Last Revised: Dec 2019
1.1. Roche Diagnostics India Private Limited including its affiliates (hereinafter referred to as “Roche” or “we” or “our” or “us) is committed to protecting your (“you” or “your” or “yours”) personal information.
2.1. We are obligated to protect your information in accordance with applicable laws and regulations.
3.1. Please note that when you are on our server, your operating system provider, social media Websites you access, websites that you access may also collect, use and share information about you and your usage. We cannot control how these third parties collect, use, share or secure this information. For information about third-party privacy practices, please consult their respective privacy policies.
5. PERSONAL INFORMATION WE COLLECT
5.1. Personal information is defined as information that can be used to identify you. On this Website, we may request personal information about you. Examples of personal information that we may collect includes your name, contact information, email address, and other information in combination with these identifiers.
6. WHY WE COLLECT PERSONAL INFORMATION
6.1. The abovementioned personal information is collected for the following purposes:
6.1.1. To respond to your requests or inquiries;
6.1.2. To complete a transaction;
6.1.3. To personalize your experience;
6.1.4. To perform Website analytics and measure Website performance;
6.1.5. To track and monitor adverse events and other activities;
6.1.6. To maintain the Website, including for security purposes.
6.1.7. to improve the quality of the Website; or
6.1.8. to facilitate our internal business operations, including the fulfilment of any legal and regulatory requirements.
6.2. Several places on our Website require personal data if you choose to use them, including surveys, registration, and content sharing features (i.e., “E-mail to a Friend” links). Roche and its business partners collect this information about you only if you voluntarily provide it to us.
7. MORE INFORMATION ON OUR PROCESSING ACTIVITIES
7.1. This sections outlines each processing activity in greater detail and provides information on the categories of information collected for each activity as well as the legal basis of processing for each of these activities.
7.2. Responding to Requests or Inquiries: Certain parts of our Website and online resources allow you to submit your personal information to us to for various purposes. For example, you may subscribe to one of our mailing lists. In these instances, we may use the information that you provide to us to take the steps necessary to respond to your request. Depending on your request, we may collect your contact information (such as your name, mailing address, telephone number, job title), your interests and preferences (such as products or areas of interest), and any other information you provide to us. We collect and process your personal information for these purposes based on your consent. If reporting is required, we may process your data to comply with our legal obligations.
7.3. Completing Transactions: Some parts of our website may collect your personal information to fulfill services that you have requested and to understand your interests and preferences. In these instances, we may collect your contact information as well as a history of your previous transactions with us (such as order history, customer account information). If you are purchasing or ordering a product or service from us, we use this information to perform our agreement with you.
7.4. Personalizing Your Experience: We may collect certain information about you, your preferences, and how you have interacted with us in the past in order to understand your interest in our products and services so that we can best serve you. This may include information about your contact and product preferences, languages, marketing preferences, and demographic data. In cases where we collect this information automatically, we collect and process this information for our legitimate business interests. In other cases, we will collect and process this information pursuant to your consent.
7.5. Website Analytics and Tracking: Where permitted by law, we may combine personal information you provide with other information you’ve provided to Roche through our websites. Where permitted by law, we may also combine personal information collected through our websites and online resources with Roche’s offline records and information provided to us by third parties. More information about this can be found in the section below in our Cookie notice available at https://www.roche.com/cookie-notice.htm.
7.6. To run and maintain our Website: We use this information to secure our Website, network systems, and other assets. This may include information concerning your IP Address, geographic location, resources you have accessed, and similar information. We collect this information automatically, for our legitimate business interest.
8. SHARING YOUR PERSONAL INFORMATION
8.1. We strive to keep your personal information confidential and will place reasonable security controls to protect it. Your personal information will be kept confidential as required under applicable laws.
8.2. We may share your personal information with Roche’s affiliates around the world including in countries with privacy standards different from those in your country. Our Roche affiliates will use the personal information for the same purposes as we do. A list of Roche’s affiliates is available in the current annual report which can be found in the Investors section of www.roche.com.
8.3. Additional information in case your data is covered by GDPR: Regarding the exchange of data within the Roche Group, contracts containing the EU Standard Contractual Clauses according to EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010) 593) constitute appropriate and suitable safeguards to ensure compliance with GDPR.
8.4. We may also share personal information with external organizations or individuals if we believe that access, use, preservation or disclosure of the information is reasonably necessary to:
(a) meet any applicable law, regulation, legal process or enforceable governmental request;
(b) detect, prevent or otherwise address fraud, security or technical issues;
(c) protect against harm to the rights, property or safety of our customers or the public, as required or permitted by law.
9. CROSS BORDER TRANSFER OF PERSONAL INFORMATION
9.1. Any personal information you provide to us through your use of this Website may be transferred to or stored in a geographic region which imposes different privacy obligations than your country of origin. Any such transfer will be conducted in compliance with applicable law.
9.2. If your personal information is covered by the GDPR: For transfers of data within the Roche Group, contracts containing the EU Standard Contractual Clauses according to the EU Commission decisions of 27 December 2004 (2004/915/EC) and 05 February 2010 (C(2010)593) constitute appropriate and suitable safeguards to ensure compliance with GDPR. In addition to Standard Contractual Clauses, Roche may also use data processors that are certified under the EU-U.S. Privacy Shield, which establishes appropriate and suitable safeguards to ensure compliance with the GDPR according to the EU Commission decision of 12 July 2016 (C(2016) 4176).
10. RETENTION AND STORAGE OF YOUR PERSONAL INFORMATION
10.1. The personal information so collected shall be retained only for a period of 15 (fifteen years) to fulfil the purposes outlined herein unless a longer retention period is required or permitted by law and only for the purposes defined above. Once the purpose is achieved, all personal information is deleted in a safe and secure mode.
10.2. We have adopted reasonable security practices and procedures as required under applicable law and have included strategic, operational, managerial, technical and physical security controls to safeguard and protect your data and information.
11.1. Roche and its business partners take reasonable steps to protect your personal information we access or receive through this Website from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Nevertheless, Roche makes no guarantee as to the security of your personal information and disclaims, to the fullest extent permitted by law, all liability and damages caused by loss, misuse, and unauthorized access, disclosure, alteration, or destruction. We recommend that you take any available precautions to protect your personal information you submit on this Website.
12. INFORMATION ABOUT YOUR RIGHTS IF YOUR DATA IS COVERED BY GDPR
12.1. Provided your personal information is covered by GDPR, please note that you have the right to: (i) request from Roche access to and rectification of your personal data as well as the right to data portability, if applicable, or erasure or restriction of processing of your personal data.
12.2. Erasure or restriction of processing is only possible if and to the extent the processing of personal data is based on consent or legitimate interest. If data processing is based on consent, kindly note that you have the right to withdraw your consent at any time, however, without affecting the lawfulness of processing based on consent before its withdrawal. For sending us a note to exercise your right to withdraw consent, please see contact details in the section “Identity and contact details” herein below.
12.3. To avoid that your data is entered in the systems again after your request for erasure, in your interest and for us to comply with GDPR we may keep your name and e-mail address with a flag “Don’t contact anymore” in our systems.
13.1. Non-personal information is defined as any data that does not personally identify you and may include unique system or hardware identifiers, system or application software, and peripherals.
13.2. Any non-personal information, which when clubbed with personal information becomes personal information, shall be treated as personal information.
13.3. The following is the manner in which we collect, use, share and retain non-personal information.
13.3.1. Collection - You agree that the Website may collect diagnostic, technical and usage related information for the usage purposes described below.
13.3.3. Sharing- As non-personal information does not personally identify you, we may use and disclose non-personal information at our discretion, subject to applicable laws.
13.3.4. Retention - The information so collected shall be retained only for a limited duration necessary to fulfill the purposes outlined herein unless a longer retention period is required or permitted by law and only for the purposes defined above. Once the purpose is achieved, all information is deleted in a safe and secure mode.
14.1. The Website may access, collect and analyse information related to your location on a regular basis through Bluetooth and Wi-Fi signals and other technologies and data for the performance of the services provided by the Website and to help improve the design, functionality, performance, and content of the Website.
14.2. Except in cases where any specific service requested by you require or involve personal identification, the Website collects location data anonymously and in a form that does not personally identify you. By using the Website, you agree and consent to transmission, collection, maintenance, processing and use of your location data and queries to provide and improve such services of the Website.
15. ACCESS, CORRECTION AND DELETION:
15.1. The Website strives hard to keep its records updated and accurate with your latest information. You shall be responsible to ensure that the information or data you provide from time to time is and shall be correct, current and updated and you have all the rights, permissions and consents to provide such information or data.
15.2. You may note that deletion of certain information or withdrawal of consent may lead to cancellation of your access to the Website or your access to certain features and services of the Website. Additionally, we may not be able to process your request of correction, updating or deletion, in case the same is not supported by valid documents or data retention is required by the applicable law or law enforcement requests or under any judicial proceedings or it is extremely difficult to implement (such as requests related to backup copies or if a new system is required to process the request or change of technical design) or risks the privacy of other users.
16.1. We shall not be liable for any indirect, incidental, consequential, special or exemplary damage(s) arising due to loss of data or use arising out of or in connection with your access or use of or inability to access or use the Website.
17. IDENTITY AND CONTACT DETAILS
17.1. In the event that your Personal information is covered by the EU General Data Protection Regulation (“EU”) 2016/679 (“GDPR”), the EU representative of F. Hoffmann-La Roche Ltd is Roche Privacy GmbH, Emil-Barell-Str. 1, D-79639 Grenzach-Wyhlen.
17.2. You may also contact Mr. Rajeshvar Nerurkar from Roche Diagnostics India, Silver Utopia, B 501 / 601 B, 5th & 6th floor, Cardinal Gracious Rd, Chakala, Andheri East, Mumbai, Maharashtra 400069, India or email at [email protected].
Last Updated on:
Copyright @ Roche Diagnostics India Private Limited
All rights reserved.