Contact Us
Nordics and Baltics office
Recordati AB
Berzeliusväg 8
171 65 Solna
Sweden
Ph. +46 8-545 802 30
Email: InfoNordic@recordati.com
Safety Reporting
For Rare Disease products – To report an adverse event, please email: RRDpharmacovigilance@recordati.com for Metabolic, Derma-Oncology or Endocrinology.
To report a complaint or should you have a medical inquiry, please email: customersafety.se@recordati.com for Metabolic, Derma-Oncology or Endocrinology.
To report adverse event/complaint or should you have a medical inquiry, please email: safety@recordati.com for Oncology products.
For Specialty & Primary Care – To report an adverse event/complaint or should you have a medical inquiry, please email: customersafety.se@recordati.com
Information on the processing of personal data for Medical Information, Safety Reporting and Product Quality Complaint
Pursuant to the applicable legislation on the protection of personal data, Recordati AB, a company of the Recordati Group (“Recordati“, or the “Data Controller” or “we“, “us“) has drawn up this document (the “Privacy Notice“) to describe how it processes personal data in the context of medical information enquiries, safety reporting and product quality complaints management.
This Privacy Notice applies the processing of personal data pertaining to:
- individuals, including healthcare professionals and caregivers, who report adverse events or special case scenarios (such as exposure during pregnancy, breastfeeding, overdose, lack of efficacy), request medical information about our products, or submit product quality complaints; and
- individuals to whom such adverse events or special case scenarios, medical information requests, or product quality complaints refer.
(hereinafter, jointly referred to as “Data Subjects” or “you”).
1. Data Controller and Data Protection Officer
The data controller is Recordati AB, with registered office in Berzelius väg 8, 171 65 Solna (Sweden) , a company of the Recordati Group.
The Data Protection Officer of the Recordati Group (hereinafter “DPO“) can be contacted at the following e-mail address: groupDPO@recordati.com, for any request regarding the processing of your personal data and the exercise of your rights.
2. Types of data processed
The following personal data will be processed (hereinafter “Personal Data”):
- identification data (name, surname, initials);
- demographic data (gender, date of birth or age, personal identification number assigned to the patient, description of physical features of the body, if relevant);
- contact details (e-mail, telephone number, address);
- information about health (relevant elements of medical history, concomitant/co-suspect medication, clinical test results, samples and tissues, sample number and visit number, data related to clinical trials);
- information about racial or ethnic origin and sexual life, where relevant;
- if a healthcare professional contacts us, information about their profession, affiliated institution, professional experience, and qualifications.
- if a patient’s relative or caregiver contacts us, information about their relationship to the patient;
- if a business partner, such as a pharmacy or wholesale supplier, contacts us, we may collect information about their profession, including the name and surname, company affiliation, and professional title or role; and
- any other personal data voluntarily provided by the Data Subject.
3. Purpose of processing and legal basis
Your Personal Data will be processed for the following purposes. For each purpose, the corresponding legal basis is also indicated:
|
#
|
Purpose of processing
|
Legal basis
|
Personal Data processed
|
|---|---|---|---|
|
1
|
Medical Information: to manage Data Subjects’ enquiries – for example in relation to availability of products, clinical data, dosing and administration, formulation and stability, and interactions with other drugs, foods, and conditions – received via the Recordati’s communication channels, such as designated phone and email contacts.
|
Compliance with legal obligations applicable to us;
Our legitimate interest, consisting in the interest in ensuring that your questions have been duly answered; Personal Data which are manifestly made public by the Data Subject in case of processing of special categories of personal data. |
Personal Data under nos. i), iii), vi), vii) and ix) of paragraph 2 above.
|
|
2
|
Safety Reporting: to manage suspected adverse event or special case scenarios (such as exposure during pregnancy, breastfeeding, overdose, lack of efficacy) reports spontaneously submitted through Recordati’s communication channels.
|
Compliance with legal obligations applicable to us in the context of pharmacovigilance activities.
Reasons of public interest in the public health care sector, by way of guarantee of high quality and safety parameters in medicinal products and medical devices, in case of processing of special categories of personal data. |
All Personal Data of paragraph 2 above.
|
|
3
|
Product Quality Complaint Management: to manage and to follow up to complaints related to Recordati’s products, such as any fault of quality and/or effectiveness, stability, reliability, safety, performance, or usage.
|
Compliance with legal obligations applicable to us in the context of product quality and safety;
Personal Data which are manifestly made public by the Data Subject in case of processing of special categories of personal data. |
Personal Data under nos. i), iii), vi), vii), viii) and ix) of paragraph 2 above.
|
|
4
|
Internal and Regulatory Authorities Reporting: in case of adverse events, special case scenarios, to share your enquiry with the relevant internal function within Recordati and to report the relevant safety and quality data to regulatory authorities
|
Compliance with legal obligations applicable to us in the context of pharmacovigilance activities;
Reasons of public interest in the public health care sector, by way of guarantee of high quality and safety parameters in medicinal products and medical devices, in case of processing of special categories of personal data. |
All Personal Data of paragraph 2 above, depending on the content of the enquiry or report shared from time to time
|
The provision of your Personal Data for the purposes mentioned above is mandatory; in failure, we will not be able to manage your enquiry and/or provide you with a reply or comply with the provisions of the applicable legislation.
4. Processing methods and storage period
The processing will be based on the principles of lawfulness, fairness, transparency, proportionality and minimization and will be carried out using suitable tools to guarantee security and confidentiality through the use of procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination of Personal Data.
Personal Data will be kept for the time necessary to comply with the applicable regulatory obligations such as, for example, for the shelf life of Recordati’s products plus an additional 5 year when Personal Data are processed for purpose no. 3 of paragraph 3 above.
5. Communication and transfer of Personal Data
Your Personal Data may be accessed by Recordati employees and collaborators, specifically designated as persons authorised to process it, where necessary for the pursuit of the purposes described above.
Your Personal Data may also be communicated or made accessible to consultants and third-party suppliers of technical or organizational services, functional to the purposes described above, in their capacity as our data processors, specifically designated and instructed on the basis of a specific contract.
Your Personal Data may also be accessed by authorities or other public bodies by virtue of legal provisions or secondary or EU legislation, in their capacity as independent data controllers, for their respective institutional purposes.
Personal Data will not be transferred outside the European Economic Area1. If, in the future, Recordati intends to transfer your Personal Data outside the European Economic Area, this transfer will take place in compliance with the conditions set out in current legislation.
6. Rights of the Data Subject
The Data Controller informs you that you can exercise, at any time, the following rights by contacting the Data Controller or the DPO at the addresses indicated above:
- the “right of access” to your Personal Data and, in particular, to obtain confirmation of the existence or otherwise of Personal Data concerning you;
- the “right to rectification”, i.e. the right to request the rectification of inaccurate data or the completion of incomplete data;
- the “right to erasure”, i.e. the right to request the erasure, the transformation into anonymous form of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the Personal Data were collected or subsequently processed;
- the “right to restriction of processing”, i.e. the right to obtain from the Data Controller the restriction of processing in certain cases provided for pursuant to the privacy legislation;
- the “right to data portability”, i.e. the right to receive (or to transmit directly to another data controller) Personal Data in a structured, commonly used and machine-readable format;
- the “right to object”, i.e. the right to object, in whole or in part:
- to the processing of Personal Data carried out by the data controller for its own legitimate interest;
- to the processing of Personal Data carried out by the data controller for marketing or profiling purposes.
The exercise of the above rights is not subject to any formal constraint and is free of charge. The Data Controller may ask you to verify your identity before taking further action following your request to exercise the rights referred to above.
You may also lodge a complaint with the competent Supervisory Authority (in particular in the Member State of your habitual residence, place of work or place of the alleged violation), if you are of the opinion that your Personal Data are being processed in such a way as to result in violations of privacy legislation. You may also contact the Supervisory Authority if the exercise of your rights is subject to delay, limitation or exclusion by the Data Controller.
In order to facilitate the exercise of the right to lodge a complaint, the name and contact details of the Supervisory Authorities of the European Union are available at the following link: Our Members | European Data Protection Board (europa.eu).
1. The European Economic Area (EEA) consists of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Republic of Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.