Circassia Limited and its affiliates and subsidiaries (“Circassia”, “we”, “us”, “our”) are committed to protecting the privacy and security of your Personal Information. This Notice explains who we are, why and how we process your Personal Information and your rights with respect to your Personal Information, as well as how to exercise those rights and get your questions answered.
“Personal Information” is information about an identified or identifiable individual. It can include things like name, image, health and financial information and some online identifiers and actions.
This Notice applies to Personal Information we collect as a part of our operations and services, and via our corporate websites, including Circassia.com and our product websites, https://www.niox.com/, https://www.tudorza.com/ and https://www.duaklir.com/ (the “Sites”) as well as the products and services offered by Circassia (collectively “Services” and each a “Service”).
We are the controller of Personal Information processed as described in this Notice. That means that we are legally responsible for how, why and when the data we collect about you are processed.
We do not sell your Personal Information
We do not sell your Personal Information to third parties that are not performing work or providing services on Circassia’s behalf. We only transfer your Personal Information to vendors and business partners as described in this Notice for the purpose of providing our Services.
This Notice (together with any other documents referred to on it) sets out:
- When we collect your Personal Information from you
- How we use your Personal Information
- Our promotional updates and communications
- With whom we share your Personal Information
- How we protect your Personal Information
- How long we keep your Personal Information
- Your rights regarding your Personal Information
- Changes to this notice
- Contact us
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We will process Personal Information about you if:
- You or the organization you work for are a customer or a supplier of ours
- You or the organization you work for use our Services
- You work for a customer or a supplier of ours, or for someone who uses our Services
- You are a participant in one a Circassia-sponsored meeting
- We identify you or engage with you as a professional expert, key stakeholder or thought leader in the field to which our Services relate
- You are a participant in research we conduct or sponsor
- You are someone (or you work for someone) to whom we want to advertise or market our goods or services
- You send us a CV, resumé, or other details of your employment history in connection with an advertised job vacancy or a general enquiry regarding job opportunities with us
- You engage with us on our websites by, for example, completing a “contact us” form
When we collect your Personal Information from 3rd Parties
We will process Personal Information about you provided by third parties if:
- Your employer provides it to us because it is relevant to work your employer is doing with us
- Your Personal Information is published in external sources including research, journals and peer reviews relevant to professional expertise and the medical field to which our Services relate
- Third parties with which we work closely provide it to us for our legitimate business purposes (including, for example, sub-contractors in technical, hosting and delivery services, medical market research, CRM and analytics specialists and industry and search information providers).
We may process the following categories of Personal Information about you
- Your name and/or initials
- Your employer, job function or department
- Your address, phone number, email address or other contact details (these details may relate to your work or to you personally, depending on the nature of our relationship with you or the organization that you work for)
- Your professional expertise and qualifications
- Your engagement with and prescribing of our Services and information gathered during interactions with our sales representatives
- Information about you that you give us by communicating with us by phone, by e-mail, in person, via our Sites, via social media or otherwise such as at an event or conference (for example, requests for assistance, complaints or comments about our Services)
- Information relating to transactions with us involving you or the organization you work for (for example, details of goods or services that we have supplied to, or obtained from, you or the person you work for)
- Other information relating to you which it is necessary for us to process in order to enter into or perform a contract with you or the organization you work for, including an employment agreement (for example, right to work information or lawful background checks)
- Information about events to which you or your colleagues are invited, and your personal information and preferences to the extent that this information is relevant to organizing and managing those events (for example, your dietary requirements)
- Personal Information you provide us in order to sign into our online portal(s)
Information that we obtain from you when you use our Sites:
When you visit our websites, we collect the following Personal Information about you:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, web beacons
- Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number or social media handle used to connect with our customer service team
- Country location data – we collect information through a look-up of your country of location by reference to your IP address against public sources to provide product and service information relevant to your region. This information is collected in combination with an identifier associated with your
Similar to other websites, our Sites utilize standard technology called “cookies” to collect information about how our Sites are used. Cookies and similar technologies are a feature of web browser software that allows web servers to recognize the device used to access a web site and online services and can be used to manage a range of features and content.
Cookies are small pieces of data that are stored by a user’s web browser on the user’s hard drive. Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at our Sites and the web sites visited just before and just after viewing our content.
Certain cookies last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the Sites and will last for longer.
We may also use “web beacons” that monitor your use of our websites. Web beacons (or web bugs) are one-pixel transparent images (although they can be visible images as well) located on a webpage or in an e-mail or other type of message, and are hosted on a server enabling the verification of a user’s viewing or receipt of a webpage or message. Web beacons can be used to track the IP (Internet Protocol) address of the computer or device that downloaded the page on which the web beacon appears, the URL (Uniform Resource Locator) of the page on which the web beacon appears, the time the page containing the web beacon was viewed, the type of browser used to access the web page containing the web beacon and the identification number of any cookie on the computer or device previously placed by the server hosting the web beacon. When we correspond with you via HTML capable e-mail, web beacons let us know whether you received and opened our e-mail. On their own, cookies or web beacons do not contain or reveal any personally identifiable information. However, if you choose to furnish the website with personally identifiable information, this information can be linked to the data stored using cookies/web beacons.
We use the following categories of cookies:
- Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance. For more information about privacy at Google or to opt-out of Google Analytics see: http://tools.google.com/dlpage/gaoptout. In addition, we have activated the IP masking feature when using Google Analytics which means that Google anonymizes the last octet of the IP address it receives from user’s devices. For more information see: https://support.google.com/analytics/answer/2763052.
- Functional Cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all these services may not function properly.
- Targeting Cookies:These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly Personal Information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
- Social Media Cookies: These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They can track your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
When you visit our Sites, you have the option to accept or adjust what cookies you allow us to place on your browser through our Privacy Preference Centre. You can modify these settings at any time by visiting Cookie settings.
If you do not want to allow cookies at all, please refer to your browser settings. Most web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting https://cookiepedia.co.uk which includes additional useful information on cookies and how to block cookies using different types of browser. Please note however, that by blocking or deleting cookies used on the Sites you may not be able to take full advantage of the Sites if you do so.
If you want to disable cookies on our Sites, you can change your browser settings to reject cookies. How you can do this will depend on the browser you use. For further details on how to disable cookies for the most popular browsers see: https://cookiepedia.co.uk/how-to-manage-cookies.
We use the Personal Information that we collect as described above for the following purposes:
- To enter into any contract or carry out our obligations arising from a contract including:
- supplying goods and services to you or the organization you work for or receiving them from you or the organization you work for;
- administering your organization’s account with us;
- verifying and carrying out financial transactions in relation to payments you make in your own capacity or on behalf of your organization;
- notifying you about changes to our Services.
- To provide you with information and updates about our products or services or our company, if you have given your consent to receiving promotional material from us, or where required by law, or where it is otherwise in our legitimate interest to do so (provided these interests do not override your right to object to such communications). See ‘Our promotional updates and communications’.
- To ensure in our legitimate business interests that:
- content from our Sites is presented in the most effective manner for you and for your device;
- we provide you or the organization you work for with the information, products and services you request from us;
- we assess any application for employment you submit to us;
- we may identify and understand using analysis and profiling techniques, your level of influence as a prescribing specialist and expert in a medical field to which our Services relate in order to engage and build relationships with you, to help in building mutual understanding, research, knowledge and improvements in treatments.
How we use Personal Information we collect about you from our Sites
We will use Personal Information about you collected from our Sites when it is in our legitimate interest to do so and where we have considered that our interests are not outweighed by your rights:
- To administer our Sites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
- To keep our Sites safe and secure
- For measuring or understanding the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you
- To improve our Sites to ensure that content is presented in the most effective manner for you and for your device
- To allow you to participate in interactive features of our service, when you choose to do so
How we use Personal Information received from other sources
We will combine Personal Information you provide us with Personal Information we get from other, lawful sources where it is in our legitimate interests to do so (where we have considered that these are not overridden by your rights). We will use this Personal Information and the combined Personal Information for the purposes set out above (depending on the types of information we receive).
Where permitted in our legitimate interest or with your prior express consent where required by law, we will use your Personal Information for marketing analysis and to provide you with promotional update communications or updates on our company by email, telephone or when meeting one of our representatives about our product.
You can object to further such communications at any time by selecting the “unsubscribe” link at the end of our marketing and promotional update communications to you, or by sending us an email to firstname.lastname@example.org.
You can also request that we send promotional materials to a non-personal email address instead of one which identifies you as an individual.
We may share your Personal Information with:
- Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, who support our processing of Personal Information under this policy.
- Appropriate third parties including:
- our business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for and subject to contractual and other safeguards;
- our auditors, legal advisors and other professional advisors or service providers;
- payment processing providers who provide secure payment processing services.
- In relation to Personal Information obtained via our Sites:
- analytics and search engine providers that assist us in the improvement and optimization of our site and subject to the cookie section of this policy.
- If we are under a duty to disclose or share your Personal Information in order to comply with any legal obligation, or in order to enforce or apply supply terms and other agreements with you or the organization you work for; or to protect the rights, property, or safety of Circassia, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
The data that we process in relation to you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.
We may transfer your Personal Information outside the EEA:
- In order to store it.
- In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.
- Where we are legally required to do so.
We may transfer your Personal Information to the following countries outside the EEA:
|USA||Site Hosting||Amazon Web Services||Privacy Shield||https://www.privacyshield.gov/welcome|
|USA||Site Analytics||Privacy Shield||https://www.privacyshield.gov/welcome|
|USA||Client Relationship Management (CRM) services||Veeva Systems||Privacy Shield||https://www.privacyshield.gov/welcome|
Where your information is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, including relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this Notice.
All information you provide to us is stored on secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We retain Personal Information for as long as you or your organization have a relationship with us in order that we can meet our contractual obligations to you or your organization, or where you are a specialist stakeholder in the field with whom we engage in our legitimate interests and for ten years after that period in order to identify any issues and resolve any legal proceedings. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.
You have the right under certain circumstances:
- to request a list of the categories of Personal Information we hold about you;
- to be provided with a copy of your Personal Information held by us;
- to request the rectification or erasure of your Personal Information held by us;
- to request that we restrict the processing of your Personal Information;
- to object to the further processing of your Personal Information, including the right to object to marketing (as mentioned in ‘Our promotional updates and communications’ section);
- to request that your Personal Information be moved to a third party.
If you have a legally authorized agent with the authority to act on your behalf, your agent can exercise these rights for you. We will ask to see documentation of your agent’s legal status, such as a power of attorney or other legally operable document proving agency under the law of the nation where you reside.
Your right to withdraw consent
Where the processing of your Personal Information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us. You can also change your marketing preferences at any time as described in ‘Our promotional updates and communications’ section.
How to exercise your rights
EU residents can also exercise the rights listed above at any time by contacting us at email@example.com. U.S. residents make their requests by emailing us at firstname.lastname@example.org or you can call us at 1-833-449-0003.
If your request or concern is not satisfactorily resolved by us, European residents may approach your local data protection authority, (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html). The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your Personal Information.
Residents of California may raise concerns about how we handle your Personal Information to the California Attorney General, (see https://www.oag.ca.gov/privacy/ccpa).
Any changes we make to our privacy notice in the future will be posted to Circassia.com and on product-related websites maintained by Circassia, and, in relation to substantive changes, will be notified to you by e-mail where possible. This policy was last updated on 9 March 2020.
Our full details are:
(For Europe and other countries outside the U.S.)
Robert Robinson Avenue
Oxford Science Park
Oxford OX4 4GA
To the attention of Privacy Officer
(For the U.S.)
Circassia Pharmaceuticals Inc.
5151 McCrimmon Parkway
Morrisville, NC 27560
To the attention of Legal Department