The collection and use of personal data, where LEO Pharma records your personal data in a Customer Relationship Management (CRM) system for certain commercial purposes is described in this privacy notice.
Personal Data submitted on our Website will be kept confidential and will only be used for the purposes, specified in this Privacy Notice or as otherwise set out in the services on the Website.
This privacy notice ensures compliance with articles 12-14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
We are the data controller - how do you contact us?
LEO Pharma A/S is the data controller for processing of the personal data we have received about you or that you have provided to us. You will find our contact information below.
- LEO Pharma A/S
- Industriparken 55, DK-2750 Ballerup, Denmark
- Tel +45 4494 5888
- CVR No. 56759514
- Mail: email@example.com
Contact information on the Data Protection Officer
If you have any questions about our processing of your personal data, you are always welcome to contact our Data Protection Officer. You can contact our Data Protection Officer in the following ways:
- By e-mail: Dataprivacy@leo-pharma.com / CSACompliance@leo-pharma.com
- On the phone: +45 4494 5888
- By letter: LEO Pharma A/S, Industriparken 55, 2750 Denmark, c/o Data Protection Officer
Purpose and legal basis for processing your personal data
We register your personal data for the following purposes:
- To manage your relationship with LEO Pharma
- To send you educational information about how to use our products
- To send you promotional information about our products
- Re 1: GDPR, art. 6(1)(f): Legitimate interests
- Re 2 and 3: GDPR, art. 6(1)(a): Explicit consent
To ensure that your personal data is updated and correct and your relationship with LEO Pharma is coherent in both parties' interest.*
* At any time, you may opt-out of LEO Pharma processing your personal data, see section Your rights.
- To offer you to receive educational information about disease and therapy areas and promotional information about our products.
- To administer the Website and our business, including statistical analysis to understand who uses the Website and how and to better understand needs and interests of visitors and users in order to improve the Website
- To comply with applicable laws, regulations or codes of practice
Recipients or categories of recipients
We disclose or entrust your personal data to the following recipients:
- Other LEO Pharma entities, which means other LEO Pharma subsidiaries, our ultimate holding company and its subsidiaries
- Data processors, who LEO Pharma partner with to handle data on our behalf
How is your personal information secured
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.
The employees who have access to Personal Data have been trained to handle such data properly and in accordance with our security protocols and strict standards of confidentiality. Although we cannot guarantee against any loss, misuse, unauthorized disclosure, alteration or destruction of data, we take appropriate measures to try to prevent such unfortunate occurrences. You understand that your Personal Data will be made accessible:
- To third parties providing technical support, including our parent company, LEO Pharma A/S (e.g., hosting services)
- To third- party service providers assisting us (e.g. on sending communications to you)
- To any governmental, administrative, judicial or regulatory authority to co-operate in proceedings, inquiries and investigations by such authorities or to comply with any legal or regulatory requirements
Transfer to recipients in third countries
We may share your personal data to LEO Pharma affiliates located outside the European Economic Area (“EEA”).
An overview of all LEO Pharma entities is available at www.leo-pharma.com where your personal data is transferred outside EEA, a data transfer agreement has been put in place. By contacting the Data Protection Officer, you may obtain a copy of the agreement.
Retention of your personal data
We keep your Personal Data for up to 2 years after the latest newsletter has been sent to you.
In all instances, you may at any time opt-out for receiving the services. In such instances, we will not keep your Personal Data after you have discontinued the services.
The right to withdraw consent
You have the right to withdraw your consent at any time. You can do this by contacting us on the contact details listed above. If you choose to withdraw your consent, it does not affect the legality of our processing of your personal data based on your prior consent and until the date of withdrawal. If you withdraw your consent, therefore, it will not be effective until this date.
You have several rights in relation to our processing of information about you pursuant to the General Data Protection Regulation. If you want to use your rights, please contact us.
- Right to see information (Access)
You are entitled to gain access to the information that we are processing about you.
- Right to rectification (correction) You have the right to have incorrect information about yourself corrected.
- Right to deletion
In certain instances, you have the right to delete information about you before the time of our ordinary general deletion.
- Right to limit processing
In certain instances, you have the right to limit the processing of your personal information. If you are entitled to limited processing, in future, we may only process the information - except for storage - with your consent or for the purpose of determining, enforcing or defending legal claims, or for protecting a person or important social interests.
- Right to object
You may, in certain cases, have the right to object to our legitimate processing of your personal information. You can also object to processing your information for direct marketing.
Complain to the Information Commissioner’s Office
You are entitled to file a complaint with the Danish Data Protection Agency (DPA)., if you are dissatisfied with the way we process your personal information. You will find the Information Commissioner’s Office (ICO)’s contact information at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm