• 1. Scope

    Personal information we collect

    This privacy notice (the “Notice”) applies to all data subjects whose personal data is collected, in line with the requirements of the General Data Protection Regulation as of May 25, 2018 ("GDPR").

  • 2. Responsibilities

    2.1 The Data Protection Officer is responsible for ensuring that this Notice is made available to data subjects prior to the collection and/or processing of such data subject’s personal data by Samsung Bioepis Co., Ltd. ("Samsung Bioepis").

    2.2 All Employees/Staff of Samsung Bioepis who interact with data subjects are responsible for ensuring that this Notice is drawn to the data subject’s attention and their consent to the processing of their data is secured.

  • 3. Privacy notice

    3.1 The name and the contact details of the Controller/Data Protection Officer

    Samsung Bioepis is a biopharmaceutical company focused on increasing patient access to high-quality medicines through the development of biosimilars.

    Contact Samsung Bioepis’ Data Protection Officer at:

    • Department: Jungwook Kim
    • Email:
    • Tel: +82 (0) 31 8061 4230
    • Address: 107, Cheomdan-daero, Yeonsu-gu, Incheon, 21987, Republic of Korea

    We may collect and/or process personal data, as follows:

    • Pseudonymised (“key coded”) demographic and medical data relating to subjects/patients participating in clinical trials or other forms of medical research;
    • Name, contact details, educational and professional background, work product data and payment/fees relating to healthcare professionals and support staff working on clinical trials or other forms of medical research;
    • Name, contact details of healthcare professionals and consumers of pharmaceutical products requesting information on pharmaceutical products and/or reporting adverse and safety events, and other information relating to use of pharmaceutical products, related details of potential adverse and safety events;
    • Name, role, company, country, email, office number, mobile number, fax number, address, start/end date of study, education, training and work experiences, curriculum vitae, job description, bank account details, professional affiliations and date of birth;
    • Pseudonynised patient information that has been collected in the Global Safety Database ("GSD") which includes mandatory data elements for case assessment and reporting such as patient identifiers, reporter details for follow-ups (if a consent is provided); and
    • Local QPPV's contact and qualification information.
    3.2 The purposes of the processing the personal data

    The personal data we collect will be used for following purposes:

    • Compliance with legal and regulatory requirements (ICH E6 (R2): 5.18.2, 5.2.2, Clinical Trial Regulation 536/2014);
    • Communication with speakers or consultants reasonably required for the performance of services related to the Symposium or other events;
    • Communication with the third party communications agency reasonably required for the performance of services related to the Symposium or other events;
    • Compliance with a Good Pharmacovigilance Practice;
    • To report any spontaneous adverse event;
    • Communication with healthcare professionals, patients, consumers and reporters in good faith effort to further investigate any safety signal or adverse event;
    • Communication with healthcare professionals, patients, consumers and reporters in good faith effort to further investigate any product quality complaint and possibly retrieve data of interest;
    • Compliance with legal and regulatory requirements;
    • Publishing necessary personal data for transparency requirements, including publishing compensation onto the Medicines For Europe's website;
    • Storage in the Samsung Bioepis' databases to facilitate the selection of speakers;
    • Storage in the clinical trial master file for regulatory inspection; and
    • Supporting administration of Samsung Bioepis'(and its subsidiaries') employment contracts.
    3.3 The legal basis for the processing

    The legal basis for the processing of the personal data shall be where:

    • The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
    • Processing is necessary for compliance with a legal obligation to which the data controller is subject;
    • Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
    • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller; and
    • Processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
    3.4 Transfers

    Samsung Bioepis may pass on your personal data to third parties. The third parties are as follows:

    • Regulatory agencies such as EMA, FDA and MFDS;
    • Service providers relating to pharmacovigilance activities;
    • Service providers relating to clinical trials or other forms of medical research and etc.; and
    • Partner companies relating to pharmacovigilance activities such as Biogen International Holdings LTD., Merck Sharp & Dohme Corp. (including a subsidiary of Merck & Co., Inc. Global Safety) and IQVIA TM.
    3.5 Retention period

    Samsung Bioepis will process and store the personal data for as long as required under the applicable laws or the duration written on the informed consent form when collecting your consent.

    3.6 Your rights as a data subject

    At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

    • Right of access – you have the right to request a copy of the information that we hold about you.
    • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
    • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
    • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
    • Right of portability – you have the right to have the data we hold about you transferred to another organization.
    • Right to object – you have the right to object to certain types of processing such as direct marketing.
    • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
    • Right to judicial review – in the event that Samsung Bioepis refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in clause 3.7 below.
    • Right to withdraw consent – you have the right to withdraw consent at any time by contacting our Data Protection Officer or Samsung Bioepis, without affecting the lawfulness of processing based on your consent before its withdrawal.
    3.7 Complaints

    In the event that you wish to make a complaint about how your personal data is being processed by Samsung Bioepis (or third parties as described in 3.5 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the lead supervisory authority and the Data Protection Officer.

    The details for each of these contacts are:

    inform of Lead Supervisory authority contact details, Data Protection Officer (DPO) contact details
    Lead Supervisory authority contact details Data Protection Officer (DPO) contact details
    Contact Name: Information Commissioner's Office Jungwook Kim
    Address line 1: Wycliffe House 107
    Address line 2: Water Lane Cheomdan-daero
    Address line 3: Wilmslow Yeonsu-gu
    Address line 4: Cheshire Incheon
    Address line 5: SK9 5AF, The United Kingdom 21987, Republic of Korea
    Telephone: +44 (0) 303 123 1113 +82 (0) 31 8061 4230
    3.8 Contractual obligation of the data subject to provide the personal data and the possible consequences of failure to provide such data

    For clarity, the provision of personal data is partly required by law (e.g. clinical trials regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded.

    3.9 Automated decision-making & Profiling

    We do not process personal data for automatic decision-making or profiling.

    3.10 Modification of this Notice

    This Notice is subject to change from time to time. If any content of this Notice is added, deleted, or revised, such addition, deletion or revision will be posted on the website at least seven (7) days prior to the effective date of such changes.

Notice date: 25 May, 2018 Effective date: 25 May, 2018