Healthcare professionals
-
We collect your personal data when we engage with you, e.g., when you:
- Send us a request or create an account or profile in our websites, mobile apps, portals and systems
- Report an adverse event
- Sign up with us to receive promotional material
- Engage with one of our sales representatives, professional affairs liaisons or call centres
- Get in touch for product support or to provide feedback
- Engage with us for product evaluation and development purposes
- Respond to any surveys that you are asked by us to participate in
- Conclude a contract with us
- Collaborate in a scientific project with us
We also collect personal data from public sources or specialised third parties to learn more about your professional qualifications, fields of expertise, publications or professional activities. The information is important for us to identify potential collaboration partners (e.g., for speaker engagements or studies) and to communicate and advise you according to your interests and preferences.
-
We only process your personal data to the extent permitted in accordance with applicable data protection legislation. This means inter alia that we need to have a legal basis for the purposes for processing your personal data.
Mölnlycke may process data concerning your health when you respond to our surveys on product safety and reliability (for post-market surveillance purposes), as such surveys may ask questions about your occupational health. When processing such special category personal data, we need to have an additional legal basis (also called an exemption) to use these types of personal data. Our additional legal basis to process special categories of your personal data is:
- The public interest in the area of public health to ensure high standards of quality and safety of medical devices
Below, we explain more about the categories of personal data we process, for what purposes we process them and for how long we store your personal data.
-
What we do and why
We collect and use your personal data to administer your participation in projects where we ask you to evaluate and provide feedback on our products and services (this can e.g., be us asking you to test Mölnlycke’s surgical gloves and provide feedback to us regarding the glove’s performance).
The personal data that we process
- Your contact information (e.g., name, title, address, telephone number, email address and place of work)
- Professional information and experience (such as your qualifications, education, areas of expertise, place of practice and CV/resume)
- Product feedback, which includes your feedback on the products’ performance in relation to your preferences (e.g., whether a surgical glove fits your needs)
Our legal basis for processing
Legitimate interest; wherein our legitimate interest is to use your feedback for product development purposes, according to the project plan communicated to you prior to such project commences.
How we share and transfer your personal data
We will share your personal data to the following recipients;
- Our IT-service providers
- Other Mölnlycke affiliates
We will transfer your personal data to our Mölnlycke affiliates which are established in countries outside the EU/EEA, for the purpose of sharing information about you within our company group. Such countries outside EU/EEA include: USA, China, Chile, Thailand, Singapore, Brazil, Canada, Japan, Australia, India, South Africa, New Zealand, Malaysia and South Korea.
How long we keep your personal data
We will keep your personal data during the course of the project, and after the project has ended, the collected data will be transformed into anonymised data. Such anonymous data cannot directly identify you as a person and may be processed by us for an indefinite period of time. For the sake of clarity, this anonymised data is not personal data.
-
What we do and why
We may be required to process your personal data to comply with our regulatory monitoring and reporting obligations, including those related to adverse events, product complaints and product safety. As part of our obligations, we may use your personal data to:
- Investigate the adverse event or product complaint
- Contact you for further information about the adverse event or product complaint reported
- Collate the information about the adverse event or product complaint with information about other adverse events or product complaints received by us to analyse the safety of our products
- Provide mandatory reports to national or regulatory authorities so that they can analyse the safety of our products
The personal data that we process
- Your contact information (e.g., name, title, address, telephone number, email address), details on your profession (e.g., job title, position, place of work)
- Any further information you provide to us, e.g., in the process of reporting an adverse event
Our legal basis for processing
Legal obligation; wherein Mölnlycke is obliged by law to process information Mölnlycke receives on adverse events, quality complaints and/or other issues related to the safety and reliability of Mölnlycke’s products.
How we share and transfer your personal data
We will share your personal data to the following recipients;
- Our IT-service providers
- National or regulatory health authorities
- Other Mölnlycke affiliates
We will transfer your personal data to our Mölnlycke affiliates which are established in countries outside the EU/EEA, for the purpose of sharing information about you within our company group. Such countries outside EU/EEA include: USA, China, Chile, Thailand, Singapore, Brazil, Canada, Japan, Australia, India, South Africa, New Zealand, Malaysia and South Korea.
Information provided as part of an adverse event report may be transferred to national or regulatory health authorities outside of the EU/EEA, as required by legislation and industry standards governing medical devices and/or clinical practice.How long we keep your personal data
We will keep your personal data for as long as required under applicable law, which is typically for as long as Mölnlycke markets the relevant product and for ten (10) years thereafter. All retention of personal data is in accordance with good clinical practice.
-
What we do and why
Mölnlycke complies with the MedTech Europe Code of Ethical Business Practice and corresponding national laws, regulations or professional codes, which require us to e.g., conduct due diligence checks, evidence transactions and your financial interest in Mölnlycke, as well as ensure transparency of transfers of value, including sponsorships and donations, between you and Mölnlycke.
The personal data that we process
- Your contact information (e.g., name, title, address, telephone number, email address), details on your profession (e.g., job title, position, place of work)
- Information about the transaction(s) between you and Mölnlycke (including expenses and certain other financial information, e.g., amounts paid, or product samples provided to you)
Our legal basis for processing:
Legal obligation; Mölnlycke is required to process this personal data to comply with its legal obligations according to anti-corruption and transparency legislation.
Legitimate interest; wherein our legitimate interest is to comply with industry standards and guidelines on ethical conduct of business.How we share and transfer your personal data
We will share your personal data to the following recipients;
- Our IT-service providers
- National or regulatory authorities
- Other Mölnlycke affiliates
We will transfer your personal data to our Mölnlycke affiliates which are established in countries outside the EU/EEA, for the purpose of sharing information about you within our company group. Such countries outside EU/EEA include: USA, China, Chile, Thailand, Singapore, Brazil, Canada, Japan, Australia, India, South Africa, New Zealand, Malaysia and South Korea.
Information about transactions may be transferred to national or regulatory health authorities outside of the EU/EEA, as required by anti-corruption and transparency legislation and industry standards on ethical conduct of business.How long we keep your personal data
We will keep your personal data for as long as required under applicable laws or according to the applicable industry standard, which is typically for ten (10) years after the transaction was conducted or the relationship with Mölnlycke ended.
-
What we do and why
- We may be required to process your personal data to comply with our regu-latory traceability obligations, includ-ing to identify recipients of product samples by documenting the distribu-tion of product samples to you
The personal data that we process
Your contact information (e.g., name, email address and place of work).
Our legal basis for processing
Legal obligation; wherein Mölnlycke is obliged by law to process information needed to ensure sample traceability in case of a recall, quality complaints and/or other issues related to the safety and reliability of Mölnlycke’s products.
How we share and transfer your personal data
We will share your personal data to the following recipients;
- Our IT-service providers
- National or regulatory health authorities
- Other Mölnlycke affiliates
We will transfer your personal data to our Mölnlycke affiliates which are estab-lished in countries outside the EU/EEA, for the purpose of sharing information about you within our company group. Such countries outside EU/EEA include: USA, China, Chile, Thailand, Singapore, Brazil, Canada, Japan, Australia, India, South Africa, New Zealand, Malaysia and South Korea.
Information related to distributed product samples may be transferred to na-tional or regulatory health authorities outside of the EU/EEA, as required by legislation and industry standards governing medical devices and/or clinical practice.How long we keep your personal data
We will keep your personal data for as long as required under applicable law, which is typically for as long as Mölnlycke markets the relevant product and for ten (10) years thereafter. All retention of personal data is in accordance with good clinical practice.
-
What we do and why
Mölnlycke provides a service called “Clinical learning hub”, which is a service that you separately can sign up for.
In “Clinical learning hub”, we process your personal data to administer your participation upon the setup of your account, create your personalised learning record, administer your learning completion certificate(s) and to remind you of your progress.The personal data that we process
- Your contact information (e.g., name, title, email address and place of work)
- Information about the trainings and content you view, select and attend on the “Clinical learning hub”-website and when/how often you log in
- Your training certificates for completed courses
Our legal basis for processing
Legitimate interest; wherein our legitimate interest is to provide the “Clinical learning hub” to you according to your interests, behaviour as well as to improve “Clinical learning hub” by analysing and monitoring your use of the same.
How we share and transfer your personal data
We will share your personal data to the following recipients;
- Our IT-service providers
- Other Mölnlycke affiliates
Mölnlycke will transfer your personal data to countries outside the EU/EEA within the scope of this processing activity. We will transfer the personal data to the following recipients;
- Our Mölnlycke affiliates established in USA, China, Chile, Thailand, Singapore, Brazil, Canada, Japan, Australia, India, South Africa, New Zealand, Malaysia and South Korea, for the purpose of sharing information about you within our company group
- Providers of analytic tools (Google Analytics, Meta pixel, etc.), located in the United States
How long we keep your personal data
We will keep your personal data as long as you have an active account or until you have been inactive on such account for at least six (6) months. The collected data will be transformed into aggregated data (thus anonymised) after such period at the latest. Such aggregated, anonymous data cannot directly identify you as a person and may be processed by us for an indefinite period of time. For the sake of clarity, this aggregated data is not personal data.
-
In addition to the processing purposes listed above, we may be required to process personal data for additional purposes. We may also be required to keep certain personal data for longer periods of time e.g., to be able to establish, exercise, and/or defend against legal claims. We will generally process such personal data for ten (10) years from creation or for the time necessary to fulfil the purpose in the relevant case. This processing of your personal data is based on our legitimate interest of establishing and/or defending legal claims. Additionally, we may be required to process personal data to comply with legal obligations e.g., relating to bookkeeping or tax legislation, or if we are ordered to process personal data (including disclosing it) by a competent court or government authority.
-
We have taken measures to ensure that your personal data is handled in a safe way. For example, access to systems where personal data is stored is limited to our employees and service providers who require it in the course of their duties. Such parties are informed of the importance of maintaining security and confidentiality in relation to the personal data we process. We maintain appropriate safeguards and security standards to protect your personal data against unauthorised access, disclosure or misuse. We also monitor our systems to discover vulnerabilities.
-
We strive to always process your personal data within the EU or EEA. However, if a third country transfer is described in the tables under section 3 above, we will transfer your personal data, to our Mölnlycke affiliates or to service providers who, either themselves or by their sub-contractors, are located or have business activities in a country outside the EU or EEA. In such cases, we are responsible for ensuring that the transfer is made in accordance with applicable data protection legislation before it occurs, e.g., by ensuring that the country in which the recipient is located ensures an adequate level of data protection according to the European Commission, or by ensuring appropriate safeguards based on the use of standard contractual clauses that the European Commission has adopted and other appropriate measures to safeguard your rights and freedoms.
You may access a list of the countries that the European Commission has decided provide an adequate level of data protection here.
You may access the European Commission’s standard contractual clauses here.