1. | Content of Customer Information
|
| Pharma-Ethics shall ensure that: |
| 1.1 | customer information shall be obtained only for the
purpose of delivering and improving the Services and will not be processed in any manner incompatible with this purpose; |
| 1.2 | customer information shall be adequate, relevant
and not excessive in relation to the abovementioned purpose for which it is collated and/or processed; |
| 1.3 | customer
information shall be accurate, and where necessary, kept up to date and
reasonable steps shall be taken to ensure that information which is
inaccurate and/or incomplete, having regard to the purpose for which it
was collected, is erased or rectified; |
| 1.4 | customer
information shall be kept in a format which permits identification for
no longer than is necessary for the purpose for which the information
was collected or processed.
|
|
2 | Customer Consent
|
| Customer information may only be processed if: |
| 2.1 | the customer has unambiguously given his consent; or |
| 2.2 | processing is necessary for: |
| | 2.2.1 |
the performance of a contract to which the customer is a party; or |
| | 2.2.2 | in order to take steps at the request of the customer prior to
entering into a contract; or
|
| | 2.2.3 | for compliance with a legal obligation to which
Pharma-Ethics is subject; or
|
| | 2.2.4 | the performance of a task carried out in the public interest or in the exercise of
official authority vested in the recipient; or
|
| | 2.2.5 | for purposes of the legitimate interest pursued by
Pharma-Ethics,
except where such interest
is overridden by the interest for fundamental rights as reflected in the constitution.
|
|
3. | Access to Customer Information |
| Pharma-Ethics shall ensure that: |
| 3.1 | access to, or disclosure of customer information will not be
authorized without the documented
commitment of the intended recipient so as to maintain confidentiality and the rightful use of such information;
|
| 3.2 |
access to customer information by Pharma-Ethics personnel, contract workers,
consultants, service providers or suppliers will be restricted to the
level of access needed to effectively perform delegated or contracted
duties and/or the level of service needed to render a reliable and
effective service to Pharma-Ethics customers.
|
|
4. | Preventative Measures |
| Pharma-Ethics shall ensure that
appropriate technical and organizational measures shall be taken
against the unauthorized access, processing or disclosure of customer
information
|
|