1. Angelini Pharma
  2. Privacy Notice

Privacy Notice

www.https://angelinipharma.ch

Last updated 16/12/2025

 

Angelini Pharma S.p.A., with registered office at Viale Amelia 70, 00181 Rome (RM), operating in Switzerland through its business branch (Angelini Pharma S.p.A., branch Zug having its address at Zählerweg 6, 6301 Zug, Switzerland, (hereinafter "Angelini Pharma" or "Controller"), pursuant to the applicable privacy regulatios, provides you with the following information on the processing of your personal data, in your capacity as user/browser of the website https://www.angelinipharma.ch/en/ (hereinafter the “Website”).

1. Data Controller and Data Protection Officer (DPO)

The Controller is Angelini Pharma S.p.A., Rome, branch Zug having its place of business at Zählerweg 6, 6301 Zug, Switzerland. The Controller has appointed a Data Protection Officer (DPO), who can be contacted directly at the following addresses: Data Protection Officer - DPO c/o Angelini Pharma S.p.A., viale Amelia n. 70, 00181 – Rome (Rome), Italy, email: dpo.global@angelinipharma.com. 

2. Purposes of processing and legal basis for the processing

All personal data provided by you is processed in compliance with the provisions of the law in a fair, lawful and transparent manner for the purposes set out below and according to the following conditions of lawfulness (legal basis for processing).

 

Purposes of the processing

Legal basis of the processing

a)  Proper and comprehensive management of any communication or request you may send to Angelini Pharma (for example a request for information or assistance) [management of your requests].

The processing of your personal data for this purpose is necessary for the performance of a contract or precontractual measures (here construed as the “legal relationship” established between yourself and the Controller, following a possible your request).

b)    Proper and comprehensive management of reports relating to pharmacovigilance. In particular, to: (i) investigate the adverse event; (ii) contact the reporting party to obtain, if necessary, additional information with respect to that already communicated ("follow-up"); (iii) compare the information on the adverse event with information on other adverse events received by the Controller to analyse the safety of the product or of a generic component or of an active ingredient as a whole; (iv) provide the competent authorities with the information required by law, so that they can analyse the safety of the product as a whole or of a generic component or an active ingredient [pharmacovigilance].

The processing of your personal data for this purpose is a legal obligation.
The processing of “special categories of personal data” is necessary for reasons of public interest in the area of public health, by way of guarantee of high quality and safety parameters in medicinal products and medical devices.

 

c)  Protection of the Data Controller's rights in court or out of court (mediation bodies and other entities with similar functions) and in administrative proceedings. The data may also be processed for the purpose of protecting the rights of third parties, i.e. parties other than the Data Controller, including by communicating personal data to such parties [protection of rights].

The processing of your data for this purpose is based on the legitimate interest of the Data Controller or a third party in protecting their rights.
Upon your request, the Data Controller may provide you with information on the assessment of this legitimate interest carried out by the Data Controller.
With regard to the processing of “special categories of data”, the legal basis also consists of the need to establish, exercise or defend a right in court.
With regard to the processing of “judicial data”, the legal basis also consists of the law.

d) Compliance with legal obligations. In certain circumstances, legislation obliges us to use your personal data (for example to inform you of a potential security breach involving your data and the measures we have taken to address the situation) [compliance with legal obligations].

The processing of your personal data for this purpose is a legal obligation.

3. Categories of data processed

The Controller will process the following categories of your personal data:

  • if you should submit communications or requests to Angelini Pharma, your personal data necessary to the correct management of your communication or request (in particular, name and surname, postal address, e-mail address and telephone number) and any other personal data you may include in your message or in any materials you send to us (for the purpose pursuant to paragraph 2, letter a);
  • if you should make any reports in relation to pharmacovigilance, the data necessary to comply with the related legal obligations assigned to the Controller (for the purpose pursuant to paragraph 2, letter b). More specifically, as “reporting party”, as a guarantee of the exactness and pertinence of data and its verifiability for the purpose of the scientific assessment of the reports: e-mail address or telephone number, to obtain, if necessary, additional information with respect to that already communicated (“follow-up”); and, in order to manage the report correctly, any classification as medical-health care professional (for example doctor, dentist, nurse, pharmacist, medical examiner) or type of non-health care professional, such as patient, attorney or person in relation to the subject to whom the report refers (for example friend, relative, assistant). As the subject to whom the report refers (the “patient”): initials of name and surname, city and country of residence, age (or age range) and/or date of birth, gender, height and weight and data relating to sex life or which reveals racial or ethnic origin, health of the subject (medical history, any current or previous pathologies, pharmacological and non-pharmacological therapies, pregnancy, breast-feeding) “special categories of data”) concerned by pharmacovigilance obligations, in particular in respect of “Safety information” on the medicinal product, such as adverse reactions, special situations (abuse, overdose, improper use (misuse), therapeutic error, “off-label” use, occupational exposure), exposure during pregnancy or breast-feeding, with or without associated adverse reactions, lack of efficacy or suspected transmission of infectious agent through the medicinal product;
  • for the protection of rights, personal and contact details, as well as any other data necessary for the protection of rights (such as, for example, data relating to any disputes);
  • all data necessary to comply with legal obligations (for the purpose pursuant to paragraph 2, letter d) such as, for example, your contact data for communications required by the law or the authority.

 

4. Data source

Your personal data will be obtained by the Controller:

  • directly from you and your interaction with us;
  • in relation to the purpose of pharmacovigilance, also by the "reporter", if different from the person to whom the report refers, as well as by other pharmaceutical companies, including companies of the Angelini Pharma Group, linked to the Controller by licensing and distribution contracts for pharmaceutical products.
  • in relation to the purpose of protecting rights, also from public authorities or any third parties involved in judicial proceedings.

 

5. Nature of data conferral

The conferral of your personal data in order to manage your requests (purpose pursuant to paragraph 2, letter a) is necessary to allow the Controller to process your communication: failure to provide such would make it impossible for you to receive a reply to your communication (in particular, to receive a response to a request you make for information or assistance).


The conferral of your personal data for pharmacovigilance (purpose pursuant to paragraph 2, letter b) and to comply with legal obligations (purpose pursuant to paragraph 2, letter d) is mandatory as it complies with the legal provisions.
The provision of your personal data for the protection of rights (purpose referred to in paragraph 2, letter c) is not a contractual or legal obligation, but failure to provide such data will make it impossible for you to establish any relationship with the Data Controller.

 

6. Processing methods

Data processing is carried out using both automated and non-automated tools, with logic strictly related to the purposes of the processing and, in any case, with methods and procedures able to ensure the security and confidentiality of the data.

7. Categories of personal data recipients

For the purposes indicated above (paragraph 2), your personal data may be communicated:

  • to persons authorized by the Controller to carry out personal data processing operations (employees or collaborators of the Controller);
  • to the data processors appointed by the Controller (suppliers of computer, technological and telematic services, Internet operators; providers of pharmacovigilance report management services, providers of consumer services);
  • to autonomous data controllers (for the management of your requests: providers of telecom and communication services; couriers and dispatch companies; for pharmacovigilance: national and European medicine and drug agencies, other pharmaceutical companies, including companies of the Angelini Pharma Group, bound to the Controller by license contracts and distribution agreements for pharmaceutical products or, in the case of transfer of marketing authorizations for the pharmaceutical product; for the protection of rights: telecommunications and web-based/online communication service providers, lawyers, professional firms, as well as in accordance with the law, the police and judicial and administrative authorities or other public authorities competent for the investigation and prosecution of crimes, the prevention and protection against threats to public safety, for surveillance and inspection activities required by law, to allow the Data Controller or a third party to ascertain, exercise or defend a right in court or out of court (mediation bodies and other entities with similar functions) and in administrative proceedings, as well as for other reasons related to the protection of the rights and freedoms of others; to comply with legal obligations: public authorities).

Your data may also be transmitted in accordance with the law to tax authorities, police forces and judicial and administrative authorities, for detection and prosecution of crimes, prevention and safeguards from threats to public security, to allow the Controller to ascertain, exercise or defend a right in court, as well as for other reasons related to the protection of the rights and freedoms of others.

 

8. Data retention period

We store your personal data for a limited period depending on the purpose of processing. After the expiry of this period, your data will be permanently erased or in any case irreversibly anonymized.

Your personal data will be stored in accordance with the terms and criteria specified below:

  • for the management of your requests (purpose pursuant to paragraph 2, letter a) for a maximum period of 6 (six) months from the proper and comprehensive management of your request;
  • for pharmacovigilance (purpose pursuant to paragraph 2, letter b) as long as the medical product is authorised and for at least 10 (ten) years after the marketing authorisation has expired;
  • for the protection of rights (purpose referred to in paragraph 2, letter c) until the conflict or dispute involving you can be considered definitively resolved (including any related appeals);
  • to comply with legal obligations (purpose pursuant to paragraph 2, letter d) for a maximum period of 10 (ten) years from the end of the calendar year in which the Controller has fulfilled its legal obligation, in order to document and be able to show correct compliance with the law (for example having correctly informed you of any security breaches that may have involved your data and the measures we took to address such situations).

For technical reasons, the termination of the processing and the consequent erasure of your personal data, or its anonymization, will take place within 30 (thirty) days from the terms indicated above.

This is without prejudice to cases where retention for a longer period is required for any litigation, requests by the competent authorities or under applicable law.

 

9. Cross-border disclosure of personal data or transfer of personal data outside the EU/EEA

Your personal data may be transferred to countries:

a) outside Switzerland, provided that such countries offer an adequate level of data protection as recognised by specific resolutions issued by the Swiss Federal Council (https://www.bj.admin.ch/bj/en/home/staat/datenschutz/internationales/anerkennung-staaten.html); or

b) outside the European Union/European Economic Area (EU/EEA), provided that such countries offer an adequate level of data protection as recognised by adequacy decisions of the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).

Where personal data is transferred to countries that do not ensure an adequate level of protection, such transfer will only take place if alternative measures provided by applicable data protection laws are implemented to ensure appropriate safeguards. These may include, for example, the use of specific agreements containing safeguard clauses, the adoption of the Standard Contractual Clauses (also referred to as “standard data protection clauses”) approved by the European Commission or by the Swiss Federal Data Protection and Information Commissioner, or the implementation of Binding Corporate Rules (BCRs) approved by the competent supervisory authority.

In addition, you may obtain the complete and updated list of transfers to countries outside the EU/EEA a copy of the safeguards applied to such cross-border transfers or further information on where they have been made available by contacting us at the addresses indicated in this Privacy Notice.

Transfers may also take place where strictly necessary for the management of your requests or to comply with applicable legal obligations.

10. Rights of the data subject

As data subject, you have the right to:

  • have confirmation as to whether or not personal data concerning you are being processed and, if so, to obtain access to the data and related information (in particular, the purposes of the processing; categories of personal data concerned; recipients or categories of recipients to whom the data have been or will be disclosed; the period of retention of the data or the criteria for determining it; the existence of the right to rectify or erase the data or to limit or oppose the processing; the right to lodge a complaint with a supervisory authority; the source of the data; the possible existence of an automated decision-making process, including profiling and, in such cases, significant information on the logic involved and the importance and envisaged consequences of such processing for the data subject; the appropriate safeguards in case of transfer of personal data outside the Switzerland and EU/EEA), as well as a copy of such personal data, provided that this does not adversely affect the rights and freedoms of others (right of access);
  • obtain the rectification of your personal data, i.e. to obtain the correction, modification or updating of any inaccurate or no longer correct data, as well as to obtain the integration of incomplete personal data, including by providing a supplementary statement (right of rectification);
  • request the erasure of your personal data when these, in particular, (i) are no longer necessary in relation to the purposes for which they were collected or processed, or (ii) they have been processed unlawfully, or (iii) they must be erased in order to comply with a legal obligation (right to be forgotten). Erasure may not be carried out if, in particular, the processing is necessary for the fulfillment of a legal obligation or for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • obtain a restriction on the processing of your personal data, i.e. that the Controller retains such data without being able to use them. This right can be exercised only when, in particular, (i) the accuracy of the personal data is contested, for the period necessary for the Controller to verify the accuracy of such data, or (ii) the processing of the data is unlawful and a restriction on the use of the data is requested, instead of their erasure, or (iii) although the Controller no longer needs them for the purposes of processing, the personal data are necessary for you to establish, exercise or defend legal claims (right to restriction of processing);
  • receive from the Controller your personal data, processed on the basis of a contract, in a structured, commonly used and machine-readable format, and that they are transferred, where technically possible, directly to a third party indicated by you (right to data portability).
  • object to the processing of your personal data at any time, on grounds relating to your particular situation, when the processing is based on the Controller’s legitimate interests or on public interest tasks. In such cases, the Controller will no longer process your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims (right to object).

To exercise these rights, You may contact the Controller at any time, by writing to Angelini Pharma S.p.A., , branch Zug having its address at Zählerweg 6, 6301 Zug, Switzerland or by writing to our DPO at dpo.global@angelinipharma.com.

 

11. Complaint

If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the data protection authority:

a) in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC), for more information https://www.edoeb.admin.ch/edoeb/en/home.html;
b) in Italy the Garante per la protezione dei dati personali, (for more information www.garanteprivacy.it).

The complaint can also be made to a data protection authority other than that of Switzerland or Italy, if said data protection authority is that of the EU Member State in which you have your habitual place of residence or of the place where the alleged breach took place.

 

12. Cookies and similar technologies

For information on the use of cookies and similar technologies by the Website, please refer to the specific Cookie Policy.

 

13. Links to other websites

The Website may contain links to third party websites.

Angelini Pharma cannot guarantee and accepts no liability for the contents and information provided by such third parties, the relevant completeness or accuracy, nor indeed in respect of the contents of the websites of said third parties and any products and services potentially supplied through said third party websites, nor in respect of the processing of personal data of users/browsers by said third parties. This privacy disclosure applies to our Website only.

 

14. Changes to this notice

The constant evolution of our activities could lead to changes in the characteristics of the processing of your personal data described above. As a result, this privacy notice may be subject to changes and additions over time, which may also be necessary in relation to new legislation on the personal data protection. The updated version of this privacy notice will be published on this page, indicating the date on which it was last updated. Please therefore refer to this page when accessing the Website.

In the event of significant changes to this privacy notice, we will notify You accordingly.