This privacy policy (“Policy”) is issued on behalf of EUSA Pharma to let you know how companies within the EUSA Pharma Group collect and use your personal information. EUSA Pharma and the various entities of the EUSA Pharma Group (“EUSA Pharma”, “us”, or “we”) are committed to protecting your personal information.


This Policy does not apply to situations where we have notified you that an alternative privacy policy or notice applies to you.


About this Policy

This Policy applies to personal information which we receive from, or which relates to, our:


Where the personal information relates to your clients, employees, workers or contractors, you should bring this notice to their attention.


This Policy explains the type of personal information we collect and use, why we use the information, who we may need to share the information with, how we protect your personal information and your rights under applicable data protection laws.


Information We Collect

We collect two types of information:


How and Why We Collect Your Personal Information


We also collect your personal information indirectly as set out below in “Information Received from Third Parties.”


EUSA Pharma collects your personal information for a variety of purposes depending on the nature of your relationship with us. The purposes for which we collect your personal information include:

If you fail to provide certain information when requested, we may not be able to provide our products and/or services to you.


Information Received from Third Parties

We receive personal information about you from third parties such as:


Information Received in connection with Clinical Trials

As part of developing and testing new products and/or services, EUSA Pharma sponsors certain clinical trials in the EU, the United States and other jurisdictions from time to time. EUSA Pharma does not conduct clinical trials directly ourselves and any data which we receive in connection with clinical trials which we sponsor is anonymized and/or aggregated and is not personally identifiable. In the unlikely event that EUSA Pharma receives the personal information (which if received would likely include sensitive personal information) of participants in the clinical trials, we comply with all applicable laws in respect of it.


Sharing of Information

We do not sell, trade or rent your personal information to others. We may share anonymized information, i.e. aggregate data, with third parties. Except as described herein, we will not provide any of your personal information to any third parties without your specific consent.


We share your personal information with the following categories of recipient:


Retention of Information

Your personal information will only be kept for as long as we reasonably consider necessary for achieving the purposes set out in this Policy or for as long as we are legally required to keep it.


When assessing the data retention period, we take into account the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the data and whether we can achieve those purposes through other means, and the applicable legal requirements.


Security of Information

We have reasonable and appropriate security measures in place to protect against the loss, misuse, and alteration of any personal information we receive about you. We maintain appropriate security standards to protect the personal information that we maintain.


For Users of EUSA Pharma Group Websites

Cookies

We may obtain information, including personal information, about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your device. Cookies contain information that is transferred to your device, which helps us to improve our website and to deliver a better and more personalized service to you. Some of the cookies we use are essential for the website to operate.


If you register with us, or if you continue to use our site, you agree to our use of cookies.


You may block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you use your browser setting to block all cookies (including essential cookies) you may not be to access all or parts of our websites. Unless you have adjusted your browser setting so that it will refuse cookies, our systems will issue cookies as soon you visit our websites.


Our website may use web analytics services like Google Analytics by Google, Inc. ("Google"), Mouseflow by Mouseflow, Inc., and Leadfeeder by Leadfeeder, Inc. These services use cookies to analyze use patterns and may collect information about your use of the website, including your IP address.  


For more information about the web analytics services we may use, visit:


If you would like to opt-out of having your data used by the web analytics services, please:


Please note that EUSA Pharma makes no representations regarding the functionality of Google, Mouseflow, and Leadfeeder opt-out mechanisms, and further, opting out of Google Analytics, Mouseflow, and Leadfeeder will not preclude the use of your data by other analytics services.


Third Party Websites

Except as otherwise provided in this Policy, this Policy only addresses the use and disclosure of information we collect from you. Other sites accessible through our websites have their own privacy policies and data collection, use, and disclosure practices. Please consult each site’s privacy policy as we are not responsible for the policies or practices of those sites or any third parties.


Do Not Track Mechanisms

California law requires this Policy to address how we respond to any “Do-Not-Track (“DNT”) signal” delivered by your browser. Because of the changing state of technology and indecision within the industry regarding the meaning of DNT signals, we currently do not make any guarantee that we will honor DNT signals.


Privacy Rights in Other Jurisdictions

You may have rights in relation to your personal information under applicable data privacy laws in other jurisdictions. If you wish to exercise any such rights, please contact us using the contact information below.


Marketing

In relation to marketing communications, we may provide you with an “opt in” or “opt-out” mechanism depending on where in the world you are located. An “opt-in” mechanism will provide you the opportunity to positively indicate that you would like or do not object to our sending you such further communications and we will not send you any unless you have “opted- in”. An “opt-out” mechanism will provide you the opportunity to indicate that you do not want us to send you such further communications, and if you “opt-out” we will not send you any.


Children’s Privacy

We do not knowingly collect or use personal information from children under the age of [18]. If we determine that we have collected the information of an individual under this age, we will not use or maintain his or her personal information without parent or guardian consent. If we become aware that we have unknowingly collected personal information from a child under the age of [18], we will make reasonable efforts to delete such information from our records.


Accuracy of Information

We strive to keep our records accurate and will make appropriate corrections when you notify us. Please let us know if there is incorrect information in any statements or other communications that you receive from us. If you would like to correct or update your personal information, please contact us using the contact details set out below.


Effective Date and Changes to this Policy

The effective date of this Policy is posted below. We reserve the right to update or modify this Policy at any time by providing any notice required under applicable law and by providing you with the revised version in hardcopy, electronically or by otherwise making the revised version available on our websites.


Contact Us

If you have any questions about this Policy or if you would like to exercise any rights you may have in relation to your personal information, please contact us at: privacy@eusapharma.com.


Updated: 11/02/2020


CALIFORNIA EMPLOYEE PRIVACY NOTICE


EUSA US (US) LLC and its affiliates and subsidiaries (“EUSA,” “we,” “us,” or “our”) provide this California Employee Privacy Notice (the “CCPA Employee Privacy Notice”) to describe our privacy practices as required by the California Consumer Privacy Act of 2018 (“CCPA”).


This CCPA Employee Privacy Notice applies solely to employees, contract employees (“contractors”) and employee applicants who are California residents that meet the definition of consumer under the California Consumer Privacy Act of 2018 (CCPA) (“consumers” or “you”). We adopt this notice to comply with the CCPA, and any terms defined in the CCPA have the same meaning when used in this notice.


Overview

The CCPA is a comprehensive new consumer protection law that took effect on January 1, 2020. It requires companies to inform consumers about the personal information that they collect and share, and gives them a right to access their information, to request deletion of their information, and to opt-out of having their information sold. 

Until January 1, 2021, employee personal information is outside of the scope of the CCPA requirements, except for: 


This temporary exemption covers information collected in the course of the individual’s acting as a job applicant, employee, officer, director or contractor of EUSA, to the extent that EUSA uses such information in the context of the individual’s role (or former role) as an applicant, employee, etc. This includes emergency contact information and information necessary to administer benefits that an applicant, employee, etc. provides (which could include information about another individual who is the emergency contact or benefit recipient), so long as it is only used for that purpose. 


Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). We have collected the following categories of personal information from consumers within the last twelve (12) months: 





Category Examples of Data Collected
A. Identifiers. A real name, Internet Protocol address, email address, or other similar identifiers. Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes
C. Protected classification characteristics under California or federal law. Age, race, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), veteran or military status. Yes
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. No
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Yes
G. Geolocation data. Physical location or movements. Yes
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. Yes
I. Professional or employment-related information. Current or past job history or performance evaluations. Yes
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No

 

Personal information does not include:


We obtain the categories of personal information listed above from the following categories of sources:


USE OF PERSONAL INFORMATION

We may use or disclose the personal information we collect for one or more of the following business purposes:


We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

We do not and will not sell your personal information and so we do not offer an opt-out to the sale of personal information.


Sharing Personal Information

We may share your personal information solely for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category A: Identifiers

Category B: California Customer Records personal information categories

Category C: Protected classification characteristics under California or federal law

Category F: Internet or other similar network activity.

Category G: Geolocation

Category H: Sensory

Category I: Professional or employment-related information


We disclose your personal information for a Business Purpose to the following categories of third parties:


In the preceding twelve (12) months, we have not sold or leased any personal information. EUSA does not sell or lease personal information.


Changes to our CCPA Privacy Notice 

We reserve the right to amend this privacy notice at our discretion and at any time. When we make material changes to this privacy notice, we will inform employees, update the notice’s Effective Date above and request employee acknowledgment by electronic review and sign-off.


Contact Information

If you have any questions or comments about this notice, please contact the EUSA US Human Resources Department at 908.552.9509.


Updated: 01/01/2020