GroAssist® PRIVACY NOTICE
Last Updated: May 2018
Pfizer Inc. (“Pfizer”) respects your privacy. This Privacy Notice describes our practices in connection with the information collected through the Genotropin GroAssist mobile application (the “App”).
The App allows for the monitoring and tracking of Genotropin injections administered by patients under the age of 18 (the “Child”). Permitted users of the App are legal guardians of the Child (the “Primary Users”) and other caregivers designated under the sole responsibility of the Primary User (“Caregivers”), together referred to as “Users” using the App within the EU.
The App requires Users to enter an activation code provided by a healthcare provider to the Primary User, or entering a Caregiver code provided by the Primary User to a Caregiver. All Users are required to create an account (consisting of an email address and password) in order to use the App. You can activate your account through the verification link that will be sent to your email address.
“Personal Data” is data that identifies you as an individual or relates to an identifiable individual. When you use the App, the App collects and processes Personal Data of both you and the Child (both “User Information”). Some User Information is required in order for the App to function (such as for the creation of an account). Other User Information is optional and is collected only if you choose to provide it in the App, such as when you choose to designate a Caregiver or use additional functionality of the App (for instance entering diary notes, appointment reminders or entering height and weight of the
Child to track progress). User Information may also be collected automatically when you use the App. User Information may consist of the following (* indicates required information):
Primary User / Caregiver
- Email address* and password*
- Primary User name / Caregiver name*
- Rewards given by the Primary User / Caregiver to the Child (photo and/or free text field)
- Caregiver’s cell phone number for the Primary User to send him/her an invitation to join the Caregiver network
- First name*
- Injections (daily injection time, location on body and mood of the Child when given)
- Height and weight
- Date of birth
- Appointments with physician (date, time and free text field)
- Refill timing
- Diary entries (free text field)
- Rewards received by the Child (photo and/or free text field)
When you as a Primary User or Caregiver provide any photos of the Child as reward, you should refrain from providing photos of identifiable people, including children. If you upload or provide any photos, you must only include photos of yourself or of people who have validly provided their explicit consent.
If you as a Primary User invite others to be part of the Caregiver network, you represent that you have the authority to (i) permit such Caregivers to access the data collected and stored through the App, and (ii) permit us to collect and use the information pertaining to Caregivers, including to invite them (through an email or text message) on your behalf to use the App as part of the Caregiver network and further process this information as described in this Privacy Notice.
Further, when you as a Primary User or Caregiver provide any personal information of the Child in the App (including pictures), to be processed as described in this Privacy Notice, you represent that you have the authority to do so also on behalf of any other legal representatives of the Child.
You represent that no authorizations from any other people in relation to the foregoing are required or otherwise, that you have obtained them in writing, are in force and may be provided to Pfizer at any time upon request.
When you are asked to provide Personal Data, you may decline. But if you choose not to provide Personal Data that is necessary to provide requested services, we may not be able to provide you with those services.
HOW WE USE AND DISCLOSE PERSONAL DATA
We use Personal Data in order to:
- Provide the App’s functionality and fulfill your requests when we have a contractual relationship or a legitimate interest in doing so, including:
- To provide customer service to you.
- To respond to your inquiries and fullfill your requests, such as to send you notifications and PIN or password resets.
- To complete your transactions.
- To send administrative information to you, such as information regarding the App and changes to our terms, conditions, and policies, as well as marketing communications that we believe may be of interest to you.
- To facilitate social sharing functionality.
- To allow you to send messages to another person, such as a Caregiver.
- To comply with the App’s terms and conditions.
- Provide personalized services when we have your consent or a legitimate interest in providing you with information of interest to you, including:
- To better understand you and personalize our interactions with you.
- To aggregate and/or anonymise the data to better understand the use of the App and analyse or predict usage patterns
- To analyse or predict our users’ preferences in order to identify aggregated and/or anonymised trend reports on how Pfizer digital content is used.
- To analyze or predict your preferences in order to improve our interactions with you, i.e., to deliver you the content, products and offers (via the App, emails, or digital tools) that we believe will be relevant to your professional interests.
- Operate our business to comply with our legal obligations and to meet our legitimate interests in maintaining our business, including:
- To conduct data analysis and audits.
- To identify usage trends in the use of our Apps and analyze the effectiveness of our communications.
- To detect, prevent, and investigate fraud, including (cyber) security monitoring and prevention.
- To develop new products and services.
- To enhance, improve, or modify our products and services.
- To validate your ability to access or use certain products or services.
- To better understand how our products and services impact you and those for whom you care.
- To track and respond to concerns, including engaging in regulatory monitoring and reporting obligations related to adverse events, product complaints, and patient safety.
- To operate and expand our business activities.
We use health data you provide for the purposes we disclose to you when we request such data within the App.
We disclose Personal Data as follows:
- To our (third-party) service providers, to provide services such as data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing and other services.
- To identify you to anyone to whom you send a message through the App (such as Caregivers).
We also use and disclose your Personal Data as we believe to be necessary or appropriate:
- To comply with applicable law and our regulatory monitoring and reporting obligations (which may include laws outside your country of residence), to respond to requests from public and government authorities (which may include authorities outside your country of residence), to cooperate with law enforcement, or for other legal reasons.
- To enforce our terms and conditions.
- To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
- To allow us to pursue available remedies or limit damages that we may sustain.
If you contact a local Pfizer entity either in relation to an adverse event or for support with the App (for both of which you will find the contact details in the “About” section of the App), you are not required to provide any personal information. The respective Pfizer entity you are contacting will not have access to any of the information generated or collected through the App. The Pfizer entity may ask you for specific information in relation to the Pfizer product you are using or any issue you experience with the App.
In addition, we may use, disclose or transfer Personal Data to a third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
We may aggregate the Personal Data that you and other App users provide. If we do, we may use and disclose such aggregated data for any purpose. Aggregated data does not personally identify you or any other individual.
DATA COLLECTED AUTOMATICALLY
We also collect certain information automatically on an aggregate basis (i.e., the information will not be identifiable to you as a Primary User or Caregiver or to the Child), such as:
- Data about your device, such as screen resolution, operating system, device manufacturer and model, and language. We use this data to ensure that the App functions properly.
- Data about your use of the App, including content viewed, features used, number of users and sessions, and session duration. We use this data to understand how users engage with the App and to customize and improve the App experience.
Analytics information is collected through a tool for mobile apps, proprietary Adobe Inc., which is embedded in the App to measure user interactions. We use this aggregate information for statistical analytics purposes only, which helps us to better understand and optimize general user engagement with the App. For more information, please go to www.adobe.com/privacy.html.
We may collect per user-session your partially-masked IP address, which is automatically assigned to your device by your Internet Service Provider. An IP address may be identified and logged when you access the App, along with the time of the visit. We use the partially-masked IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the App. We may also derive your approximate location (on a city or region level) from your partially-masked IP address.
If you do not want to share aggregated and non-identifiable information for analytics purposes (including location information) with Pfizer, you can turn off this functionality in the App setting. Turning off this functionality will not affect the normal operation of the App.
We may use and disclose the data described in this section for any purpose, except where we are required to do otherwise under applicable law. If we combine the data described in this section with data that is deemed “personal data” under applicable law, we will treat the combined data as Personal Data, as described above, for as long as it is combined.
- You may stop all collection of data by the App by uninstalling the App.
- If you would like to request to access, review, correct, update, suppress, restrict or delete Personal Data that you have provided to us through the App, or if you would like to request to receive an electronic copy of such Personal Data for purposes of transmitting it to another company, you may access or edit your Account or use certain tools in the App (such as to delete a Caregiver and all of his/her data from the App, to delete all of the data generated with the App from Pfizer’s systems or to turn off the collection of aggregate statistical information as stated above).
- If you are unable to manage your information through the App, please contact us through the contact details provided in the “About” section of the App. We will respond to your request consistent with applicable law. In your request, please tell us what Personal Data you would like to have changed, whether you would like to have it suppressed from our database, or otherwise let us know what limitations you would like to put on our use of it. For your protection, we may only implement requests with respect to the Personal Data associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
You may have a right to lodge a complaint with a data protection authority competent for your habitual residence, place of work, or place of alleged infringement. Please click here for contact information for such authorities.
In the interest of the security of the data generated by and accessible through the App, the App comes with an auto-log out option. As a default, Users will be automatically logged-out of the App after 1 day, which means a daily log-in with your username and password is required in order to access the App. Users are given the option to set a longer period of the auto log-out option or to disable the auto log-out option altogether. You are advised to only consider changing the default auto log-out settings if you have a general security login for your device (e.g. through password or fingerprint authentication).
Data stored on the App is encrypted. Data stored remotely is stored in our data centers in the EU and is transmitted via encrypted transmission. We seek to use reasonable organizational, technical and administrative measures to protect the information you provide to us within the App. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us.
Please note that we cannot control and are not responsible for the security of your device or other apps you use on your device. The above-mentioned security measures only relate to the App and do not apply to anything you do outside of the App. When you use the option to generate a compiled report, you are advised to treat the report with care and security, for instance by only viewing the report on your device or printing the report directly from the device.
If you as a Primary User or Caregiver do not access the App for 12 months, the system will email you and inform you of the inactivity. If you do not subsequently access your account within 30 days from the date of the email, all of your data will be removed from our system, including your account details. Once the data has been removed we will send an email to you stating the data and account details that have been removed from the system.
This Privacy Notice does not address, and we are not responsible for, the data collection, use, disclosure or security practices, or other practices, of any third party, including any third party operating a service to which the App links. The inclusion of a link within the App does not imply our endorsement of the linked service.
USE BY MINORS
This App is intended to be installed and used only on a device belonging to a Primary User and/or Caregiver. Primary Users and Caregivers must not be minors (under applicable law). Children using the App who are minors (under applicable law) must only do so under the supervision of a Primary User. As Primary User, you represent and warrant that you have legal custody over the Child using the app (and can demonstrate such authority to Pfizer upon request) and you consent to any personal information of the Child collected and processed through the use of the App.
From time to time, we will update this Privacy Notice. Any changes will become effective when we post the revised Privacy Notice in the App. This Privacy Notice was last updated as of the “Last Updated” date shown above.
The company responsible for collection, use, and disclosure of your Personal Data under this Privacy Notice is
Pfizer Limited, Walton Oaks, Dorking Road, Tadworth, Surrey KT20 7NS.
If you have questions about this Privacy Notice, or if you would like to request to exercise any individual rights, please contact us at [email protected], or write to the following address:
IPC 1-1, Pfizer Limited, Walton Oaks, Dorking Road, Tadworth, Surrey KT20 7NS
You may also contact our data protection officer responsible for your country or region, if applicable. To find their contact information, visit DPO.Pfizer.com.