Supplier Privacy Notice
This Supplier Privacy Notice applies to:
- Our Suppliers who are natural persons (such as self-employed persons or sole proprietors); or
- Individual representatives and contact persons of Suppliers that are legal entities.
For purposes of this Notice the term Supplier refers to a party (natural person or legal entity) from whom we procure services and/or goods. Additional privacy terms/notices may apply depending upon the nature of your interaction with Pfizer.
HOW WE COLLECT PERSONAL DATA
Personal Data that we may request or collect from you includes:
- Business contact details (postal address, telephone number(s), email address)
- Title and position
- Electronic identification data (e.g. login or system access credentials, or IP address)
For natural persons acting as a Supplier, we may request additional information such as financial or tax identification information (e.g. bank account details, tax id number).
We may collect Personal Data in a variety of ways, including:
- From you directly, such as when you participate in a transaction or contractual arrangement or when you participate in our procurement and/or payment process.
- From other sources, such as public databases, your employer, and other third parties.
HOW WE USE PERSONAL DATA
We use Personal Data to interact and engage with you when we have a contractual relationship or a legitimate interest for the following purposes:
- Managing our relationship with a Supplier
- Billing and invoicing to compensate a Supplier for services performed and/or goods provided
- Contacting individuals in connection with contractual agreements
- Validating authorized signatories when concluding agreements and transactions
- Providing access to our training modules
- Identifying trends to improve our business activities
- Complying with our legal obligations, which may include laws outside the country you are located (including any legal or regulatory guidance, codes or opinions)
- Protecting the security of accounts and Personal Data
- Enforcing our terms and conditions
- Conducting background checks to ensure we are not precluded from working with a Supplier
HOW WE DISCLOSE PERSONAL DATA
We disclose Personal Data as follows:
- To other Pfizer companies for the purposes described in this Privacy Notice.
- To other Suppliers who provide services to Pfizer such as website hosting, data analysis, background checks, information technology and related infrastructure provision, email delivery, auditing and other services.
- To other companies with which we collaborate regarding joint development, distribution and/or marketing of particular products or services.
- To public, government, and law enforcement authorities, which may include authorities outside your country, in order to comply with a regulatory requirement, judicial proceeding, court order, government request, or legal process served on us.
- To take legal action or otherwise protect the safety, rights, or property of our customers, the public, Pfizer and our affiliates.
- To prepare, complete and implement any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
We seek to use reasonable organizational, technical and administrative measures to protect Personal Data within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
If you would like to request to review, correct, or update Personal Data that you have provided to us, you may contact us as indicated in the Contact Us section. We will respond to your request consistent with applicable law. Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion or to comply with our legal obligations.
If you are in the EEA you can also object to the processing of your Personal Data, ask us to restrict processing or request portability of your Personal Data. You also have the right to file a complaint with a data protection authority if you believe we are using your Personal Data in a manner that is inconsistent with this Notice. Contact details for European Data Protection Authorities may be found here.
We will retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with the service provider; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Personal Data may be stored and processed in any country where we have facilities or in which we engage Suppliers, including the United States, and where our affiliates operate.
If you are located in the EEA, please note some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as by ensuring that the recipient is bound by EU Standard Contractual Clauses, to protect your Personal Data. You may obtain a copy of these measures by contacting us as indicated in the Contact Us section.
UPDATES TO THIS PRIVACY NOTICE
From time to time, we will update this Privacy Notice. The Privacy Notice was last updated as of the “Last Updated” date shown above.
The company responsible for collection, use and disclosure of your Personal Data under this Privacy Notice is the Pfizer entity with whom you are contracting.
If you have questions about this Privacy Notice, or if you would like to request to exercise any individual rights, please contact us at [email protected], or write to the company with whom you are contracting at the address specified in your contract.
In the EEA, you may also contact your data protection officer by visiting DPO.Pfizer.com