Privacy policy
This Privacy Policy is effective as of March 2020.
This Privacy Policy was last reviewed on March 2020.
In this Privacy Policy (the “Policy”), Chiesi USA, Inc., with offices at 175 Regency Woods Place, Suite 600, Cary, NC 27518 (“Chiesi” or “we”), describes how we collect, use, disclose, and otherwise process your Personal Information. We use the term “Personal Information” to mean information about an identified or identifiable individual. Our website may contain links to third party websites/content/services that are not owned or controlled by Chiesi. Chiesi is not responsible for how these properties operate or treat your Personal Information, so we recommend that you read the privacy policies and terms associated with these third-party properties carefully. If you are a resident of California, please also see our Supplemental California Consumer Privacy Act Privacy Policy in Section 13 below for provisions that apply to our collection of your Personal Information both online and offline. This website and Privacy Policy are not intended for use by residents outside of the United States.
By using our website or participating in our offline programs, which reference this Policy, you consent to us processing your Personal Information as described in this Policy. If you do not consent to us processing your Personal Information as described herein, please do not use our website or participate in the offline program referencing the Policy.
1. WHAT PERSONAL INFORMATION DO WE COLLECT?
We collect the following types of Personal Information:
- Forms: When you complete and submit a form, registration, or survey (“Form”), we collect any Personal Information that you included in the Form for the purposes described in the Form and in this Policy. When you voluntarily complete and submit a Form, you will know what categories of Personal Information we collect for that processing because you will have provided that information to us. This may include information like your title, name, postal address, institutional association, occupation, e-mail address, telephone number, date of birth, age or age group, gender, information required to request a prescription, and other demographic information.
- Usage Information: When you visit our website, we automatically collect the following types of information during your use and navigation of our website (“Usage Information”): how you navigated to the website, your browser type (to ensure compatibility between our website and your browser), the domain name of the website that allowed you to navigate to our website, your incomplete internet protocol (IP) address, time spent on our website, web pages viewed, frequency of visits, and other relevant statistics about your use of our website. Unless you also actively submit Personal Information to us, any Usage Information typically does not allow us to identify you personally. Usage Information is collected through the use of cookies or other tracking technologies.
- Cookies and Other Tools: We use cookies to collect aggregate data. A “cookie” is a small piece of information sent by a Web server to a Web browser that enables the server to collect information from the browser. Cookies are stored on your hard drive and not on our website, so you can examine your data files and see what information is being recorded. Most cookies are “session cookies” that are automatically deleted when the user closes his or her browser at the end of a session. You may decline cookies if your browser permits. If you do so, however, you may be required to re-enter your previously submitted information each time you visit our website. Data collected by cookies is used to monitor a website and improve its usability. We may use cookies on certain pages, for example, to eliminate the need for you to re-enter your password during a session. We can also use cookies to identify your IP address when you visit a website to keep track of your browsing patterns and to build a demographic profile. Some of our websites also include a Facebook pixel which helps track conversations from Facebook ads, optimize as based on collected data, build targeted audiences for future ads, and remarket to qualified leads – people who have already taken some kind of action on the site. You can disable non-essential cookies on our websites. This action will also delete existing cookies. We may use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the site and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to http://www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
- Publicly Available Information: Where permitted by applicable law, we may augment the Personal Information we have about you with information obtained from third-party publicly available sources. For example, to verify licensure of healthcare professionals, we may use Personal Information in conjunction with information lawfully obtained from a licensing board.
- Authorized Representative: If you submit any Personal Information relating to other people to us, you represent that you have the legal authority to do so and to permit us to collect, use, disclose and otherwise process the Personal Information in accordance with this Privacy Policy.
2. HOW DO WE USE YOUR PERSONAL INFORMATION?
We may use your Personal Information for the following purposes, as permitted by applicable law:
- To facilitate the reason you provided the information and/or as described to you when collecting your Personal Information.
- To operate our business.
- To deliver services, products, and information.
- To maintain and improve our website.
- To create, maintain, customize, and secure your account with us.
- To communicate with you and complete, process, and fulfill your requests, payments, and transactions.
- To perform and enforce contracts with you or with third-parties.
- To tailor marketing programs and campaigns and conduct market research analysis.
- Legal Compliance and Interests. To perform activities necessary to ensure compliance with applicable national, state, provincial and other applicable laws, including to comply with regulatory monitoring and reporting obligations such as those related to adverse events, product complaints, patient safety and financial disclosures, to respond to requests from government authorities, and to protect the legal interests of yours, ours or third parties, such as to protect against fraud.
- Mergers and Acquisitions. In the event that some or all of our assets are acquired by or merged with a third-party entity or in connection with a proposed or actual merger, acquisition, sale, or other change of control, we may use or transfer some or all of the Personal Information that we have collected about you to determine whether to proceed with the transaction and execute the transaction if we decide to do so. We will use your Personal Information as permitted by applicable law and take any steps required by law in connection with these activities.
3. HOW DO WE SHARE YOUR PERSONAL INFORMATION?
We may share your Personal Information in the following situations, as permitted by applicable law:
- Within Our Family of Companies. Chiesi and its subsidiaries, affiliates, and parent company may share your Personal Information amongst and between each other for the purposes set forth in this Privacy Policy.
- Service Providers. We share your information with affiliated and unaffiliated service providers as necessary for them to provide services to us, subject to appropriate confidentiality and data protection agreements. Service providers assist us with data analysis, customer service, web hosting, website development, government and regulatory compliance reporting, and other activities related to the management of our business and provision of our products and services.
- Legal Compliance. We will share information for legal reasons as we believe appropriate to: (a) satisfy any applicable law, regulation, judicial process, court order, legal process, or proper government request; (b) enforce any agreement we may have entered into with you; (c) detect, prevent, or otherwise address fraud, security or technical issues; (d) protect against harm (whether tangible or intangible) to the rights, property or safety of ours, our users or the public; and (e) establish or exercise our rights, defend against a legal claim, and investigate, prevent or take action regarding possible illegal activities or a violation of our policies.
- Professional Advisors. We may disclose Personal Information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services they provide to us.
- Mergers and Acquisitions. We may provide Personal Information to a potential or actual buyer in connection with a proposed or actual merger, acquisition, sale, or other change of control, as described above.
- Aggregate and De-identified Data. Chiesi may also disclose aggregate or de-identified data that is not personally identifiable to third parties for any purpose.
- Other Disclosures with Your Consent. We may ask you to share your information with other recipients not described elsewhere in this Privacy Policy.
4. HOW DO WE PROTECT PERSONAL INFORMATION?
We have implemented a variety of security measures and technologies intended to help protect Personal Information from unauthorized access, use, disclosure, alteration, or destruction. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us by contacting us at us.privacy@chiesi.com.
5. HOW LONG DO WE KEEP YOUR DATA?
We will keep your Personal Information for as long as we are permitted based on the purpose(s) for which it was obtained. We consider the following criteria to determine our retention period: (i) the length of time we have an ongoing relationship with you and provide a website, information, product, or service to you; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position.
6. OUR USE OF SOCIAL NETWORK PLUGINS
We use social plugins (“Plugins”) of the following online social networks (collectively, the “Social Networks”) on certain webpages of our website to provide certain online content and features:
- com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;
- com, operated by Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA;
- google.com, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA; and
- com, operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
These Plugins are labeled with an icon of the corresponding Social Network.
When you visit a webpage on our website containing a particular Plugin, your browser establishes a direct connection with the server of the corresponding Social Network. As a result, the Social Network will receive a notification that your browser has accessed that webpage of our website on which the Plugin appears. In addition, if you interact with that Plugin, such as by clicking Facebook’s “Like” button, the corresponding Social Network will receive information about your interaction with that Plugin. If you have logged into your account associated with that Social Network, the Social Network will be able to associate the above information with your account.
Please refer to the privacy statements of the above-listed Social Networks to learn more about the ways in which and purposes for which they collect, use, disclose and process your Personal Information, as well as your choices and rights with respect to their processing of your Personal Information.
7. YOUR RIGHTS
You may have rights under applicable privacy laws, including to request that we:
- Provide you with more specific details about how we process your Personal Information;
- Provide you with copies of Personal Information that we hold about you;
- Amend, update or delete Personal Information we hold about you;
- Restrict our processing of your Personal Information; and
- No longer process Personal Information in ways that you previously consented to.
If you are a resident of California, please also see our Supplemental California Consumer Privacy Act Privacy Policy in Section 13 below for information about rights that may be available to you under the California Consumer Privacy Act.
Please contact us at us.privacy@chiesi.com or at 1-888-203-1064 if you would like to exercise your rights under applicable privacy laws. Please note that we may need to retain certain Personal Information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
8. WHAT IF YOU DO NOT WANT TO PROVIDE YOUR PERSONAL INFORMATION?
You can always choose not to share your Personal Information with us when prompted to share. If you object to the processing of your Personal Information, or if you have provided your consent to the processing and later choose to withdraw it, we will respect your choice in accordance with our legal obligations. This could mean that we may be unable to perform the actions necessary to achieve the purposes set forth above, or you may be unable to make use of the services and products that require the processing of your Personal Information.
9. CHILDREN’S PRIVACY
Our website is not directed at individuals under the age of 16. Without permission from a parent or legal guardian, we do not knowingly collect Personal Information directly from individuals under the age of 13. If we learn that we have collected Personal Information of individuals under the age of 13 through our website, we will take appropriate steps to address this matter.
10. CROSS BORDER TRANSFERS
The website and our offline programs are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States and those states that make up the United States. Any information you provide to Chiesi may be stored and processed, transferred between and accessed from the United States and other countries which may not guarantee the same level of protection of personal data as the one in which you reside. However, Chiesi will handle your personal data in accordance with this Privacy Policy regardless of where your personal data is stored/accessed.
11. UPDATES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes to our information processing practices. When we change this Privacy Policy in a material way, we will update the effective date at the beginning of the document. We will also provide you with notice of changes and obtain your consent to any such changes where and as required by applicable law. We encourage you to review this Privacy Policy periodically for the latest information on our information processing practices.
12. CONTACT US
If you have questions about the processing of your Personal Information or Chiesi data privacy policies or would like to be connected with our Privacy Officer, please contact us at 1-888-203-1064 or at us.privacy@chiesi.com or write to us at the following address:
Chiesi USA, Inc.
175 Regency Woods Place
Suite 600
Cary, NC 27518
Attn: Legal Department
13. CALIFORNIA RESIDENTS
The following provisions apply to the Personal Information of California residents processed by Chiesi, whether collected online or offline. These provisions supplement the other sections of the Privacy Policy.
We do not sell personal data of California residents.
A. CATEGORIES OF PERSONAL DATA THAT WE COLLECT AND DISCLOSE
Listed below are the categories of Personal Information about California residents that we collect and disclose for a business purpose. For more information about the categories of third-parties with whom we share your personal data, refer to the HOW DO WE SHARE YOUR PERSONAL INFORMATION Section above.
In particular, we have collected the following categories of Personal Information from our consumers within the last twelve (12) months:
|
Category |
Examples |
Collected? |
Disclosed for a Business Purpose? |
|
A. Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, National Provider Identifier (NPI), medicare provider number, driver's license number, passport number, or other similar identifiers. |
YES |
YES
Within Our Family of Companies
Service Providers
Legal Compliance
|
|
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories. |
YES |
YES
Within Our Family of Companies
Service Providers
Legal Compliance
|
|
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
|
YES |
YES
Within Our Family of Companies
Service Providers
|
|
D. Commercial information. |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
YES |
YES
Within Our Family of Companies
Service Providers
|
|
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
YES |
YES
Within Our Family of Companies
Service Providers
Legal Compliance
|
|
F. Internet or other similar network activity. |
Website navigation, browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. |
YES |
YES
Service Providers
|
|
G. Geolocation data. |
Physical location or movements. |
YES |
YES
Within Our Family of Companies
Service Providers
Legal Compliance
|
|
H. Audio/Visual. |
Audio, electronic, or visual recordings, or similar information. |
NO (Except in instances where explicit consent is granted.)
|
NO
|
|
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
YES |
YES
Within Our Family of Companies
Service Providers
Legal Compliance
|
|
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
YES |
YES Within Our Family of Companies
|
|
K. Inferences drawn from other Personal Information. |
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
YES |
YES
Within Our Family of Companies
Service Providers
|
B. As described in the WHAT PERSONAL INFORMATION DO WE COLLECT Section above, we collect this Personal Information from you and from other sources, including public databases, social media platforms, and other third parties, when they share the information with us.
C. Also as described above in the HOW DO WE USE YOUR PERSONAL INFORMATION Section, we may use this Personal Information to operate our business; to deliver services, products, and information; to maintain and improve our website; to communicate with you and complete and fulfill your requests; to perform and enforce contracts; to tailor marketing programs and campaigns and conduct market research; for compliance and legal interests; and in association with mergers and acquisitions.
D. INDIVIDUAL RIGHTS
Subject to certain exceptions, California residents have the right to make the following requests, at no charge, up to twice every 12 months:
Copy: You may request a copy of the specific pieces of Personal Information that we have collected about you in the prior 12 months and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows you to transmit this information to another entity without hindrance.
Deletion: You may request deletion of your personal data that we have collected about you. We may deny your deletion request if retaining the information is necessary for us or our service providers, and we will explain to you the reason for which it was necessary to retain it.
Know: You may request that we provide you certain information about how we have handled your personal data in the prior 12 months, including the:
(a) categories of personal data collected;
(b) categories of sources of personal data;
(c) business and/or commercial purposes for collecting your personal data;
(d) categories of third parties/with whom we have disclosed or shared your personal data; and
(e) categories of personal data that we have disclosed or shared with a third party for a business purpose.
We will not discriminate against you for exercising these CCPA rights.
E. SUBMITTING REQUESTS
You may submit requests to delete, copy and/or know Personal Information about you by emailing us at us.privacy@chiesi.com or by contacting us at 1-866-271-8587. Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your Personal Information.
Your request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. We will only use Personal Information provided in the request to verify the requestor's identity or authority to make it.
To designate an authorized agent, email us at us.privacy@chiesi.com. You may also make a request to know or delete on behalf of your child by emailing us at us.privacy@chiesi.com. We will respond to your request consistent with applicable law.
