Privacy Policy

Last Updated: April 30 2021

This Global General Privacy Policy and Notice (this “Notice”) informs you of the personal information that Indivior Plc and its affiliated companies (“Indivior” “us” “our” and “we”) may collect, and how it is used and managed.

Indivior has various entities throughout the world, including those listed here and, unless stated otherwise in a specific notice provided to you, the entity with which you have a relationship (together with Indivior UK Limited for persons within the EU, Canada, and Israel) is the controller of your data.

This Notice is intended for:

Personal information means any information or piece of information which could be used to identify, directly or indirectly, a natural person (hereinafter “Data”). This Notice provides you with key information on our general practices regarding the management of Data, including in particular:

A) The Data we obtain and how it is obtained;

B) Our processing, use, and management of Data;

C) How we keep Data safe;

D) Your rights and choices regarding your Data;

E) Our contact points;

F) Specific notice for certain circumstances; and

G) Changes to this Notice.

Please read this Notice carefully to understand our policies and practices regarding your Data, and how we will treat it. If you do not agree with our policies and practices, please contact us to request that we no longer process your Data and we will take appropriate action in this regard. However, if we no longer process your Data, we may not be able to provide you with the information, goods, or services as may be requested.

A)     THE DATA WE OBTAIN AND HOW IT IS OBTAINED

The type of Data collected

The type of information collected depends significantly on the way you interact with us, for example, whether you are a service provider, a healthcare professional or user of our website. As such, the information we may obtain includes:
 

This includes information about your device and your usage of our websites (including your IP address); details of your network, browser, operating systems, and other online identifiers; geo-location information; access time; and pages viewed and URLs clicked-on. Such information may be obtained via cookies used on our websites (for further information please see the Cookies subsection below);
 

Such information is created when you interact (directly or indirectly) with Indivior and provide relevant information such as name, gender, age or date of birth, telephone numbers, e-mail addresses, professional registration details, government issued identification details, job titles, and associated payment information;
 

Such information can be specific to individuals, but is mostly non-specific, and may include information relating to an individual’s health conditions, treatment, and medical history. This is obtained only where necessary and strictly permitted under applicable law (including in relation to Indivior’s global safety systems and risk management plans, and as part of clinical studies).
 

This includes voice recordings, photos, and videos as may be provided or obtained from time to time.

How we obtain the Data:

In many circumstances, Indivior will collect Data from you or your representatives, though sometimes we may obtain it from public or third-party providers, including those as set out below:

Data received directly from you:

Data is often received directly from you when you:

Data from public or third-party providers:

Indivior also obtains Data from:

This Data collected from these other sources may include name, gender, telephone numbers, e-mail addresses, addresses, professional registration details, job titles, and government-issued identification details.

Specifics relating to Data obtained when you use our websites:

When you use Indivior’s websites, this Notice is part of and is incorporated into the Terms of Use which is a legally binding agreement between you and Indivior. When you use our websites, we will obtain certain Digital information, as described above, and manage such information in accordance with this Notice. BY ACCESSING, BROWSING OR USING OUR WEBSITES, YOU ACKNOWLEDGE YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS NOTICE, AND ANY UPDATES THEREOF.

B)     OUR PROCESSING, USE AND MANAGEMENT OF DATA

Our Processing of Your Data

There are various lawful bases on which we process your Data including:

In the normal course of business, we do not seek to collect or use patient Data; however, it is possible that patient Data may be provided to us, including for example if the details of such patients are reported to us by a third party as part of our monitoring of products pursuant to our global safety systems and risk management plans; or if participating in a study (in which case detailed notice will be given and consent sought). To help protect patient privacy, such Data is often provided to Indivior on an anonymised or pseudonymised basis.

In certain circumstances, such as if you are a healthcare professional with whom we interact, or a patient participating in an Indivior-related activity or study, we may provide you with a separate privacy notice, or a form to obtain your consent. In such instances, these privacy notices and consent forms provide further details beyond those set out here and take precedence over this Notice.

If you are a healthcare professional, please also see “Specific notice for certain circumstances” below.

Our Use and Management of Your Data

We use your Data for various purposes, including to:

Cookies

When you use or visit our websites, we collect information about your usage and activity using cookies, web beacons, and other technologies. Third parties may also view, edit, or set their own cookies. We and our third-party service providers, affiliates, and other business partners may also place web beacons for these third parties. The use of these technologies by third parties is subject to their own privacy policies and is not covered by this Notice, except as required by law. See our Cookies Policy for more details.

View or change your preferences

With Whom We May Share Your Data

Data you submit to one or more Indivior companies may be shared with other Indivior group companies pursuant to our intragroup arrangements incorporating standard contractual clauses designed to protect and properly administer such Data.

Data may be disclosed or transferred to a third party if we sell, transfer, divest, or disclose all or a portion of our business or assets to another company in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction, or similar proceeding.

Data may also be disclosed to government authorities or other relevant third parties in order to comply with applicable legal requirements, judicial proceedings, court orders, legal process, or lawful requests from governmental authorities.

Data may also be shared with our service providers who perform certain functions or services on our behalf. These include:

International Transfers

We are a global business and, as part of our operations, your Data may be transferred globally (including outside your country or the country in which your Data is collected). The laws and regulations in these countries may not be the same as the laws in your country.

We have put in place safeguards (such as standard contractual clauses) to provide adequate protection of Data, in accordance with applicable legal requirements. For more information on the safeguards in place, please contact us using the contact details listed below.

Social Networking Services

We use social networking services such as Twitter, Facebook, and YouTube to communicate with the public about our work. When you communicate with us using these services, we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service may also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for TwitterFacebook and YouTube (a Google company) on their websites.

C)     HOW WE KEEP DATA SAFE

How We Protect Your Data

We have put in place reasonable and appropriate organizational and technological controls to protect Data from accidental loss, alteration, or unauthorized use or disclosure. In addition, we take reasonable steps to limit access to your Data to those employees, agents, contractors, and other third parties who have a business need to know such Data to perform their assigned functions.

How Long We Will Keep Your Data

We will retain your Data for as long as reasonably necessary to fulfil the purposes for which it was obtained, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation and we believe the Data is relevant.

To determine the appropriate retention period for Data we consider: the necessity to retain the Data; the amount, nature, and sensitivity of the Data; the potential risk of harm from unauthorised use or disclosure of your Data; the purposes for which we process your Data; whether we can achieve these purposes through other means; and the applicable legal, regulatory, tax, accounting or other similar requirements.

E)     YOUR RIGHTS AND CHOICES REGARDING YOUR DATA

You may have various rights with respect to your Data, which will depend on various factors including the local laws in your country. Some rights may be subject to exceptions. For your own protection and that of others, we may need to verify your identity before you exercise such rights. Where applicable under local law, these rights may include:
 

If we process Data about you, then you may have the right under relevant data privacy laws to know that your Data is being processed, to request access to and copies of your Data, or to correct any inaccuracies.
 

You have the right to ask us to erase your personal information, subject to certain exceptions.
 

You may lodge a complaint with your local Data Privacy Supervisory Authority (which within Europe include those listed here.
 

If you have elected to receive information about our products or services and wish to opt-out of receiving such information, you can do so by contacting Indivior as described below. You should clearly state on all communications: your name, key details, and the information you no longer wish to receive.

Where you have provided consent to process your data and where applicable under local law, you may have the right to withdraw such consent, in which instance you can contact us as specified below explaining the position and clearly stating the consent which is being withdrawn.
 

In some circumstances, you have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you in a commonly used and machine-readable format.
 

You have the right to ask us to restrict the processing of your information in certain circumstances.
 

Where we rely on our legitimate interests to process your Data, you have the right to object to the continued processing of your Data.

To exercise your rights, or if you have any questions about your rights or a pending request, please contact Indivior as described below. You should clearly state on all communications: your name, key details you think are relevant, and the reason for your request (please do not provide any details you do not wish us to obtain unless necessary for us to process your request).

Children’s Privacy

We do not intend to process data of any child, nor are our websites intended for  use by children. Although we may from time to time obtain Data relating to a person under the age of 18 (including if such details are reported to us as a patient, in which case they shall be managed as described above), we would only obtain and process data on children in accordance with relevant legal requirements (including obtaining consent where required).  Nevertheless, if as a parent or guardian you believe your child may have provided Data to us, you should contact us as described below and we will use reasonable efforts to review such Data and take appropriate action.

E)     CONTACT POINTS

Should you wish to contact us, including to exercise your rights as described above, or if you have any queries or concerns regarding this Notice or our use of your Data, please email our Data Protection Officer at Privacy@Indivior.com. You may also write to us at Indivior, Attention: Data Protection Officer, 10710 Midlothian Turnpike, North Chesterfield, VA 23235 United States, or call us at +1 804 379 1090.

F)      SPECIFIC NOTICE FOR CERTAIN CIRCUMSTANCES.

California Consumer Protection Act

Kindly note that Indivior has established a policy providing further details relevant to California residents covered by the California Consumer Protection Act.

Healthcare Professionals

We have also created specific notices in English, GermanFrench and Italian for healthcare professionals in Europe and Canada which provide additional details on the management of their data.

G)      CHANGES TO THIS PRIVACY NOTICE

We may update our Privacy Notice from time to time to provide you with more information about how and why we process your personal data or in response to changes in our data processing activities or policies. If we make any material changes that have an impact on you, we will notify you of these changes before they take effect, for instance by sending you an email, by means of a notice on our website or by using other appropriate methods. We encourage you to periodically review this Notice to learn how Indivior processes and protects your personal information. You will be able to see when we last updated the Notice by checking the “last updated” date at the top of the Notice.