Visit this section

Healthcare professionals

Public

Privacy Notice
for the Processing of Personal Data on the schizophrenia.life website

    In this section


    (Last updated: 06 July 2026)

    The purpose of this Privacy Notice (“Notice”) is to provide information regarding how Gedeon Richter Plc. and Recordati Industria Chimica e Farmaceutica S.p.A. process personal data relating to visitors and users of the schizophrenia.life website (“Website”), in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection laws.
    The Website is intended for a general audience. We do not knowingly collect personal data from children under the age of 16. Individuals under the age of 16 should not provide personal data through the Website without the involvement of a parent or legal guardian. If we become aware that personal data of a child under the age of 16 has been collected unintentionally, we will take appropriate steps to delete such data.
    This Privacy Notice should be read together with the Website Terms of Use and the Cookie Notice, which provide further information regarding the use of the Website and the technologies implemented on it.
    We may amend this Privacy Notice from time to time to reflect changes in legal requirements, our processing activities or the functionality of the Website. Any updates will be published on this page together with the revised “Last Updated” date.
    The Website may contain links to third-party websites or applications. Such third parties operate independently from us and are responsible for their own privacy practices. We encourage you to review their privacy notices before providing any personal data.

    JOINT CONTROLLERS Gedeon Richter Plc. (seat: 1103 Budapest, Gyömrői út 19-21.; Company Registration Number: Cg. 01-10-040944; hereinafter “Richter”) and Recordati Industria Chimica e Farmaceutica S.p.A. (seat: Via M. CIVITALI, 1 – 20148 Milano, Italy; company registration number: 00748210150; hereinafter “Recordati” – Richter and Recordati are each a “Company” and together are “Companies”, “we”, “our” or “us”) act as Joint Controllers within the meaning of Article 26 GDPR in relation to the operation and management of the schizoprenia.life website (hereinafter “Website”) and the related processing of personal data described in this Notice.
    THE ESSENCE OF THE JOINT CONTROLLER ARRANGEMENT BETWEEN THE COMPANIES The Joint Controllers have entered into an arrangement pursuant to Article 26 GDPR defining their respective responsibilities for compliance with applicable data protection requirements.
    The Joint Controllers are jointly responsible for providing information to data subjects and ensuring compliance with the transparency obligations set out under Articles 13 and 14 GDPR, including the DocCheck authentication information and any information provided during newsletter mailing list sign-up.
    We have agreed that each of us who holds the exclusive license to the respective market and sale products in a country under the exclusive licence agreement between us is responsible for fulfilling data subject requests originating from that country.
    Data subjects may exercise their rights against either Joint Controller. The Joint Controllers have agreed on internal responsibilities for handling data subject requests; however, data subjects may contact either Joint Controller at any time.
    We have agreed that they are each responsible for having in place procedures to ensure a compliant legal basis for processing personal data, to handle security breaches, to conduct data protection impact assessments, to manage data subject access requests and to implement appropriate technical and organizational security measures to protect the personal data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse or other processing in violation of the provisions laid down in the applicable data protection laws.
    Each of us is entitled to use data processors as part of the joint processing. Where personal data is transferred outside the European Economic Area (“EEA”), such transfers shall take place only where an appropriate transfer mechanism under Chapter V GDPR has been implemented, including an adequacy decision, Standard Contractual Clauses or other legally recognised safeguards.
    WHAT IS THE PURPOSE OF PROCESSING THE DATA?We process personal data for the following purposes:

    • operation, security and administration of the Website;
    • management of user authentication and access control;
    • website analytics and performance monitoring;
    • administration of newsletter subscriptions and professional communications;
    • compliance with pharmacovigilance and other legal obligations;
    • handling enquiries and exercising or defending legal claims where applicable.
    WHAT PERSONAL DATA WE PROCESS ABOUT YOU?Depending on how you interact with the Website, we may process the following categories of personal data:

    • Website visitor’s personal data: information automatically collected when you access the Website, including your IP address, browser type and version, device and operating system information, referrer URL, pages visited, access date and time, language preferences and other technical log data necessary for the operation, security and performance of the Website.
    • Newsletter subscription data: personal data provided when subscribing to newsletters or professional communications, including email address and any other information voluntarily provided for that purpose.
    • Healthcare professional’s data, for authenticated users only: where access to certain content is subject to healthcare professional verification through DocCheck, authentication and registration data are processed by DocCheck as an independent provider in accordance with its own privacy notice. The Joint Controllers receive only confirmation of the authentication status and do not have access to the underlying registration data maintained by DocCheck.
    • Analytics data: information relating to the use of the Website, including pages viewed, content interactions, downloads, session information, access frequency and aggregated usage statistics collected through analytics technologies, where applicable.
    • Pharmacovigilance reporting data: the Website does not collect or process personal data relating to adverse event reports. Any adverse event reports submitted through the dedicated pharmacovigilance reporting channels are processed separately and are subject to the applicable pharmacovigilance privacy notice available through the relevant reporting platform. (https://www.richter.hu/en-US/contact/Pages/Adverse-event-reporting.aspx)

    Where personal data is requested from you directly, the provision of such data is voluntary unless otherwise indicated as necessary for the provision of a specific service or functionality.
    THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
    We process personal data only where an applicable legal basis under Article 6 GDPR exists. Depending on the purpose of processing, one or more of the following legal bases may apply:

    • Consent (Article 6(1)(a) GDPR): where you have given your freely given, specific, informed and unambiguous consent to the processing of your personal data. You may withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before such withdrawal.
    • Legitimate Interests (Article 6(1)(f) GDPR): where processing is necessary for the purposes of our legitimate interests or those of a third party, provided that such interests are not overridden by your interests, fundamental rights and freedoms.
    • Legal Obligation (Article 6(1)(c) GDPR): where processing is necessary for compliance with a legal obligation to which the Joint Controllers are subject, including obligations arising under applicable pharmacovigilance, regulatory or other legal requirements.

    The categories of personal data processed, and the applicable legal bases generally include the following:

    Website operation, security and administration
    Categories: Website visitor data + Healthcare professional authentication status
    Legal basis: Legitimate Interests (Article 6(1)(f) GDPR)

    Website analytics and performance monitoring
    Categories: Analytics data
    Legal basis: Consent (Article 6(1)(a) GDPR), where analytics cookies or similar technologies require consent under applicable law

    Newsletter subscriptions and professional communications
    Categories: Newsletter subscription data
    Legal basis: Consent (Article 6(1)(a) GDPR)

    Pharmacovigilance reporting
    Categories: Personal data provided through dedicated pharmacovigilance reporting channels
    Legal basis: Legal Obligation (Article 6(1)(c) GDPR)
    OUR LEGITIMATE INTEREST Where we rely on Article 6(1)(f) GDPR as the legal basis for processing, we have assessed our legitimate interests and balanced them against the interests, rights and freedoms of data subjects. We consider that the processing activities described below are necessary for our legitimate purposes and do not disproportionately impact the privacy rights of Website users.
    Website operation, security and administration
    We have a legitimate interest in ensuring the functionality, security, stability and proper administration of the Website. This includes the processing of technical and usage data necessary to provide Website content, maintain information security, prevent misuse, troubleshoot technical issues and improve the overall user experience.
    Analytics technologies that require consent are not used on the basis of legitimate interests. Such processing takes place only where the user has provided the required consent through the cookie management tool.
    Further information regarding our legitimate interests may be requested using the contact details provided in this Privacy Notice (please find our contact information at the contact page).
    HOW LONG DO WE KEEP YOUR PERSONAL DATA? We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the establishment, exercise or defence of legal claims and compliance with applicable legal or regulatory requirements. When determining the appropriate retention period, we take into account the nature, scope and sensitivity of the personal data, the purposes of processing, the potential risks associated with the processing and applicable legal, regulatory and business requirements. Where possible, personal data may be anonymised so that it can no longer be linked to an identifiable individual. Anonymised information may be retained and used for statistical, analytical and administrative purposes. Unless a different retention period is required by law or justified by a specific processing purpose, personal data is retained according to the following general principles:
    • Website visitor data: up to 6 months from collection.
    • Analytics data: for the period specified in the Cookie Notice or until consent is withdrawn, where applicable.
    • Newsletter subscription data: until consent is withdrawn or the newsletter service is discontinued.
    • Healthcare professional authentication status information received from DocCheck: only for as long as necessary to manage authenticated access to the relevant Website content.
    • Pharmacovigilance-related personal data submitted through dedicated reporting channels: retained in accordance with applicable pharmacovigilance laws and regulations and the corresponding pharmacovigilance privacy notice.
    WHO MAY HAVE ACCESS TO YOUR PERSONAL DATA?We may share personal data with selected recipients where necessary for the operation of the Website, compliance with legal obligations, protection of our rights and interests, or where otherwise required or permitted by applicable law.
    We may engage carefully selected service providers acting as data processors on our behalf. Such service providers may provide IT, hosting, website maintenance, analytics, communication or other support services. Where required, appropriate contractual arrangements are put in place to ensure that personal data is processed only on our documented instructions and subject to appropriate confidentiality and security obligations.
    Personal data may also be disclosed where necessary to competent authorities, courts, regulators, law enforcement agencies, external legal advisers or auditors where required by law or where necessary for the establishment, exercise or defence of legal claims.
    Where personal data is transferred outside the European Economic Area (“EEA”), such transfers take place only where an appropriate transfer mechanism under Chapter V GDPR is available, including an adequacy decision adopted by the European Commission, Standard Contractual Clauses or other legally recognised safeguards.
    As of the date of this Privacy Notice, the Joint Controllers may engage the following service providers in connection with the operation and support of the Website:
    • Amarone Ltd. – Website operation and technical support.
    • PharmiWeb 2002 Limited – Website development and design services.
    • Kanga Health Ltd. – Newsletter and communication management services.
    • Google LLC – Analytics services, used only where the user has provided consent for analytics cookies or equivalent technologies, where required by applicable law.
    • DocCheck Community GmbH – Healthcare professional authentication services. DocCheck may act as an independent controller with regard to authentication and registration data processed within its own system
    YOUR RIGHTS Subject to the conditions and limitations set out in applicable data protection laws, you may exercise the following rights in relation to your personal data:
    • Right of access: You have the right to obtain confirmation as to whether or not we process your personal data and, where that is the case, to request access to such data and related information regarding the processing.
    • Right to rectification: You have the right to request the correction of inaccurate personal data and the completion of incomplete personal data relating to you.
    • Right to erasure: In certain circumstances, you have the right to request the deletion of your personal data where there is no compelling reason for its continued processing.
    • Right to restriction of processing: In certain circumstances, you may request that we restrict the processing of your personal data. In such cases, the data may only be processed for limited purposes permitted by law.
    • Right to data portability: Where applicable, you have the right to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit such data to another controller without hindrance.
    • Right to object: Where processing is based on our legitimate interests, you have the right to object to such processing on grounds relating to your particular situation. We will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or where the processing is necessary for the establishment, exercise or defence of legal claims.
    • Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.
    • Right to object to direct marketing: Where personal data is processed for direct marketing purposes, you have the right to object to such processing at any time. Following such objection, your personal data will no longer be processed for direct marketing purposes.
    • Right to lodge a complaint: If you believe that the processing of your personal data infringes applicable data protection laws, you have the right to lodge a complaint with the competent supervisory authority, including:
    for Richter: the Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság – NAIH; seat: 1055 Budapest, Falk Miksa utca 9-11; website: www.naih.hu; phone: +36-1-391-1400; email address: [email protected]; fax: +36 1 391 1410);
    for Recordati: the Italian Data Protection Authority (Garante per la protezione dei dati personali) – seat: Piazza Venezia 11 – 00187 Roma; phone: +39-06-6967 71; fax: +39-06-6967 73785; Certified mail: [email protected]; email: [email protected]);
    – or with the supervisory authority in the EU Member State of your habitual residence, place of work or place of the alleged infringement.
    DATA PROTECTION OFFICERS For questions regarding this Privacy Notice or the processing of your personal data, you may contact the Joint Controllers using the contact details available on the Website (contact page) or contact the relevant Data Protection Officer directly.
    Data subjects may exercise their rights and submit privacy-related requests to either Joint Controller.
    Gedeon Richter Plc. has appointed a Data Protection Officer who can be contacted at: [email protected]
    Recordati Industria Chimica e Farmaceutica S.p.A. has appointed a Data Protection Officer who can be contacted at: [email protected]
    Share
    Showing 0 result(s).
    Please log in to see 0 more result(s).