By email: [email protected]
By post: Johnson & Johnson Ireland, Airton Road, Dublin 24, Ireland, D24WR89
You may also contact our data protection officer responsible for your country or region, if applicable, by email at [email protected].
For submitting your privacy right requests: please contact us via [email protected].
For updating your marketing communication and/or reminder preferences please contact us via: [email protected].
Use By Minors
Unless we expressly request it, we kindly ask you not to provide us with personal information of individuals considered as minors in your country of residence. In cases where the collection of Personal Information from minors is required, we will collect the prior consent of the parent or legal guardian, in such event, instructions for obtaining the parents’ or legal guardian’s consent will be provided separately.
What Personal Information Do We Collect?
We collect and process different types of information. Some of the information we collect (e.g. your first name, last name or address) will be Personal Information (also known as ‘personal data’ and ‘personally identifiable information’). In addition, where allowed by applicable law, we may use and disclose information that is not in personally identifiable form for any purpose. If we combine information that is not in a personally identifiable form with information that is identifiable, we will treat the combined information as personal information.
Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any special categories of personal information also known as sensitive personal information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health or medical conditions, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data) on or through our services or otherwise to us.
Please note that, to provide our services and for identity verification purposes or other specific purposes which we will inform you about and ask for your prior and explicit consent, we may expressly ask you submit government identifiers, medical practitioner registration numbers, credentialing photographs, race/ethnic origin, and trade-union memberships, if applicable.
We may collect information from you, from publicly available sources, receive it from third-parties and/or our affiliates, or we and/or our service providers may collect information automatically as you navigate around our services:
a) Information you provide to us
To ensure that you benefit from certain features (e.g. newsletter subscriptions, communications), to provide you with information tailored to your interests, and to manage our relationship with you, we may ask you to provide personal information. We will inform you about what information is required from you and what information is optional. Additionally, where you interact with us over the telephone, we may record your calls for training and quality, to assist with the development of marketing materials and for complaint management purposes.
b) Information we receive from other parties
We may combine the information you submit with information we receive from the following sources:
Johnson & Johnson affiliates;
Publicly available information sources, such as publications or academic registries;
The institution or organization you are affiliated with;
Social Media Networks, such as, but not limited to, LinkedIn, Twitter and Facebook;
Other third-party information providers, such as, but not limited to, MedScape, IQVIA, Sermo, G-med, Google advertising network, Veeva Link
c) Cookies and Automatic Information Collection
Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, and Internet browser type and version. We may collect similar information, such as your device type and identifier, if you access our services through a mobile device. We use this information to ensure that our services functions properly.
IP address: Your IP address is a number that is automatically assigned to your computer by your Internet Service Provider. An IP address is identified and logged automatically in our server log files whenever a user visits our services, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by many online services. We use IP addresses for purposes such as calculating Service usage levels, diagnosing server problems, and administering our services. We may also derive your approximate location from your IP address.
Device Information: We may collect information about your mobile device, such as a unique device identifier, to understand how you use our services.
Why Do We Collect Your Information?
We use and disclose the information you provide to us as described to you at the point of information collection.
Depending on the applicable law, we may rely upon your consent, our legal and contractual obligations and/or our legitimate interests to process your personal information. We will ask for your consent separately for any processing that is based on consent. The following paragraphs contain further details:
a) Customer Relationship Management, Communication and Marketing
We process your personal information for customer engagement and communication for educational and marketing purposes and, in particular, for:
managing our relationship with you: to create and complete your profile, to compile statistical data based on the information in our databases, as well as on surveys, customer feedback questionnaires, and similar communications;
providing you with information about our products and services, medical and scientific information, as well as with information about local and/or international medical events you may wish to attend or at which you may wish to speak;
responding to your inquiries and fulfilling your requests, such as to send you documents you request or email alerts; understanding your interests and preferences, through non-automated and automated means, including profiling, to optimize the relevancy of the information and offers you see on our platforms and to offer targeted advertisings tailored to your interests on our advertising or marketing partners’ platforms.
The lawful basis for this processing is the pursuit of our legitimate interest, yet where required we will ask for your consent.
b) Accomplishing our business purposes
We process your personal information to better accomplish our business purposes, which include, but are not limited to:
performing interviews or surveys to understand more about our products and the markets we operate in, and to improve our treatments, healthcare services, systems, and process efficiencies;
determining the effectiveness of our campaigns and business strategies; administering patient treatment programs such as managed access programs;
managing product orders, including the manufacturing and provision of personalized medicine such as CAR-T treatments;
Verifying your professional credentials to consider your involvement in our scientific and medical research activities, such as selecting sites and investigators for our clinical trials;
identifying our services’ usage trends and the parts of our services that are most interesting to its audience;
improving our processes, services and practices related to our interactions with you;
developing new digital products and online services;
monitoring fraud and the fulfilment of security-related purposes, such as detecting and preventing cyberattacks or attempts to commit identity theft;
conducting audits to verify that our internal processes function as intended
The lawful basis for this processing is the pursuit of our legitimate interest, yet where required we will ask for your consent.
c) Comply with our contractual obligations
We process your personal information to manage our contractual obligations, which include, but are not limited to:
providing the functionality of our services and customer support;
user registration, access authorization and authentication tools and other resources that may be required for the performance of our contractual relationship, including the provision of our online services;
delivering important information regarding our relationship with you, our services, any changes to our terms, conditions, and policies and/or other administrative information;
organizing logistics and providing travel management services that may be required for the performance of our contractual relationship;
publishing research results of clinical trials or medical research as defined in the respective agreement you enter into with us;
performing scientific and medical research, and delivering associated activities such as training and education that may be required for the execution of such scientific and medical research;
conducting audits to verify that our internal processes are compliant with contractual requirements;
The lawful basis for this processing is the fulfilment of our contractual obligations.
d) Comply with our legal obligations
We process your personal information to better manage our legal obligations, which include, but are not limited to:
complying with our regulatory obligations, managing our response to complaints and adverse effects reports as well as conducting safety reporting and other pharmacovigilance activities relating to the clinical trial;
complying with regulatory and legal obligations around scientific research such as laws and regulations applicable when performing interventional clinical trials;
complying with applicable regulatory and legal obligations associated with the manufacturing pharmaceutical products;
complying with legal process or applicable law, which may include laws outside your country of residence;
responding to requests from public and government authorities, which may include authorities outside your country of residence;
enforcing our terms and conditions; protecting our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; managing legal requirements concerning financial transactions, including Transfer of Value (‘TOV’) disclosures: this includes disclosing payments and other TOV to comply with transparency reporting laws, including but not limited to the US Physician Payments Sunshine Act;
preparing and submitting regulatory filings, correspondence, and communications to government authorities concerning the clinical trial;
conducting audits to verify that our internal procedures are compliant with legal or regulatory requirements.
The lawful basis for this processing is the fulfilment of our legal obligations.
With Whom Do We Share Your Information?
We may disclose your information with third parties. Disclosure of your information to third parties may involve cross-border transfer of your information where third parties are located in a different country. Some of the said third parties may be located in the US. Please see the "International Transfer of Your Information" section for more information. The types of third parties we may share your information with include:
a) Johnson & Johnson affiliates
We may share your information with our affiliates. A list of our affiliates is available at https://johnsonandjohnson.gcs-web.com/financial-information/sec-filings (click on the link for Form 10K, Exhibit 21, under “SEC Filings”). Janssen Sciences Ireland UC is the party responsible for the management of the jointly used Personal Information.
b) Third party co-branding and co-marketing partners
In specific cases, we may share your information with our third party partners with whom we offer a cobranded or comarketing services or solutions.
c) Third party service providers
To provide our services, your information may be shared with our third party service providers who provide services such as website hosting and moderating, mobile application hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, email and direct mail delivery services, auditing, and other services.
d) Third-party advertising partners
To improve the effectiveness of our communication with you and our marketing campaigns we may share our data with our third-party advertising partners, including social media, medical journals and publishers, such as, but not limited to, Facebook, LinkedIn, Twitter and Medscape.
e) Research and collaboration partners and licensing partners
To enable clinical and medical research and collaboration, or healthcare technology innovation and development, your information may be shared with our research and collaboration partners, our licensing partners and our technology partners.
f) Facilitation of events
Your personal data may also be disclosed to third party engaged directly or indirectly in the organization of local or international events of Janssen Sciences Ireland UC, such as hotels, transportation companies (airlines, trains, etc.), and event organizers.
g) Other situations
In the event of a reorganization, merger, divestiture, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock we may need to share your information with the third parties involved. We may also use and disclose to third parties your information to enforce our terms and conditions, comply with legal process or applicable laws, which may include laws outside your country of residence, and in response to legitimate requests from public or government authorities, including authorities outside your country of residence.
International Transfer of Your Information
Your personal information may be stored and processed in any country where we have facilities or service providers, and by using our services or by providing consent to us (where required by law), your information may be transferred to countries outside of your country of residence, including to the United States, which may provide for different data protection rules than in your country. Nonetheless, appropriate contractual and other measures are in place to protect personal information when it is transferred to our affiliates or third parties in other countries.
Some countries outside your country of residence are recognised as providing an adequate level of data protection. The full list of these countries is available here for the UK or here for the European Economic Area (EEA). For transfers to countries not deemed adequate, we have ensured that adequate measures are in place, including by ensuring that the recipient is bound by Standard Contractual Clauses, to protect your Personal Information. You may obtain a copy of these measures by contacting our data protection officer in accordance with the “Contacts” section above.
How Long Do We Store Your Information?
We will retain your personal information for as long as needed or permitted considering the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide our services to you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable considering our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
How Do We Protect Your Information?
We seek to use reasonable organizational, technical, and administrative measures designed to protect personal information under our control. However, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately notify us in accordance with the “Contacts” section above.
To the extent that these rights are provided to you depending on the applicable law of your country, you have the following privacy rights:
Access: You can request us to provide confirmation as to whether or not we process your personal information, and, where that is the case, provide access your information.
Correction: You can request us to correct inaccurate information concerning you.
Deletion: You can request us to delete your personal information.
Restriction: You can request us to (temporarily) restrict the use of your information where foreseen by law.
Data Portability: You can request us to provide an electronic copy of your personal information for purposes of transmitting it to another company.
Objection: You can object at any time for direct marketing purposes, including profiling. You can also object, on grounds relating to your particular situation, at any time to our processing of your personal information if such processing is solely based on our legitimate interest or if such processing is done for scientific or historical research purposes or statistical purposes. You may also object to any decisions made about you solely based on automated means, including profiling.
When processing is based on the basis of your consent, you have the right to withdraw your consent at any time. In particular, you may opt out of or, if applicable, withdraw your consent to:
Receiving marketing communications from us: You can opt out of receiving information about, but not limited to, products and services, medical and scientific information, and information about local and/or international medical events you may wish to attend or at which you may wish to speak. You may also opt out of receiving marketing communications from us by visiting our services to update your communication preferences. In addition, you may opt out of receiving marketing emails from us by following the unsubscribe instructions provided in any such message.
Please note that you cannot opt-out of regular communications that are necessary for managing our relationship with you, such as those related to your onboarding, account authentication, scheduling your appointment, and responding to your inquiries. Processing your information for these purposes is necessary for us to fulfil our contractual obligations and provide our services to you.
Receiving reminders from us: You can opt out of receiving reminders concerning events and relevant conferences and reminders concerning your scheduled activities on a going-forward basis. In your request to us, please provide us your name and the email address or phone number at which you receive reminders from us.
Our sharing of your personal information with affiliates and third party partners: If you previously opted-in to receiving marketing communications from our affiliates or unaffiliated third party partners, you may opt out of our sharing your personal information with those parties for their direct marketing purposes on a going-forward basis. In your request to us, please state that we should no longer share your personal information with our affiliates and/or third party partners for their marketing purposes, and include your name and e-mail address.
Please note that if you opt-out as described above, we may not be able to directly remove your personal information from the databases of our affiliates and third party partners with which we have already shared your information (i.e., as of the date that we implement your optout request). However, we will make reasonable efforts to inform our affiliates of your request
While we highly value your individual rights, there are some circumstances where it may not be possible for us to do what you have asked. For example, if we are unable to authenticate the identity of the person submitting a request, we will not be able to validate effect to your requests. In addition, there are statutory and contractual requirements that may mandate us to continue to process and store your information. In these circumstances, we are bound to fulfil these legal obligations and will be unable to fulfil your request. In this case, you will be provided with an explanation why we cannot fulfil your request.
Making a request
If you wish to make a request regarding your rights, please see the "Contacts" section. If you are using our online service, you may also log on to your account to update your profile. We will respond to your request as soon as reasonably practicable and no later than one month after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided with a date for our response.
How To Lodge A Complaint
You may lodge a complaint with a supervisory authority competent for your country, habitual residence, or region, your place of work or the place of the alleged infringement. Please click here if you need the contact information for such authorities.
Date of Preparation: July 2023