Contact our experts today
Composed of proven experts from the pharmaceutical industry, our team is ready to answer to your needs in any area of product development, commercialisation and early access programs, and life cycle management
This data privacy policy applies worldwide and may concern BlueReg’s customers, prospects, suppliers, service providers, employees, trainees and job applicants.
The processing of personal data is governed by the provisions of the EU General Data Protection Regulation 2016/679 (GDPR) of the 27th April 2016, and by those of Law 78-17 of the 6th January 1978 and its modifications and the texts facilitating their implementation. In the United States the California Consumer Privacy Act of 2018 (CCPA) gives residents the right to know what personal information BlueReg collects about them, including whether it is being sold or disclosed to third-parties, and the right to prevent BlueReg from selling that information. In both cases you have rights over your Personal Data as detailed in this privacy policy.
BlueReg offers a wide range of consulting services in drug development, drug registration, post-marketing, pharmacovigilance, publishing, writing, Chemistry Manufacturing and Controls (CMC) and regulatory monitoring.
In the course of carrying out our activities, we may collect and process your personal data.
We are conscientious about respecting your privacy, and so have drawn up this Data Privacy Policy (hereinafter the “Data Privacy Policy”) in order to present to you in a transparent manner the use we make of your data, the description of your rights and the way in which the law protects you.
This Data Privacy Policy, which is accessible online, is subject to change at any time. Therefore, we invite you to consult the online version on a regular basis and before any interaction with our services. The date of the last revision of this Data Privacy Policy is located at the top of this Data Privacy Policy.
Concepts as defined by the Commission Nationale Informatique et Libertés (hereinafter “CNIL”) and/or the European Regulation n° 2016/679 on data protection (hereinafter “GDPR”).
Personal Data” is any information relating to an identified or identifiable natural person, directly or indirectly:
Data Processing shall mean any operation, or set of operations, whether or not involving the use of automated processes, applied to data or sets of Personal Data, regardless of the process used: collection, recording, organisation, storage, adaptation, modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, alignment or interconnection, blocking, erasure or destruction.
A “Data-Processor” is a natural or legal person, public authority, service or other body that processes Personal Data on behalf of, under the instruction of, or under the authority of the Data Controller.
The “Controller” is the person who determines the purposes and means of the Processing. He implements appropriate technical and organisational measures to ensure and be able to demonstrate that the Processing is carried out in accordance with the regulations in force. The Data Controller of the Personal Data concerning you is BlueReg, whose registered office is located at Les 2 Arcs, Bât A, Route des Crêtes, CS 60327, 06906 Sophia-Antipolis Cedex, France registered with the Registre du Commerce et des Sociétés (RCS) of Grasse under the number 818 395 782, (hereinafter “BlueReg“, “We“, “Our“). You can contact the Data Controller via the page: GDPR data request form.
BlueReg collects and processes your Personal Data in the course of carrying out its activities in order to provide you with a quality service in a secure environment.
BlueReg undertakes to collect only Personal Data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed.
The collection and Processing of your Personal Data is necessary for the execution of all pre-contractual measures and for the execution of contracts or assignments between you and BlueReg. In addition, we collect Personal Data about you that are necessary to comply with our legal, regulatory and contractual obligations.
We also process your Personal Data in order to ensure the defence of our legitimate interests. These interests include the use of your Personal Data in connection with litigation or other legal matters involving BlueReg and/or any subsidiary of BlueReg.
For the purposes of this Policy, pre-contractual measures are defined as any action taken by BlueReg in the presentation of our service offerings that may require the collection of Personal Data in order to be able to meet your expectations.
The provision of Personal Data is essential for the conclusion and performance of contracts. If you do not provide us with your Personal Data, we will not be able to respond favourably to your requests, nor to provide you with the products and services to which you have subscribed.
« Personal Data » are the personally identifiable information, directly or indirectly, that we collect during interactions with you such as: our meetings, your participation in our training or information programs, events, inquiries and communications with us.
We may also use Personal Information that you provide to us or that results from your browsing on our websites or online services and those of our partners. We may collect Personal Data from companies that provide information in the healthcare sector, from publicly available information sources and from partner companies. Depending on the purpose of the data processing, the Personal Data collected may be:
When BlueReg asks you to provide your Personal Data, you have the right to refuse. However, if you refuse to provide data that is necessary for us either to provide you with a requested service or to meet contractual obligations, we will not be able to provide that service or enter into a contract with you; or to meet a legal obligation, in which case we will inform you.
We do not knowingly collect personal data from persons under the age of 16 without the prior, verifiable consent of a parent or guardian. Such parent or guardian may have the right, upon request, to view the information provided by the child and to require that it be deleted. In addition, all minors must seek their parent’s or guardian’s permission before using or disclosing personal data on any medium.
The processing of the Personal Data listed above is necessary to carry out the pre-contractual measures, to create an estimate and to execute a Contract.
In addition, for purposes other than those set out in the Contract, we may collect Personal Data about you based on your free, specific, informed and unambiguous consent. This consent is manifested by a positive statement or act (such as ticking a box on a form).
When we collect Personal Data about you through third parties (e.g. business introducers), we ensure that you are informed of our commitments and your rights.
We do not sell your Personal Information to third parties.
We may transfer your Personal Data outside the European Economic Area (“EEA”) to our service providers and customer services.
BlueReg keeps your Personal Data for the time necessary to fulfil the purposes for which it was collected. We retain your Personal Information for three (3) years after we have terminated our relationship with you. However, in some cases, your Personal Information may be retained longer, for example in the event of litigation, or to comply with our accounting, legal or regulatory obligations. In any case, this data is destroyed or anonymised once the said purposes have been fulfilled. Anonymisation is a protection mechanism that aims to irreversibly transform Personal Data so that they can no longer identify the person concerned.
BlueReg is committed to ensuring the protection of your Personal Data from the design of our products, services, sites and applications. We use technical and organisational measures appropriate to the sensitivity of your Personal Information. We protect them against any malicious intrusion, loss, alteration or disclosure to third parties or unauthorized persons. Your data transfers are encrypted using the Secure Socket Layer (SSL) protocol. However, despite our best efforts to ensure that your Personal Data is kept in a secure environment, we cannot fully protect against the risk of hacking or illegal disclosure of your data.
We take steps to limit intrusive and malicious actions. In the event of a data breach involving your Personal Data, we will notify the CNIL of the breach as soon as possible, and if possible no later than 72 hours after becoming aware of it. When such a breach is likely to create a high risk to your rights and freedoms, we will inform you of the data breach as soon as possible. Our employees are aware of the processing of Personal Data made available to them in the context of their duties and are required to comply with the internal rules developed by BlueReg in accordance with applicable European and national regulations.
We deal exclusively with third parties who respect privacy and limit their access to only the Personal Data necessary to carry out their assignments. The exchange of information is carried out through secure protocols. In order to ensure a high level of security of your Personal Data, our subcontractors are subject to control and audit measures.
We protect the IT developments carried out on our tools by limiting transfers outside our infrastructures. Our information system is accessible only to authorised persons.
We do not disclose any Personal Data about you to business partners without first obtaining your consent and informing you of the possibility of exercising your right to object.
With regard to the processing of Personal Data, you have a number of rights in accordance with the applicable regulations. You can action the following rights from the following page: GDPR data request form
The Commission nationale de l’informatique et des libertés (hereinafter the “CNIL”) defines a cookie as “(…) a small computer file, a tracer, deposited and read, for example, when consulting a website, reading an e-mail, installing or using a software or mobile application, regardless of the type of terminal used (computer, smartphone, digital reader, video game console connected to the Internet, etc.).
The term “cookie” includes for example :
The deposit or reading of certain Cookies does not require your prior consent, either because they do not process any Personal Data concerning you, or because they are strictly necessary for the provision of the service you request.
This is the case of the cookies used for our Piwik PRO Analytics Suite, to collect data about website visitors based on online identifiers. We create user profiles based on user browsing history and site usage metrics such as bounce rate and page views.
The data will be hosted in France for a maximum period of 13 months (Purpose of data processing: analysis, conversion tracking based on consent, legal basis: art. 6 (1) (a) GDPR).
Piwik PRO Analytics Suite is also used to create aggregated data sets related to the use of our website, as part of the processing necessary for the proper functioning of the website. Below, you can opt out of any data collection.
Filing or reading other Cookies than those mentioned in the previous paragraph is impossible without your prior consent. You can at any time prevent us from storing or reading the Cookies we use, either by deleting them from your devices or by changing your browser settings.
Any settings you may make will be likely to modify your browsing on our websites as well as your access conditions to certain services requiring the use of Cookies.
You can allow or disallow cookies to be stored on your device and change your device settings at any time.
If you have enabled your browser software to accept cookies, they are stored in a dedicated area on your device.
If you refuse to accept Cookies on your device or if you delete Cookies stored on your device, you will no longer be able to benefit from a certain number of functionalities that are necessary to navigate in certain areas of our websites. Where applicable, we decline all responsibility for the consequences linked to the impaired functioning of our websites resulting from the impossibility for us to record or consult the Cookies necessary for their functioning and that you have deleted or refused.
More generally, we invite you to consult the “Your traces” section of the CNIL website: http://www.cnil.fr/vos-libertes/vos-traces/les-cookies/.
Most browsers accept Cookies by default. However, you can choose to block these Cookies or have your browser notify you when a site tries to install a Cookie on your device.
Please refer to your browser’s help menu to set Cookies to your preferences. Below are links to the cookie setting instructions for all major browsers:
You may decide to reset your Ad ID and change your smartphone’s privacy settings.
To configure your privacy settings :
You can set your browser to reject third-party Cookies by default. You can also choose to block only certain suppliers:
Any request for information, correction or declaration of events related to personal data processing should be addressed on the page:
GDPR data request form