When you contact the Teva Group in Germany (Teva GmbH, ratiopharm GmbH, AbZ-Pharma GmbH; hereinafter "Teva") data is generated, either anonymized or pseudonymized, or personal, just like with all companies in communication with you. Teva collects and processes these data.
Since 25 May 2018, the General Data Protection Guideline (EU GDPR), which is intended to harmonize and improve the level of data protection in Europe, is in force throughout Europe. In Germany, the GDPR is supplemented by the amended Federal Data Protection Act (BDSG-neu). This policy describes how Teva protects your data and how they are processed in accordance with the law.
1. Personal data
Personal data is all information that refers to you, which is all information that relates to an identified or identifiable person and that describes the physical, physiological, genetic, psychological, economic, cultural or social identity of that person. This includes data like your name, address, postal address or telephone number. Information that cannot be directly associated with your identity is not “personal” data.
2. Purpose and categories of personal data
We process personal data that we receive from you in the context of our business relationship or other relationship.
In addition, we process personal data that we have legitimately received from affiliated companies or from third parties (e.g. for the fulfilment of contracts or on the basis of a consent given by you).
Furthermore, we process personal data which we have legitimately obtained from public sources (e.g. telephone book, trade and association registers, press, and internet) and which may be legitimately processed.
Categories of personal data which we might process are (if applicable in individual cases) name, private and business contact data, profession, position, department, lifelong doctor number, pharmacy license number or corresponding certificates, date of birth, gender, profession, field of activity, visiting data and similar data. Data in connection with a contract are usually e.g. bank details, method of payment and product data.
We use this data, depending on your relationship with Teva as patient, doctor, pharmacist or generally as an interested person, to provide (internet-based) services for ordering and sending products and materials, marketing via e-mail, fax, and other analog and digital channels, personalization of offers through internet, e-mail, fax and other channels, collection of legally required data for questions about products or side effects, information on health topics and drugs, and general communication with us.
For persons who are not health care practitioners we only process data in a few legally allowed exceptions (e.g. side effect reports or if you have actively requested information from us). If side effect reports have been made, we have also processed health data, as well as in cases where you have provided us with such data in answering questions or if we have received such data from you without being asked.
If you are registered in one of our programs which are only accessible after registration, we have collected additional data as described there and use them exclusively for the special purposes of the program.
3. Legal basis
3.1 Fulfilment of contractual obligations (Article 6 (1)(b) GDPR).
Personal data (Art. 4 No. 2 GDPR) are processed for the provision of our services under contracts, in particular to fulfil our delivery and/or payment obligations, and for the execution of our contracts or pre-contractual obligations. The purposes of data processing are primarily based on the specific reason for the contract (e.g. delivery of medicines, studies, events, participation in third-party events, etc.).
3.2 Protection of legitimate interests (Article 6 (1)(f) GDPR)
Where necessary, we process your data to protect our legitimate interests or those of third parties, such as
- Review and optimization of procedures for analysis and direct customer approach;
- Advertising or marketing and opinion research, as long as you have not objected to the use of your data;
- Assertion of legal claims and defense in legal disputes;
- IT security and IT operations;
- Prevention and investigation of criminal offences;
- Video surveillance is used to collect evidence in the event of criminal offences or to prove the safety of the production and distribution of our products, thus protecting customers and employees as well as to exercise domestic authority;
- Building and system security (e.g. access controls);
- Measures for management and development of services and products.
3.3 Your consent (Article 6(1)(a) GDPR)
If you have given us your consent to process personal data for specific purposes (e.g. side effect reports, evaluation of payment transaction data for marketing purposes, advertising), the legality of this processing is given on the basis of your consent. A given consent can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us before the DSGVO became valid.
Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this.
3.4 Legal requirements (Art. 6 (1) (c) GDPR)
Teva is subject to various legal requirements from e.g. the Drug Law, the Social Security Codes or tax laws as well as regulatory requirements (e.g. from the Regierungspräsidium Tübingen and the Federal Institute for Drugs and Medical Devices (BfArM)), which require the processing of personal data. Legal requirements include, among other things, documentation of the delivery route for drugs, ongoing monitoring of drug safety (pharmacovigilance) and support for doctors and pharmacies in prescribing and dispensing drugs in accordance with the indications.
4. Digital communication
On the Internet or in Teva applications, we process your personal data if you provide it to us yourself or if you use one of our offered services.
According to the Law on Drug Advertisement, we must ensure that we only pass on information on prescription drugs to members of the so-called expert group. Here we need personal data for legitimation and authentication.
We also use your data on the Internet for the following purposes:
- Analysis and investigation of abuse or attacks on Teva's communication systems
- Evaluation of anonymized data for the preparation of performance reports of individual communication campaigns
Further information can be found on our website.
5. E-mail marketing
Subscription to a newsletter or other e-mail services requires your consent to receive e-mails from Teva.
Your consent can be given electronically, e.g. on a tablet, in writing or via the so-called double opt-in procedure, i.e. after providing your e-mail address on the Internet, a confirmation e-mail will be sent to the e-mail address provided, in which you must confirm that you wish to receive information or a newsletter. If you do not confirm such an e-mail within 24 hours, your registration will be automatically deleted. Teva stores your IP addresses and the time of registration via websites and confirmation in order to prevent misuse of your personal data and to document your consent.
You can cancel an e-mail subscription at any time. For this purpose, an unsubscribe link is provided in each newsletter. If you do not find a link, please use the e-mail address below.
6. Data security
Teva takes technical and operational measures to protect your personal data from accidental loss and unauthorized access, use, modification or disclosure. Data is forwarded securely using encryption and stored on secure data servers. In addition, we provide for further information security measures, which include access control, mandatory physical security and qualified information collection, storage and processing.
7. Children and minors
Children and young people under 16 years of age may not transmit personal data (on the Internet) without the consent of their parents or legal guardians. Please note that our websites are not intended for or directed at young people under the age of 18. We do not knowingly collect personal information from anyone under the age of 18.
We do not make automated decisions. If we evaluate user behavior, this does not have any legal effect for you, but is done only for the purpose of an individual approach and in order to find offers suitable for you.
If necessary, we process and store your personal data for the duration of our relationship with you, which also includes, for example, the initiation and execution of a contract or the organization of events. In addition, we are subject to various storage and documentation obligations from the German Commercial Code (HGB), the German Fiscal Code (AO) and the German Medicines Act (AMG), among others. The data retention periods specified therein range from two to ten years.
10. Transfer of data to third parties
We do not sell your data to third parties and transfer them to third parties for their own commercial purposes. We may transfer your personal data to service providers working for Teva who are contractually obliged to comply with data protection regulations. We may also transfer them to other companies in our group, only to the extent that this is legally permissible and necessary for the purposes mentioned above.
11. Transfer of personal data to third parties in countries outside the European Union
Third parties to whom we transfer personal data may be outside the European Union. If there are no appropriate decisions by the European Commission for the country concerned (which means that the level of data protection in that country is not comparable to the level of data protection in the European Union), we will use appropriate safeguards for your personal data. For details of security measures, see the following link: ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm (a website of the EU Commission).
12. Right to access, rectification, objection, erasure
You may at any time object to the future use of your personal data, have it partially or completely deleted or restricted, or request information about the data we have stored about you or have it rectified. If you have any concerns about our handling of your personal data or if you see Teva violating your privacy rights, please contact us at firstname.lastname@example.org . Furthermore, you are entitled to contact the responsible supervisory authority (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg, Königstrasse 10 a, 70173 Stuttgart). You also have the right to transfer data in certain cases.
If processing your personal data requires your consent, you also have the right to revoke this consent. Such revocation does not affect the legality of processing on the basis of your consent before revocation.
For any objection a special form is not required, you can contact us by e-mail or use our contact form on the Internet.
Please use the following address to contact us in writing:
Teva GmbH, Datenschutz, Graf-Arco-Strasse 3, 89079 Ulm
If you have any further questions regarding the processing of your personal data or the exercise of your rights, please contact: email@example.com .
Our data protection officer can be reached at the following contact details:
SPIE GmbH, Lyoner Strasse 9, 60528 Frankfurt, Germany, firstname.lastname@example.org
13. The Teva Group comprises the companies
ratiopharm GmbH, Graf-Arco-Strasse 3, 89079 Ulm
Commercial Register: Local Court Ulm (Donau), HRB 991
Teva GmbH, Graf-Arco-Strasse 3, 89079 Ulm
Commercial Register: Local Court Ulm (Donau), HRB 726 876
AbZ-Pharma GmbH, Graf-Arco-Strasse 3, 89079 Ulm
Commercial Register: Local Court Ulm (Donau), HRB 36 43