We have integrated various third-party services into our websites, such as registration for our protected area via DocCheck.com or services relating to the congress calendar. In these cases you technically leave our websites and enter the websites of the respective third party provider. In such cases, the respective third party provider alone is responsible for the processing of any personal data. If you have any questions in such cases, please contact the third party provider directly. As far as we refer you by link to the websites of third parties, this also applies. We use such links, for example, on the various social networks; we do not use so-called social media plug-ins for data protection reasons.
In both cases we would like to point out that a certain area of our website is offered by a third party or is passed on to such a third party.
11. Your rights
You have the right to request confirmation from us whether personal data relating to you is processed; if this is the case, you have a right of access to this personal data and the information specified in Art. 15 GDPR.
You have the right to request us to correct any incorrect personal data concerning you and, if necessary, to complete incomplete personal data without delay (Art. 16 GDPR).
You have the right to request us to delete personal data relating to you immediately if one of the reasons listed in Art. 17 GDPR applies in detail, e.g. if the data is no longer required for the purposes pursued (right of deletion).
You have the right to request us to restrict processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have filed an objection to the processing, for the duration of our examination.
You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you, which is carried out on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR. We will then no longer process the personal data unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 GDPR).
You have the right to revoke your consent to us at any time with effect for the future (right of revocation).
You have the right to receive from us the data concerning you that you have provided to us in a structured, common and machine-readable format. You can also transfer this data to other locations or have it transferred by us (right to data transferability).
Please contact us to exercise your rights: Datenschutz@daiichi-sankyo.eu
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority if you believe that the processing of your personal data is contrary to the GDPR (Art. 77 GDPR). In London, the competent supervisory authority is: Information Commissioner´s Office. See details at www.ico.org.uk.
12. Data security
We also use technical and organizational security measures to protect personal data that is collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.
When using our website, your personal data is encrypted using SSL/TLS technology to prevent access by unauthorized third parties.
DSC/22/0061 Date of Prep: June 2022