This Privacy Policy describes the principles and safeguards Pfizer observes as a personal data controller as it pursues: (1) collection of personal data from persons who access or use this website, including any micro-site therein (the “Website”); (2) processing and protection of such personal data, data sharing and outsourcing; and (3) protection of the rights of the data subject with respect to the personal data provided on this Website for purposes of direct marketing and profiling. The term “Processing” follows the meaning under Republic Act No. 10173, otherwise known as the “Data Privacy Act of 2012” (“DPA”) which refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.
This Privacy Policy does not apply to any other information collected by Pfizer, by or through any other means, such as information collected offline, unless otherwise provided or indicated by Pfizer. When we refer to ourselves as “we" or "Pfizer," we mean Pfizer, Inc. (a corporation incorporated under the laws of the Philippines). Our Website may contain links to third party websites/content/services that are not owned or controlled by Pfizer. Pfizer is not responsible for how these properties operate or treat your personal data so we recommend that you read the privacy policies and terms associated with these third party properties carefully.
Moreover, when we use the term “you” or “User” we then refer to any individual who accesses or uses the Website, and whose personal, sensitive personal, or privileged information is Processed.
Our Privacy Policy is organized in the following sections. For immediate access to a particular section, click on the title.
We collect personal data you choose to provide through registrations, applications, enrollments and surveys, and in connection with your inquiries and purchases. Personal data may either be personal information or sensitive personal information, as defined under the DPA and its Implementing Rules and Regulations.
For Medical Inquiry submitted through https://www.pmiform.com/CONS/PH, we collect, Process and store the following personal data:
Name;
E-mail address
Gender;
Address;
Country;
Pfizer’s product which is the subject of the inquiry;
Phone Number;
Health information or inquiry about Pfizer’s product; and
Role (either a consumer, pharmacist, nurse, physician, or other healthcare professional).
For Healthcare Professionals who access and sign up on https://www.pfizerpro.ph/login, we collect, Process and store the following personal data:
Name;
E-mail address;
Profession;
Specialty; and
Professional Regulation Commission (“PRC”) Number.
By choosing to provide your name, contact information, and other personal data enumerated above, as applicable, you hereby consent to the Processing of your personal data within the extent provided for in this Privacy Policy. Healthcare providers may choose to provide information relating to their specialties and professional affiliations.
By agreeing to this Privacy Policy, you understand and acknowledge that the information given, shared, submitted, or otherwise disclosed in this Website, including personal data, are collected, Processed and stored in an automated Pfizer-managed data base system and/or in the data base system of its affiliates or authorized third parties, which are used and administered solely by Pfizer and its said affiliate companies and authorized third parties in connection with the use, maintenance, and improvement of this Website; the implementation and enhancements of Pfizer’s various activities and programs; and / or the performance by Pfizer of its legal obligations, such as but not including transparency reporting; and safety monitoring or reporting, whether such performance be in compliance with legal requirement within the Philippines or in another jurisdiction.
In addition, we may gather information about you automatically through your use of the Website, e.g., your IP address and how you navigate our Website. See also, the Section below on Cookies and Other Tools.
If you submit any personal data relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.
We may use your personal data in the following ways:
We use your personal data to:
We may provide functionality on the Site that will allow you to forward and share certain content with a friend or colleague. If you choose to use the sharing functionality to refer someone to our content, products or services, we will use your data and that of the individual you are sharing with to send the content or link you request.
In addition, we may offer access to third party sharing functionality, such as third party social media widgets/tools/buttons. If you use that functionality, your use is subject to the third party’s privacy policy and terms. As with all links to non-Pfizer websites/content/services, we recommend that you read the privacy policies and terms associated with third party properties carefully.
Some products, services and information we offer may only be suitable for/accessible to individuals meeting certain eligibility or other criteria. In such cases, we may verify that you meet such criteria. For example, certain information relating to our products is only intended for and accessible to licensed healthcare professionals and we may use information we collect directly from you and from outside sources to validate your licensure and eligibility to view such information.
On occasion, Pfizer may offer special programs, activities, events or promotions via the Site (“Special Programs”) that have specific terms, privacy notices and/or consent forms that explain how any personal data you provide will be processed in connection with the Special Program. We strongly suggest you review the terms applicable to the Special Program before participating.
We use the information you provide for data analysis, to better understand how our products and services impact you and those you care for, to track and respond to concerns, for fraud prevention and to further develop and improve our products and services. In addition, we use the information you provide to comply with our regulatory monitoring and reporting obligations including those related to adverse events, product complaints and patient safety.
By providing your personal data, you are allowing Pfizer, its employees, affiliates, and/or authorized third parties to contact you and send notifications on company-initiated activities, announcements and invites. You can request that information no longer be sent to you by email, electronic or other means.
We may aggregate and/or de-identify data about visitors to our Site and use it for any purpose, including product and service development and improvement activities.
Your agreement to this Privacy Policy shall constitute an express consent to the processing, sharing and storage of your personal information, which shall continue for the duration of the above objectives and purposes.
Pfizer may share your personal data as follows:
By filling out online forms and providing personal data, you hereby agree to the collection, processing, and sharing of your personal data amongst and between Pfizer, its parent company, and subsidiary companies for the purposes set forth in this Privacy Policy. Data sharing refers to the disclosure or transfer of personal data to third parties, other than those classified as personal information processors.
If we sell or transfer a business unit (such as a subsidiary) or an asset (such as a website) to another company (including in connection with any bankruptcy or similar proceedings), we will share your personal data with such company and will require such company to use and protect your personal data consistent with this Privacy Policy. We disclose personal data to companies that were formerly wholly or partly included in the Pfizer family of companies to which we provide services during a transition period following separation.
We may outsource the processing of personal data collected by retaining other companies and individuals to perform services on our behalf and we may collaborate with other companies and individuals with respect to particular products or services (collectively, “Personal Information Processors”). These third parties may be provided with access to personal data needed to perform their functions, but they may not use such data other than on our behalf or subject to contracts that protect the confidentiality of the data. Examples of Providers include credit card processing companies, customer service and support providers, email and SMS vendors, data analytics firms, web hosting and development companies and fulfillment companies. Providers also include our co-promote partners for products that we jointly develop and/or market with other companies. Some Providers may collect personal data on our behalf on our Site. Rest assured that all our personal information processors are enjoined to comply with the requirements of this Privacy Policy, Data Privacy Act of 2012 and its Implementing Rules and Regulations, provisions of which are likewise written in our engagement with said parties.
We reserve the right to disclose your personal data as required by law, when we believe disclosure is necessary or appropriate to comply with a regulatory requirement, judicial proceeding, court order, government request, or legal process served on us, or to protect the safety, rights, or property of our customers, the public, Pfizer or others.
Pfizer may also disclose aggregate or de-identified data that is not personally identifiable to third parties for any purpose.
We use technical, administrative and procedural measures in an attempt to safeguard your personal data from unauthorized access or use. No such measure is ever 100% effective though, so we do not guarantee that your personal data will be secure from theft, loss, or unauthorized access or use, and we make no representation as to the reasonableness, efficacy, or appropriateness of the measures we use to safeguard such data. Users are responsible for maintaining the secrecy of their own passwords. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us by contacting us through the information provided in the Contact Us section.
Pfizer’s Data Protection Officer (“DPO”) oversees Pfizer’s compliance with the DPA and its Implementing Rules and Regulations, and other related policies, including the conduct of a Privacy Impact Assessment, implementation of security measures, security incident and data breach protocol, and the inquiry and complaints procedure.
Pfizer values the utmost confidentiality of your personal data. Thus, all persons with access to your personal data operate and hold your personal data under strict confidentiality if the same is not intended for public disclosure. Pfizer likewise sponsor training on data privacy and security. For personnel directly involved in the Processing of personal data, Pfizer ensures their attendance and participation in relevant trainings and orientations, as often as necessary.
Pfizer’s DPO also ensures to review and evaluate this Privacy Policy annually. Further, Pfizer’s privacy and security policies and practices updated to remain consistent with current data privacy best practices. Pfizer commits that detailed and accurate documentation of all activities, projects and Processing systems of the company, are carried out by the DPO.
You may reach us or Pfizer’s DPO in the Contact Us section below.
Pfizer ensures that your personal data in digital format are stored in Pfizer’s computers, servers, systems, or cloud storage facilities. Further, only authorized personnel are allowed inside Pfizer’s data room. Other personnel may be granted access to the room upon filing an access request form with the DPO and the DPO’s approval thereof.
Pfizer also keeps a record of the date, time, duration, and purpose of each access by all authorized personnel who enter and access Pfizer’s data room. Persons involved in Processing your information always maintain confidentiality and integrity of your personal data, and are not allowed to bring personal electronic or storage device of any form when entering the data storage room.
Pfizer’s data room and the computers are organized to ensure that Pfizer maintains your privacy and protect the Processing of your personal data.
Pfizer also ensures that the transfers of personal data via electronic mail use a secure email facility with encryption of the data, including any or all attachments. Pfizer does not use facsimile technology for transmitting documents containing your personal data.
Pfizer retains your personal data for a period not longer than ten (10) year/s, or for as long as needed or permitted in light of the purpose(s) for which your consent was obtained and as outlined in this Privacy Policy (See also the Section on Retention Period). Upon expiration of such period, all physical and electronic copies of the personal data are destroyed and disposed using secure technology. Pfizer ensures the permanent disposal and destruction of your personal data, without the possibility of recovery or restoration.
Pfizer uses a system to monitor security breaches. Any software that Pfizer will use in safeguarding your personal data is first reviewed and evaluated before installation in Pfizer’s computers. Pfizer likewise reviews security policies, conduct vulnerability assessments and perform penetration testing within the company on regular schedule. All personnel with access to personal data verify their identity using a secure encrypted link and multi-level authentication.
You have the following rights pertaining to any of your personal, sensitive, and privileged information you provide on our Website, to wit:
1. Withdraw your consent to the continued use, disclosure, and/or Processing of your personal data;
2. Request erasure or blocking of your personal data;
3. Request correction of inaccurate or erroneous personal data;
4. Request for reasonable access to your personal data;
5. Lodge a complaint before the National Privacy Commission under Section 16 of the Data Privacy Act; and
6. Request for indemnification for damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained, or authorized use of personal data.
If you would like to access, review, correct, remove, withdraw, and update personal data that you have provided to us or obtain a copy of your data undergoing Processing, you may contact us as indicated in the Contact Us section. We will respond to your request consistent with applicable law. Please note that we may need to retain certain personal data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
Please note that we may need to retain certain personal data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. Please note, however, that you cannot invoke the foregoing rights when the Processed personal information are used only for the needs of scientific or statistical research while observing legal parameters for such use.
We will not discriminate against you for exercising these rights.
We will retain your personal data for a period not longer than ten (10) year/s, or for as long as needed or permitted in light of the purpose(s) for which it was obtained and as outlined in this Privacy Policy. Personal data collected will be retained using the following criteria: (i) for as long as necessary for the fulfillment of the purposes for which the data was obtained, (ii) for the establishment, pursuance, and defense of legal claims, or (iii) for any legitimate business purposes, or as provided by law.
After ten (10) year/s or if the purpose for which the data was collected no longer exists, all hard and soft copies of personal information will be disposed and destroyed, through secured means.
The Website is controlled and operated by us from the Philippines and is not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the Philippines. Any information you provide to Pfizer through use of the Website may be stored and Processed, transferred between and accessed from the Philippines and other countries which may not guarantee the same level of protection of personal data as the one in which you reside. However, Pfizer will handle your personal data in accordance with this Privacy Policy, the DPA, and its Implementing Rules and Regulations, regardless of where your personal data is stored/accessed. Hence, Pfizer likewise recognizes the principle of accountability in transferring personal data to third parties, whether domestically or internationally.
In case of claims involving privacy breach, personal data misuse, or any issue concerning alleged violation of your data privacy rights, you shall notify us within seventy-two (72) hours upon knowledge thereof, detailing the nature of the breach, negative consequences or harm caused, and the assistance or relief sought. This reporting is necessary to help us investigate on said breach and consider appropriate measures in order to avoid recurrence of a similar incident.
The company responsible for collection, use and disclosure of your personal data under this Privacy Policy is Pfizer.
If you would like to exercise any individual rights, or if you have questions about this Privacy Policy, please contact us by emailing the Data Protection Officer at [email protected]. We will respond to your request consistent with applicable law.
From time to time, we may update this Privacy Policy. Any changes will be effective when we post the revised Privacy Policy. This Privacy Policy was last updated as of the effective date listed above. If the Privacy Policy changes in a way that significantly affects how we handle personal data, we will not use the personal data we previously gathered in the manner described in the new policy without providing notice and/or obtaining your consent, as appropriate. Minor changes to the policy may occur that will not significantly affect our use of personal data without notice or consent. We encourage you to periodically review this page for the latest information on our privacy practices.
Pfizer and its Personal Information Processors collect information about you by using cookies, tracking pixels and other technologies (collectively, “Tools”). We use this information to better understand, customize and improve user experience with our Website, services and offerings as well as to manage our advertising. For example, we use web analytics services that leverage these Tools to help us to understand how visitors engage with and navigate our Website, e.g., how and when pages in a site are visited and by how many visitors. We are also able to offer our visitors a more customized, relevant experience on our Website using these Tools by delivering content and functionality based on your preferences and interests. If we have collected your personal data, e.g., through a registration or a request for certain materials, we may associate this personal data with information gathered through the Tools. This allows us to offer increased personalization and functionality on the Website
Your web browser can be set to allow you to control whether you will accept cookies, reject cookies, or to notify you each time a cookie is sent to your browser. If your browser is set to reject cookies, websites that are cookie-enabled will not recognize you when you return to the website, and some website functionality may be lost. The Help section of your browser may tell you how to prevent your browser from accepting cookies. To find out more about cookies, visit www.aboutcookies.org.
Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language and Internet browser type and version. We use this information to ensure that the services function properly.
Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Site, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Site. We may also derive your approximate location from your IP address.
We may use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Site and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
Pfizer hopes to deliver to you advertising for products and services you need or want, if appropriate or applicable. Hence, we may process your personal data to evaluate certain personal aspects relating to your situation, interests, and preferences. Based on this profiling, you make be shown advertisements and marketing materials that would directly target your profiled interests.
There are many ways to do this in the online advertising world. For example, Pfizer partners with websites and applications with whom you have shared your interests, conditions and concerns directly and asks that they serve our ads to users who have expressed an interest in Pfizer products or health conditions that our products treat. We may also partner with advertising companies that may place or recognize a unique cookie on your browser (including through the use of pixel tags), or use other technologies, to serve you ads based on your web browsing activity, purchases, interests and/or other information—a practice commonly referred to as interest-based advertising (“IBA”) or online behavioral advertising (“OBA”). These advertising companies may also use these types of technologies to recognize you across the devices you use, such as a mobile phone or a laptop, and serve you ads on websites you visit and applications you use. You can read more about IBA at a site offered by the advertising industry’s Digital Advertising Alliance (“DAA”), aboutads.info.
We want it to be easy for you to understand how we and our business partners use information to serve ads tailored for you and to opt-out from targeting based on IBA. To this end, we have licensed the DAA Advertising Options icon, Ad-Choices, which appears in our ads served using IBA, and agreed to adhere to the DAA Self-Regulatory Program for IBA. To learn how to opt-out of having the information collected from you used for IBA purposes on the particular device on which you are accessing this Privacy Policy, please visit http://www.networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/choices/. If you have any questions about our use of IBA or participation in the DAA Self-Regulatory Program, please do not hesitate to contact us at [email protected]
At this time, we do not respond to browser do-not-track signals.