US-EU Safe Harbor Privacy
Statement
It is Schering-Plough's policy to respect and protect personally identifiable
information collected or maintained by or on behalf of the Company. In
furtherance of our commitment, Schering-Plough has certified to the US-EU Safe
Harbor Agreement regarding personal data collected in the European Economic Area
(EEA) in support of Schering-Plough's human resources, commercial, and clinical
and pharmacovigilance operations. Schering-Plough adheres to the
Safe Harbor
privacy principles and the "Frequently Asked Questions" document, as agreed to
by the U.S. Department of Commerce and the European Commission.
Scope
This Safe Harbor Statement sets forth the principles under which Schering-Plough
manages the processing of personal data that it receives from its affiliates,
subsidiaries and agents in the EEA in support of our human resources,
commercial, and clinical research and pharmacovigilance operations. The
categories of personal data covered by this Statement include personal data
relating to current and former Schering-Plough employees, prospective employees,
temporary workers, contract workers, consultants, consumers, business partners,
such as health care professionals at speaking or educational events, key opinion
leaders, market research participants, website visitors, clinical trial subjects
and site personnel, and individuals who report adverse events or product
complaints.
Definitions
The following terms are used throughout this document and are defined as
follows:
Agent
"Agent" means any third party that processes personal data under the
instructions of, and solely for, Schering Plough or to which Schering-Plough
discloses personal data for use on its behalf.
Schering-Plough
"Schering-Plough" means Schering-Plough Corporation, including its wholly -owned
subsidiaries that are incorporated in any state or territory of the United
States.
Personal Data
"Personal data" means any information or set of information in any form that
identifies or can reasonably be used to identify a natural person. Personal data
does not include anonymized data or data that is reported in aggregate.
Sensitive Personal Data
"Sensitive personal data" means personal data that reveals race, ethnic origin,
political opinion, religious or philosophical beliefs, trade union membership,
any data that concerns health or sex life, or information relating to the
commission of a criminal offense.
Privacy Principles
Notice: Schering-Plough notifies individuals about the types of personal data it
collects about them, the purposes for which it collects such data, the types of
third parties to which it discloses such data, and how to contact the
organization with any inquiries or complaints. Notice will be provided in clear
and conspicuous language at the time of collection, or as soon as practicable
thereafter, and before Schering-Plough uses or discloses the information for a
purpose other than that for which it was originally collected.
Choice: In the event personal data are to be used for a new purpose incompatible
with the purposes for which the data were originally collected or subsequently
authorized or transferred to a third party exercising independent control over
the data, individuals are given, where practical and appropriate, an opportunity
to decline to have their data so used or transferred. In the event that the data
used for a new purpose or transferred to the control of a third party are
sensitive personal data, the individual's explicit consent will be obtained
prior to the use or transfer of the
data.
Onward Transfers: Schering-Plough will only transfer personal data to an Agent
where the Agent has given assurances that they provide at least the same level
of privacy protection as is required by these privacy principles. Where
Schering-Plough has knowledge that an Agent is using or sharing personal data in
a way that is contrary to these principles, Schering-Plough will take reasonable
steps to prevent or stop such processing. Schering-Plough will only transfer
personal data to a non-agent third party where individuals have been provided
notice and have
given their consent.
Security: Schering-Plough takes reasonable and appropriate administrative,
technical and physical precautions to protect the confidentiality, integrity and
availability of personal data, whether in electronic or tangible, hard copy
form.
Access: Individuals have reasonable access to their personal data and may
request corrections, deletions, or additions, as appropriate, and except where
the burden or expense of providing access would be disproportionate to the risks
to the individual's privacy or where the rights of persons other than the
individual would be violated.
Data Integrity: Schering-Plough limits the collection, usage, and retention of
information to that which is germane for the intended purposes for which it was
collected, and takes reasonable steps to ensure that all data are reliable,
accurate, complete and current.
Enforcement: Schering-Plough has put in place mechanisms to verify ongoing
compliance to these privacy principles. Any employee that violates these privacy
principles will be subject to disciplinary procedures in accordance with
Schering-Plough's Disciplinary Policy.
Dispute Resolution: In case of disputes, individuals are able to seek resolution
of their questions or complaints regarding use and disclosure of their personal
data in accordance with the principles contained in this policy. If you feel
that Schering-Plough is not abiding by this policy or is not in compliance with
the Safe Harbor principles, you should first contact Schering-Plough at the
contact information provided below.
Schering-Plough has agreed to cooperate with the European Data Protection
Authorities (DPA's) for the purpose of handling any unresolved complaints
regarding personal data collected in support of our human resources operations.
For inquires related to commercial, clinical and pharmacovigilance data , if you
do not receive acknowledgment of your inquiry or you think it has not been
satisfactorily addressed, you should then contact the
TRUSTe Safe Harbor Dispute
Resolution Program or by mail at WatchDog Complaints, TRUSTe, 685 Market Street,
Suite 270, San Francisco, CA, USA 94105, by phone at 415-520-3400, or by fax at
415-520-3420.
TRUSTe will act as a liaison to Schering-Plough to resolve your inquiries.
Limitation on Scope of Principles
Schering-Plough adheres to these privacy principles except, as required or
allowed by law, to meet legal, governmental, law enforcement or national
security obligations, or to protect the health or safety of an individual.
How to Contact Us
Please contact us with any questions concerning this Privacy Statement or any of
our privacy practices at:
Schering-Plough Corporation
Office of Global Privacy
2000 Galloping Hill Rd
Kenilworth, NJ 07033
privacyoffice@spcorp.com
Changes to this Privacy Statement
This privacy statement may be amended consistent with the requirements of Safe
Harbor. When we do update the privacy statement, we will also revise the "Last
Updated" date at the bottom of this document. Any material changes to this
privacy statement will also be posted on
www.schering-plough.com/safeharbor.
Last Updated: July 22, 2009