English (United States)|Italiano (Italia)
English (United States) | Italiano (Italia)
To report an adverse drug reaction

In the case you intend to report to Italfarmaco S.p.A. an adverse event with one of our products, you can follow the below indications.

Information notice

Information notice pursuant to Article 13 of the Regulation EU 2016/679 (hereinafter “GDPR”)

Pursuant to Article 13 of the GDPR, Italfarmaco S.p.A., as data controller (hereinafter also, “Data Controller”), provides you with this information notice related to the processing of your personal data provided through the form available on THE REPORT AN ADVERSE DRUG REACTION webpage of the website www.italfarmaco.it (hereinafter, “Website”).

A. Categories of personal data and source of personal data

We collect your name, contact details (such as address, e-mail, phone numbers) and other relevant information directly from the abovementioned form.

We may process, in accordance with GDPR provisions, certain sensitive personal data (known as special category data in GDPR) where you include it in form you send to us, e.g. if you include information about your health.

B. Purposes and legal basis of the processing

The personal data will be collected and processed exclusively for the purpose of pharmacovigilance, i.e. to fulfill the Italfarmaco S.p.A.’s obligations imposed by the Italian and European laws on the safety of drugs. These laws requires to Italfarmaco S.p.A. to report to the Health Authorities any possible adverse drug reactions arising from use or exposure to a drug of Italfarmaco S.p.A. and to answer any requests by the Health Authorities; the reactions are reported - usually - only indicating the initials and year of birth of the subject, and, with your specific consent, to contact you if necessary, and to reply to any further requests.

The fulfillment of Italfarmaco S.p.A.’s obligations imposed by the Italian and European laws on the safety of drugs is the legal basis of the processing of your personal data, according to Article 6, paragraph (1), letter (c) of the GDPR […processing is necessary for compliance with a legal obligation to which the controller is subject].

C. Methods of processing and communication of personal data

The processing of your personal data will be carried out by authorized persons using appropriate tools to ensure security and confidentiality and may be carried out manually or with the support of manual, computerised and electronic tools to memorize, organize and transfer personal data (including but not limited to the pharmacovigilance safety database of the company).

Your personal data will be accessible only to authorized persons, who are expressly in charge and instructed by the Data Controller with regard to the processing of personal data pursuant to Article 29 of the GDPR.

Furthermore, other trusted companies will carry out, as data processors, the processing of your personal data. These companies perform technical and organizational tasks on behalf of the Data Controller (i.e. companies responsible for the technical management and maintenance of the Website or third parties, with whom the Data Controller collaborates in business services). The Data Controller has appointed the aforementioned companies as external Data Processors pursuant to Article 28 of the GDPR. In addition, the data collected and processed can be communicated, for the purposes mentioned above, to other subjects in quality of Processor or Data Controller, namely:

  • the Health Authorities responsible for pharmacovigilance;
  • the licensees or licensors of the medicinal product being reported in Italy and abroad, including outside the EU (pursuant to the agreement approved by the local Supervisory Authorities or the Standard Contractual Clauses of the EU Commission executed by the parties).

An updated list of Data Processors is available, on request, sending a communication to the addresses below.

Moreover, in addition to the aforementioned subjects, your personal data might be communicated, when required or provided by applicable laws, to competent supervisory authorities, tax authorities and other authorities, within the respective area of competence.

As to the potential transfer of personal data to non-EU countries, included countries that could not guarantee the same level of data protection provided for by the GDPR, the Data Controller informs you that the processing will be carried out in compliance with GDPR, i.e. through gathering your consent, by the adoption of standard clauses approved by the European Commission, participating to international programs for the free movement of data or working in countries deemed safe by the European Commission.

Personal data will not be disclosed in any way.

D. Data retention period

Your contact data shall be stored for 18 months; the other personal data shall be stored as long as the relevant pharmaceutical product is authorised and for at least 10 years after the marketing authorisation has ceased to exist and in accordance with current regulation and, in any cases, not beyond the achievement of the purposes for which they have been collected (principle of the storage limitation, article 5 of GDPR), and in compliance with a legal obligation or with an order of a competent authority.

After the expiry of the retention period, personal data will be erased, destroyed or anonymised, without prejudice to potential data retention period provided by the law.

E. Your rights

According to articles 15 to 22 of the GDPR, you have the right to access to a copy of the information comprised in your personal data, object to processing that is likely to cause or is causing damage or distress, object to decisions being taken by automated means, obtain the limitation of the process (in certain circumstances), have (in certain circumstances) your personal data rectified, integrated, blocked, erased or destroyed, obtain the portability of your personal data and the right to propose a claim to the Supervisory Authority. For a complete list please visit: https://gdpr-info.eu/chapter-3/.

You are entitled to exercise the rights according to Articles from 15 to 22 of the GDPR and to ask, at any time, for information about the processing of your personal data carried out by Italfarmaco S.p.A. Furthermore, you can object to the processing of personal data in cases provided by laws, addressing to:

Italfarmaco S.p.A.
Via dei Lavoratori, 54
20092 Cinisello Balsamo (MI)

F. Data Controller and Data Protection Officer

The Data Controller is:

Italfarmaco S.p.A.
Via dei Lavoratori, 54
20092 Cinisello Balsamo (MI)

Pursuant to Article 37 of the GDPR, the Data Protection Officer (DPO) of Italfarmaco S.p.A. is available to reply to any request sent to the following e-mail address: infoprivacy.italy@italfarmacogroup.com or at the address:

Data Protection Officer c/o Italfarmaco S.p.A.
Via dei Lavoratori, 54
20092 Cinisello Balsamo (MI)

Fields marked with are mandatory