We understand that your privacy is important to you and that you care about how information relating to you (“Personal Data”) is used. Please read this Privacy Statement carefully to be informed about how and why we collect, store, use and share your Personal Data. It also explains your rights in relation to your Personal Data and how to contact us in the event you have any questions about how we handle your personal data.
If you are an HCP, this Privacy Statement is supplemented by the HCP Privacy Statement, also available in our website.
Personal Data we collect
We collect the following personal data:
- Contact information, such as your name, job title, company name, address, phone number, email address, other information voluntarily chosen to share with us.
- Information about your device and your usage of our Websites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data using cookies, web beacons, or similar technologies, for further information about the use of cookies, please refer to our Cookie Statement.
- Professional information such as: name, business contact details like e-mail and business address, job title, company name, phone number, bank account, transaction information, e-mails that might contain personal information, other information voluntarily chosen to share with us.
- When reporting adverse events, we may collect information related to: your name and contact details, medical condition, products you use, prescriber contact details, reaction to the product or other health related data associated to the product.
How do we collect Personal Data
Personal Data we collect directly from you
- Interact or use our website or any other service that displays or links to this Privacy Statement, including accessing or downloading materials from the resources or portals available to you on this website or requesting information about our products and services (our “Website”);
- Visit our branded social media pages;
- Visit our offices;
- Receive communications from us or otherwise communicate with us, including but not limited to emails, phone calls, or texts;
- Register for, attend or take part in our conferences, events or webinars (collectively, “Events”);
- When you contact us through our contact form available in our website;
- Registering or sending information through our career portal, sending your personal details by email, or when you apply through any of our external recruiters;
- When your register to our newsletter, mailings, press releases, reports and or annual reports;
- When you contact us to lodge a complaint about a product or to report adverse events;
- Participate in surveys, research or other similar data collection facilitated by us.
- When you are shareholder.
If you provide us Personal Data relating to other individuals (e.g., employees, individuals working for a client, an affiliate or a service provider), you warrant that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Statement.
If you believe that your Personal Data has been provided to us improperly or want to exercise your rights relating to your Personal Data, please contact us by using the contact information detailed in the section “How to Contact us” available at the end of this document.
Personal Data we collect from other sources
From Customers / Service Providers/ Vendors: We receive and store your personal data that our Customer or Vendor has provided to us in order to satisfy contractual obligations. The types of information we may collect directly from our customers and their employees include names, usernames, email addresses, postal addresses, phone numbers, job titles, transactional information, as well as other contact or other information they choose to provide us or upload to our systems in connection with the products or services they offer us. Other personal information we process may vary depending on the requirements specified in third party agreements. In those cases, we assume that those entities have an appropriate legal ground to share personal data with us.
How we use your Personal Data: Purposes and legal grounds
We collect and process your Personal Data for the following purposes and relying on the following legal basis:
Purpose | Description | Legal grounds |
Providing and improving our Websites (including our social media pages) | We process your Personal Data to operate and administer our Websites and to provide you with the content you access and request. We process your Personal Data to analyze overall trends and help us improve the user experience on our websites. | Our legitimate interest in providing and/ or your consent. |
Registering visitors to our premises and events | We process your Personal Data in our registration form for security reasons | Legitimate interest and/ or your consent. |
Managing Event and webinar registrations | We process your Personal Data when organizing events or webinars for which you have registered or that you attend, including sending related communications to you. | Your consent and/or our legitimate interest. |
Sending communications, administering surveys, and conducting research | We process your Personal Data to send you marketing information, newsletters and other non-transactional communications | Your consent to receive any direct marketing or communication from us or when you are already a registered client. |
Recording phone calls, videocalls webinars. | We process your Personal Data, including recording phone calls (in accordance with applicable laws) for quality assurance, and administration purposes | Consent or our legitimate interest in maintaining the high quality of our phone calls with customers and suppliers. |
Handling contact and user requests | We process your Personal Data, if you submit a support request through any of our channels including but not limited to via phone, e-mail, etc. | Performance of a contract or your consent and performance of a contract. |
Providing, developing and optimizing the performance of the Services | We process your Personal Data to develop, optimize, provision, and improve the performance of the Services and to satisfy our obligations under the applicable terms of use | Our legitimate interest to provide and administer our Services in line with customer expectations |
Managing our customer accounts. | We process your Personal Data in relation to our CRM system to manage customer and user accounts generally, such as billing, customer correspondence, customer relationship management, and maintaining your customer account. | Our legitimate interest and performance of a contract when applicable. |
Maintaining our security | We process your Personal Data for the purposes of maintaining Pharming’s own security, including investigating, detecting and preventing suspicious activity, fraud and cybercrime that may affect Pharming or its Services | Our legitimate interest in promoting the safety and security of Pharming and to protect our rights and the rights of others |
Managing job applications | We process your Personal Data in relation to the position you apply for. The purpose of talent acquisition, including assessing capabilities, reference checks. | Your consent when you submit an application through any of our channels and performance of a contract. |
Undertaking financial reporting, managing payments, preparing internal reports, and business modelling | When necessary we process your Personal Data for the purposes of financial reporting, modelling purposes (e.g., forecasting), and to make or collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you, the company you represent or your organization. | Our legitimate interest and/ or performance of a contract. |
Aggregating data | We process your Personal Data for the purposes of aggregating this information to ensure that it is no longer identifying you. | Our legitimate interest in minimizing the amount of Personal Data processed as part of the noted processing activity |
Complying with legal and/or regulatory obligations | We process and/or disclose your Personal Data to the extent required when cooperating with competent authorities, regulators or relevant jurisdictions to ensure the compliance with legal requirements under applicable laws and/or protect our rights. | Legal obligation incumbent on Pharming or any of its affiliates. |
Litigation and claims | We may process your Personal Data during litigation or administrative procedures and when defending or exercising legal rights and claims | Legal obligation. |
Adverse event reporting | We process and/ or disclose your personal data when you report an adverse event either directly or through your Health Care Professional. We may use the information you provide to us to submit reports and disclose it to the European Medicines Agency or the U.S. Food and Drug Administration or any other regulatory body. We may use it to also report to other similar health and medicine government agencies across the world, and as otherwise required of us by law. We also may use the information to contact your prescribing physician to follow up regarding an unexpected event involving the use of our product. | Legal obligation. |
Recipients of your Personal Data:
Where applicable, we share your Personal Data in the following circumstances:
Vendors, contractors, and other service providers
Pharming may share personal data with service providers or other third parties that carry out functions or services in our behalf or that assist or enable our operations. These Service Providers include hosting, email and collaboration service providers website analytics companies, freelancers, product feedback or help desk/customer support and CRM service providers, professional advisors, head-hunters, the website/ platform in which you submitted your employment application (if applicable), travel agencies and travel service providers, payrolling vendor scheduling programs and IT processing systems.
Business transfers:
Other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or insolvency.
We may also transfer your personal data to law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations.
Pharming Group Companies, subsidiaries, partners and affiliates
We may also share your Personal Data with subsidiaries and/or affiliates for purposes consistent with this Privacy Statement. Personal Data is transferred between Pharming entities to ensure efficient and effective business operations and to enable Pharming to provide customer, sales, marketing, human resources, finance, information technology, legal, quality assurance, software/product development, and other support services
Regulatory bodies and Health agencies and authorities:
We may shared your Personal Data with third parties such as the European Medicines Agency or the U.S. Food and Drug Administration or any other regulatory body and health authority when it is necessary for product safety report, adverse event reporting or any other circumstance where we are required by law.
Marketing Communications
You can opt-out of receiving promotional or marketing communications from us at any time, by using the unsubscribe link in the email communications we send, or by contacting us using the details provided in the section ‘How to contact us’ at the end of this Privacy Statement. Please note that if you have accounts for our Services, we will still send you non-promotional communications, like service-related emails.
How we protect your Personal Data
Pharming uses appropriate technical and organizational measures to ensure that the Personal Data we process is protected from unauthorized access, use, destruction, alteration or disclosure in accordance with applicable laws and regulations. In case of data transmission or when IT storage problems arise we have appropriate procedures in place to protect your Personal Data and privacy.
Retention of your Personal Data
We will retain your Personal Data for as long as is necessary in order to fulfil the purposes for which we have collected your Personal Data, including any legal requirements. When the Personal Data is no longer needed for its original processing goal, and there are no further legal requirements or you have withdrawn your consent, we will delete or anonymize your Personal Data.
How to exercise your privacy rights
You have the following rights with regard to your Personal Data:
- Right of access: You can contact us any time to request about the Personal Data we may hold and request a copy and a list of purposes for which your Personal Data is processed.
- Right to correction: you have the right to require us to correct mistakes in your Personal Data should you notice any.
- Right to erasure (“right to be forgotten”): you have the right to require us to delete your Personal Data—in certain situations.
- Right to restriction of use: you have the right to require us to restrict use of your Personal Data in certain circumstances, e.g. if you contest the accuracy of the data
- Right to data portability: you have the right to receive the Personal Data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations.
- Right to object: you have to object at any time to your Personal Data being used for direct marketing (including profiling) and in certain other situations to our continued use of your Personal Data, e.g. where we use your Personal Data for our legitimate interests. We may however continue to process your Personal Data if, even if you object thereto, we have compelling legitimate grounds for the processing that override your integrity interest.
- Right to withdraw consent: you have the right to withdraw your consent at any moment where you have provided it previously. The withdrawal of your consent does not affect the lawfulness of processing based on consent prior to the withdrawal.
- Right not to be subject to decisions without human involvement: you have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. We do not make any such decisions based on data collected by our website.
If you wish to exercise any of your rights mentioned above, please contact us using the information in the section ‘How to contact us’ at the end of this Privacy Statement. We will respond to your request within 30 days of receiving such request. If we are unable to honour or otherwise deny your request, we will provide a reason why.
We may charge you a reasonable fee in the case that you request additional copies of your Personal Data or make excessive requests. Insofar as is practicable and required under law, we will notify third parties with whom we have shared your Personal Data of any request for correction, deletion and/or restriction to the processing of your Personal Data. Please note that we cannot guarantee third parties will follow up on our notification and we encourage you to contact those third parties directly.
If you feel that our processing of your Personal Data infringes data protection laws, or if you feel that we have not handled your complaint properly, you have a legal right to lodge a complaint with the Data Protection Authority within your country.
Children
We do not knowingly collect Personal Data on this website from children under the date of 13 years. If you are under the age of 13, please do not give us any Personal Data. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Statement by instructing their children to never provide Personal Data on this website without their permission. If you have reason to believe that a child under the age of 13 years has provided Personal Data to Pharming through this website, please contact us and we will endeavour to delete that information from our databases.
International transfers of Personal Data
Your Personal Data will be processed within the European Economic Area (EEA) and stored on servers located within the EEA whenever possible. However, Your Personal Data may be transferred to and stored by us or by our affiliates and third parties described in Section 3 above, located in countries outside the EEA. Consequently, your Personal Data may be processed outside your jurisdiction, and in countries that may not provide for the same level of data protection as your jurisdiction. However, we ensure that the recipient of your Personal Data provides an adequate level of protection, for example by entering into appropriate data processing agreements and, if necessary, standard contractual clauses or an alternative lawful data transfer mechanism.
Amendments to the Privacy Statement
We reserve the right to amend this Privacy Statement at any time and from time to time. We encourage you to review it periodically. If you use this website after the amended Privacy Statement has become effective, you will be deemed to have agreed to the amended Privacy Statement.
How to Contact Us
If you have any questions about this Privacy Policy, please feel free to contact us.
Pharming Group N.V.
Physical address
Vondellaan 47
2332 AA Leiden
Netherlands
Postal address
Darwinweg 24
2333 CR Leiden
Netherlands
Email: gdprcompliance@pharming.com or info@pharming.com
Our DPO: T.howard@pharming.com
Last updated: June 2024