Privacy Notice

This data protection handout contains information on the purposes for which [Gurtnafleur Road, Clonmel, Co. Tipperary, Ireland, E91 D768.] (hereinafter “we” or “us”) process your personal data. Personal data means all information that relates to you personally. The following information is designed to provide transparency by helping you to understand how your personal data are processed.

We process your personal data for the following purposes:

Communication
Bona Fides
Complaints Handling
Pharmacovigilance

As your personal data need to be processed for the above purposes in order to service the existing business relationship between you and us or to take steps before entering into a contract, the primary legal basis for data processing is Art. 6(1)(b) GDPR. We may also have a legitimate interest in advertising or marketing campaigns on the basis of Article 6(1)(f) GDPR, provided that we do not require your consent for those purposes.

The legal basis for possible compliance activities is Art. 6(1)(c) and Art. 6(1)(f) GDPR, as it may be necessary to process the personal data concerned for our legitimate interests. We have a legitimate interest in having relevant infringements reported to us and compliance with current laws investigated.

The legal basis for disclosing your personal data to other companies in our group acting as group IT service providers other than for processing purposes is again Art. 6(1)(f) GDPR. Our legitimate interests in that respect are (i) in a centralised global IT approach using harmonised processes and (ii) the savings that can be made by centralising IT.

Art. 6(1)(c) may also apply where we have to process your personal data in order to comply with a legal obligation.

Where your personal data are required in order to sign a contract or for an existing business relationship between you and us, you are required as a matter of principle to provide us with your personal data. If you should decide not to provide us with your personal data, Clonmel Healthcare may not be able to perform some of the purposes listed in this instruction.

We do not take decisions using an automated system based solely on automated processing, including profiling, which will have legal or other adverse effects on you.

As a rule, we retain your personal data for as long as our business relationship with you exists. Once a business relationship ends, we generally retain your data for a further 8 years, unless the law prescribes a different retention period or you ask us to delete them.

We transfer your personal data to the following categories of recipients:
- IT service providers
- Other affiliates of STADA AG
- Disposal service providers

You are entitled under the EU General Data Protection Regulation to enforce the following rights against us: • Right of access
• Right to rectification
• Right to restriction of processing
• Right to erasure/Right to be forgotten
• Right to data portability
• Right to object

If you wish to exercise any of the above rights or to contact our Data Privacy Officer, please write to: Data Protection Officer, Gurtnafleur Road, Clonmel, Co. Tipperary, Ireland, E91 D768. If you believe that the way in which we process your personal data is prohibited, please write to us at Data Protection Officer, Gurtnafleur Road, Clonmel, Co. Tipperary, Ireland E91 D768

You are also entitled to contact the data protection authority. We are regulated by the following data protection authority: Irish Data Protection Commissioner.