3. Privacy notice
3.1 The name and the contact details of the Controller/Data Protection Officer/Data Protection Representative, and categories of
personal data processed
Samsung Bioepis is the Data Controller and a biopharmaceutical company focused on increasing patient access to high-quality medicines
through the development of biosimilars.
The contact details of our Data Protection Officer/Data Protection Representative have been changed as follows :
Contact Samsung Bioepis’ Data Protection Officer:
Data Protection Representative:
We may collect and/or process personal data, as follows:
- Pseudonymised (“key coded”) demographic and medical data relating to subjects/patients participating in clinical trials or other forms of medical research;
- Name, contact details, educational and professional background, work product data and payment/fees relating to health care professionals and support staff working on clinical trials or other forms of medical research;
- Name, contact details of health care professionals and consumers of pharmaceutical products requesting information on pharmaceutical products and/or reporting adverse and safety events, and other information relating to use of pharmaceutical products, related details of potential adverse and safety events; and
- Name, role, company, country, email, office number, mobile number, fax number, address, start/end date of study, education, training and work experiences, specialty, curriculum vitae, bank account details, professional affiliations and date of birth.
3.2 The purposes of the processing the personal data
The personal data we collect will be used for following purposes:
- Compliance with legal and regulatory requirements (ICH E6 (R2): 5.18.2, 5.2.2, Clinical Trial Regulation 536/2014);
- Communication with Samsung Bioepis reasonably required for the performance of services related to the Symposium or other events;
- Communication with Samsung Bioepis’ third party communications agency reasonably required for the performance of services related to the Symposium or other events;
- Compliance with legal and regulatory requirements;
- Publishing necessary personal data for transparency requirements, including publishing compensation onto the Medicines For Europe's website;
- Storage in the Samsung Bioepis' databases to facilitate the selection of speakers
- Storage in clinical trial master file for regulatory inspection; and
- Supporting administration of Samsung Bioepis(including its subsidiary)' employment contracts.
3.3 The legal basis for the processing
The legal basis for the processing of the personal data shall be where:
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary for compliance with a legal obligation to which the data controller is subject;
- Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller; and
- Processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
3.4 Transfers
Samsung Bioepis may pass on your personal data to third parties. The third parties are as follows:
- Regulatory agencies such as EMA, FDA and MFDS;
- Ethics committees; and
- Service providers relating to clinical trials or other forms of medical research and etc.
3.5 Retention period
Samsung Bioepis will process and store the personal data for as long as required under the applicable laws or the duration written on the informed consent form when collecting your consent.
3.6 Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organization.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review – in the event that Samsung Bioepis refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in clause 3.7 below.
- Right to withdraw consent – you have the right to withdraw consent at any time by contacting our Data Protection Officer or Samsung Bioepis, without affecting the lawfulness of processing based on your consent before its withdrawal.
3.7 Complaints
In the event that you wish to make a complaint about how your personal data is being processed by Samsung Bioepis (or third parties as described in 3.4 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the lead supervisory authority and the Data Protection Officer described in Section 3.1. The lead supervisory authority is CNIL (Commission Nationale de l'Informatique et des Libertés), full contact details for which can be found at https://www.cnil.fr/en/contact-cnil. You may also complain to local supervisory authorities, contact details for which can be found at https://edpb.europa.eu/about-edpb/board/members_en.
3.8 Contractual obligation of the data subject to provide the personal data and the possible consequences of failure to provide such data
For clarity, the provision of personal data is partly required by law (e.g. clinical trials regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded.
3.9 Automated decision-making & Profiling
We use cookies to analyze traffic of our website. Please refer to our Cookie Policy.
3.10 Modification of this Notice
This Notice is subject to change from time to time. Any changes will be effective immediately upon the posting of the revised Privacy Notice.