Updated: 10 December 2014
This Privacy Statement sets out how GSK uses and protects any information that you give to us. We respect your privacy and are committed to protecting your personal information. This Privacy Statement explains how we collect, transfer, process, use and disclose your data and sets out our security practices.
By providing us with your personal information, you agree and consent to its transfer, processing, use and disclosure as outlined in this Privacy Statement.
Information about the operator of websites or mobile applications (and GSK entity controlling any PII that is collected) can be found on the footer and/or contact page of websites and in the licensing agreement of mobile applications.
What we collect
We collect personally identifiable information (PII) that you provide to us, which is information that identifies you as an individual. We only do this when you have agreed to our request for that information. This PII may include your:
- telephone number
- e-mail address
How we use your PII
By providing your PII, you agree that, where it is permitted by local law or where you have agreed to receiving these communications from us, we may use the information:
- to respond to your requests
- to improve our level of service
- to improve the content of our communications
- to provide you with tips, helpful information, product updates
- to seek your views on our products and services
- to consider your application for employment
- for our own administrative and quality assurance purposes
- for other purposes that may be detailed on the website or mobile application
Website and mobile application usage information
We also automatically collect information about your computer browser type and operating system, websites you visited before and after visiting our websites, standard server log information, Internet Protocol (IP) addresses, GPS location data, mobile phone service provider, and mobile phone operating system. We aggregate this information to understand how our visitors use our websites and mobile applications so that we can improve them and the services we offer. GPS location data does not typically identify individual users. We may also share this aggregated information with other companies within the GSK group and with other third parties. This information includes:
- the total number of visits to our websites and mobile applications
- the number of visitors to each page of our websites and mobile applications
- the domain names of our visitors' internet service providers.
How we protect your PII
GSK will take appropriate legal, organizational, and technical measures to protect your personal information consistent with applicable privacy and data security laws. When GSK uses a third-party service provider, that provider will be carefully selected and required to use appropriate measures to protect the confidentiality and security of personal information. We use a variety of security technologies and procedures to help protect your PII from unauthorised access, use or disclosure. Unfortunately, the transmission of information via the Internet or a mobile phone network connection is not completely secure. Although we will do our best to protect your PII, we cannot guarantee the security of the PII you transmit to our websites or mobile applications: any transmission is at your own risk. While we cannot guarantee that loss, misuse or alteration to data will not occur, once we have received your information, we will employ appropriate technical security measures to prevent such unfortunate occurrences.
Sharing PII with third parties
We may share your PII with our affiliates, contractors and agents in the normal course of business for delivery of the activities to which you have agreed. Sometimes we use selected third parties to provide support services in connection with our websites, mobile applications or in the normal course of business. These parties may, from time to time, have access to your information to enable them to provide those services to us. We require all companies providing such support services to meet the same standards of data protection as our own. They are prohibited from using the information for their own purposes. In particular, we do not allow service providers to use your PII for their own marketing activities.
When we may disclose your PII to others
GSK reserves the right to disclose personal information about you, including your e-mail address, for reporting to government authorities, to parties in relevant legal proceedings as authorized by the presiding court or tribunal and otherwise to the extent required or explicitly authorized by applicable law. In certain special cases where permitted by local law, we may disclose your PII:
- when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to you or otherwise injuring or interfering with GSK's rights, property or operations, other users of this website or mobile application or anyone else who could be harmed by such activities
- when we believe the law requires it, or in response to any demand by law enforcement authorities in connection with a criminal investigation, or civil or administrative authorities in connection with a pending civil case or administrative investigation
- in connection with a substantial corporate transaction, such as the sale of a product line or division, a merger, consolidation, asset sale or in the unlikely event of bankruptcy.
PII collected may be transferred to, stored and processed in your country of residence or any other country in which GSK (including its affiliates), subcontractors or agents maintain facilities, including the United States and countries outside the European Economic Area (EEA). This means that your information may be processed in countries with lower data protection standards than your country of residence. By using our websites and mobile applications, you consent to any transfer, processing or storing of information outside of your country of residence and outside the EEA. We will ensure that if information is transferred outside your country of residence, it will still be treated in accordance with this Privacy Statement.
Use of IP addresses
An IP address is a set of numbers that is automatically assigned to your computer whenever you log on to your Internet service provider or through your organisation's local area network (LAN) or wide area network (WAN). Web servers automatically identify your computer by the IP address assigned to it during your session online.
Our websites and mobile applications may use technology called "cookies." A cookie is a small text file that is placed on your hard disk by a server. Cookies allow our websites and mobile applications to respond to you as an individual. The website or mobile application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. For instance, our server may set a cookie that keeps you from having to enter a password more than once during a visit to a website.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies or receive a warning before a cookie is stored if you prefer. Please refer to your Internet browser’s instructions or help screen to learn more about these functions and to specify your cookie preferences.
Information from outside sources
Where permitted by local law, we may also collect legally obtained information from third parties to add to our existing user databases. Some of this information may be PII. We do this to better target information offerings in which we think you would be interested. Such PII will only be collected and used by us in accordance with the basis on which it was originally provided by the subject, or as otherwise permitted by local law.
We will retain your information only for the period necessary to fulfil the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law. You may contact us in writing to request the updating, correcting or removal of PII that you have provided to us at any time using the contact information provided at the end of this Privacy Statement. Your local laws may also give you the right to access information that you have provided to us. In some countries, you may need to pay a reasonable fee to meet our costs in providing you with this information.
Links to other websites
Our websites and mobile applications may from time to time provide links to or embed third party websites. This Privacy Statement does not apply to those websites. If you choose to enter such a linked site, you agree that we are not responsible for the availability of such websites and do not review or endorse and shall not be liable, directly or indirectly, for:
- how these websites treat your PII
- the content of such websites
- the use that others make of these websites.
Please ensure you check the legal and privacy statements posted on each website or mobile application you access before entering any PII.
Use of our websites and mobile applications by children
Unless otherwise explicitly stated, websites and mobile applications on which this Privacy Statement appears are not intended or designed to attract children under the age of 13. We do not knowingly collect PII from visitors in that age group via these websites or mobile applications. On those websites or mobile applications that are intended for use by children under the age of 13, we only collect PII with the explicit consent of a parent or guardian.
We may occasionally update this Privacy Statement. If the changes we make are material, we also may post a notice regarding the changes on our websites or mobile applications and related licensing agreements. We encourage you to periodically review this Privacy Statement to stay informed about how we are helping to protect the PII we collect. Your continued use of our websites and mobile applications constitutes your agreement to the Privacy Statement and any updates. Subsequent changes in this Privacy Statement will not apply to data that were collected before the change is made.
This Privacy Statement was last updated on 10 December 2014.
References to “GSK,” “we,” “us” and “our” are references to GlaxoSmithKline PLC and its affiliates. Please address any questions, comments and requests regarding this Privacy Statement to your local GSK affiliate using the contact information below. If you contact us, please note the name of the websites you have visited, as well as how we may contact you.
To contact GSK in the United Kingdom, call 0808-234-6680.
To contact GSK in the United States, call 1-866-475-3844.
Contact information for other GSK locations can be found here.