1. Handling of personal data
At Grünenthal, we believe transparency is the foundation of trustful collaboration. Below we’ll provide you with information on how we handle your personal data when you use our website. We handle your personal data because this is necessary to make certain functionalities of our website available and give you the best possible experience. Unless otherwise indicated, the legal basis for the handling of your personal data results from the fact that such handling is required to make available the functionalities of the Website requested by you (Art. 6(1)(b) General Data Protection Regulation (“GDPR”)).
1.1 Using our Website
1.1.1 Accessing our Website
When you call up our Website, your browser will transfer certain data to our web server. This is done for technical reasons so that we can make the information you request available. In particular, the following data are collected, briefly stored and used:
- IP address
- Date and time of access
- Time zone difference to Greenwich Mean Time (GMT)
- Content of request (specific site)
- Status of access/HTTP status code
- Transferred volume of data
- Website requesting access
- Browser, language settings, version of browser software operating system and surface
We will also store such data for a maximum time of 10 years so that we are able to initiate a tracking of personal data in the event of actual or attempted unauthorized access to our servers (Art. 6(1)(f) General Data Protection Regulation).
1.1.2 Setting of cookies
What are cookies?
Our website uses so-called “cookies”. Cookies are small text files that are stored in the memory of your terminal via your browser. They store certain information (for example your preferred language or site settings). Your browser may retransmit these to us when you revisit our website, depending on the lifespan of the cookie.
What cookies do we use?
1.1.5 Registration for closed user groups
Limited access for special user groups.
We will store the closed user group personal data on the Identity server and the information from the application form on the Sitecore for as long as it is needed for the evaluation and final decision on the applicants that shall receive the grant, we are legally obliged to or we can claim a legitimate interest. Interested person can register for application at www.e-g-g.info. Therefore we ask for the following information:
• Name and surname
• User name and password
• E-mail address
• Home address
• Phone number/Mobile/Fax
• Work address and company
• Phone number/Mobile/Fax
For applications we ask for the following details:
• Research Proposal
• Research Domain
• Research Title
• Year of Birth
• First PhD or similar postgraduate degree
• Year of the first PhD or similar postgraduate degree
• Name of the Research Institution
• Postal code/City/Country
• Contact person (name, phone, email)
• Budget (Staff costs/Applicant/Personnel/Support staff/Non staff costs/Equipment use/Equipment purchase/Consumables/Travel and Expenses/Other)
• Curriculum vitae
• Publication list
• Research plan
• Research abstract
• Literature references
We process this personal data in order to provide you with access to our website. Your data will be deleted in case you ask us to deactivate your user account. We also process this data within the application and grant decision making process.
We will store personal data for as long as it is needed for the evaluation and final decision on the applicants that shall receive the grant, we are legally obliged to or we can claim a legitimate interest.
The decision on awarding grants is made independently by a sub-group of the Research Committee of the European Pain Federation EFIC®. The data of the applicants will be forwarded to the members of this group for evaluation. Grünenthal will also process your data in order to run a check for potential conflicts of interest regarding your possible other connections with us.
This processing is based on the consent, Art. 6(1)(a) GDPR which you have provided during the completion of the application form. You may revoke your consent at any time with effect for the future by contacting
Fax: +49 241 569 1502
As regards the processing of your personal data by EFIC®, you may contact:
Rue de Londres - Londenstraat 18
Phone: +32 2 251 55 10
1.1.8 Information on side effects and quality complaints
Please note that the E-G-G website is not intended or designed for communications regarding side effects, lack of therapeutic effect, medication errors, grey market products/counterfeit medicine, incorrect or off-label use, quality complaints and/or other issues regarding the safeness or quality of Grünenthal products. We understand you may wish to report side effects or make a quality complaint. You can do this by either contacting your health care professional (e.g. physician or pharmacist) or your local health authority, or by using the reporting form on our portal dedicated to the reporting of suspected adverse drug. (https://drug-safety.grunenthal.com/ or you may directly contact firstname.lastname@example.org)
If you nevertheless report undesirable side effects or other issues regarding the safeness or quality of our products, we will be legally bound to deal with your communication and may have to contact you for clarification purposes. Subsequently, we may have to notify the health authorities and in this context, your information will be forwarded in pseudonymized form, that means no information by which you may be directly identified will be passed on. We may also have to forward these pseudonymized notifications to our group companies and cooperation partners, to the extent these are likewise obliged to notify their respective health authorities.
1.2 Transfer of data for commissioned processing
We will to some extent use specialized service contractors for the processing of your data. We carefully select and regularly monitor such service contractors. They will only process personal data upon our instruction and strictly in accordance with our directives, based on respective data processor agreements.
1.3 Processing of data outside the EU/the EEA
Your data will partly be processed in countries outside the European Union (“EU”) or the European Economic Area (“EEA”). The respective countries may have a lower data protection level than European countries. In such cases, we will ensure that a sufficient level of protection is provided for your data, e.g. by concluding specific agreements with our contractual partners, or we will ask for your explicit consent to such processing.
2. INFORMATION REGARDING YOUR RIGHTS
You have the following rights according to applicable data privacy laws:
• right of information about your personal data stored by us;
• right to request the correction, deletion (provided that we are not legally obliged to keep the data) or restricted processing of your personal data;
• right to object to a processing for reasons of our own legitimate interest, public interest or profiling, unless we are able to proof that compelling, warranted reasons overruling your interests, rights and freedom exist, or that such processing is done for purposes of the assertion, exercise or defense of legal claims;
• right to data portability;
• right to file a complaint with a data protection authority.
• You may revoke your consent to the collection, processing and use of your personal data at any time with future effect. For further information please refer to the chapters above describing the processing of data based on your consent.
Do you have any questions regarding our data privacy or do you wish to exercise your rights? Then please let us know! You can either use our contact form or get in touch with our company data protection team at the following address: email@example.com
You can also directly contact Grünenthal GmbH´s external data protection officer at firstname.lastname@example.org. The data protection officer is obliged to keep your identity confidential. Should it come to the conclusion that your identity could be inferred in the course of clarifying a complaint, the data protection officer will point this out to you in advance and, if necessary, ask you to release him from his obligation to secrecy.
DATA PROTECTION SUPERVISORY AUTHORITY
You may address questions and complaints also to the Data Protection Supervisory Authority in charge:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
4. AMENDMENT OF PRIVACY STATEMENT
We may update our Data Privacy Statement from time to time and we will publish these updates on our website. They become effective upon publication so we recommend you regularly visit the site to keep yourself informed on possible amendments.
This Data Privacy Statement was last updated on 31 January 2020.