PERSONAL DATA PROTECTION FOR PHARMACOVIGILANCE

Basic information on the processing and protection of personal data for pharmacovigilance

In connection with the adoption of the General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, which will apply to the processing of your personal data by MSM, spol. s r.o., with its registered office at Lhota u Příbramě 13, 261 01 Příbram, Company ID: 47546999, company registered on 26 April 1993 in the Commercial Register kept by the Municipal Court in Prague, Section C., File 19801, we present below a summary of basic information on the processing and protection of your personal data.

Why do we process personal data

As a supplier of, among other things, medicinal products, we are bound by the obligation to monitor adverse effects (events) in connection with the use of a given medicinal product, which is called pharmacovigilance. As part of these obligations, we are also required to process personal data, or special categories of personal data, of the patient and (or) the person reporting the adverse event. The personal data or special categories of personal data obtained in this way are processed exclusively for the purposes of pharmacovigilance and the fulfillment of the legal obligations imposed on us, when:
1. We record personal data or special categories of personal data about the patient.
2. We record personal data about the person reporting the adverse event.

How do we obtain personal data

We obtain personal data primarily directly from you, as well as from the attending physician or medical staff as part of reporting an adverse event and its subsequent investigation.

What personal information do we process

The personal data we process about you, which may vary in scope in justified cases, include:

About the patient

a) name and surname, or initials, b) date of birth, c) age or age group, d) gender, e) weight, height, f) health information, g) medical history. The data may also include information, for example, about other medications used at the time of the adverse event, about the treatment that was indicated for you, about the medical history considered important by the reporter.

About the reporter

a) name and surname, b) contact details (e.g. contact address, telephone, e-mail), c) occupation (position), d) relationship to the subject in whom the adverse event occurred.

How we use your personal data

We use your personal data in particular to: a) investigate an adverse event, b) provide mandatory reports/reports to the relevant regulatory authorities, c) contact you for additional information, d) compare and evaluate the adverse event with information on other adverse events, e) provide evidence in the event of an ongoing dispute.

Personal data is further stored only for the period strictly necessary and in accordance with binding legal regulations, so that pharmacovigilance documentation is archived for at least 10 years from its acquisition.

Legal basis for processing your personal data

The legal basis that allows us to process your personal data, or special categories of personal data, results from the necessity to fulfill our legal obligations and rules in the field of pharmacovigilance.

Another legal basis may be the fact that you have provided us with consent to process your personal data, which can be revoked at any time.

To whom we provide your personal data

We provide your personal data to other entities only in accordance with pharmacovigilance practice, in particular:

• The National Regulatory Authority (SÚKL).
• Drug manufacturers

In some cases, we may also provide them to:

• Authorities to which we are obliged to provide personal data, such as the police and other supervisory authorities, courts, and criminal prosecution authorities.
• To service providers who provide us with services related to our activities and affecting your person, or who, for example, deliver documents or goods.
• To other entities in cases specified by law.

Unless there is a legal basis or legal obligation to do so, we never transfer your data to third parties, except when it concerns the fulfillment of your right to data portability.

How we protect your personal data

To ensure maximum security and confidentiality of your personal data, we use technical and organizational measures to protect against unauthorized access to data and its misuse, including ensuring the security of our IT systems and data recovery in the event of an incident. Network operation is continuously monitored. In addition, unauthorized persons are prevented from entering the company premises. All measures are continuously checked and updated.

What are your rights
 

• You have the right to clear, transparent and understandable information about why and how we use your personal data and what your rights are – this document also contains this.
• You have the right to access your personal data and to be provided with further information related to the processing of your personal data.
• You have the right to have incorrect and incomplete personal data rectified.
• You have the right to have your personal data erased, in particular if they are no longer needed for the purpose of processing, or if they have been processed unlawfully, or if you have withdrawn your consent to their processing, or if they must be erased by law, or if you have legitimately objected to their processing.
• You have the right to have your personal data restricted if you contest the accuracy of the personal data for a period of time until we verify their accuracy, or if we no longer need them but you need the data for the purposes of exercising your legal claims, or if you object to their processing for a period of time until we verify whether our legitimate reasons outweigh your interests, or if the processing is unlawful.
• You have the right to object to the processing of your personal data if we process it for direct marketing purposes or for the purposes of our legitimate interests.
• You have the right to transfer your personal data to another processor/administrator of personal data.
• You have the right to file a complaint with the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, website: www.uoou.cz.

If you have any questions regarding the processing of your personal data, or need any assistance in connection with the processing of your personal data by our company, or if you want to exercise your legal rights or withdraw your consent to the processing of personal data granted to our organization, please contact us by phone at 602176945, extension 31, or wait, by email to msm@msmgrou.eu, write GDPR in the subject of the email, or visit us in person at Lhota u Příbramě 13, Příbram.