Home | Legal | Privacy Policy | Privacy Statement | FRANÇAIS  

Privacy Policy

This research-based pharmaceutical company (the “Company”) is committed to controlling the collection, use and disclosure of personal information.

The Company collects, uses and discloses various types of personal information in carrying on business, including information about health care professionals (including physicians, pharmacists and other health care workers), patients, participants in clinical studies, customers and employees.

The Company collects, uses and discloses personal information in accordance with the following ten fair information principles.

Principle 1 - Accountability

1.1 The contact information for the Company’s Privacy Compliance Officer is: Privacy Compliance Officer or by mail at:

Privacy Compliance Officer
1004 Middlegate Road
Mississauga, Ontario
L4Y 1M4

1.2 Accountability for compliance by the Company with these policies and procedures rests with the Privacy Compliance Officer, even though other individuals within the company may be responsible for the day to day collection and processing of personal information. In addition, the Privacy Compliance Officer may, from time to time, designate one or more other individuals within the company to act on his or her behalf, including representatives from all areas of the business.

1.3 The Company is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing. The Company transfers personal information to third parties for reasons such as data processing, data warehousing, administrative services, and conducting programs on our behalf, where the third parties do not make any independent use of the personal information. The Company uses contractual or other means to require third parties to commit to protecting personal information to a level comparable to that provided by the Company. Some of these third parties may be located outside of Canada and, as such, they are subject to foreign laws including laws that may require disclosure of personal information to foreign government authorities.

1.4 The Company has policies and practices that give effect to the principles and procedures in this Privacy Policy, including

  1. procedures to protect personal information;
  2. procedures to receive and respond to complaints and inquiries;
  3. training and information for staff about the Company’s policies and practices; and
  4. information and tools to explain the Company’s policies and procedures.

Principle 2 - Identifying Purposes

2.1 The Company collects, uses and discloses personal information for a range of purposes.

2.2 The Company may from time to time collect, use and disclose personal information about health care professionals for legitimate business purposes that include satisfying regulatory requirements, conducting clinical studies in which health care professionals have agreed to participate, establishing and managing a customer relationship profile, marketing the Company products and services, responding to requests about the Company products, recommending particular products to meet health care professional needs, providing health care professionals with clinical evaluation packages, and establishing and sponsoring educational or other programs. To carry out these legitimate business purposes, the Company may from time to time disclose the personal information of health care professionals to regulatory agencies (e.g., Health Canada), companies affiliated with the Company, and other third parties to perform services on behalf of the Company for the purposes explained in this section.

2.3 The Company may from time to time collect, use and disclose personal information about individuals that use or may use the Company products for legitimate business purposes that include receiving and/or responding to requests, complaints or adverse event reports about the Company products or services, administering health condition awareness/management or similar programs sponsored by the Company, satisfying regulatory requirements, notifying individuals about product-related matters where prudent to do so, and marketing the Company products and services. To carry out these legitimate business purposes, the Company may from time to time disclose the personal information of these individuals to regulatory agencies (e.g., Health Canada), companies affiliated with the Company, and other third parties to perform services on behalf of the Company for the purposes explained in this section.

2.4 The Company may from time to time collect, use and disclose personal information about individuals that participate in clinical studies sponsored by the Company for legitimate research and business purposes that include research and development, satisfying regulatory requirements, notifying individuals about research-related matters where prudent to do so, and receiving and/or responding to requests, complaints or adverse event reports about the Company products. To carry out these legitimate research and business purposes, the Company may from time to time disclose the personal information of these individuals to regulatory agencies (e.g., Health Canada), companies affiliated with the Company, and other third parties to perform services on behalf of the Company for the purposes explained in this section.

2.5 The Company may from time to time collect, use and disclose personal information about employees and potential employees for legitimate business purposes that include evaluating employment applications, hiring, evaluating and managing performance and administering employment-related services such as payroll, benefits, making travel arrangements, satisfying regulatory requirements (including compliance with Health Canada Regulations on Good Manufacturing Practices (GMP)) and corporate compliance to policies. To carry out these legitimate business purposes, the Company may from time to time disclose employees’ personal information to benefits providers, regulatory agencies (e.g., Canada Revenue Agency), companies affiliated with the Company, and other third parties to perform services on behalf of the Company for the purposes explained in this section.

2.6 The Company will make reasonable efforts to identify the purposes for which personal information is collected to the individual from whom the personal information is collected at or before the time of collection. Depending upon the way in which the information is collected, the Company will identify these purposes verbally or in writing. For example, subjects participating in studies sponsored by the Company are presented with written consents specifying that their doctor will collect their personal information such as date of birth and gender for purposes relating to administering and conducting the study, research and statistical analysis.

2.7 When the Company uses or discloses personal information that has been collected for a purpose not previously identified, it will identify and obtain consent to the new purpose prior to use or disclosure, except as permitted or required by law.

2.8 People collecting personal information will explain to individuals the purposes for which the information is being collected, including any purposes that may not be immediately obvious to the individual. For example, the Company will make clear to individuals who provide testimonials regarding the Company products for distribution to the public that their personal information may be shared with other companies affiliated with the Company.

Principle 3 - Consent

3.1 Generally, the Company will seek consent for the collection, use or disclosure of personal information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when the Company wants to use information for a purpose not previously identified).

3.2 The form of the consent sought by the Company, including whether this consent is express or implied, may vary depending upon the circumstances and the type of information. In determining the form of consent to use, the Company will take into account the sensitivity of the information and the reasonable expectations of the individual. For example:

  • An employee filing an application for the Company’s dental, health, life insurance and long-term disability coverage plan would reasonably expect that the relevant information (employee identification number, name, date of birth) would be collected, used and communicated to third parties in accordance with the dental, health, life insurance, long-term disability coverage, and for as long as the coverage was in effect.
  • When submitting a resume or application for employment with the Company, an individual may implicitly be consenting to the collection of the information he or she discloses on the form. The Company may also bring to the applicant’s attention the use that will be made of the information on the form. Consent in such cases is indicated by the applicant completing and signing the relevant forms.

3.3 An individual may withdraw consent at any time, subject to legal or other contractual obligations and restrictions. The Company must also be provided with reasonable notice that an individual wishes to withdraw consent. The period of reasonable notice will vary depending on the nature of the information and the uses to which it is being put by the Company. The Company will inform the individual of the implications of withdrawing consent.

3.4 The Company will not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified and legitimate purposes. For example, employee contact information is required for employment purposes, the Company’s customers’ contact information is required for billing purposes and consent to the collection, use and disclosure of certain information will be required from participants in clinical studies in order to facilitate the research purposes for which the study is being conducted.

3.5 There may be some circumstances where the Company will collect, use or disclose personal information without consent where permitted or required by law. For example, when information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate when the individual is a minor, seriously ill or mentally incapacitated, in which case consent must be obtained from parents, guardians or legal representatives of such individuals.

Principle 4 - Limiting Collection

4.1 The Company will limit the amount and the type of information it collects to that which is necessary to fulfill the purposes identified.

4.2 When possible, the Company will collect personal information from the individual directly. However, with your consent or where permitted or required by law, the Company may also collect personal information from outside sources such as companies that sell health care professionals’ personal information, credit bureaux, professional references, marketing agencies and public relations agencies.

Principle 5 - Limiting Use, Disclosure and Retention

5.1 The Company limits the use and disclosure of personal information to what is necessary for the identified purposes or as required or permitted by law.

5.2 The Company will retain information, including personal information that has been used to make a decision about an individual long enough to allow the individual access to the information after the decision has been made.

5.3 The Company will destroy, erase or make anonymous personal information that is no longer required to fulfill the identified purposes, legislative requirements or legitimate business purposes.

Principle 6 - Accuracy

6.1 The Company will take reasonable steps to ensure the accuracy and completeness of the personal information it uses or discloses. Please make a written request to the Company Privacy Compliance Officer if you wish to request correction of any of your personal information.

Principle 7 - Safeguards

7.1 The Company has security safeguards to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held.

7.2 The nature of these safeguards vary depending on the sensitivity of the information that has been collected; the amount, distribution and format of the information; and the method of storage. More sensitive information is safeguarded by a higher level of protection.

7.3 The methods of protection include

  1. physical measures (e.g., locked filing cabinets and restricted access to desks);
  2. organizational measures (e.g., security clearances and limiting access on a “need to know” basis); and
  3. technological measures (e.g., the use of passwords and encryption).

7.4 The Company has made its employees aware of the importance of maintaining the confidentiality of personal information.

Principle 8 - Openness

8.1 This Privacy Policy outlines the Company’s personal information practices. If you visit one of the Company’s web sites, you will also see the Company’s Web Site Privacy Statement, which outlines our personal information management practices as they specifically relate to those web sites.

8.2 Individuals are able to acquire further information about the Company’s policies and practices without unreasonable effort by contacting the Company’s Privacy Compliance Officer. The information that the Company will make available upon request includes:

  1. the name or title and the address of the Privacy Compliance Officer;
  2. the means of gaining access to personal information held by the Company;
  3. a description of the type of personal information held by the Company, including a general account of its use;
  4. copies of any brochures or other information that explain the Company’s privacy policy; and
  5. a description of what personal information is made available to related organizations (e.g., subsidiaries) or other third parties.

Principle 9 - Individual Access

9.1 The Company may establish a file of personal information for individuals, for the purposes described above, which will be accessible by contacting the Privacy Compliance Officer. If an individual wishes to request access to, or correction of, his/her personal information in our custody or control, he/she must email the Privacy Compliance Officer at The Privacy Compliance Officer. or mail request to: Privacy Compliance Officer, 1004 Middlegate Road, Mississauga, Ontario, L4Y 1M4. We will provide an individual with access to his/her personal information in accordance with applicable law, except where permitted or required by law not to disclose personal information to the individual.

Principle 10 - Challenging Compliance

10.1 The Company has put simple and easily accessible procedures in place to receive and respond to complaints or inquiries about its policies and practices relating to the handling of personal information.

10.2 The Company will inform individuals who make inquiries or lodge complaints about its complaint procedures.

10.3 The Company will investigate all complaints. If a complaint is found to be justified, the Company will take appropriate measures, including, if necessary, amending its policies and practices.

10.4 If an individual is not satisfied with the response from the Privacy Compliance Officer, he or she may have recourse to the Office of the Privacy Commissioner at:

Federal Privacy Commissioner
112 Kent Street
Ottawa, Ontario
K1A 1H3

Phone: (613) 995-8210
Toll-Free: (800) 282-1376
Fax: (613) 947-6850
Internet: www.privcom.gc.ca
Copyright © 2005 of a research-based pharmaceutical company. All rights reserved.