Ethics & Compliance
Purdue Privacy Policy
I. Introduction
Please read carefully this Purdue Pharma L.P. Privacy Policy (the “Privacy Policy”), which is part of the Purdue Pharma L.P. Terms and Conditions before you access, download, or otherwise use any of our websites (e.g., purduepharma.com, imbriumthera.com and rhodespharma.com), use related other parties’ websites, use any of our mobile applications, or otherwise other interact with us, whether offline or online (collectively, the “Service”).
This Privacy Policy applies to Purdue Pharma L.P. and each of our affiliates and subsidiaries that post this Privacy Policy, (collectively, “Company”, “Purdue”, “we”, “us” or “our”). This Privacy Policy is part of the Company Terms & Conditions and any terms defined therein shall have the same meaning in this Privacy Policy. This Privacy Policy pertains to an individual (“you” or “user”) accessing and using our websites and your interactions with us, without limitation, and it describes the information collected through your use of our Service, how we use your data, how we share it, how we protect it, and the choices you can make about your information.
By using the Service, you accept and agree to be bound by this Privacy Policy in full. If you do not accept this Privacy Policy, do not use the Service. You acknowledge that (a) you have read and understood this Privacy Policy; and (b) this Privacy Policy shall have the same force and effect as a signed agreement. Unless explicitly stated otherwise, any new features that augment or enhance the current Service shall be subject to this Privacy Policy.
We reserve the right to update or modify this Privacy Policy at any time without prior notice. We will update this page to reflect any changes to this Privacy Policy. Please review this Privacy Policy periodically, and especially each time you use the Service and before you provide any information. This Privacy Policy was made effective on the date indicated above.
II. Sensitive Information
Unless we specifically request or invite it, we ask that you not send us, and that you not disclose, any sensitive personal information on or through the Service or otherwise to us. For purposes of this Privacy Policy, “sensitive information” includes, but is not limited to, the following: Social Security numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or biometric or genetic data for the purpose of uniquely identifying an individual.
III. Personal Information We Collect
We may collect information from you when you use the Service, contact or interact with us, sign up for our mailing list, register for an account, or voluntarily provide us with your comments and other content in connection with using the Service.
As part of your access to and use of the Service, we may receive and collect your name, email address, professional designation and any other information you voluntarily provide on the Service.
When you register for an account, we may collect: your name, gender and contact information. In some cases, we ask customers for information after they register.
When you access and use the Service, we automatically collect information regarding you and your device, including information provided to us by your browser (e.g., the website you came from (known as the referring URL), any Purdue online advertisements located on third party websites that you may have clicked on to access one of the Purdue websites, the type of browser you use and the time and date of access) and your user name, permissions for the Service, device’s Internet Protocol address, the domain name of your Internet service provider, your location, your mobile device information (e.g., device model and operating system version), your page visits, your social sharing activity, and aggregated information that cannot be used to specifically identify you. Additional information collected is described in the Analytics and Cookies sections.
We may combine all the information we collect from or about you and use it in the manner described in this Privacy Policy. Please note that Purdue does not and will not sell or rent your personally identifiable information to third parties.
For additional information regarding the types of information we may collect, how we use the information, and how we share the information, please see the Privacy Chart.
Marketing and Analytics: We use third-party analytics tools to better understand who is using the Service and how people are using it. These tools may use cookies and other technologies to collect information about your use of the Service and your preferences and activities. These tools collect information sent by your device or the Service and other information that assists us in improving the Service. This information may be used to analyze and track data, determine the popularity of certain content, and better understand your online activity, among other things.
Cookies and Other Tracking Technologies: We, along with third parties, use cookies, local storage objects, Web beacons and other technologies. These technologies are used for tracking, analyzing, personalizing, and optimizing the Service. Cookies are small files that are transferred to and stored on your computer through your Web browser (if you allow it) that enable the website’s or service provider’s system to recognize your browser and capture and remember certain information. You can instruct your browser to stop accepting cookies. But if you do not accept cookies, you may not be able to use all portions of all functionality of the Service.
Persistent cookies remain on the user’s computer after the browser has been closed. Session cookies exist only during a user’s online session and disappear from the user’s computer when they close the browser software. Flash cookies (also known as local shared objects) are data files that can be created on your computer by the websites you visit and are a way for websites to store information for later use. Flash cookies are stored in different parts of your computer from ordinary browser cookies. You can disable the storage of flash cookies. For additional information about managing and disabling flash cookies, please visit http://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html. Web beacons are small strings of code that provide a method for delivering a graphic image on a Web page or in an email message for the purpose of transferring data. You can disable the ability of Web beacons to capture information by blocking cookies.
We use cookies and other tracking technologies on the website to help us understand and save your preferences and interests, so we can personalize your future visits and compile aggregate data about website traffic and website interaction so that we can offer better website experiences and tools in the future. Some of our business partners, such as our analytics providers and social media connections, also use cookies and other tracking technologies on our website, some of which may track users across websites and over time.
We may use Google Analytics to better understand who is using the Service and how people are using it. Google Analytics uses cookies to collect and store information such as Service pages visited, places where users click, time spent on each Service page, Internet Protocol (IP) address, type of operating system used, location-based data, device ID, search history, gender, age, and phone number. We use this information in the aggregate to improve the Service and as otherwise described in this Privacy Policy. To better understand Google Analytics, and the options you have with respect to the Google Analytics features, please visit: https://tools.google.com/dlpage/gaoptout/ and https://policies.google.com/privacy.
Information Collected From Other Services and Mobile Applications and Do Not Track Policy: Your browser or device may offer you a “Do Not Track” option, which allows you to signal to operators of websites, web applications, mobile applications, and services (including behavioral advertising services) that You do not wish such operators to track certain of your online activities over time and/or across different websites or applications. Our Service does not support Do Not Track requests at this time, which means that we or our analytics providers or other third parties with which we are working may collect information about your online activity both during and after your use of the Service.
IV. How We Use Personal Information
The purposes for which we may use the information that we collect may include but are not limited to:
- Providing information and services to you;
- Connecting with your social media accounts and sharing information with you, if you choose to connect with the Company’s social media accounts;
- Processing and responding to your inquiries and comments;
- Contacting you for market research purposes and to use this information to customize the Service according to your interests;
- Personalizing and enhancing your experience using the Service;
- Sending periodic emails. If you choose, the email address you provide may be used to send you occasional news, updates, related product, or service information, etc. Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email;
- Analyzing the accuracy, effectiveness, usability, or popularity of the Service;
- Preventing fraud and abuse of the Service and to otherwise protect users and visitors and our business;
- Assisting law enforcement and responding to court orders and legal investigations;
- Comply with applicable regulations, statutes, and laws;
- Performing other business activities as needed, or as described elsewhere in this Privacy Policy;
- Transferring information in the event of a merger, transfer of assets, or other organizational restructuring; and
- As explained elsewhere in this Privacy Policy, personal information we collect may be processed by our service providers in providing services related to the Service (such as administration services, technical services relating to the maintenance, servicing, and upgrading of products, software, hosting services, customer service, data migration services, and analytical services, among others).
V. How We May Share Personal Information
Information may be disclosed to third parties in accordance with our Privacy Policy. Please note that a user may choose not to share certain information as described in this Privacy Policy. As described further below, we may share your personal information with the following types of entities:
- Third-party service providers to perform functions in connection with the Service, such as email marketing, site analytics, social sharing, relationship management, functions related to analyzing and improving the Service’s usefulness, reliability, user experience, and operation, storing data, and as otherwise described in this Privacy Policy. In addition, if you are a health care professional, Purdue may validate your licensure status and other information against available databases that list licensed health care professionals.
- Third-party business partners for their direct marketing and promotional purposes and so they can provide offers and services to you. For example, Purdue may provide an opt-in box for customers to receive information that is sent by a third-party fulfillment house.
- Third-party business parties related to business changes if we become involved in a merger, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution, change of control, or other transaction, or if the ownership of all or substantially all of our shares, assets or business otherwise changes, we may transfer your information to a third party or parties in connection therewith.
- Our affiliates, meaning companies related by common ownership or control (which can be financial or nonfinancial companies) for everyday business purposes. Our affiliates will be required to maintain your information in accordance with this Privacy Policy.
- Government authorities and other third-parties if we believe that such disclosure is necessary to comply with the law or guidance and cooperate with government or law enforcement officials or private parties; investigate, prevent, or take action regarding suspected illegal activities, suspected fraud, the rights, reputation, safety, and property of us, users or others, or violations of our policies or other agreements with us; respond to claims and legal process (e.g., subpoenas); and/or protect against legal liability. If you contact us regarding your experience with using any of our products, we may use the information you provide in submitting reports to the U.S. Food and Drug Administration, and as otherwise required of us by law or governmental audit. We may also use the information to contact your healthcare professional to follow up regarding an unexpected event involving the use of any one of our products. You understand that in order to comply with the law, Purdue may not be permitted to comply with your request to amend or remove personally identifiable information that was provided to Purdue by a healthcare professional or a consumer regarding an adverse event or reaction involving medicine, medical products or medical devices.
We may also share aggregated/de-identified information relating to users of the Service with affiliated or unaffiliated third parties. This information does not contain personal information about any user.
VI. Information Security
Purdue is committed to the security of your information. To protect your personal information from unauthorized access and use, we implement and maintain reasonable security measures that are intended to maintain the confidentiality of personal information. However, no security measures are infallible. We cannot and do not guarantee that our safeguards will always work. Please always use caution when transmitting information over the Internet, use strong and unique passwords that you do not also use for other online services, and notify us immediately of any concerns with your account or passwords.
VII. International Transfers
We are based in the United States. Any information collected through the Service is stored and processed in the United States. The information you submit to us and that we collect as a result of using our Service will be transferred to the United States. By using the Service, products, and websites, you consent to the collection, international transfer, storage, and processing of your information. If you use our Service outside of the United States, you consent to having your data transferred to the United States.
VIII. California Residents
If you are a current resident of California, you may have rights under the California Consumer Privacy Act of 2018 (“CCPA”), as described in this section of our Privacy Policy. These provisions of the CCPA do not, however, apply to certain medical information that is collected pursuant to the California Confidentiality of Medical Information Act (“CMIA”) or protected health information under Health Insurance Portability and Accountability Act (“HIPAA”), and its implementing regulations. The CCPA exempts most clinical trial data. In addition, this section of our Privacy Policy is not applicable to personal information processed solely in the business-to-business context, for example, information about an individual acting in his or her capacity as a representative of a company, and other data that is exempt from the requirements of the CCPA.
Rights Under the CCPA and other California Laws
Individuals whose personal information is covered by the CCPA have the right, subject to certain limitations, to: (i) request, up to twice every 12 months, access to and information about personal information we collect and share about you; (ii) correct your personal information when incorrect, out of date or incomplete; and (iii) request that we delete the personal information we have collected from you.
Your Right to Request Disclosure of Information We Collect and Share About You
Individuals whose personal information is covered by the CCPA have a right to request that Purdue provide the following information:
- The categories of personal information that Purdue has collected about you.
- The categories of sources from which Purdue collected the personal information.
- The business or commercial purposes for which Purdue collected and/or sold the personal information.
- The categories of any third parties with which Purdue shared the Personal information.
- The specific pieces of personal information Purdue collected over the past year.
Such individuals may also submit a request to Purdue for the following additional information:
- The categories of personal information, if any, Purdue has sold about you, categories of third parties to which Purdue sold that personal information, and the categories of personal information sold to each type of third party.
- The categories of personal information that we have disclosed for a business purpose.
Our responses to any of these requests will cover the 12-month period preceding our receipt of the request.
Right to Request the Deletion of Personal Information We Have Collected from You
Individuals whose personal information is covered by the CCPA may also request deletion of information covered by the CCPA. Upon receiving and verifying such request, Purdue will delete the personal information that we have collected about you, unless that information is necessary for Purdue to: complete the transaction for which we collected the information; provide you with a good or service you requested; perform a contract Purdue entered into with you; detect security incidents; maintain the functionality or security of Purdue’s systems; comply with or exercise rights provided by the law; or use the information internally in ways that are comparable with the context in which you provided the information to Purdue or that are reasonably aligned with expectations based on your relationship with Purdue, among other things. We may also retain information where another exception to the deletion requirements in Cal. Civ. Code § 1798.105(d) applies.
Please note that if you or your authorized agent request that your personal information be deleted, you may no longer be able to access or use certain parts of the Sites.
Process to Submit Requests for Access or Deletion of Personal Information
If you are a California resident, to exercise your right to request access to or deletion of your personal information, please either submit a request through the California Consumer Privacy Act Data Request Form or send an email request to compliance@pharma.com to access the CCPA request form. You may also contact us at 1-877-PURDUE1 (1-877-787-3831) with questions. Purdue may request additional information confirming your identity if the request involves sensitive information (e.g., prescription drug name, strength, dosage). If you are making a request through an authorized agent on behalf of a California resident, you may use the same submission method. As part of the verification process, we may request that you provide proof that you have been authorized by the California resident on whose behalf you are making the request.
We will verify and respond to your request consistent with applicable law
Our Process for Responding to Requests for Access or Deletion under the CCPA
For requests for access or deletion, we will confirm receipt of the request within 10 business days and provide information on how we will respond to your request. We will respond to your request or your authorized agent’s in writing, or verbally if requested, as soon as practicable and in any event generally not more than within 45 calendar days after receipt of the request. We may extend this period to 90 calendar days and, in the event that we do extend the period, we will explain to you or your authorized agent why we did so.
Information about the Personal Information We Collect
The following table categorizes the types of personal information we have collected in the last 12 months, and with respect to categories of personal information for which the CCPA may require such disclosure in this Privacy Policy. The table also describes the information we may continue to collect and our uses of that information.
The information referenced in the below table may be collected in the course of the California resident acting as a job applicant, employee, owner, director, officer, or contractor of ours where that information is solely used within the context of their role as a current or former job applicant, employee, owner, director, officer, or contractor. As of the Last Updated date of this Privacy Policy, certain consumer rights under the CCPA do not apply to such information.
PRIVACY CHART
Category of Personal Information (PI) We May Collect | Categories of Sources from Which PI Is Collected | Purposes of Collection (described below) | Categories of Entities with Which PI Is Shared |
---|---|---|---|
Identifiers, such as name, postal address, email address, phone number, account name, registration numbers, tax identification number, Social Security number, driver’s license number, passport number, citizenship, date of birth, National Provider Identifier (“NPI”), or other similar identifiers |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Automated collection on our websites, products, applications, databases, devices, information systems and networks, and through cookies Service providers, business associates and contacts Applicants for positions with us, current and former employees, directors, other contractors Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources Public sources Government sources and records |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as cloud storage providers, benefits providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) Regulators/government agencies |
Unique device and online identifiers, such as IP addresses, device IDs, or other similar identifiers |
Automated collection on our websites, services, products, applications, databases, devices, information systems and networks, and through cookies |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection and Defense activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as analytics providers, services that advertise our products
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) product sponsors Regulators/government agencies |
Characteristics of protected classes and demographic information, such as age, sex, gender identity or gender expression; marital status; military or veteran status; criminal history; medical conditions |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Applicants for positions with us, current and former employees, directors, other contractors Product sponsors, service providers, business associates and contacts Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources Public sources |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as benefits providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) product sponsors Regulators/government agencies |
Commercial and financial information, such as records of personal property, products or services purchased, obtained, or considered, other purchasing or consuming histories or tendencies, information on investments, assets, expenses, net worth, tax status, holdings, account balances, transaction history |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Current and former employees, directors, other contractors Product sponsors, service providers, financial institutions, business associates and contacts Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources Public sources Government sources and records |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as benefits providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) financial services entities Regulators/government agencies |
Internet or other electronic activity information, including information regarding an individual’s interaction with a website or application, calls and emails sent and received |
Automated collection on our Sites, services, products, applications, databases, devices, information systems and networks, and through cookies. |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection and Defense activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as cloud storage providers, analytics providers, services that advertise our products
Regulators/government agencies |
Geolocation data, such as physical location or movements |
From our interactions with healthcare providers |
Marketing |
Service providers |
Audio, electronic, visual, thermal, or olfactory information, such as photographs CCTV footage and other video event recordings, voicemail |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Product sponsors, service providers, business associates and contacts Current and former employees, directors, other contractors Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as cloud storage providers, benefits providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) , product sponsors Regulators/government agencies |
Professional or employment-related information, such as work history |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Product sponsors, service providers, business associates and contacts Current and former employees, directors, other contractors Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources |
Patient/caregiver/customer Services
Business Operations Marketing Information Security/Technology Protection activities Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as cloud storage providers, benefits providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs), product sponsors Regulators/government agencies |
Education information, such as information about schools attended and degrees and certifications obtained |
From our interactions with individuals seeking to obtain or obtaining our products and services or otherwise interacting with or contacting us
Service providers, business associates and contacts Current and former employees, directors, other contractors Individuals applying for positions with us or those referring them to us, such as recruiters or referral sources |
Patient/caregiver/customer Services
Business Operations Marketing Personnel Services Personnel Administration Regulatory and Legal Compliance and Oversight |
Service providers, such as human resources providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) Regulators/government agencies |
Inferences drawn from PI to create a profile about an individual reflecting, for instance, preferences, characteristics, behaviors, and aptitudes, such as credit history and risk tolerance |
We may create analyses from information obtained about clients and potential clients. |
Patient/caregiver/customer Services
Business Operations Marketing |
Service providers, such as cloud storage providers
Business partners, Contract Manufacturing Organizations (CMOs), Contract Research Organizations (CROs) product sponsors |
Additional Information about How We Collect and Share your Personal Information
With respect to each of the categories of data above, we may also share Personal Information with any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger or consolidation of our business or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee.
In the 12 months preceding the “Last Updated” date of this Privacy Policy, Purdue has not sold any personal information. You have a right not to be discriminated against for the exercise of the privacy rights conferred by the CCPA.
IX. Texas Residents
Pursuant to the Texas Health and Safety Code, Sec. 181.154, please be advised that if Purdue receives any information that identifies you and relates to your past, present or future physical or mental health, healthcare or payment for your healthcare, such information may be subject to electronic disclosure by such means as file transfers or email.
X. Data Retention Policy, Managing Personal Information
We will retain your information for as long as you use the Service and for a reasonable time thereafter. The Company is a regulated entity and must retain order records under United States Food and Drug Administration regulations. We may maintain anonymized or aggregated data, including usage data, for analytics purposes. We may retain and use your information as necessary to comply with our legal obligations, resolve disputes, and/or for the period required by laws in applicable jurisdictions. Please note that some or all the information we have collected may be required for the Service to function properly.
XI. Links to Other Services or Applications
This Privacy Policy applies only to the Service. The Service may contain links to other websites or apps or may forward users to other websites or apps that we may not own or operate and to which this Privacy Policy does not apply. The links from the Service do not imply that we endorse or have reviewed these websites or apps. The policies and procedures we describe here do not apply to these websites or apps. We neither can control nor are responsible for the privacy practices or content of these websites or apps. We suggest contacting these websites or app providers directly for information on their privacy policies. Nonetheless, we seek to protect the integrity of our Service and welcome any feedback about these linked websites and mobile applications.
XII. Minors’ Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from an individual under age 13. If you are under the age of 13, please do not submit any personal information through the Service. If you have reason to believe that we may have accidentally received personal information from an individual under age 13, please contact us immediately at compliance@pharma.com.
XIII. Accessibility
Purdue is committed to ensuring that our communications, such our Sites, are accessible to individuals with disabilities. Individuals with disabilities can access this policy in alternative formats by contacting us at the address, phone, or email address below.
This Site is designed to meet content accessibility guidelines. To report barriers to accessibility, please contact us at 1-877-PURDUE1 (1-877-787-3831) or contact compliance@pharma.com.
XIIV. Terms and Conditions
Please also visit the Company Terms & Conditions, which state the terms, disclaimers, and limitations of liability governing your use of the Service.
XV. Contact Us
If you have any questions about our Privacy Policy or practices, please contact us:
- Email: compliance@pharma.com
- Toll Free Number: 1-877-PURDUE1 (1-877-787-3831)
- Mailing Address: Purdue, Ethics & Compliance Department, 201 Tresser Blvd., Stamford, CT 06901.
This Privacy Policy is reviewed annually and may be updated periodically.
Have a California Consumer Privacy Act (CCPA) request or a general Privacy question?
- Please contact us via phone, email or U.S. mail with a general question using the contact information included in the below chart.
- For CCPA requests, please complete the California Consumer Privacy Act Data Request Form located near the bottom of the page.
Phone | ||
1-877-PURDUE1 (1-877-787-3831) | compliance@pharma.com | California Consumer Privacy Act c/o Ethics & Compliance Purdue Pharma LP 201 Tresser BLVD. 10th Floor Stamford, CT 06901 |
Privacy Data Request Form
Purdue Pharma L.P., along with its subsidiaries, is committed to safeguarding consumer data and complying with all applicable privacy laws. Under various state privacy laws, such as the California Consumer Privacy Act (CCPA) individuals may: (i) request access to personal information we collect and share about you; (ii) correct your personal information when incorrect, out of date or incomplete; and (iii) request that we delete your personal information.
To submit a request, please follow the Data Rights Request link below and answer the questions accurately so we can validate your identity and respond to your request. The information requested in this form is essential to Purdue Pharma L.P.’s efforts to verify that you are who you claim to be and to locate your data within our systems. We will respond to your request in writing, or verbally if requested, as soon as practicable. Generally, responses will be made within 45 days of receipt of the request.
Please contact the Ethics & Compliance Helpline at 1-877-787-3831 if you need assistance completing the form.