Data Privacy Framework Policy Statement
Updated as of October 3, 2023
MedPro Systems LLC (“MedPro”) provides healthcare practitioner and/or organization related data and/data services to the pharmaceutical and device industries to, among other things, assist with regulatory compliance and license validation for sample fulfillment.
MedPro complies with the EU-US Data Privacy Framework (“EU-US DPF”), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework (“Swiss-US DPF”), including the Supplemental Principles, as set forth by the U.S. Department of Commerce (collectively, the “DPF”). MedPro has certified that it adheres to the DPF with respect the collection, use, and retention of personal data from the European Union (“EU”), the UK, and Switzerland to MedPro in the United States (“US”). If there is any conflict between the policies in this privacy policy and data subject rights under the DPF, the DPF shall govern. To learn more about the Data Privacy Framework program, and to view our certification page, please visit https://www.dataprivacyframework.gov/.
MedPro may from time to time receive the names of healthcare practitioners in the EU, the UK and Switzerland and their professional mailing addresses, phone numbers and licensing information. MedPro receives this information from licensing boards and other governmental, quasi-governmental and private industry sources, and maintains such information in its database of healthcare professionals (collectively, “HCP Data”), which it makes available to its customers primarily in the pharmaceutical, medical device and related industries. MedPro also receives such HCP Data from its customers who provide the data to MedPro for validation against MedPro’s database and/or in connection with fulfilling certain reporting requirements.
HCP Data received by MedPro from (a) its customers for processing is used by MedPro solely as instructed by such customers and (b) licensing boards and other governmental, quasi-governmental and private industry sources is used by MedPro to provide services to its customers, including for validation against MedPro’s database and/or in connection with fulfilling certain reporting requirements.
HCP Data is provided solely to its third party customers (and/or their representatives).
In addition, MedPro also may receive the names and email addresses of individuals in the EU, the UK and Switzerland (“User Information”) in connection with such individual’s use of our website located at www.MedProSystems.com (the “Website”), and such User Information is governed by the terms of our Privacy Policy (the “User Privacy Policy”) located at www.MedProSystems.com/privacy-policy (provided, however, that any User Information regarding individuals in the EU, the UK and Switzerland shall be subject to this DPF Policy Statement and the terms hereof shall govern in the event of any inconsistency thereof). Any such User Information shall be used solely for the purposes set forth in the User Privacy Policy and is not provided to any third parties.
MedPro will not use the personal data of EU, UK or Swiss individuals for any purposes other than those described in the preceding paragraph without first providing appropriate choice, as required by the DPF.
Pursuant to the DPF, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under DPF, should direct their query to Privacy@MedProSystems.com. If requested to remove data, we will respond within a reasonable timeframe.
With respect to any personal data collected directly by MedPro, we will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to Privacy@MedProSystems.com.
Please be aware that MedPro may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
MedPro’s accountability for personal data that it receives in the United States under the DPF and subsequently transfers to a third party is described in the DPF. In particular, MedPro remains responsible and liable under the DPF if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the DPF, unless MedPro proves that it is not responsible for the event giving rise to the damage.
In compliance with the DPF, MedPro commits to resolve complaints about your privacy and MedPro’s collection or use of your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding this DPF Policy Statement should first contact MedPro at:
MedPro Systems LLC
100 Stierli Court
Mt. Arlington, NJ 07856
Attention: Stephanie Young – Director of Marketing
Privacy@MedProSystems.com
MedPro has further committed to refer unresolved privacy complaints under the DPF to a US-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf
MedPro is subject to the investigatory and enforcement powers of the US Federal Trade Commission.
This DPF Policy Statement may be amended from time to time consistent with the requirements of the DPF. MedPro will post any revised policy online on this website.
If there is any conflict between the terms of this DPF Policy Statement and the terms of MedPro’s privacy policy, the terms of this DPF Policy Statement shall govern.