Catalent Pharma Solutions Data Privacy Statement for its Human Resource Management System
Catalent Pharma Solutions (hereinafter “Catalent”) values the privacy of employee and non-employee personal information. Catalent’s Standards of Business Conduct, as well as other enterprise-wide policies, provide statements of policy with respect to our handling of employee and non-employee personal information. The Standards of Business Conduct states that “Catalent is committed to comply with the laws that govern the collection, use and management of personal information in all of the countries where we do business.”
This Human Resource Management System (hereinafter “HRMS”) Data Privacy Statement (hereinafter “Statement”) governs the processing of all employee and non-employee personal information managed by HRMS and it is consistent with our corporate codes and policies. Catalent complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Catalent has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
To learn more about the Safe Harbor program and to view Catalent's certification, please visit http://www.export.gov/safeharbor/
Notice and Choice
Where appropriate, Catalent provides notification about why we are collecting personal information and how we will use the information. For example, we may collect personal information for workforce administration, payroll, benefits processing or education and training purposes. We collect and use personal information in accordance with and in compliance with applicable law. Processing of personal information may be required or permitted in some cases, including, by way of example, to ensure compliance with Catalent’s policies, in connection with law enforcement investigations, and to prevent fraud or other illegal activities. In some circumstances, we may remove identifiable features from personal information and use the anonymized, aggregate data for legitimate business purposes.
The policy principles in this Statement apply when Catalent provides personal information to third parties outside of the enterprise, such as its software and database vendors. In these circumstances, Catalent seeks assurances that such third parties will provide at least the same level of care and privacy protection as provided in Catalent’s Statement.
Access and Data Integrity
Catalent maintains reasonable procedures to enable individuals to request access to their own personal information held in Catalent’s HRMS, such as impending employee self-service programs. We will process access requests in the ordinary course and pursuant to applicable law, and expressly reserve the right to limit or deny employees access to personal information, in appropriate circumstances, pursuant to applicable laws, regulations and regulatory guidance. We exercise reasonable efforts to keep personal information accurate, complete, and current, and we will enable individuals to correct personal information as appropriate.
Catalent takes reasonable measures, including corporate security measures, to protect personal information against loss, manipulation, falsification, unauthorized access, or unauthorized disclosure by any party inside or outside Catalent.
This Statement complements other Catalent policies and procedures. Catalent will undertake self-assessments to verify that the attestations and assertions made about the privacy practices herein are true and that the privacy practices have been implemented appropriately. Employees and non-employees who have questions or concerns about compliance with this Statement should discuss those issues with the Human Resources Site Leader at the local facility. Complaints or questions concerning compliance with applicable laws will be directed to the Legal Department which, in turn, will investigate the complaint in an effort to ensure compliance with the Principles.
For complaints and disputes that cannot be resolved between Catalent and the complainant, Catalent has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities (DPAs) to resolve disputes pursuant to the Safe Harbor Privacy Principles, as well as to cooperate and comply with the Federal Data Protection and Information Commissioner of Switzerland. The panel may be contacted at firstname.lastname@example.org and individual EU DPAs may be contacted directly via the information provided at http://ec.europa.eu/justice/data-protection/bodies/authorities/eu/index_en.htm. The contact information for the Swiss FDPIC can be found at: http://www.edoeb.admin.ch/kontakt/index.html?lang=en
Violations of this Statement by Catalent employees may result in disciplinary action, up to and including termination of employment. Catalent reserves the right to modify and update this Statement and related business practices as necessary. Such modifications to the Statement, in most instances, will be applied prospectively.
Local Language Statements