Ashfield Healthcare, LLC Privacy Policy
Your privacy is important to Ashfield Healthcare, LLC [trading as Ashfield Healthcare, LLC and Ashfield Commercial & Medical Services] (“we”, “us”, “our”). We have developed this Privacy Policy to protect your privacy while you use our website (www.ashfielddigitalandcreative.com) and all of our subsidiary websites or any of our other products and services.

Please note that by “we” we mean only Ashfield Healthcare, LLC and its affiliated entities, Ashfield Meetings & Events, Inc., and not the other companies’ or organisations’ websites to which we may provide links from within our website.
Ashfield Healthcare, LLC takes your privacy seriously. This Privacy Policy (the “Policy”) explains how Ashfield Healthcare, LLC collects information from you via our website, manually, electronically, or in any manner expressly described in this Privacy Policy, the types of information we gather, how this information is used, and how to correct or change your personal information. When we collect or when you provide us with your personal information in the manner described, you consent to the processing of all such personal information as set out in this Privacy Policy. This Policy describes the procedures that we have in place to safeguard your privacy. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements.

Ashfield Healthcare, LLC only collects Personal Data that is necessary for its business functions or services. Unless required by law, Ashfield Healthcare, LLC does not use or disclose, for any new purpose, the Personal Data collected without first identifying and documenting the new purpose and obtaining consent. All patient/consumer data is securely guarded and treated as confidential information according to local regulations.
Ashfield Healthcare, LLC maintains strict confidentiality of all non-public Client supplied materials and information at all times. It is recognised that a Client may be irreparably damaged if its Confidential Information is breached. Our policies and procedures are developed with the privacy and security of Client and consumer information in mind.

As we update our services and technologies and as we expand or change our offerings, this Privacy Policy may change from time to time and thus should be checked prior to provision of any personal data.

Introduction
Ashfield Healthcare, LLC is a leading healthcare services organisation operating predominantly in United States and Europe and forms part of UDG Healthcare plc. Ashfield Healthcare, LLC and its affiliated entities focus on supporting healthcare professionals and patients at all stages of the product life cycle. Our services include tele-sales solutions, sales teams, market research, business intelligence, nurse educators, medical information, healthcare communications, healthcare strategy consulting, medical education, digital strategy and solutions, e-learning and training, publication planning, external expert programmes, scientific professional relations, event management and exhibitions, and creative services. Our services are available to a range of healthcare organisations in both the public and private sector. Protecting privacy is extremely important to both our clients and our organisation.

This Privacy Policy sets out the basis on which Ashfield Healthcare, LLC stores and uses personal data in relation to the provision of our services and in accordance with applicable Data Protection and Privacy laws.

Ashfield Healthcare, LLC complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Ashfield Healthcare, LLC has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Ashfield Healthcare, LLC certification, please visit http://www.export.gov/safeharbor/

Personal Data may be collected, processed and used by Ashfield Healthcare, LLC in the course of providing our services to you and in line with the other purposes mentioned below. Personal Data may also be processed and used by third-party agents on our behalf for the purpose of delivering our business functions and services. Any shared information will remain under the control of Ashfield Healthcare, LLC and will only be processed in a way that is deemed relevant to the purposes for which it was originally collected and authorised by you.

Your Consent
When we collect or when you provide us with your personal information you consent to the use of that information as set out in this Privacy Policy. The latest version of our Privacy Policy, incorporating all subsequent changes, is available via hyperlink on the home page of our company website www.ashfieldhealthcare.com which enables us to keep you aware of the information we are collecting and how it is being used at all times.

Only if you have given us prior permission will we contact you via email and/or text message to inform you about new services which we consider may be of interest to you.

Collection and Transfer of Information
Ashfield Healthcare, LLC may, from time to time, appoint third party organisations to assist us in delivering our products and services. In these circumstances we will take all reasonable steps to ensure your personal information is held in strict accordance with our Privacy Policy and is only used for the specified purpose.

We will not share your details with any persons outside of Ashfield Healthcare, LLC or its direct affiliates without your prior permission except as set out above.
We may transfer the personal information we collect about you to countries other than the country in which the information was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your information to other countries, we will protect that information as described in this Privacy Policy.
If you are located in the European Economic Area, we comply with applicable legal requirements providing adequate protection for the transfer of personal information to countries outside of the EEA.

Ashfield Healthcare, LLC is certified under the Safe Harbor privacy framework as set forth by the U.S. Department of Commerce and the European Commission and the U.S. Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland regarding the collection, storage, use, transfer and other processing of personal data transferred from within the European Economic Area and Switzerland to the U.S.

We do not knowingly collect personal information from children under the age of 13. If a child under 13 has provided us with personal information without parental or guardian consent, the parent or guardian may e-mail us and we will remove such information from our database and cease promotional contacts with the child.
Please see “Contact for Enquiries and Complaints about the Handling of Personal Information” below for information on how to contact us.

Choice/Opt-Out
Should you wish to no longer receive information or future communications about our relevant services, please contact us using one of the following options and we will remove your information from our database. You can send your request directly either via email stating your desire to opt out of further communications to [email protected] or alternatively you can write to us at the following addresses:

USA
The Privacy Officer
Ashfield Healthcare, LLC
One Ivybrook Boulevard
Suite 100 / 110
Ivyland, PA 18974, USA

Europe and the rest of the world
Data Protection Officer
Ashfield Commercial & Medical Services
Ashfield House
Resolution Road
Ashby de la Zouch
United Kingdom
LE65 1HW

We also provide an opt-out option with all marketing email communications by either clicking the unsubscribe link at the bottom of the email or replying to the email stating your request to opt-out of further communications.

Security of your Personal Information
Ashfield Healthcare, LLC takes appropriate technical and organisational measures to secure your personal data – the servers containing personal data are located in secure data centres.
We have implemented security policies, rules and technical measures to protect the personal data that we have under our control. The security measures are designed to prevent unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. The internal procedures of Ashfield Healthcare, LLC cover the storage, retention, access and disclosure of your information.

Our employees are trained in-line with and required to adhere to the principles of the applicable Data Protection laws and Safe Harbor Privacy Principles in their country of employment. Ashfield Healthcare, LLC makes reasonable endeavours to ensure that all employees comply with the terms of this Privacy Policy. The personal data which Ashfield Healthcare, LLC holds is never modified or disclosed to a third party other than as described in this policy. We continually monitor measures which seek to ensure the security and confidentiality of the information that we collect, and its proper use.

Notification of Changes We may change or amend our Privacy Policy from time to time to reflect the current legal and regulatory environment and/or any changes in practices surrounding the protection of personal data. The latest version will always be available via hyperlink at the foot of each page of our website (www.ashfieldhealthcare.com) and will replace all prior versions. If we intend to use personally identifiable information in a manner different from that stated within this Privacy Policy, we will notify all affected users via email. Users will be able to opt out of any new use of their personal information.

Ashfield Healthcare, LLC encourages you to visit our website periodically to look for updates to this Privacy Policy.

Contact Us/Update Your Details/Request Access to your Personal Data
If you wish to enquire about changing or accessing your personal data in general or have any questions relating to the Ashfield Healthcare, LLC Privacy Policy please either send an email to [email protected] or alternatively you can write to us at the following addresses:

USA
The Privacy Officer
Ashfield Healthcare, LLC
One Ivybrook Boulevard
Suite 100 / 110
Ivyland, PA 18974
USA

Europe and the rest of the world
Data Protection Officer
Ashfield Commercial & Medical Services
Ashfield House
Resolution Road
Ashby de la Zouch
United Kingdom
LE65 1HW

We will require proof of your identity and upon receipt of such proof will provide you with a readable copy of the personal data that we hold within 40 days. Where appropriate you may request to have the data rectified, amended or removed. We reserve the right to refuse to provide copies of personal data but will give reasons for our refusal.

Links to Other Websites
Our websites may contain links to third party websites for your convenience and information. If you access those links you will leave the Ashfield Healthcare, LLC operated websites and this Privacy Policy will not apply to those third party websites. Ashfield Healthcare, LLC does not control those sites or their privacy practices, which may differ from our own. We do not endorse or make any representations about third party websites. We encourage you to review the Privacy Policy of every website you visit before submitting your information.

Contact for Enquiries and Complaints about the Handling of Personal Information
We have established offices in order to receive and respond to any enquiries and complaints concerning our handling of personal information efficiently and appropriately. Please note that any such communications must be in writing (which may include email).

In compliance with the U.S.-EU Safe Harbor Privacy Principles and the U.S.-Swiss Safe Harbor Privacy Principles, Ashfield Healthcare, LLC commits to resolve complaints about your privacy and our collection or use of your personal information. European Union and Swiss residents with enquiries or complaints regarding this privacy policy should first make contact in writing to one of the following addresses:

USA
The Privacy Officer
Ashfield Healthcare, LLC
One Ivybrook Boulevard
Suite 100 / 110
Ivyland, PA 18974
USA

Europe and the rest of the world
Data Protection Officer
Ashfield Commercial & Medical Services
Ashfield House
Resolution Road
Ashby de la Zouch
United Kingdom
LE65 1HW
Or via email [email protected]

Ashfield Healthcare, LLC has further committed to refer unresolved privacy complaints under the U.S.-EU Safe Harbor Privacy Principles and the U.S.-Swiss Safe Harbor Privacy Principles to an independent dispute resolution mechanism, the ICDR/AAA Safe Harbor Program, operated by the American Arbitration Association. If you do not receive timely acknowledgement of your privacy complaint, or if your complaint is not satisfactorily addressed by Ashfield Healthcare, LLC, please visit the ICDR/AAA Safe Harbor web site at http://www.export.gov/safeharbor/ for more information and to file a complaint.

English Version to Govern
The original version of this Privacy Policy has been prepared in English. In the event of any discrepancy between the English and any version in any other language, the English version will govern.

Disclaimers
Adherence by Ashfield Healthcare, LLC to this Privacy Policy may be limited to the extent required to meet legal or ethical obligations or to meet national security or law enforcement obligations, and is subject to the provisions of any other applicable law or regulation in any of the jurisdictions in which we conduct our business.
To the maximum extent allowed by law, Ashfield Healthcare, LLC disclaims any other obligation, liability, or warranty to you for any other action, inaction, omission, or other activity that is not in accordance with this Privacy Policy.
Under no circumstances shall Ashfield Healthcare, LLC, or its suppliers or partners be liable for any direct, special, incidental, indirect, economic or consequential damages (including, but not limited to, loss of data) arising out of or connected with this privacy policy, or the failure of Ashfield Healthcare, LLC, its parent, subsidiaries and divisions, or their suppliers or partners to adhere to it, even if Ashfield Healthcare, LLC, its parent, subsidiaries and divisions, or their suppliers or partners have been notified of the possibility of any damages. Because some states/jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. In such states/jurisdictions, the respective liability of Ashfield Healthcare, LLC and its parent, subsidiaries and divisions, or their suppliers or partners shall be limited to the maximum extent permitted by applicable law.
Effective date: 5 August 2015