This Privacy Policy ("Policy") sets out how Mitsubishi Tanabe Pharma Europe Ltd. ("we", "us" and "our") will process as a data controller the personal data of our individual customers and business partners and the employees of our corporate customers and business partners ("you" and "your") and the measures and processes we have put in place to ensure its adequate protection. Providing such information is one of the requirements of the General Data Protection Regulation 2016/679 ("GDPR").

This Policy does not form any contractual relationship between you and us, and we may amend it from time to time.

1.     LAWFUL PROCESSING

        We will only process your personal data:

        (a)  where you have given your consent (you may withdraw your consent at any time, by making a request using the contact details set out below);

        (b)  where the processing is necessary to provide our products or services to you/your employer;

        (c)  where the processing is necessary to respond to a request from you/your employer;

        (d)  where the processing is necessary to maintain our relationship with you/your employer; or

        (e)  where the processing is necessary for compliance with our legal and regulatory obligations

2.     WHAT PERSONAL DATA WE COLLECT ABOUT YOU

2.1   We process the following types of personal data about you:

        (a)   Your name, email address and other contact details;

        (b)   Information about our products you/your employer hold;

        (c)   Your role, position and/or job title within your employment;

        (d)   Details of your preferences for types of marketing events or materials;

        (e)   Details of your access to our premises;

        (f)    Your messages, feedback or contributions to surveys and questionnaires;

        (g)   Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time       

               zone setting, browser plug-in types and versions, operating system and platform; and

        (h)   Information about your visit to our website, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including  

               date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction  

               information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us

2.2   It may be mandatory for you to provide us with your personal data, to enable us to manage our business and operations, to maintain our relationship with 

        you/your employer, to provide our products or services to you/your employer or to comply with our legal and regulatory obligations. If you fail to provide  

        your personal data, we might be unable to maintain our relationship with you/your employer or to provide our products or services to you/your employer.

2.3   We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all of your personal data is up to

        date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware  

        that we have inaccurate personal data relating to you. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or

        incomplete personal data that you provide to us.

3.     HOW WE COLLECT PERSONAL DATA

        We usually collect your personal data from the information you/your employer submits during the course of your/your employer's relationship with us. This 

        will typically be through emails and other correspondence from you, business cards, and the forms and documents used when you/your employer trades

        with us or you/your employer signs up to our services or news lists.

        We may also collect your personal data from other sources such as our group companies, our dealers or retail partners, medical professionals, contract

        research organizations and the records of governmental agencies.

4.     HOW WE USE PERSONAL DATA

        We will process your personal data for the following purposes:

        (a)  to provide you/your employer with requested products or services;

        (b)  to respond to your/your employer's messages or posts to us;

        (c)  to provide you/your employer with promotional and marketing materials about our products and services that we think you/your employer may be

              interested;

        (d)  to ensure that content from our website is presented in the most effective manner for you and for your computer;

        (e)  to manage, develop and improve our product range, services, stores, information technology systems and websites;

        (f)   for monitoring and assessing compliance with law and our policies and standards;

        (g)  to comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and 

              international regulatory bodies;

        (h)  for fraud and crime prevention and detection purposes;

        (i)   for administrative purposes in relation to the security of and access to our systems, premises, platforms and websites and applications;

        (j)   to comply with court orders and exercise and/or defend our legal rights;

        (k)  for any other legitimate business purpose; and

        (l)   as otherwise permitted or required by any applicable law or regulation.

5.     INTERNATIONAL TRANSFERS OF PERSONAL DATA

        Your personal data may be transferred to (including accessed in or stored in) a country or territory outside the European Economic Area ("EEA"), including

        to countries whose laws may not offer the same level of protection of personal data as are enjoyed within the EEA. In particular, we may share your   

        personal data with our group companies outside of the EEA including our parent company, Mitsubishi Tanabe Pharma Corporation, located in Japan.  We will

        ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the GDPR. You can obtain copies of the 

        relevant safeguard documents by making a request using the contact details set out below.

6.     WHEN WE MAY DISCLOSE YOUR PERSONAL DATA

        We do not and will not sell, rent out or trade your personal data. We will only disclose your personal data to the following recipients:

        (a)  to our group companies;

        (b)  to companies approved or designated by you;

        (c)  to third parties who process your personal data on our behalf (such as our systems providers including cloud providers);

        (d)  to third parties who process your personal data on their own behalf but through providing you or your employer with a service on our behalf (such as

              our suppliers);

        (e)  to analytics and search engine providers that assist us in the improvement and optimisation of our website;

        (f)   to any third party to whom we assign or novate any of our rights or obligations;

        (g)  to any prospective buyer in the event we sell any part of our business or assets; and

        (h)  to any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at 

              their request.

7.     HOW WE PROTECT YOUR PERSONAL DATA

        We are committed to safeguarding and protecting your personal data and will implement and maintain appropriate technical and organisational measures to

        ensure a level of security appropriate to protect your personal data from accidental or unauthorised destruction, loss, alteration, disclosure or access.

        All information you provide to us via our website is stored on our secure servers. Unfortunately, the transmission of information via the internet is not  

        completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any

        transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised

        access.

8.     YOUR RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT

8.1   If you wish to:

        (a)  update, modify, or delete your personal data, or obtain a copy of your personal data that we hold; or

        (b)  restrict or stop us from using any of your personal data which we hold,

        you can request this by contacting us using the contact details set out below.

8.2   In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for

        us to comply with our security obligations and to prevent unauthorised disclosure of data.

9.     HOW LONG WE WILL HOLD YOUR PERSONAL DATA FOR

        We will only retain your personal data as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory or internal

        policy requirements.

10.   DIRECT MARKETING

        If you tell us that you do not wish we or any of our group companies to provide you with information about our products and services and other marketing

        materials, we will not contact you further for the purpose of direct marketing. You can contact us using the contact details set out below.

11.   Use of Cookies

        A "cookie" is a small text file that is stored on a user's hard drive or mobile device. Cookies are generated by web servers when the user enters an internet

        page, and are passed to the user's computer or mobile device and stored for subsequent future access. They perform a number of functions associated with

        browsing websites and are used for a variety of different purposes, such as tracing users from page to page on an internet website. This can enhance a

        user's experience on a website, enabling the website to be personalised according to e.g. a user's preferences and browsing activities.

        For more information about how we use cookies, please read our cookie policy at http://www.mt-pharma-eu.com/cookie-policy/

12.   HOW WE UPDATE FOR CHANGE THIS FAIR PROCESSING POLICY

        We may change or update parts of this Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal

        practices. We will do this by updating this Policy. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly

        check this Policy so you are fully aware of any changes or updates.

13.   HOW YOU CAN CONTACT US

        If you have any queries about the contents of this Policy or your personal data, or wish to make a request in relation to your personal data, please contact us

        using the details set out below:

        Email: KMaeda@mt-pharma-eu.com

        Post: The Data Protection Officer, Mitsubishi Tanabe Pharma Europe Ltd.

        Dashwood House, 69 Old Broad Street, London EC2M 1QS, the United Kingdom

14.   HOW TO LODGE A COMPLAINT TO THE REGULATOR

        You are entitled to lodge a complaint with a competent data protection regulator if you consider that we have breached your data protection rights. The data

        protection regulator in the UK is the Information Commissioner's Office, which can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9

        5AF.

Date Updated: [18/05/2018]