This Privacy Notice describes how BeiGene Switzerland GmbH (hereafter “BeiGene”, “we”, “our”, “us”) uses, stores and discloses (together “processes”) the personal data we collect through this website. In any event, collection and processing of personal data will only take place conformable to the applicable data protection and privacy law (i.e. the General Data Protection Regulation - GDPR).
- Use of Data and Legal Basis
1.1 Contact form or other requests
We process your data in order to provide you with the agreed or requested services on this website:
- If you register and log in;
- if you take part in training courses or events;
- if you send us inquiries about products or possible adverse event.
The legal basis is Article 6 (1) b) GDPR and Article 6 (1) c) GDPR if you send information about possible adverse events (see section 3 for specific information about adverse events).
1.2 Log data
1.3 Cookies and similar technologies
In the following section we will differentiate between different categories of Cookies.
1.3.1. Essential cookies
Essential Cookies are necessary for the website to function properly. Such Cookies make a website usable by providing basic functions such as page navigation and access to secure areas of the website or language settings. Due to their importance for the website's functioning, you cannot opt-out from this kind of Cookies. We base the related processing of personal data on Art. 6 (1) b GDPR, the contractual provision of our services.
Essential Cookies we use to provide this website include Cookies, which
- detect whether a user uses Java Script,
- allow a visitor to receive site content from one out of multiple servers as the user browses the site,
- determine whether a user has accepted which category in the Cookie banner,
- maintain the status of the user for all page requests.
The lifetime of essential Cookies we use extends from the respective session up to one year.
1.3.2. Cookies for Website Optimisation
We use the following services of third-party providers:
As data can be transferred to the USA in exceptional cases, Google is self-certified itself to the EU-U.S. Privacy Shield. The analyses help us to improve our services.
The Cookies related to this service allow us for example to
- Create a unique ID for users and enabling us to track visitors across our different domains,
- Determine, if Cookies are enabled,
- Captures statistics about the user's visits to the website,
- Identify the time (in days) between two visits by the same visitor,
- Learn about the number of visits by a single user.
1.3.3. Further purposes for which we process your personal data
We process your personal data to:
meet our legitimate interests, including to:
- complete a corporate transaction (e.g., corporate restructuring, sale or assignment of assets, merger); and
- meet our legal obligations, any court order or other binding decision.
- Data Transfer
We may share personal information with third parties.
2.1 Reporting obligations to regulatory authorities and enforcement of rights
As a pharmaceutical company, we are subject to specific regulations, such as pharmacovigilance. Therefore, we may share personal data in pharmacovigilance cases as specified in Section 3.
In order to protect our rights or the rights of third-parties, we may also disclose data to rights holders, consultants and authorities in accordance with legal provisions.
2.2 Service provider
We engage service providers to process your personal data for the purposes described in this data protection information. These service providers process the data only on our behalf, in accordance with our instructions and under our control in accordance with this data Privacy Notice.
Service providers are:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, providing data and web analytics services.
infill healthcare communication GmbH, Boserother Straße 37, 53639 Königswinter, Germany, user data handling agent.
2.3 BeiGene companies
As part of a global group of companies, we involve other BeiGene companies that support us in data processing. These group companies process the data exclusively for the purposes stated in this data Privacy Notice.
2.4 Data transfer to recipients outside the EU
Some of these service providers and BeiGene companies process personal data outside the EU. In these cases, we ensure an adequate level of data protection to comply with European law (usually through EU standard contractual clauses published by the European Commission).
- Specific Privacy Notice for Pharmacovigilance
If you report adverse events or other pharmacovigilance relevant information to a BeiGene product we will use and share this data solely for pharmacovigilance purposes. (Pharmacovigilance is the detection, assessment, understanding and prevention of adverse effects or any other medicine-related problem.)
All reports will be shared with BeiGene, Ltd. and its subsidiaries who are operating the global pharmacovigilance database.
BeiGene is obliged to report pharmacovigilance relevant information to health authorities worldwide (including to countries that may have another level of data protection compared to the EU). Legal basis: Art. 6 (1) c), and for transfers outside EU Art. 6 (1) f) and Art. 49 (1) e) GDPR.
The reports will contain details about the incident but only limited personal data:
- For Patients, the report will only contain, age, gender and initials as provided, but never the patient's name.
- For the reporting individuals, the report will include the name, profession (e.g. physician, pharmacist), initials or address, e-mail and phone number as provided. The contact information is required to be able to follow-up with the reporter to gain high quality and complete information on adverse events. If the reporter does not wish to provide his contact details to BeiGene or authorities, “Privacy” is entered in reporter's names field.
Where your data is shared with other BeiGene companies, business partners or service providers outside of the EU, we will provide an adequate protection of personal data.
As reports about adverse events are important for public health reasons, reports are kept for minimum of 10 years after withdrawal of the product in the last country where the product is marketed.
BeiGene processes your personal data for as long as necessary for the purpose of the processing, which mainly is the provision of our services requested by you. This means for example that we send you newsletters for as long as you did not withdraw your subscription or that we store your user account data (login, profession, name etc.) for as long as you maintain a user account with us.
In general we will delete data related to:
- your (customer) requests after 3 years,
- analytics data (website use) after 3 years.
- Your Rights
Subject to limitations in applicable law, you have a right of access, rectification, restriction, erasure, and portability of your personal data, as well as the right not to be subject to automated individual decision-making.
You also have the right to withdraw your consent at any time.
Right to object
To the extent we base the processing on our legitimate interests, you may opt-out from such processing at any time. In this case, we will not process such personal data any longer unless our interests prevail. You can object to the use of data for direct marketing purposes at any time. You may also object to the processing of your personal data for the transfer to authorities outside the European Union described above in Section 3 for pharmacovigilance cases unless the interests of BeiGene prevail.
Please send your request or any question you have in relation to our processing of your personal data to:
BeiGene Switzerland GmbH