The Apotex group of companies ("Apotex") develops, manufactures, markets and distributes a broad range of pharmaceutical products worldwide, operating through four lines of business – Global Generics, Global Specialty Pharma, Global API and ApoPharma. Apotex produces hundreds of generic pharmaceuticals in thousands of dosages, has hundreds of molecules under development, and exports products to over 115 countries around the globe.
Apotex is committed to protecting the privacy of personal information in our possession. Recognizing that we operate as a global organization, Apotex will make every effort reasonable to comply with international laws pertaining to the protection of personal information.
Apotex adheres to additional internal policies regarding the handling of personal information in the context of clinical trials. If you are participating in the clinical trial recruitment process in Canada, you may request a copy of those policies.
A separate employee policy governs Apotex's use of employee personal information.
'handling' refers to the collection, use, processing, storing or disclosing personal information.
'healthcare practitioner' means any person or institution such as a doctor, pharmacist, dentist or nurse who provides medical care or health services to a patient or is part of a patient's circle of care.
'personal information' refers to any information that either alone or together with other information, can be used to identify an individual. It does not include anonymized information except where two pieces of anonymized information can be combined to identify an individual. The definition of 'Personal Information' may vary, to some degree, from one jurisdiction to another. In Canada, 'personal information' will mean information about an identifiable individual, but does not include the business contact information of an employee of an organization.
Whose Information Do We Collect?
In the course of doing business, Apotex may collect the personal information of individuals such as: customers, consumers, patients, subjects involved in research studies and employees.
Sources of Personal Information
Apotex may obtain personal information from an individual directly or indirectly (e.g., personal information may be obtained indirectly from a healthcare practitioner or through a computer or mobile device). This collection of personal information may occur through various means: through the telephone (e.g., by a call made to our Customer Service team); via fax; through your use of our websites, mobile apps, or email; or through data transfers from third parties or completion of informed consent forms.
Types of Personal Information
Depending on the individual, personal information may include contact information (e.g., name, home and business addresses, telephone numbers, fax numbers, e-mail addresses, emergency contact information), credit card information, professional credentials, information relating to references, or personal identification (e.g., social security number (SIN)). Some personal information is also sensitive information, including medical or health information (e.g., date of birth, marital status, birth place, nationality, race, sex, preferred language).
Apotex only collects personal information to the extent required to carry out the purpose of such collection, to provide you with products or services, or to communicate with you for other purposes that we think may be of interest to you.
Apotex collects personal information in the course of its day-to-day business activities, which include: processing orders for our products; sending you information about our products and services; providing certain health, product or medically relevant services and information; accepting job applications; conducting research such as clinical trials; and processing claims. We may also handle personal information in the course of performing maintenance to our information technology (IT) systems, databases or software.
If you opt in to receive promotional materials, newsletters, offers or other information from Apotex, your Personal Information may be processed by Apotex for this purpose; this allows us to maintain our relationship with you. You may unsubscribe from receiving these materials at any time.
Any Personal Information you disclose when calling Apotex's Customer Service or DiSpedia will be used to process and respond to complaints or product inquiries.
Apotex uses the personal information (including medical information) of its participants of clinical trial activities that are conducted in-house.
When you visit our websites or use other online resources or apps provided by Apotex, we may collect information about your computer or electronic device (e.g., your Internet Protocol (IP) address, browser type, and date and time of your request) by using automatic systems of browsing data collection, such as cookies. A cookie is a file stored on your hard drive; it does not contain intelligible information, but it allows linking between a terminal and information about your preferences. These tracking technologies are used to provide additional functionality to your use of our resources; for example, to identify you as a healthcare professional, or to remember your preferences and selections. You may limit or remove cookies from your computer or device, but, in these situations, our ability to provide optimal service may be limited.
In addition to the above uses, Apotex may collect personal information in order to fulfill certain regulatory requirements, such as monitoring and reporting adverse drug reactions.
By Apotex and our Affiliates
When personal information is handled within Apotex, only employees of Apotex with a legitimate 'need to know' will have access to personal information.
Apotex may share personal information with its affiliates who may be located in other countries. Furthermore, if you are interacting with Apotex from a country other than Canada, your communication with us will necessarily result in the transfer of information across international boundaries. The legal requirements for protection of personal information are not the same in all countries; however, Apotex has standards in place to protect personal information transferred between its affiliates.
With Third Parties
Personal Information in Apotex's Possession
Apotex has implemented an information security program that contains administrative, physical and technological security controls designed to reasonably safeguard your personal information against unauthorized access, disclosure, misuse, loss or theft. Physical controls include building and room access controls, video surveillance and security patrols. Technological controls include the use of firewalls, software access controls and data loss prevention tools.
Apotex adheres to a global policy regarding IT security, such as the use of passwords, limited user access and encryption. Apotex has also implemented a number of administrative controls in the form of global IT policies for employees, which include security policies for the handling of all confidential information.
Personal Information Disclosed to Third Parties
Where personal information is disclosed by Apotex to third parties, such third parties are required to maintain the confidentiality and security of all personal information held by it on our behalf. Apotex's service providers have been chosen in part because they provide sufficient organizational and technical safeguards to protect personal information and they agree to adhere to applicable privacy laws. Where a third party will be handling personal information electronically, Apotex first requires that the third party demonstrate its ability to apply technological security measures similar to those standards adopted by Apotex.
Apotex retains personal information for as long as required for the specific purpose for which it was collected or as otherwise required by law. Apotex destroys personal information in accordance with its record retention policies.
Consent, Refusal, Opt In/Opt Out
Apotex takes reasonable measures to ensure that the personal information we collect, process and maintain is accurate, complete, current and used only for the purpose(s) for which it was collected or authorized. Where required, Apotex will obtain your consent before it collects or uses your personal information, if possible. Apotex will notify you of what information it will collect, and the uses of that information, prior to obtaining your consent. In addition, when feasible and appropriate, Apotex will obtain your consent before using your personal information for a new purpose or before transferring your personal information to the control of a third party.
It may not be required or possible to obtain your consent before collection or use of your personal information in certain circumstances; for example, where it is necessary to protect Apotex, its employees, customers or others or to fulfill a legal obligation. In this case, we will limit the use of your personal information to only that which is necessary to be used.
In the event sensitive data is used for a new purpose or transferred to the control of a third party, express or explicit consent will be obtained prior to such use or transfer of the sensitive data. If you are a healthcare practitioner and provide the personal information of an individual, you warrant that you have the consent of that individual to disclose his/her personal information.
You may withdraw your consent at any time subject to legal or contractual restrictions and reasonable notice. As we may not be able to provide you with certain services should you withdraw your consent, Apotex will inform you of the implications of withdrawing consent. We may not be able to cease the use of your personal information where it is required to be used to fulfill obligations required by law.
To withdraw your consent, you can contact us using the contact information below.
The refusal to provide us with your Personal Information or the necessary consent for performing the above purposes may consequently prevent us from processing your request or fulfilling obligations required by law.
Accessing, Correcting or Deleting Your Personal Information
To the extent provided by applicable law, an individual may have the right to access, correct or object to the use of, or request deletion or suppression of, his or her personal information. This may not be available to those individuals living in certain jurisdictions, such as the United States.
You may gain access to your personal information that is handled by Apotex in order to review, correct or delete it. To request such access, please contact our Chief Privacy Officer using the contact information provided below. For clinical trial participants, contact your clinical recruitment manager.
If you make such a request, you will be asked for identification so that we can verify your identity before providing you with your personal information. If you require personal information to be presented in an alternative format, we will make reasonable efforts to accommodate you. If there is an associated charge to us in order to retrieve your personal information, we will advise you of the charges that you would be responsible for and obtain your authorization before proceeding. You will receive confirmation that your information has been updated.
We may not be able to give you access to personal information where such access would result in disclosure of other individuals' personal information, would result in a breach of a contract, or would result in disclosure of trade secrets or other proprietary business information belonging to Apotex or a third party.
If your personal information is out of date or incorrect, you may update your personal information directly, if possible (e.g., by updating your credentials on a website or app), or by request, by emailing us at the email address listed below. Note that Apotex cannot alter medical information generated as part of a clinical trial or study.
In circumstances where we are required to retain personal information, we may not be able to delete your personal information. Such circumstances may include, for example, where we are required to retain personal information by law or regulation, to continue to manage certain programs, to conduct clinical trials, to defend legal claims, or for certain necessary business purposes.
Additionally, you are entitled to obtain, at any time, confirmation from us as to whether or not information relating to you is being processed. You are also entitled to receive from us: information on the source of your Personal Information; the purposes and way of processing your Personal Information; the logic involved in any electronic information processing; details of the data controller and of the processors; and the names of the entities to whom your Personal Information may be disclosed or by whom it may be accessed.
Attention: Chief Privacy Officer
150 Signet Drive
Toronto, Ontario, Canada
North America: 844-427-6839
Australia, New Zealand, Belgium, UK, Netherlands: 800-4427-6839
You may also contact the Canadian Federal Privacy Commissioner at www.privcom.gc.ca, or by calling 1-800-282-1376.
Please note that questions or complaints directed to Apotex's Chief Privacy Officer, which are unrelated to privacy, will not receive a response. For other questions or complaints, please contact Customer Service at 1-877-427-6839 or at http://www.apotex.com/global/contact/
Amendments and Administration