PRIVACY POLICY
Effective June 30, 2020
This Privacy Policy describes the data and information (“Data”) that we collect about you (“Data Subject”) on the website from which you linked (“Site”); how we use that information; how we protect it; and the choices you may make with respect to your rights. When we refer to ourselves as “we", “our”, or “us”, we mean Boston Pharmaceuticals. Our Site may contain links to third-party websites/content/services that are not owned or controlled by Boston Pharmaceuticals; we are not responsible for how these Sites operate or treat your personal data and we recommend that you read the privacy policies and terms and conditions associated with these third-party sites carefully before providing any Data. This Site is not directed to individuals under the age of thirteen (13), and we do not knowingly collect personal data from children under the age of 13.
Data Protection Officer
Boston Pharmaceuticals has appointed a Data Protection Officer (DPO) to ensure appropriate implementation of applicable legal and regulatory data protection and privacy requirements, including the EU General Data Protection Regulation (GDPR). The DPO is responsible to advise Boston Pharmaceuticals’ Senior Leadership as required to attain and maintain compliance to such laws, regulations, and safeguards, and to continually review and advise on business practices and codes of conduct related to data privacy and protection.
Collected Data & Data Usage
We collect Data from individuals who visit our website ("Visitors") and individuals who use our products or services ("Customers” or Business “Partners” or “Patients").
When you request additional information about Boston Pharmaceuticals, contact us via our website, or register to use our services, we may require you to provide contact information such as your name, company name, title, address, phone number(s), fax number, and email address.
We use the collected Data to perform the requested services. For example, if you complete a web contact form, we will use the information provided to contact you with details regarding your request.
We may also use the collected Data for other legitimate business purposes. For example, we may use the collected Data to contact you to further discuss your interest in our products or services.You may opt-out of receiving communication from us at any time, please refer to the Opt-Out Policy below.
We may use your data to validate your authority to access and utilize certainproducts, information and/or services. Certain products, services and information we offer may only be suitable for/accessible to individuals meeting certain eligibility or other criteria. In such cases, we may verify that you meet such criteria. For example, certain information relating to our services or products is only intended for and accessible to licensed healthcare professionals and we may use information we collect directly from you and from outside sources to validate your licensure and eligibility to view such information.
We may use your data to protect patients and improve our products and services. For example, we may use the information you provide for data analysis, to better understand how our products and services impact you and those you care for, to track and respond to questions and concerns, to prevent fraud, and to further develop and improve our products and services. In addition, we use the information you provide to comply with applicable regulatory monitoring and reporting requirements including those related to adverse events, product complaints, and patient safety.
We may also collect information about your interaction with our website. For example, we may use technologies, such as cookies (described below), to collect information about the pages you view, the links you click and other actions you take on our site. Additionally, we may also collect certain standard information that your browser sends to every website you visit, such as your IP address, access times, and referring website addresses. This information is primarily used to help diagnose technical problems, for administrative purposes, to compile non-identifying aggregate statistics about site usage and to improve the quality of our website and services.
Cookies
When you interact with our website or software service, we may use cookies to help make your experiences easy and meaningful. "Cookies" are a technology employed by many other websites and are small data files stored on your computer. Cookies cannot be used to run programs or deliver viruses to your computer.
Standing alone, cookies do not identify you personally. They merely recognize your browser. Unless you choose to identify yourself to us, either by responding to a promotional offer, completing a contact or interest form or registering for an account, you remain anonymous.
There are two types of cookies, session cookies and persistent cookies. Session cookies exist only during an online session. They disappear from your computer when you close your web browser or turn off your computer. Persistent cookies remain on your computer after you've closed your browser or turned off your computer. They include information such as a unique identifier for your browser.
We may use persistent cookies to identify the fact that you are a Customer or prior website Visitor (whichever the case may be). We are particularly careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users can disable their web browsers' ability to accept cookies and will still be able to browse our website.
Third-Party Cookies
We may engage third parties to track and analyze non-personally identifiable usage and volume statistical information from Visitors to our website for marketing and administrative purposes. Such third parties may use cookies to help track Visitor behavior. Such cookies will not be used to associate individual website Visitors to any personally identifiable information. All data collected by such third parties is used only to provide information on site usage and is not shared with any other third parties.
Sharing of Collected Data
Except in the cases where we explicitly state otherwise, at the time we request information, or as provided for in a User Agreement, we will not disclose to third-parties your personally identifiable Data except as follows: we may share your Data with Agents who process Data only on behalf of Boston Pharmaceuticals, Inc. and for our purposes (as used here, "Agents" are persons or companies who act on behalf of or under the direction of Boston Pharmaceuticals, Inc.). We may share your Data as required by law or in the interest of protecting or exercising legal rights (e.g., without limitation, relating to requests from law enforcement officials and relating to court proceedings). We may share or transfer your Data relating to a prospective or actual sale, merger, transfer, or other reorganization of all or parts of our business. We may also share Data with third parties involved in the normal business operations; for example, with contract research organizations (CROs), study sites, or others that are involved in study management as commonly conducted within industry. We reserve the right to fully use and disclose any Data that is not in personally identifiable form (such as site usage statistics that do not identify you individually by name).
We will not disclose personally identifiable Data to any third-party unless it first either ascertains that the third-party adheres to the EU-U.S. Privacy Shield Framework or Swiss-U.S. Privacy Shield Framework, or is subject to GDPR EU Directive on Data Protection or another adequacy finding, or enters into a written agreement with such third-party requiring that the third-party provide at least the same level of privacy protection as is required by the relevant Privacy Shield Principles.
Opt-Out Policy
We offer Visitors and Customers a means to choose how we may use the Data provided. If, at any time after providing us with Data, you change your mind about receiving commercial information from us or about sharing your Data with third-parties, send a request specifying your new choice to DPO@bostonpharmaceuticals.com.
Correcting & Updating Data
We are dedicated to maintaining accurate and up to date Customer Data. If you need to update Data and/or billing information or would like to have your information deleted please email DPO@bostonpharmaceuticals.com. We will respond to your correction or update request within 30 days.
Security & Breach Notification
We have implemented reasonable security measures to protect the integrity, availability, and confidentiality of Data. These measures include policies, procedures, employee training, and physical access and logical security controls. In addition, when accessing our systems, Data transmitted to our servers are secured using standard security protocols and mechanisms such as SSL encryption to ensure data confidentiality and integrity.
If individual personal Data is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification of affected individuals, we will issue a notification of the breach by email or fax or, if we are unable to contact the individual by these means, then by U.S. mail. Notice will also be sent to Customers when a breach affects Customer-provided Data, and to legal and law enforcement authorities as required under current laws and regulations. Any measures necessary for Boston Pharmaceuticals, Inc. or legal and law enforcement to determine the scope of the breach and to assure or restore the integrity of the data system will be taken. We may delay notification to individuals if our DPO or a law enforcement agency determines that the notification will impede a criminal investigation, unless and until our DPO or the agency determines that notification no longer compromises an investigation.
Individual Rights
Users whose personal information is covered by this Privacy Policy have the right to access the personal information that we maintain about them to correct, amend, and/or delete such personal information if it is inaccurate or has been processed in violation of the Principles (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the Data Subject’s privacy, or where the rights of persons other than the Data Subject would be violated). Requests for access, correction, amendment or deletion should be sent to: DPO@bostonpharmaceuticals.com.
Data Minimization, Retention, & Destruction
Data which permits identification of Data Subjects will be minimized to only the Data required to perform contracted services and processing activities to which Data Subjects have consented. All data will be anonymized to the extent possible. Data permitting identification of Data Subjects will be retained only for the period defined in the applicable agreement(s). Personal Data may be stored for longer periods insofar as the Data will be processed solely for archiving, purposes in the public interest, scientific or historical research purposes, or statistical purposes in accordance with GDPR Article 89(1) ensuring appropriate technical and organizational measures to safeguard the rights and freedoms of the Data Subject
Enforcement
Boston Pharmaceuticals, Inc. is committed to resolving complaints about our collection or use of your personal Data. Individuals with inquiries or complaints regarding our Privacy Policy should first contact us at:
Boston Pharmaceuticals, Inc.
Attn: Data Protection Officer
55 Cambridge Parkway
Suite 400
Cambridge, MA 02142
Email: DPO@bostonpharmaceuticals.com
Policy Updates
We reserve the right to change this Privacy Policy and notify users of any changes by posting a prominent notice on the privacy section of our website.