Roche Diagnostics Corporation US Supplemental Privacy Notice

Last Updated March 2024 

Who We Are

Roche Diagnostics Corporation (“Roche,” “we,” “our,” or “us”) values your privacy and the protection of your Personal Data. This Privacy Notice (“Notice”) explains how we collect, store, use, share, transfer, delete, and process information collected from or about you known as Personal Data (defined further below in this Notice).  

Purpose and Reach of this Privacy Notice 

This Notice describes the types of Personal Data that Roche may collect or process from United States (“US”) residents, how we may use and disclose that Personal Data, and how you may exercise any rights you may have regarding our processing of your Personal Data. 

This Notice applies to Personal Data collected or processed by us from or about US residents: 

  • Through online activities and services we offer (through websites, web surveys, newsletters, applications, email, online messaging services/channels, and otherwise) (“Online Services”); 

  • Related to activities we undertake in recruiting participants for participation in clinical trials or activities related to identifying and contracting with study investigators and their staff; 

  • In connection with post-approval pharmacovigilance and adverse events, complaints, and reports; 

  • When we provide products and services directly to you and in other situations where you interact with us, including but not limited to interacting with us through our telephone customer service centers, through email or SMS/text messages, or by visiting our physical sites and offices or our events (e.g., tradeshows and conferences) (such products and services, together with Online Services, are collectively referred to as, the “Products and Services”); 

  • If you are a resident of California:  when you interact with us in a professional capacity, for example, if you are a healthcare provider or an employee of a company with which we do business, or when we undertake employment recruiting activities of California residents; or 

  • Anywhere this Notice is posted or referenced. 

Roche may provide you with a different privacy notice in certain specific situations, in which case that privacy notice or policy will apply to the Personal Information collected or processed in that specific situation, rather than this one. For example, if you are a participant in a clinical study, clinical trial, or other regulated health-related research, you should receive a separate privacy notice regarding the Personal Data we process for those purposes. That privacy notice—and not this Notice— governs our processing of such Personal Data. If you provide us with Personal Data of anyone other than yourself (such as a patient or family member), please note that you are responsible for complying with all applicable privacy and data protection laws prior to providing that information to Roche (including obtaining consent, if required). 

Please review this Notice carefully. To the extent permitted by applicable law, by providing us your Personal Data or otherwise interacting with us, you are agreeing to this Notice.

Information Collected

What is Personal Data?

“Personal Data” is any information—as electronically or otherwise recorded—that can be used to identify a person or that we can link to or associate with a specific individual.  

Personal Data may include information considered sensitive in some jurisdictions, such as biometric information, genetic information, health information, financial account information, specific geolocation, ethnic or racial origin, information concerning your sex life or your sexual orientation, social security number, driver’s license, state identification card, passport number, and other similar information. Data that could be considered Sensitive Personal Data is highlighted with an asterisk (*) in the chart below.

We will process any Personal Data we collect in accordance with applicable law and as described in this Notice (unless, as explained above, a separate policy or notice governs). In some circumstances, if you do not provide us with your Personal Data, certain Products and Services may be unavailable to you. 

The chart below identifies the categories of Personal Data that we collect and use and the types of data elements associated with each.  

Category and Sources of Personal Information
Representative Data Elements
Contact Information

Data elements in this category may include:

  • Full name, or unique pseudonym

  • Honorifics and titles, preferred form of address

  • Postal address

  • Email address

  • Phone number

  • Contact information for related persons, such as authorized users of your account

  • Company ID number (e.g. customer number, account number, subscription number, rewards program number)

  • System identifiers (e.g., usernames or online credentials)

  • Social security number*, Driver’s License*, State Identity Card*, Passport ID*

  • Service Request ID number

Physical Characteristics, Demographics, or Description

Data elements in this category include:

  • Height

  • Weight

  • Hair & eye color

  • Age

  • Gender

  • Marital and family status*

  • Race and Ethnicity*

  • Citizenship status*

  • Religion*

  • Languages spoken

  • Information concerning sexuality or sex life*

  • Disability*

  • Household demographic data

Commercial and Financial Information

Data elements in this category may include:

  • Products or services you have purchased

  • Records of products or services purchased, obtained, or considered

  • Records of program enrollment and activity

  • Health Insurance information*, such as health insurance carrier, account numbers, beneficiary information, policy number, benefits data, reimbursement and co-pay data, and claims history

  • Financial account information*, such as bank account number and details* (if you use automated payments), payment card information*, payment and reimbursement amounts

Transaction and Interaction Information

Data elements in this category include:

  • Personal preferences, such as your shopping preferences

  • Subscription program data

  • Data from social media profiles, such as Facebook, Twitter, LinkedIn and similar platforms

  • Hobbies and interests

  • Information regarding professional activities and interests

Inferred and Derived Information

Data elements in this category include:

  • Propensity scores obtained from third parties, such as likelihood that you may be interested in certain purchases or experiencing life events

  • Propensities, attributes and/or scores generated by internal analytics programs and used for marketing

  • Propensities, attributes and/or scores generated by internal analytics programs and used for information security and fraud purposes

  • Preferred language

  • Inferences reflecting an individual’s wellness, health, preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes*

Internet and Online/ Electronic Technical Information

Data elements in this category include:

  • IP Address

  • Device Identifiers, including MAC Address, SSIDs or other device identifiers or persistent identifiers

  • Device characteristics (such as browser information)

  • Web Server Logs

  • Application Logs

  • Browsing and search history

  • Viewing Data (site and app usage)

  • Cookie IDs and/or Ad IDs in First Party or Third Party Cookies

  • Web beacons, clear gifs and pixel tags

  • Internet service provider name

  • Referring/exiting URL

  • Request/response date and time

  • Clickstream data

  • Ads and web pages viewed

  • Time spent on a web page or mobile app

  • Other information regarding your interactions with our websites, applications, emails, and advertisements

Audio Visual Information

Data elements in this category include:

  • Photographs

  • Video images

  • Voice recordings

  • CCTV recordings

  • Call center recordings and call monitoring records

  • Voicemails

Health Information

Data elements in this category include:

  • Information about physical or mental health, disease state or information, medical history, medical treatment or diagnosis, medicines taken or devices used*

  • General disease or product interest*

  • Information on payment for healthcare services (EOB forms, HSA statements. claims data, claims assistance records)*

  • Information needed to accommodate disabilities*

  • Health values and sensor readings data, such as steps taken, blood glucose levels, heart rate, and blood pressure*

  • Medical appointment dates*

  • Genetic Data including sequencing data*

Electronic and Sensor Data

Data elements in this category include:

  • Smart device records

  • IoT products

  • Non-health sensor readings data

Geolocation Data

Data elements in this category include:

  • Precise location data*

  • Geofencing data

Children’s Data*

Data elements in this category include:

  • Child’s name*

  • Child’s age*

  • Product usage data*

  • Health information*

Compliance Data

Data elements in this category include:

  • Compliance program data, including customer screening records, and other records maintained to demonstrate compliance with applicable laws and regulations, such as those promulgated by FDA, and such as tax laws, ADA.

  • Occupational and environmental safety records

  • Records relating to complaints and internal investigations, including compliance hotline reports

  • Records of privacy and security incidents , including any security breach notifications

Professional and Educational Information

Data elements in this category include:

  • Employer and job title

  • Specialty or practice area

  • Information from a resume or CV, including education and certification credentials

  • Information included in a payment recipient’s IRS 1040 form

Sensitive Personal Data

(Sensitive Personal Information is marked with an asterisk (*) throughout this chart.)

Some of the Personal Information we collect may be considered “Sensitive Personal Data” under certain data protection laws. Sensitive Personal Data, may include biometric information, genetic information, health information, financial account information, specific geolocation, ethnic or racial origin, information concerning your sex life or your sexual orientation, social security number, driver’s license, state identification card, passport number.

You may make choices about your Sensitive Personal Information as set forth in “Your Rights Regarding Your Personal Data” section, below.

For more information about how we collect, disclose, and share Sensitive Personal Information, please see the chart below that represents your relationship with Roche.

Written Signature

Data elements in this category include:

  • Your physical or electronic signature

The types of Personal Data we collect and disclose depends on your relationship with Roche. Not all of the categories listed in the following charts may apply to you. If the nature of your relationship with Roche changes, additional categories of Personal Data may also apply.

CONSUMERS (INCLUDING THOSE INTERESTED IN OUR PRODUCTS, SERVICES, OR CLINICAL TRIALS), PATIENTS, CAREGIVERS, FACILITIES VISITORS.  The following table provides detail for those who interact with us as (i) consumers – those showing interest in our products and/or services, (ii) individuals interested in participating in clinical trials, (iii) patients using our products/services and their caregivers, and (iv) facility visitors, with respect to the category of Personal Data collected, the source of that information, the purposes for collection and sharing/disclosure, and the categories of third parties to whom the category of Personal Data is shared.

Category and Sources of Personal Information
Purpose for Collecting and Sharing and Disclosing the Personal Information
Categories of Third Parties to whom this type of Personal Information is Shared or Disclosed for a Business Purpose
Contact Information

We collect this type of information from:

  • You

  • Those authorized to provide on your behalf such as your caregiver or authorized representative.

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Consumer reporting agencies and other third parties who verify the information you provide.

  • Third parties who help us maintain the accuracy of our data and data aggregators that help us complete and enhance our records.

We use and disclose this type of information:

  • To identify you and personalize our communications with you.

  • To provide to you and to manage our products, programs, events, and services.

  • For advertising, including targeted advertising, and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful.

  • For record-keeping and reporting, including for data matching, metrics, and analytics.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To conduct internal business analysis and market research.

  • To engage in joint marketing initiatives.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • If you visit our physical sites, to provide access to, monitor, and secure our facilities, equipment, and other property.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers such as companies who help manage and coordinate events

  • Third parties who deliver our communications, such as the postal service and couriers

  • Other third parties (including government agencies) as required by law, such as pursuant to legally binding subpoenas, court orders, and similar instruments

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Third parties who assist with fraud prevention, detection and mitigation

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties with whom we have joint marketing and similar arrangements.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.

  • Service Providers who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Consumer reporting agencies.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Physical Characteristics, Demographics, or Description

We collect this type of information from:

  • You

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Third parties that provide access to information you make publicly available, such as social media platforms.

  • Third parties who provide us with supplemental consumer data or data analytics and market research services, such as data aggregators.

We use this type of information:

  • If you visit our physical site, to help manage emergency incidents that occur on campus or involve company property

  • To determine and verify program, product, and service eligibility and coverage.

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To better enable us to conduct advertising and product promotion activities

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • For marketing, sales, and advertising purposes

  • To conduct internal business analysis and market research.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Emergency personnel

  • Service Providers which use the data only to assist in incident management and reporting

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Third parties with whom we have joint marketing and similar arrangements.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Commercial, Financial, and Insurance Information

We collect this type of information from:

  • You

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties that provide access to information you make publicly available, such as social media.

  • Third parties that provide information that helps us understand our customers, including data aggregators and public records providers.

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Consumer reporting agencies and third parties who assist with fraud prevention, detection, and mitigation.

  • Payment processors and other financial institutions.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Other third parties who facilitate, process, and complete transactions for us, such as resellers, sales agents, and program partners.

We use this type of information:

  • To better understand you and to understand our customers generally

  • To design products, services and programs including subscription and special offer programs

  • For internal business purposes, such as quality control, training and analytics

  • To enroll you in our programs and provide our products and services to you.

  • When you utilize health tests

  • To determine and verify program, product, and service eligibility and coverage.

  • To fulfill our business relationship with you, including processing payments, issuing refunds, billing support, and collections

  • For recordkeeping and compliance, including dispute resolution

  • Reimburse customers, satisfy warranty obligations, and fulfill payment obligations.

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To communicate with you regarding our programs, products, and services.

  • To procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To conduct internal business analysis and market research.

  • To engage in joint marketing initiatives.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties with whom we have joint marketing and similar arrangements

  • Service Providers, including companies who assist us in program administration

  • Our lawyers, auditors and consultants

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties with whom we have joint marketing and similar arrangements.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Behavioral advertising companies (see Behavioral Advertising below)Consumer reporting agencies

  • Legal and regulatory bodies and other third parties as required by law.

Transaction and Interaction Information

We collect this type of information from:

  • You

  • Third parties that provide access to information you make publicly available, such as social media.

  • Automatically, such as when you interact with our websites or mobile apps.

We use this type of information:

  • To fulfill our business relationship with you, including customer service

  • For recordkeeping and compliance, including dispute resolution

  • For marketing, sales, and advertising purposes

  • For internal business purposes, such as finance, quality control, training, reporting and analytics

  • For risk management, fraud prevention and similar purpose

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties with whom we have joint marketing and similar arrangements

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Service providers, including third parties as needed to complete the transaction, including delivery companies, agents and manufacturers

  • Our lawyers, auditors and consultants

  • Customers, in connection with their audits of Roche

  • Other third parties as required by law

Inferred and Derived Information
  • We create inferred and derived data elements by analyzing our relationship and transactional information.

  • We draw inferences from the information we collect from and about you, such as your preferences, characteristics, attributes, and abilities.

  • Third parties who provide digital marketing, and analytics services for us

We combine inferred data with other relationship information and use this type of information:

  • To better understand you and to understand our customers generally

  • To design products, services and programs that delight our customers, including subscription programs

  • To identify prospective customers

  • For internal business purposes, such as quality control, training and analytics

  • To administer, manage, analyze, and improve our programs, products, and services

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • For advertising and product promotion, and sales, including to inform us when we contact you regarding programs, products, services, and topics that may be of interest or useful.

  • To engage in joint marketing initiatives.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To comply with legal and regulatory obligations

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including those who analyze data on our behalf and who help execute programs

  • Our lawyers, auditors and consultants

  • Third parties with whom we have joint marketing and similar arrangements

  • Behavioral advertising companies (see Behavioral Advertising below)Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law.

Internet and Online/ Electronic Technical Information

We collect this type of information from:

  • You and from your computer or devices when you interact with our platforms, websites and applications. For example, when you visit our websites, our server logs record your IP address and other information.

  • Automatically, via technologies such as cookies, web beacons, when you visit our website or other websites.

  • Third parties, including computer security services and advertising partners

  • We also associate information with you using unique identifiers collected from your devices or browsers.

  • Third parties who provide website and online security services.

We use this type of information:

  • For system and account administration, technology management, including optimizing our websites and applications,

  • For information security and cybersecurity purposes, including detecting threats

  • For recordkeeping, including logs and records that are maintained as part of Transaction Information

  • To identify you or your device, including to associate you with different devices that you may use

  • For online behavioral advertising purposes and general advertising and product promotion

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To conduct internal relationship and business analysis and market research.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers including companies who assist with our information technology and security programs, including companies such as network security services who retain information on malware threats detected

  • Service providers who assist with fraud prevention, detection and mitigation

  • Behavioral advertising companies (see Behavioral Advertising below)Our lawyers, auditors and consultants

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law

Audio Visual Information

We collect this type of information from:

  • You

  • Automatically, such as when we record calls to our call center and use CCTV cameras in our facilities.

  • Companies conducting non-clinical research such as market research companies.

  • Third parties that provide access to information you make publicly available, such as social media.

We use this type of information:

  • For internal business purposes, such as call recordings used for training, coaching or quality control

  • For advertising, marketing, product promotion, and relationship purposes, such as use of photos and videos for social media

  • If you visit our physical facilities, for premises security purposes and loss prevention

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including companies who assist with our information technology and security programs, and our loss prevention programs

  • Service providers, including companies who conduct advertising, marketing, or market research on our behalf

  • Our lawyers, auditors and consultants

  • Other third parties as required by law

Health Information

We collect this type of information from:

  • You

  • Healthcare providers

  • Health insurance companies We may infer health information about you based on other information, including and lifestyle factors.

  • Healthcare providers (including specialty pharmacies).

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services

We use this type of information:

  • To determine and verify program, product, and service eligibility and coverage.

  • To enroll you in our programs and provide our products and services to you.

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To conduct marketing, product promotion, advertising, and internal business analysis and market research.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Healthcare providers (including specialty pharmacies), health insurance companies (health plans), other payors and others as needed to provide the contemplated services or transactions involving the data, such as for processing health care payments

  • Our lawyers, auditors and consultants.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Legal and regulatory bodies and other third parties as required by law.

Electronic and Sensor Data

We collect this type of information automatically when you use our internet-enabled products such as mobile apps and connected devices from:

  • You (directly from participant).

  • Your mobile devices and other internet-connected devices and applications (automatically).

  • Third parties that provide access to information you make publicly available, such as social media platforms.

We use this type of information:

  • To enable product functionality

  • For internal business purposes, such product development, security, and quality control

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • To provide access to, monitor, and secure our facilities, equipment, and other property.

  • To identify you and your device(s) for any/all purposes identified above, including to monitor your use of and interactions with programs, products, services, and advertisements for such purposes

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including companies who assist with our information technology and security programs, including network security services and cybersecurity

  • Service providers, including companies who assist with fraud prevention, detection and mitigation

  • Behavioral advertising companies (see Behavioral Advertising below)Our lawyers, auditors and consultants

  • Healthcare providers (including specialty pharmacies), health insurance companies (health plans), other payors and others as needed to provide the contemplated services or transactions involving the data, such as for processing health care payments

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Third parties who assist with our information technology and security programs.

  • Third parties who assist with fraud prevention, detection, and mitigation.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Other third parties as required by law

Geolocation Data

We collect this type of information automatically, when enabled on your mobile device and computer, when you visit or interact with our websites, applications, and online platforms.

We use this type of information:

  • For information security and fraud prevention

  • For our Everyday Business Purposes

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To conduct internal business analysis and market research.

  • For advertising and product promotion

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties who assist with our information technology and security programs

  • Third parties who assist with fraud prevention, detection and mitigation

  • Our lawyers, auditors and consultants

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law.

Children’s Data

We collect this type of information from children when they use our apps and from parents or guardians. This is done in accordance with applicable laws.

We use this type of information:

  • To provide the information, products or services requested by the child or by the child’s parent or guardian

  • If you visit our physical facilities, so that we know who is visiting our facilities

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including those who help administer our call center hosting platforms and phone systems

  • Service providers who host our websites and mobile apps

  • Other third parties as required by law

  • Our lawyers, auditors and consultants

Compliance Data

We collect this type of information from:

  • You

  • Third parties, including companies that help us conduct internal investigations.

  • Third parties, such as consumer reporting agencies and data aggregators who conduct background screening for us.

We use this type of information:

  • To comply with and demonstrate compliance with applicable laws

  • For legal matters, including litigation and regulatory matters, including for use in connection with civil, criminal, administrative, or arbitral proceedings, before regulatory or self-regulatory bodies, including service of process, investigations in anticipation of litigation, execution or enforcement of judgments and orders

  • For internal business purposes, such as risk management, audit, internal investigations, reporting, analytics

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Our lawyers, auditors and consultants.

  • Customers, in connection with their audits of Roche

  • Other third parties (including government agencies, courts and opposing law firms, consultants, process servers and parties to litigation) in connection with legal matters

Written Signature

We collect this type of information from:

  • You (directly from participant).

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

We use this type of information:

  • To determine and verify program, product, and service eligibility and coverage.

  • To enroll you in our programs and provide our products and services to you.

  • To procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • To comply with legal and regulatory obligations

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Healthcare providers (including specialty pharmacies), health insurance companies (health plans), other payors and others as needed to provide the contemplated services or transactions involving the data, such as for processing health care payments

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties with whom we have joint marketing and similar arrangements.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

CALIFORNIA PROFESSIONALS.  The following table provides detail for residents of California who interact with us as (i) health care providers and their staff, (ii) clinical investigators and their staff, (iii) employees of companies with whom we conduct business, including employees of service providers, with respect to the category of Personal Data collected, the source of that information, the purposes for collection and sharing/disclosure, and the categories of third parties to whom the category of Personal Data is shared.

Category and Sources of Personal Information
Purpose for Collecting and Sharing and Disclosing the PI
Categories of Third Parties to whom this type of Personal Information is Shared or Disclosed for a Business Purpose
Contact Information

We collect this type of information from:

  • You

  • Consumer reporting agencies and other third parties who verify the information you provide.

  • Third parties who help us maintain the accuracy of our data and data aggregators that help us complete and enhance our records.

We use and disclose this type of information:

  • To identify you and personalize our communications with you

  • To provide to you and to manage our products, programs, events, and services

  • For marketing, sales, and product and service promotion purposes

  • For record-keeping and reporting, including for data matching, metrics, and analytics

  • To analyze and better understand your needs, preferences, and interests

  • To conduct internal business analysis and market research.

  • To engage in joint marketing initiatives.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • If you visit our physical sites, to provide access to, monitor, and secure our facilities, equipment, and other property.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers such as companies who help manage and coordinate events

  • Third parties who deliver our communications, such as the postal service and couriers

  • Other third parties (including government agencies) as required by law, such as pursuant to legally binding subpoenas, court orders, and similar instruments

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Behavioral advertising companies (see Behavioral Advertising below)Third parties who assist with fraud prevention, detection and mitigation

  • Third parties with whom we have joint marketing and similar arrangements.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.

  • Service Providers who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Consumer reporting agencies.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Physical Characteristics, Demographics, or Description

We collect this type of information from:

  • You

  • Third parties that provide access to information you make publicly available, such as social media platforms.

  • Third parties who provide us with supplemental data or data analytics and market research services, such as data aggregators.

We use this type of information:

  • If you visit our physical site, to help manage emergency incidents that occur on campus or involve company property

  • To determine and verify program, product, and service eligibility and coverage.

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To better enable us to conduct advertising and product promotion activities

  • To analyze and better understand your needs, preferences, and interests

  • To conduct internal business analysis and market research.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Emergency personnel

  • Service Providers which use the data only to assist in incident management and reporting

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Third parties with whom we have joint marketing and similar arrangements.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Commercial, Financial, and Insurance Information

We collect this type of information from:

  • You

  • Third parties that provide access to information you make publicly available, such as social media.

  • Third parties that provide information that helps us understand our customers, including data aggregators and public records providers.

  • Consumer reporting agencies and third parties who assist with fraud prevention, detection, and mitigation.

  • Payment processors and other financial institutions.

  • Other third parties who facilitate, process, and complete transactions for us, such as resellers, sales agents, and program partners.

We use this type of information:

  • To better understand you and to understand our customers generally

  • To design products, services and programs including subscription and special offer programs

  • For internal business purposes, such as quality control, training and analytics

  • To enroll you in our programs and provide our products and services to you.

  • To determine and verify program, product, and service eligibility and coverage.

  • To fulfill our business relationship with you, including processing payments, issuing refunds, billing support, and collections

  • For recordkeeping and compliance, including dispute resolution

  • Reimburse customers, satisfy warranty obligations, and fulfill payment obligations.

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To communicate with you regarding our programs, products, and services.

  • To procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To conduct internal business analysis and market research.

  • To engage in joint marketing initiatives.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties with whom we have joint marketing and similar arrangements

  • Service Providers, including companies who assist us in program administration

  • Our lawyers, auditors and consultants

  • Third parties with whom we have joint marketing and similar arrangements.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Third party network advertising partners.

  • Consumer reporting agencies

  • Legal and regulatory bodies and other third parties as required by law.

Transaction and Interaction Information

We collect this type of information from:

  • You

  • Third parties that provide access to information you make publicly available, such as social media.

  • Automatically, such as when you interact with our websites or mobile apps.

We use this type of information:

  • To fulfill our business relationship with you, including customer service

  • For recordkeeping and compliance, including dispute resolution

  • For internal business purposes, such as finance, quality control, training, reporting and analytics

  • For risk management, fraud prevention and similar purpose

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties with whom we have joint marketing and similar arrangements

  • Service providers, including third parties as needed to complete the transaction, including delivery companies, agents and manufacturers

  • Our lawyers, auditors and consultants

  • Customers, in connection with their audits of Roche

  • Other third parties as required by law

Inferred and Derived Information
  • We create inferred and derived data elements by analyzing our relationship and transactional information.

  • We draw inferences from the information we collect from and about you, such as your preferences, characteristics, attributes, and abilities.

  • Third parties who provide digital marketing, and analytics services for us

We combine inferred data with other relationship information and use this type of information:

  • To better understand you and to understand our customers generally

  • To design products, services and programs that delight our customers, including subscription programs

  • To identify prospective customers

  • For internal business purposes, such as quality control, training and analytics

  • To administer, manage, analyze, and improve our programs, products, and services

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • For advertising and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful.

  • To engage in joint marketing initiatives.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including those who analyze data on our behalf and who help execute programs

  • Our lawyers, auditors and consultants

  • Third parties with whom we have joint marketing and similar arrangements

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law.

Internet and Online/ Electronic Technical Information

We collect this type of information from:

  • You and from your computer or devices when you interact with our platforms, websites and applications. For example, when you visit our websites, our server logs record your IP address and other information.

  • Automatically, via technologies such as cookies, web beacons, when you visit our website or other websites.

  • Third parties, including computer security services and advertising partners

  • We also associate information with you using unique identifiers collected from your devices or browsers.

  • Third parties who provide website and online security services.

We use this type of information:

  • For system and account administration, technology management, including optimizing our websites and applications,

  • For information security and cybersecurity purposes, including detecting threats

  • For recordkeeping, including logs and records that are maintained as part of Transaction Information

  • To identify you or your device, including to associate you with different devices that you may use

  • For online behavioral advertising purposes and general advertising and product promotion

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To conduct internal relationship and business analysis and market research.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers including companies who assist with our information technology and security programs, including companies such as network security services who retain information on malware threats detected

  • Service providers who assist with fraud prevention, detection and mitigation

  • Behavioral advertising companies (see Behavioral Advertising below)Our lawyers, auditors and consultants

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law

Audio Visual Information

We collect this type of information from:

  • You

  • Automatically, such as when we record calls to our call center and use CCTV cameras in our facilities.

  • Companies conducting non-clinical research such as market research companies.

  • Third parties that provide access to information you make publicly available, such as social media.

We use this type of information:

  • For internal business purposes, such as call recordings used for training, coaching or quality control

  • For advertising, marketing, product promotion, and relationship purposes, such as use of photos and videos for social media

  • If you visit our physical facilities, for premises security purposes and loss prevention

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including companies who assist with our information technology and security programs, and our loss prevention programs

  • Service providers, including companies who conduct advertising, marketing, or market research on our behalf

  • Our lawyers, auditors and consultants

  • Other third parties as required by law

Electronic and Sensor Data

We collect this type of information automatically when you use our internet-enabled products such as mobile apps and connected devices from:

  • You (directly from participant).

  • Your mobile devices and other internet-connected devices and applications (automatically).

  • Third parties that provide access to information you make publicly available, such as social media platforms.

We use this type of information:

  • To enable product functionality

  • For internal business purposes, such product development, security, and quality control

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To analyze and better understand your needs, preferences, and interests, as well as those of other consumers.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • To provide access to, monitor, and secure our facilities, equipment, and other property.

  • To identify you and your device(s) for any/all purposes identified above, including to monitor your use of and interactions with programs, products, services, and advertisements for such purposes

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including companies who assist with our information technology and security programs, including network security services and cybersecurity

  • Service providers, including companies who assist with fraud prevention, detection and mitigation

  • Behavioral advertising companies (see Behavioral Advertising below)Our lawyers, auditors and consultants

  • Healthcare providers (including specialty pharmacies), health insurance companies (health plans), other payors and others as needed to provide the contemplated services or transactions involving the data, such as for processing health care payments

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Third parties who assist with our information technology and security programs.

  • Third parties who assist with fraud prevention, detection, and mitigation.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Other third parties as required by law

Geolocation Data

We collect this type of information automatically, when enabled on your mobile device and computer, when you visit or interact with our websites, applications, and online platforms.

We use this type of information:

  • For information security and fraud prevention

  • For our Everyday Business Purposes

  • To administer, manage, analyze, and improve our programs, products, and services.

  • To conduct internal business analysis and market research.

  • For advertising and product promotion

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Third parties who assist with our information technology and security programs

  • Third parties who assist with fraud prevention, detection and mitigation

  • Our lawyers, auditors and consultants

  • Third parties who provide marketing and data analytics services, such as social media platforms used to deliver our ads, website/email optimization providers, email marketing vendors, and data analytics vendors.

  • Legal and regulatory bodies and other third parties as required by law.

Professional and Education Data

We collect this type of information from:

  • you directly.

  • our business partners and other third parties that provide access to information you make publicly available, such as social media platforms.

  • Third parties who provide us with supplemental data or data analytics and market research services, such as data aggregators.

  • your employer or principal.

We use this type of information:

  • to provide you with our Products and Services

  • to communicate with you

  • to administer our relationship with your organization

  • to send you updates

  • to administer and manage your registration and participation at events

  • to fulfill business relationships with you, including processing payments and notifying you of your order status or any associate order status issues

  • to identify and authenticate you

  • to ensure the appropriate use of our Products and Services

  • to improve our Products and Services

  • to improve our Online Services

  • for short-term, transient use

  • for administrative purposes

  • for quality assurance

  • for marketing, internal research, and development

  • to customize content for you

  • to procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations

  • advertising and product promotion, including to contact you regarding programs, products, services and topics that may be of interest or useful

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • other Healthcare Providers

  • your patients

  • third parties who assist with fraud prevention, detection and mitigation

  • third parties who assist with our information technology and security programs

  • Roche’s lawyers, auditors and consultants

  • partners that assist us in providing the Products and Services or help us improve our marketing or administration

Compliance Data

We collect this type of information from:

  • You

  • Third parties, including companies that help us conduct internal investigations.

  • Third parties, such as consumer reporting agencies and data aggregators who conduct background screening for us.

We use this type of information:

  • To comply with and demonstrate compliance with applicable laws

  • For legal matters, including litigation and regulatory matters, including for use in connection with civil, criminal, administrative, or arbitral proceedings, before regulatory or self-regulatory bodies, including service of process, investigations in anticipation of litigation, execution or enforcement of judgments and orders

  • For internal business purposes, such as risk management, audit, internal investigations, reporting, analytics

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Our lawyers, auditors and consultants.

  • Customers, in connection with their audits of Roche

  • Other third parties (including government agencies, courts and opposing law firms, consultants, process servers and parties to litigation) in connection with legal matters

Written Signature

We collect this type of information from:

  • You (directly from participant).

  • Healthcare providers (including specialty pharmacies).

  • Health insurance companies (health plans) and other payors.

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties who provide benefit verification, program enrollment, and product fulfillment services in connection with our products and services.

We use this type of information:

  • To determine and verify program, product, and service eligibility and coverage.

  • To enroll you in our programs and provide our products and services to you.

  • To procure vendor/supplier products and services, including to manage and satisfy related vendor/supplier contractual obligations.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • To comply with legal and regulatory obligations

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Healthcare providers (including specialty pharmacies), health insurance companies (health plans), other payors and others as needed to provide the contemplated services or transactions involving the data, such as for processing health care payments

  • Authorized/legal representatives, family members, and caregivers.

  • Third parties with whom we have joint marketing and similar arrangements.

  • Payment processors, financial institutions, and others as needed to complete transactions and for authentication, security, and fraud prevention.

  • Other third parties as necessary to complete transactions and provide our products/services.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

CALIFORNIA JOB APPLICANTS.  The following table provides detail for residents of California who interact with us applicants for jobs, with respect to the category of Personal Data collected, the source of that information, the purposes for collection and sharing/disclosure, and the categories of third parties to whom the category of Personal Data is shared.

Category and Sources of Personal Information
Purpose for Collecting and Sharing and Disclosing the PI
Categories of Third Parties to whom this type of Personal Information is Shared or Disclosed for a Business Purpose
Contact Information

We collect this type of information from:

  • You

  • Your employer or principal

  • Service providers such as companies that provide employment recruiting services to us, including third parties that provide access to information you make publicly available, such as via social media platforms.

  • Consumer reporting agencies and other third parties who verify the information you provide.

  • Third parties who help us maintain the accuracy of our data and data aggregators that help us complete and enhance our records.

We use and disclose this type of information:

  • To identify you and communicate with you

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • For record-keeping and reporting, including for data matching, metrics, and analytics

  • To conduct marketing of the company and market research.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • If you visit our physical sites, to provide access to, monitor, and secure our facilities, equipment, and other property.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers such as companies who help manage recruiting events and activities

  • Third parties who deliver our communications, such as the postal service and couriers

  • Other third parties (including government agencies) as required by law, such as pursuant to legally binding subpoenas, court orders, and similar instruments

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Third parties who assist with fraud prevention, detection and mitigation

  • Other third parties as necessary to complete transactions and provide our products/services, including delivery companies, agents, and manufacturers.

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Consumer reporting agencies.

  • Our lawyers, auditors, and consultants.

Physical Characteristics, Demographics, or Description

We collect this type of information from:

  • You

  • Service providers such as companies that provide employment recruiting services to us, including third parties that provide access to information you make publicly available, such as via social media platforms.

  • Third parties who provide us with supplemental data or data analytics and market research services, such as data aggregators.

We use this type of information:

  • If you visit our physical site, to help manage emergency incidents that occur on campus or involve company property

  • To determine and verify program eligibility.

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • To analyze and better understand your needs, preferences, and interests

  • For our company marketing and market research purposes.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Emergency personnel

  • Service Providers which use the data to assist in incident management and reporting

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Inferred and Derived Information We collect this type of information from:
  • Inferred and derived data elements we create by analyzing our relationship and transactional information.

  • We draw inferences from the information we collect from and about you, such as your preferences, characteristics, attributes, and abilities.

  • Third parties who provide digital marketing, and analytics services for us

We combine inferred data with other relationship information and use this type of information:

  • For company marketing and market research purposes, such as quality control, training and analytics

  • For our internal business and administrative purposes, candidate recruiting and employment-related purposes

  • To analyze and better understand your needs, preferences, and interests, as well as those of other applicants.

  • To administer, provide access to, monitor, and secure our information technology systems, websites, applications, databases, and devices.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including those who analyze data on our behalf and who help execute programs

  • Our lawyers, auditors and consultants

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Legal and regulatory bodies and other third parties as required by law.

Internet and Online/ Electronic Technical Information

We collect this type of information from:

  • You and from your computer or devices when you interact with our platforms, websites and applications. For example, when you visit our websites, our server logs record your IP address and other information.

  • Automatically, via technologies such as cookies, web beacons, when you visit our website or other websites.

  • Third parties, including computer security services and advertising partners

  • We also associate information with you using unique identifiers collected from your devices or browsers.

  • Third parties who provide website and online security services.

We use this type of information:

  • For system and account administration, technology management, including optimizing our websites and applications,

  • For information security and cybersecurity purposes, including detecting threats

  • For recordkeeping, including logs and records that are maintained as part of Transaction Information

  • To identify you or your device, including to associate you with different devices that you may use

  • For online behavioral advertising purposes and general advertising and company promotion

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • For company marketing and market research purposes.

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers including companies who assist with our information technology and security programs, including companies such as network security services who retain information on malware threats detected

  • Service providers who assist with fraud prevention, detection and mitigation

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Our lawyers, auditors and consultants

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Legal and regulatory bodies and other third parties as required by law

Audio Visual Information

We collect this type of information from:

  • You

  • Automatically, such as when we record calls to our call center and use CCTV cameras in our facilities.

  • Companies conducting non-clinical research such as market research companies.

  • Service providers such as companies that provide employment recruiting services to us, including third parties that provide access to information you make publicly available, such as via social media platforms.

We use this type of information:

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • For advertising, marketing, product promotion, and relationship purposes, such as use of photos and videos for social media

  • If you visit our physical facilities, for premises security purposes and loss prevention

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers, including companies who assist with our information technology and security programs, and our loss prevention programs

  • Service providers, including companies who conduct advertising, marketing, or market research on our behalf

  • Our lawyers, auditors and consultants

  • Other third parties as required by law

Professional and Education Data

We collect this type of information from:

  • You

  • Your employer or principal

  • Service providers such as companies that provide employment recruiting services to us, including third parties that provide access to information you make publicly available, such as via social media platforms.

We use this type of information:

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • To identify and authenticate you

  • For company marketing, market research purposes

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • For our everyday business purposes

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers such as companies who help manage recruiting events and activities

  • Third parties who deliver our communications, such as the postal service and couriers

  • Other third parties (including government agencies) as required by law, such as pursuant to legally binding subpoenas, court orders, and similar instruments

  • Service providers, including those who host our data centers, help administer our call center hosting platforms and phone systems, and provide parts of our physical and electronic infrastructure

  • Behavioral advertising companies (see Behavioral Advertising below)

  • Third parties who assist with fraud prevention, detection and mitigation

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Consumer reporting agencies.

  • Our lawyers, auditors, and consultants.

Written Signature

We collect this type of information from:

  • You (directly from participant).

We use this type of information:

  • To identify and authenticate you

  • For our internal business, administrative, and candidate recruiting and employment-related purposes

  • To monitor, investigate, and enforce compliance with our policies, product/service terms and conditions, and legal and regulatory requirements.

  • To comply with legal and regulatory obligations

  • For our everyday business purposes.

We may disclose this type of information to our Affiliates and Service Providers and to:

  • Service providers who provide employment recruiting services, data analytics services, and third parties such as business and social media platforms used to deliver our ads, website/email optimization providers, and email marketing vendors.

  • Our lawyers, auditors, and consultants.

  • Legal and regulatory bodies and other third parties as required by law.

Other Uses of Personal Data 

Mergers and Acquisitions.  In addition to the uses set forth above, in certain circumstances, we will use and disclose your Personal Data to facilitate a merger, consolidation, transfer of control or other corporate reorganization in which Roche participates, or pursuant to a financial arrangement undertaken by Roche and your Personal Information will be disclosed to the buyer, assignee, or transferee.  

Data Retention.  We will retain your Personal Data for as long as needed or permitted to fulfill the purpose(s) for which it was collected or obtained, and as outlined in this Privacy Notice.  The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject that affects the Personal Data; and (iii) whether retention is determined to be necessary or advisable for Roche due to applicable statutes of limitations, litigation, or other legal or regulatory obligations. Roche takes reasonable steps to dispose of Personal Data upon the expiration of retention periods taking into consideration these litigation, legal, or regulatory obligations. 

De-Identification.  Roche may de-identify your Personal Data, which means it will remove certain data from your Personal Data, such as Contact Information, such that the resulting data would not be able to identify you or anyone else as the subject of the data.  The de-identified data will no longer be Personal Data and may no longer be subject to data protection laws.  We will not attempt to re-identify you or anyone else from this de-identified data and if we disclose it to third parties, we will require that they commit to not attempting to re-identify you or anyone else from the de-identified data.  We will use de-identified data for our business purposes.

Consumer Health Data

The law of the state in which you reside or in which your Personal Data is collected may have specific requirements in connection with Personal Data that is linked or is reasonably capable of being linked to you and that identifies your past, present, or future physical or mental health status (“Consumer Health Data”).  Please note that the collection of consumer health data subject to the Washington State My Health My Data Act (the “MHMDA”) is addressed in the separate Washington Consumer Health Data Privacy Policy and is not covered by this Section. 

To the extent your Personal Data constitutes “Consumer Health Data,” the categories of Consumer Health Data being collected; the manner in which it will be used; the categories of sources from which it is collected; the categories of third parties and affiliates with whom it is being shared; the purposes of collecting, using and sharing it; and the manner in which it will be processed are all provided in the “Your Personal Data” section of this Notice (primarily as “Information regarding your treatment”).  Additional information about Roche’s activities can be found in the “Marketing, Cookies and Tracking” and “Third Parties” sections of this Notice.

To the extent that the state in which you live requires us to provide certain rights to you in connection with your Consumer Health Data, we will provide the following rights to you based on your state’s law:

  • To request our confirmation that we are collecting, sharing, or selling your Consumer Health Data;
  • To request to review and to make changes to any of your Consumer Health Data;
  • To request that we delete your Consumer Health Data;
  • To request a list of all third parties with whom we have shared or sold your Consumer Health Data;
  • To request that we stop collecting, sharing, or selling your Consumer Health Data;

To exercise any of these rights, follow the procedure explained in the “Your Rights Regarding Your Personal Data” section of this Notice.

A third party may collect Consumer Health Data over time and across different websites or online services when you use any of our websites or Online Services.  For more information, see the“Marketing, Cookies and Tracking” and “Third Parties” sections of this Notice.

This Section (and the Notice more generally) is effective as of the “Last Updated” date above.  We will notify you of changes to this Section (and the Notice more generally) as described in the “Changes to this Privacy Notice” section.

Marketing, Cookies, and Tracking 

Marketing Uses, Cookies, and Other Activities

To the extent permitted by applicable law, including in accordance with your consent where required by applicable law, we may engage in the following activities: 

  • We may use your contact details to contact you to determine whether you would like to initiate a business relationship with us or to send you marketing emails. If you do not wish to receive such marketing emails, you may opt out by declining to receive such emails when registering or in our subsequent communications by following opt-out or unsubscribe instructions included in the email or at other information collection points on the Online Services. 

  • We may display advertisements to you regarding Products and Services that we believe are relevant to you based on your activities on the Online Services or on other web or digital properties. Such advertisements may be shown on our Online Services or the online services of others. We achieve this by using, and allowing third parties (e.g., Facebook, LinkedIn) to use certain cookies, eTags, pixels, web beacons, and other tracking technologies to track your activities on our Online Services and other online services. For more information about these activities and how to manage or opt out of them, please click on the "Your Privacy Choices" link at the bottom of our website.  

  • We may make customer offers to you based on your activities across different Online Services, including activities on other web or digital properties or your other interactions with Roche that are not via the Online Services (e.g., regional offers based on the location of your office listed on order forms). 

  • We also perform statistical analyses of the users of our Online Services to improve the functionality, content, design, and navigation of the Online Services. 

Processing Using Website Tracking

On certain of our websites, we use Google Analytics, to help us understand how users engage with this and other of our websites. Google Analytics may track your activity on our sites (i.e., the pages you have seen and the links you have clicked on) and helps us measure how you interact with the content that we provide. This information is used to compile reports and to help us improve the sites. The reports we receive disclose website trends without identifying individual visitors. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout or clicking on the "Your Privacy Choices" link at bottom of our website. 

Do-Not-Track Signals

Certain web browsers and other programs may transmit “opt-out” signals, also called a Global Privacy Control (or GPC) signal (we refer to these as “GPC Signals”), to websites with which the browser communicates.  In most cases you will need to change your web browser’s settings or add an application to your web browser to enable your browser to send a GPC Signal. Roche’s websites will recognize GPC Signals for website users differently, based on the location of the user when they access our websites.  For users that access our websites from U.S. states that have laws requiring recognition of GPC Signals, we will recognize and apply the GPC Signal to inactivate all of the cookies for that website, except for cookies that are necessary for the website to operate (“Strictly Necessary Cookies”).  Additionally, if you are accessing our websites from one of these states, you can determine if your browser GPC Signal has been recognized by clicking on the “Your Privacy Choices” link in the footer of the website that will include a short message at the top of the preference center indicating that your GPC Signal has been received.  For users from states not currently requiring recognition of the GPC Signal, our website servers may recognize and apply the GPC Signal for only targeted advertising cookies, but will not apply the GPC Signal to functional, performance or social media cookies. Further, a specific GPC Signal acknowledgement notice will not be included in the preference center, but you can always check and adjust your cookie settings by going to the Your Privacy Choices link in the footer of this website.

Behavioral Advertising

Where allowed by law, as described above, we use your Personal Data to provide you with targeted advertisements or marketing communications we believe may be of interest to you. In some jurisdictions, you may have the right to opt out of these types of targeted advertisements.  See the Opt-out of Sale or Sharing or Processing of Sensitive Data section below to do so.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page by going to http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of some targeted advertising using the below links:

Additionally, you can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at:  http://optout.aboutads.info/.

Opt-out of Sale,  Sharing, Targeted Advertising, or Limit the Use of Sensitive Data

Certain of Roche’s practices may be considered the sale or sharing of Personal Data under applicable law. You may have the right to opt-out of the sale of Personal Data, opt-out of sharing of Personal Data for purposes of cross-context behavioral advertising, which in other states is the right to opt-out of targeted advertising, and the right to limit the use of sensitive Personal Data. To exercise these rights, please see the “Your Rights Regarding Your Personal Data” section below.  

Interactive Features of our Websites

To the extent we offer any public or group forums on our Products and Services, such as newsfeeds, blogs, message boards, or similar tools (“Interactive Features”), the posts or comments you make may be public and viewed by others. You should use care before posting information about yourself, including Personal Data. You acknowledge and understand that you have no expectation of privacy or confidentiality in the content you submit to Interactive Features over the Products and Services. Except when required to do so by applicable law, we assume no obligation to remove Personal Data you post on our Products and Services, and your disclosure of any Personal Data through the Interactive Features is at your own risk.

Notice of Financial Incentive

Roche offers certain programs that may provide discounts or savings on products and services (“Program(s)”), that provide individuals who enroll with personalized and/or bundled product discounts, product vouchers, promotional opportunities, and/or other benefits (“Program Benefits”). Program participants opt in by signing up for a Program online. Roche collects and uses your personal information, including information you voluntarily provide us (such as your name and email address), commercial information (such as your purchase history), information we collect automatically, and information from other sources to operate the Program and related services, including to send you Program Benefits and the other uses described in this Privacy Notice.

Based on our reasonable and good faith estimate, Roche receives value from the Program through increased customer loyalty and increased sales, but we do not assign a actual monetary value to the personal information we collect in connection with the Program. Further, the precise value of your participation in the Program will vary depending on the discounts you take advantage of and purchases you make, as well as other factors. Some benefits to you may also be intangible, such as increased knowledge of and familiarity with products that you may get from participating in the Program. In general, however, Roche estimates in good faith that the value provided by Program Benefits to customers is equal to or greater than the value we receive from the personal information collected from you through the Program. Roche incurs a variety of expenses for providing Program Benefits, including administrative and technical expenses associated with maintaining the Program and costs associated with discounts on purchases.

Participation in the Program and the financial incentives it provides are voluntary. By providing your personal information when signing up for the Program, you are affirmatively opting-in to our financial incentive Program. You may unsubscribe from Program emails you receive at any time by clicking the unsubscribe link in the emails.

Third Parties

Service Providers

Service providers acting on our behalf must execute agreements requiring them to maintain confidentiality and to process Personal Data as necessary to perform their functions in a manner consistent with this Notice, other applicable privacy notices, and as explicitly permitted or required by applicable laws, rules, and regulations. 

Combination of Data with Data Received from Third Parties

We may combine information we collect, including Personal Data, with Personal Data that we may obtain from third parties. 

Links to Other Websites

Our Products and Services may contain links to other websites, applications, products, or services that are not owned or operated by Roche, such as social media websites and applications like Facebook and Twitter. You should carefully review the privacy policies and practices of other websites, products, and services as we cannot control and are not responsible for privacy policies, notices, or practices of third-party websites, applications, products, and services.

Your Rights Regarding Your Personal Data 

Please note that in many circumstances, we cannot effectively do business with you without processing some Personal Data about you (e.g., your contact information). For example, when you contact our customer service representatives, we may require you to provide information to authenticate your identity to assist you with your request. If you are unable to provide this information, we may be unable to process your request. 

To the extent that the state in which you live has a data protection law that requires us to offer some or all of the following rights to you, we will provide the following rights to you based on your state’s law: 

  • To opt-out of sharing your Personal Data for cross-context behavioral advertising or, in other states, to opt-out of targeted advertising;

  • To request access to and a copy of your Personal Data, including to provide your Personal Data directly to another organization, i.e., a right to data portability; 

  • To request to know about the Personal Data we process about you or, in other states, to request to acknowledge our processing of your Personal Data;

  • To request that we correct your Personal Data; 

  • To request that we delete your Personal Data;

  • To request that we limit the processing of your Sensitive Personal Data;; 

  • To opt-out of processing of Sensitive Personal Data; 

  • To appeal the denial of a request; and 

  • To lodge a complaint with the data protection authority in your jurisdiction.

You can opt-out of sharing personal data or opt-out of targeted advertising for any website you visit by clicking on the Your Privacy Choices link located at the bottom of that website. To learn if you have the other above rights in the state in which you live and to exercise any of these rights with respect to your Personal Data, please complete the form located here or, if you prefer, you can call us toll-free at (800) 975-7105. We will not discriminate against you for exercising any of the rights described above, although we may not be able to continue to provide you Products and Services or it may otherwise affect the way we are able to interact with you.

We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. We may,after receiving your request, require additional information from you to honor your request and verify your identity. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so. 

In the event you wish to make a complaint about how we process your Personal Data, please contact us at [email protected] and we will handle your request as soon as possible. Even if you make a complaint to us, you may always lodge a complaint with the relevant authority in your location.

When we receive your Personal Data from our customers and process your Personal Data on their behalf, we do so at their request and subject to their instructions. We do not have control over our customers’ privacy and security practices and processes. If your Personal Data has been submitted to us by a Roche customer and you wish to exercise any of the above-mentioned rights, please contact the relevant customer directly.

Safeguarding Information

Consistent with applicable laws and requirements, Roche has put in place physical, technical, and administrative safeguards designed to protect Personal Data from loss, misuse, alteration, theft, unauthorized access, and unauthorized disclosure consistent with legal obligations and industry practices. However, as is the case with all websites, applications, products, and services, we unfortunately are not able to guarantee security for data collected through our Products and Services. In addition, it is your responsibility to safeguard any passwords, ID numbers, or similar individual information associated with your use of the Products and Services.

How Long Your Personal Data Will Be Retained

We generally retain Personal Data for as long as needed for the specific business purpose or purposes for which it was collected. In some cases, we may be required to retain Personal Data for a longer period of time by law or for other necessary business purposes. Whenever possible, we aim to de-identify the information or otherwise remove some or all information that may identify you from records that we may need to keep for periods beyond the specified retention period.

Special Note to Patients

If you are a patient, please note that this Notice is distinct from your Healthcare Provider’s HIPAA Notice of Privacy Practices, which describes how your Healthcare Provider uses and discloses individually identifiable information about your health that it collects, as well as any other privacy practices it applies. Roche collects, uses, and discloses any Personal Data it receives from your Healthcare Provider in accordance with its HIPAA-required agreements with your Healthcare Provider. 

Changes to This Privacy Notice

We reserve the right to change this Notice from time to time. We will alert you when changes have been made by indicating the date this Notice was last updated as the date the Notice became effective or as otherwise may be required by law. It is recommended that you periodically revisit this Notice to learn of any changes. 

Contact Us

If you have questions or comments about this Notice or about how your Personal Data is processed, please contact us by one of the methods below:

  • Email:  [email protected]
  • Mail:   Roche Diagnostics Corporation, Attn:  Privacy Office, 9115 Hague Road, Indianapolis, IN 46256
  • Phone:  (800) 975-7105

We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. Note that your request to exercise your data privacy rights must be done through the web form and 800 number listed under Your Rights Regarding Your Personal Data.  We may, after receiving your request, require additional information from you to honor your request and verify your identity. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.