Skip to content

Karo Healthcare – General Privacy Notice for Business Partners

This Privacy Notice is addressed to:

  • the healthcare professionals with whom we create or maintain a relationship;
  • our customers or prospects who are natural persons; and
  • the representatives or contact persons of our customers or prospects who are legal entities.

You are receiving this Privacy Notice since Karo Healthcare AB or any of its affiliates (“Karo Pharma Group”) is processing information about you which constitutes “personal data” and that you have certain legal rights in relation to Karo Pharma Group and your personal data that are described in more detail below. Karo Pharma Group considers the protection of your personal data and privacy a very serious and important matter.

Should you want to contact Karo Pharma Group, contact details to its parent company Karo Pharma AB are as follows:

Visiting address: Klara Norra Kyrkogata 33, Stockholm Sweden

Postal address: Box 16184, SE-103 24 Stockholm, Sweden:

Tel: +46 (0) 10-330 23 10)

Karo Pharma AB is responsible for the processing of your personal data in its capacity of being the “data controller”. Karo Pharma AB may exercise this responsibility alone or jointly with other companies in the Karo Pharma Group, in such case acting as “co-controller(s)”. In this Privacy Notice, “we” or “us” refers to Karo Pharma Group being represented by Karo Pharma AB.

We invite you to carefully read this Privacy Notice, which describes in which context we are processing your personal data and informs you about your rights and our obligations in relation to such processing.

Should you have any further questions in relation to the processing of your personal data, we invite you to contact [email protected].

1 What information do we have about you?

The information about you that we process may either be directly provided by you, by our business partners (e.g. the legal entity for whom you work), by other third parties or be obtained through publicly available sources having obtained your consent to provide us with such personal data where necessary under applicable law. We collect various types of personal data about you, including:

  • your general identification information (e.g. name, first name, last name, gender, email and/or postal address, fixed and/or mobile phone number);
  • your function (e.g. title, position, name of company, as well as, for healthcare professionals, first specialty, second specialty, year of graduation from medical school, publications, congress activities, awards, biography, education, links to universities, expertise and participation in/contribution to clinical trials, guidelines, editorial boards and organizations);
  • payment information (e.g. credit card details, bank account details, VAT or other tax identification number);
  • your electronic identification data where required for the purpose of ordering products or services from our company, or delivering products or services to our company (e.g. login, access right, passwords, badge number, IP address, online identifiers/cookies, logs, access and connection times, image recording or sound such as badge pictures or voice recordings);
  • information regarding your utilization, responses and/or preferences including in terms of types of messages discussed, channels of communication and frequency;
  • data you provide to us for example when you fill in forms or during events you attend, or when you answer questions during a conversation or in a survey;
  • data which relate to our products and services; and
  • information about the promotional, scientific and medical activities/interactions you have with us, including potential future interactions.

If you intend to provide us with personal data about other individuals (e.g. your colleagues), you must provide a copy of this Privacy Notice to the relevant individuals, directly or through their employer.

2 For which purposes do we use your personal data and why is this justified?

2.1 Legal basis for the processing

We will not process your personal data if we do not have a proper justification/legal basis as specified in the GDPR. Therefore, we will only process your personal data if:

  • we have obtained your prior consent; or
  • the processing is necessary to perform our contractual obligations towards you or to take pre-contractual steps at your request; or
  • the processing is necessary to comply with our legal or regulatory obligations; or
  • the processing is necessary for our legitimate interests and does not unduly affect your interests or fundamental rights and freedoms.

Please note that, when processing your personal data on this last basis, we always seek to maintain a balance between our legitimate interests and your privacy. Examples of such ‘legitimate interests’ are data processing activities performed:

  • to develop a proximity and trustful professional relationship with health care professionals;
  • to promote Karo Pharma Group’s products in the pharmaceutical, cosmetic and medical device field;
  • to manage Karo Pharma’s human and financial resources and to optimize the interactions with health care professionals;
  • to ensure that the right medicine according to a well-informed HCP’s technical and professional opinion reaches the patient;
  • to benefit from cost-effective services (e.g. we may opt to use certain platforms offered by suppliers to process data);
  • to offer our products and services to our customers;
  • to prevent fraud or criminal activity, misuses of our products or services as well as the security of our IT systems, architecture and networks;
  • to sell any part of our business or its assets or to enable the acquisition of all or part of our business or assets by a third party; and
  • to meet our corporate and social responsibility objectives.

For more information on our specific interests, please contact us as indicated under section 6 below.

2.2 Purposes of the processing

We always process your personal data for a specific purpose and only process the personal data which is relevant to achieve that purpose. In particular, we process your personal data for the following purposes:

  • manage our relationship with you (e.g. through our databases);
  • implement tasks in preparation of or to perform existing contracts;
  • evidence transactions and ensuring transparency on transfer of value;
  • provide you with appropriate, adequate and updated information about disease, drugs as well as our products and services;
  • improve the quality of our interactions and services by adapting our offering to your specific needs;
  • answer your requests and provide you with efficient support;
  • send you surveys (e.g. to help us improve your future interactions with us); 
  • send you communications regarding products, therapeutic areas or services that we promote;
  • manage, plan and execute communications and interactions with you (e.g. through the operation of a database keeping records of interactions with you);
  • track our activities (e.g. measuring interactions or sales, number of appointments/calls);
  • invite you to events or promotional meetings sponsored by us (e.g. medical events, speaker events, conferences);
  • grant you access to our training modules;
  • manage our IT resources, including infrastructure management and business continuity;
  • preserve the company’s economic interests and ensure compliance and reporting (such as complying with our policies and local legal and tax requirements, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
  • manage mergers and acquisitions involving our company;
  • archiving and record keeping;
  • billing and invoicing; and
  • any other purposes imposed by law and authorities.

3 Who has access to your personal data and to whom are they transferred?

We will not sell, share, or otherwise transfer your personal data to third parties other than those indicated in this Privacy Notice.

In the course of our activities and for the same purposes as those listed in this Privacy Notice, your personal data can be accessed by, or transferred to the following categories of recipients, on a need to know basis to achieve such purposes:

our personnel (including personnel of any affiliate of the Karo Pharma Group);

our independent agents or brokers (if any);

our suppliers and service providers that provide products and services to us;

our IT systems providers, cloud service providers, database providers and consultants;

our business partners who offer products or services jointly with us or with our affiliates;

any third party to whom we assign or novate any of our rights or obligations; and

our advisors and external lawyers in the context of the sale or transfer of any part of our business or its assets.

The above third parties are contractually obligated to protect the confidentiality and security of your personal data, in compliance with applicable law.

Your personal data can also be accessed by or transferred to any national and/or international regulatory, enforcement, public body or court, where we are required to do so by applicable law or regulation or at their request.

The personal data we collect from you may also be processed, accessed or stored in a country outside the country where Karo Pharma AB is located (being Sweden), which may not offer the same level of protection of personal data.

If we transfer your personal data to external companies in other jurisdictions, we will make sure to protect your personal data by (i) applying the level of protection required under the applicable local data protection/privacy laws (ii) acting in accordance with our policies and standards.

4 How do we protect your personal data?

We have implemented appropriate technical and organizational measures to provide an adequate level of security and confidentiality to your personal data.
These measures take into account:

(i) the state of the art of the technology;

(ii) the costs of its implementation;

(iii) the nature of the data; and

(iv) the risk of the processing.

The purpose thereof is to protect it against accidental or unlawful destruction or alteration, accidental loss, unauthorized disclosure or access and against other unlawful forms of processing.

Moreover, when handling your personal data, we:

  • only collect and process personal data which is adequate, relevant and not excessive, as required to meet the above purposes; and
  • ensure that your personal data remains up to date and accurate.

For the latter, we may request you to confirm the personal data we hold about you. You are also invited to spontaneously inform us whenever there is a change in your personal circumstances so we can ensure your personal data is kept up-to-date.

5 How long do we store your personal data?

We will only retain your personal data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal or regulatory requirements. When this period expires, your personal data is removed from our active systems.

6 What are your rights and how can you exercise them?

You may exercise the following rights under the conditions and within the limits set forth in the GDPR:

  • the right to access your personal data as processed by us and, if you believe that any information relating to you is incorrect, obsolete or incomplete, to request its correction or updating;
  • the right to request the erasure of your personal data or the restriction thereof to specific categories of processing;
  • the right to withdraw your consent at any time, without affecting the lawfulness of the processing before such withdrawal;
  • the right to object, in whole or in part, to the processing of your personal data;
  • the right to object to a channel of communication used for direct marketing purposes; and
  • the right to request its portability, i.e. that the personal data you have provided to us be returned to you or transferred to the person of your choice, in a structured, commonly used and machine-readable format without hindrance from us and subject to your confidentiality obligations.

If you have a question or want to exercise the above rights, you may send an email to [email protected] or a letter at Karo Pharma AB, Box 16184, SE-103 24 Stockholm, Sweden, attention of Data Privacy Officer.

You have the right to file a complaint with Integritetsskyddsmyndigheten in addition to your rights listed above.

7 How will you be informed of the changes to our Privacy Notice?

Any future changes or additions to the processing of your personal data as described in this Privacy Notice will be notified to you in advance through an individual notice through our usual communication channels (e.g. by email or via our internet websites).

Who we are

Suggested text: Our website address is: https://fluxfluor.com.

Comments

Suggested text: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

Suggested text: If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Suggested text: Visitor comments may be checked through an automated spam detection service.