- Information we collect about you
- How we use your information
- Retention of your information
- Disclosure to and use by third parties
- Transfers of data to third countries
- Security of your information
- Your rights
- Cookies and IP addresses
- Contact Us
This policy may be reviewed from time to time, and when this happens we will post an updated version on our Website. To ensure that you are aware of any changes, we recommend that you regularly check for changes and review this policy when you visit our Website. Any changes will take effect immediately on the date on which the modified terms are posted on our Website. If you do not agree with any aspect of the updated policy, please promptly notify us and cease using our services.
Information we collect about you
When you choose to use our products or when your business applies for credit facilities or enters into a transaction with us, we collect different categories of personal data about you such as your name, business / work address, personal address, e-mail address, telephone number, payment details (this list is not exhaustive).
Instances in which you may provide personal data to us include when you:
- fill in forms such as our Online Enquiry Form on our Website www.norbrook.com and on variations of this domain belonging to Norbrook or any other websites within the Norbrook Group (“our Website”);
- subscribe to our mailing list service to receive emails or other notifications from us – you may unsubscribe from our mailing list service at any time by contacting our Data Protection Officer at the address above or by emailing firstname.lastname@example.org;
- submit a job application to Norbrook;
- register for the webinars on our Website, or complete our questionnaires or surveys;
- register for one of the events listed on our website;
- use a social media service like Facebook or Twitter to communicate with us;
- submit a request to our Customer Service or Pharmacovigilance departments; or
- submit a request to our Data Protection Officer.
We also collect Personal Data from details of your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data) and the resources that you access. We collect some of this information using cookies – for further information please see Cookies and IP addresses. There may be occasions where we receive Personal Data about you from third parties we engage such as search information providers, analytics providers, veterinary practices and credit reference agencies.
How we use your information
- where it is necessary for the performance of a contract with you, or to conduct business with you;
- where it is necessary for our legitimate business interests or that of a third party;
- to ensure compliance with our legal and regulatory obligations; or
- where you have provided specific opt-in consent. You may withdraw your consent at any time – please see Your Rights for further information.
The purposes for which we may use the personal information we hold about you include:
- to ensure that content from our Website is presented in the most effective manner for you and for your device;
- to review any job applications you submit on our Website or through our nominated third party providers (for further information, please see Disclosure to and use by third parties);
- to allow you to participate in interactive features of our service, when you choose to do so through our Website or a nominated third party provider (for further information, please see Disclosure to and use by third parties);
- for marketing purposes and market research;
- to provide aggregate statistics about our customers, sales, traffic patterns and related site information; and
- to notify you about changes to our service(s).
We may use your personal information with your express opt-in consent, which may be withdrawn at any time, to send you updates (by email, text message, telephone or post) about our products, including exclusive offers, promotions or new products. We will always treat your personal information with the utmost respect and never sell or share it with other organisations outside the Norbrook Group for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by contacting our Data Protection Officer at email@example.com.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further products in the future, or if there are changes in the law, regulation, or the structure of our business.
Retention of your information
We will retain your personal data only for as long as required to fulfil our legal, regulatory or reporting requirements. We do not retain personal information in an identifiable format for longer than is necessary.
We may hold your information for a longer or shorter period where:
- the law requires us to hold your personal information for a longer period, or delete it sooner
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law; and
- in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.
Disclosure to and use by third parties
The security of your personal data is important to us and we will only ever transfer your information to a third party outside Norbrook where there is a legal requirement or legitimate business reason for us to do so. We do not authorise these third parties to use your personal data for any purposes other than those for which it was shared, nor are they permitted to send you any unsolicited communications.
Where we are under a duty to disclose or share your data with a third party in order to comply with any legal obligation(s), we will ensure that only data which is legally required is disclosed. We enter into contractual agreements with our third party providers to ensure that your personal information is protected in line with our policies, and is only used and/or processed for approved and legitimate business reasons.
We may disclose your personal information to third parties as follows:
- within the Norbrook Group of companies, which means our subsidiaries, our ultimate holding company and its subsidiaries in accordance with the Companies Act 2006;
- to credit reference agencies (for example, Dun & Bradstreet) when your business submits an application for any credit facility with us - if you require further information on disclosures to these agencies, please contact our Data Protection Officer at firstname.lastname@example.org
- to any third party who is restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event;
- to law enforcement agencies in order to detect, investigate and prevent crime;
- to the Courts in Northern Ireland, the United Kingdom or abroad as necessary to comply with a legal requirement, for the administration of justice, to protect vital interests, and to protect the security or integrity of our business operations;
- to comply with a request from a government department or regulatory authority in any of the jurisdictions in which we operate;
- to ensure the safety and data security of Norbrook agents, contractors and employees; or
- to third parties acting on our behalf, such as back-up and server hosting providers, IT software and maintenance providers and their agents.
Transfers of data to third countries
We store your information on servers located within the European Economic Area (EEA). We ensure that when your personal data is transferred outside the UK to the EEA that it is afforded an equivalent level of data protection. The third parties listed under Disclosure to and use by third parties may be located outside of the UK and EEA or they may transfer your information outside the UK and EEA. Those countries located outside the UK and EEA may not have the same standards of data protection and privacy laws as in the UK. Whenever we transfer your information outside of the UK and/or EEA, we impose contractual obligations on the recipients of that information to protect your personal data to the standard required in the UK, in accordance with Article 46(2)(c) of the GDPR. We may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing. Any third parties transferring your information outside of the UK and EEA must also have in place appropriate safeguards as required under Article 46 of the GDPR.
Security of your personal data
We implement strict procedures and security features to ensure the confidentiality of your personal data and prevent accidental loss or unauthorised access to it. Our third party providers are required to take all reasonable steps to ensure the security of your personal information in line with their contractual arrangements with us. Unfortunately, as the transmission of information via the internet is not completely secure, and although we will endeavour to protect your personal information, we cannot guarantee the security of your data transmitted to our Website.
Under data protection law you have a number of rights in relation to your personal information. To exercise any of your rights in respect of the personal information we hold about you, please submit all requests to our Data Protection Officer at the address above or by emailing email@example.com. Please note that to help us to search for your information, we will ask you to confirm your identity.
You have the following rights (which may not always apply or be subject to certain circumstances):
- to request access to your information and information about how we process it. You have the right to ask for a copy of the personal information we hold about you, and we will respond to you within 30 days of receipt of your request. For all subsequent requests we may charge you an administrative fee. Please note that where your personal information concerns other identifiable individuals or where we have a lawful reason to do so, we may withhold that information;
- to have your information corrected if it is inaccurate and to have incomplete information completed. If you change your name or address/email address or ascertain that any of the information we hold pertaining to you is out of date or inaccurate, please contact our Data Protection Officer as soon as possible so that we may promptly rectify any inaccuracies;
- to object to the processing of your personal data and withdraw your consent. As set out in the section How we use your information, we may rely on your consent as the legal basis for processing your personal data. You may withdraw your consent at any time by contacting our Data Protection Officer;
- to restrict processing of your personal information;
- to have your information erased. On receipt of your request to erase your personal information from our systems, we will make all reasonable efforts to do so on the basis that there is no lawful reason for us to continue processing or retaining your personal information;
- to move, copy or transfer your information. Where it is technically possible, and to comply with your request, we will send your personal information directly to another service provider. Please note that where your personal information concerns other identifiable individuals or where we have a lawful reason to do so, we may withhold that information;
- rights relating to automated decision making, including profiling.
You have the right to lodge a complaint with the Information Commissioner’s Office if you have any concerns about the way in which we have handled your personal data, or if you believe that it has been used in a way that does not comply with data protection laws. We encourage you to contact our Data Protection Officer before making any complaint and we will seek to resolve any issues or concerns you may have.
Cookies and IP addresses