Please note that this Privacy Statement only applies to personal data that is collected and processed by Astora Women’s Health Ireland Limited(with registered office of First Floor, Minerva House, Simmonscourt Road, Ballsbridge, Dublin 4, Ireland) and not any other entity in the Endo International plc (‘Endo’) Group (‘Endo Group’). In particular, it applies to personal data which you provide when lodging a complaint or a question about an Astora product.
This Privacy Statement is intended to ensure that you are aware of what personal data Astora Women’s Health Ireland Limited(ASTORA, we, us, our) with a registered address at First Floor, Minerva House, Simmonscourt Road, Ballsbridge, Dublin 4, Ireland holds in relation to you, and how we use that data as data controller. Please read the following carefully to understand our use of your personal data.
This Privacy Statement applies to any information about you collected, maintained, transmitted, stored, retained, or otherwise used (i.e. processed) by ASTORA through this website (www.astorahealth.com), for example when you use our online feedback/queries facility in the "Contact Us" section of the website. It also applies to any personal data which you provide to us in email or telephone communications, including when you contact our customer complaints call centres in relation to issues with our products.
This Privacy Statement sets out the basis on which we gather, use, process and disclose any personal data we collect from you, or that you provide to us. We will use your personal data only for the purposes and in the manner set forth below which describes the steps we take to ensure our processing of your personal data is in compliance with the General Data Protection Regulation ((EU) 2016/679) (GDPR) and any implementing legislation (Data Protection Legislation).
Changes to this Privacy Statement
We reserve the right to change this Privacy Statement from time to time at our sole discretion. If we make any changes, we will post those changes here and update the “Last Updated” date at the bottom of this Privacy Statement. Your continued use of the website or any of our services (including our call center complaint services) after we make changes is deemed to be an acknowledgment of those changes, so please check this Privacy Statement periodically for updates.
What is Personal Data?
'Personal Data' is defined as any data relating to a living individual who can be identified directly from that data or indirectly in conjunction with other information. We hold some or all of the following types of personal data in relation to you:
Purpose and Legal Basis for Processing
We will hold, process and may disclose personal data provided by you for the following purposes:
Purpose for Processing
Legal Basis for Processing
We may, from time to time, (i) ask for your consent to use your personal data for a specific purpose; and/or (ii) process your personal data (including "special data") in order to protect your vital interests or the interests of another. Where processing is carried based on your consent, you will have the right to withdraw your consent to such processing at any time.
The provision of your personal data is not a statutory or contractual requirement and you may refuse to disclose same. However, please note that if you do not provide us with your personal data we will not be able to process your complaint.
Special Categories of Personal Data
Certain categories of your personal data are regarded as 'special'. Special data includes information relating to an individual's:
We only process such sensitive personal data where it is necessary for the establishment, exercise or defence of legal claims or where it is necessary for reasons of public interest in the area of public health (such as ensuring high standards of quality and safety of medicinal products) or where we have obtained your explicit consent to process such data. As mentioned, where processing is based on your consent, you have the right to withdraw that consent at any time.
Recipients of Your Personal Data
We may disclose your personal data to members of our corporate group including, without limitation, for the following reasons: in order to run global processes or global litigation, carry out group wide reporting or take decisions about the business and/or our products and for processing customer complaints and issuing refunds where applicable.
It may be necessary from time to time for us to disclose your personal data to third parties or agents, including without limitation to the following:
We will inform you in advance if we intend to further process or disclose your personal data for a purpose other than the purposes set out in this Privacy Statement. We take all reasonable steps, as required by law, to ensure the safety, privacy and integrity of such data and information and, where appropriate, enter into contracts with such third parties to protect the privacy and integrity of such data and any information supplied.
Transfer of Personal Data outside the EEA
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA), for the purposes described above. Those countries may not provide an adequate level of protection in relation to processing your personal data. Due to the global nature of our business, your personal data may be disclosed to members of our group located outside the EEA, including in particular in the USA. It may also be processed by personnel operating outside the EEA who work for us or for one of our suppliers who act on our behalf. We will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data. You can obtain information concerning such safeguards from email@example.com , where applicable.
Security and Storage of Personal Data
We securely store your personal data in a centralised database, with controlled access to such database. Access to personal data (including special data) in both electronic and paper form is restricted to members of employees who have a legitimate and justifiable reason to view such data.
Safeguarding your Personal Data
The security and confidentiality of your personal data is extremely important to us. As no data transmission over the internet can be guaranteed as 100% secure, we cannot ensure or warrant the security of any information that you transmit to us and you transfer the personal data at your own risk. We endeavour to use and keep under review appropriate technical and organisational measures (including staff training and awareness) in order to protect against unauthorised or unlawful processing of your personal data, including unauthorised destruction, alteration or disclosure or access.
We will store your personal data only for as long as necessary for the purposes of providing access to our website and related services to you; as required by law, and for the exercise or defence of any legal claims.
Links to other sites
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.
You should keep us informed of any changes to your personal and special personal data. You have a personal responsibility to ensure that any personal data in relation to our employees to which you have access to in the course of your work is protected from unauthorised access or disclosure. If you become aware of a data breach or a potential data breach in respect of personal data please report the matter immediately to firstname.lastname@example.org
Your Data Rights
You have several rights in relation to your personal data. You have a right to:
However, these rights may not be exercised in certain circumstances, such as when the processing of your data is necessary to comply with a legal obligation or for the exercise or defence of legal claims. If you wish to exercise any of your rights in this regard please contact email@example.com . We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than within one month after of receipt of your request. We may request proof of identification to verify your request.
You have the right to lodge a complaint with the Office of the Irish Data Protection Commissioner if you are unhappy with how your personal data is being handled.
If you require any further clarification regarding this Privacy Statement, please contact: firstname.lastname@example.org