Merz is responsible for the personal data that you share with us or that we receive about you.
Merz is responsible for processing your personal data, meaning that it is a “controller” under the terms of Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”) and EU Member state laws. “Controller” is the legal term for the company, in this case Merz, which, alone or jointly with others, determines the purposes and the means by which your personal data are processed. The controller for this website is Merz North America, Inc., 6501 Six Forks Road, Raleigh, NC, USA 27607.
Why we process your personal data
Merz processes personal data you provide on this website in order to evaluate, process and otherwise administer your request for any of the following: (1) resident training support; (2) medical education programs; (3) investigator-initiated studies (IITs); (4) publication support; (5) commercial program support; and (6) charitable giving. Merz may also processes personal data you submit on this website in order to perform a contract with you or because it may have a legal obligation to do so.
Certain areas of this website are restricted to medical professionals and require registration. If you are a medical professional who is registering to use restricted areas of a website, we require you to provide information including your name, practice name, email address and physical address. You are also required to create a unique username and password. Merz uses this information to create and manage user accounts and identify authorized users. Merz also sometimes processes this data to perform a contract, where we have a contract with you. We also share your registration data with other Merz affiliated companies inside and outside the EU and the EEA for sales and marketing purposes.
If you are a European resident and your personal data is transferred outside the EU and EEA, Merz uses the measures described in Sections F and H below, to ensure a lawful transfer.
This website uses data cookies to simplify and improve your experience. Cookies are small text files that are stored on your computer or server, that exchange settings-related information with Merz’s systems. A cookie normally contains the name of the domain from which the cookie data were sent, information about the cookie's age, and an alphanumeric identifier.
If you visit a password-protected area of this website session cookies are used for the duration of your visit. These enable Merz to make your experience simpler by using a single sign-on method as a means of authenticating you across the password-protected areas of websites. This method enables you to move around the website’s entire password-protected area without having to log in to each area separately.
How We Use Google Maps
This website employs Google Maps API, which uses your location to provide additional services and features that you choose to interact with— for example, displaying the locations of Merz companies and medical specialists near you. If you access Google Maps on Merz websites, technical data pertaining to your accessing the system (e.g. your postal code or IP address) may be transmitted to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, which is certified under the EU-U.S. Privacy Shield framework.
If you do not wish to use Google Maps you should not use the integrated Google Maps feature in our websites or enter your address into the medical specialist locator tool.
How we use reCAPTCHA
In order to protect the content you provide in forms on our website, this website uses the "reCAPTCHA" service from the company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 United States, which is certified under the EU-U.S. Privacy Shield framework. With this service, we can differentiate between information entered into a form by a human and information entered by an automated machine (“bot”).
To the best of our knowledge, reCAPTCHA processes your URL, IP address, website activity, operating system, browser, length of visit, cookies, display instructions and scripts. reCAPTCHA also captures the mouse motion used to check the box. These data are transferred to Google to prevent bots from completing web forms. Merz’s legitimate interest in using reCAPTCHA is protecting our forms from bots.
The information obtained via the reCAPTCHA service is used in accordance with Google's Usage Terms and Conditions: https://policies.google.com/privacy?hl=en
Passing on personal data to (other) third parties
Merz relies on the support of specialized technical service providers for the technical processing of personal data. These service providers are carefully selected and are legally and contractually committed to ensuring a high level of data protection. If data is transmitted to service providers in countries that are outside the European Union or European Economic Area and that, according to the European Commission, do not offer an “adequate level of data protection,” then Merz safeguards that the data is transferred in line with the special requirements on transfers of personal data to such countries (e.g. service provider is certified under the EU-U.S. Privacy Shield or the European Commission's standard contractual clauses are entered into, and can be accessed here: http://data.europa.eu/eli/dec/2010/87/oj).
In individual cases, Merz works with companies and other entities that have special expertise in specific areas or subject knowledge (such as tax auditors, lawyers, and consulting firms, for example). These entities are either subject to a professional duty of confidentiality and/or have been obliged by Merz to maintain confidentiality.
Merz will only pass on personal data to third parties for purposes other than those specified in this FIN if there is a legal obligation to do so or if you have provided your express consent to such disclosure.
How long we hold your data
International transfer of data outside the EU/EEA within Merz
If data is transmitted from Merz companies located within the European Union or European Economic Area to Merz companies in countries that are outside the European Union or European Economic Area and that, according to the European Commission, do not offer an “adequate level of data protection,” then Merz safeguards your data pursuant to the European Commission's standard contractual clauses for these countries and has thus provided the requisite additional safeguards for the protection of personal data. These can be accessed here: https://eur-lex.europa.eu/eli/dec/2004/915/oj. An overview of all Merz companies is provided in Section A, above. Merz also complies with the cross border data transfer and export control laws of non-European countries within which it operates.
If you would like detailed information on your personal data stored by Merz, you can contact our global privacy office at email@example.com. You may also request to receive information about any data that you have provided to Merz in accordance with applicable law in a structured, commonly used, and machine-readable format, or you may also request that we submit such information to a third party. If you discover that personal information that has been stored about you is incorrect or incomplete, you may request that such data be immediately corrected or completed at any time. If the requirements stipulated in Article 17 and 18 of the GDPR are met, you may also request the erasure of your personal data or that processing of it be restricted. You also have the right to lodge a complaint with the relevant supervisory authority for data protection issues in the area where you live.
If Merz processes your personal data based on our “legitimate business interests” per Article 6(1), Sentence 1(f) of the GDPR, you can object to the processing by telling us how our processing violates your rights in your unique situation. If you object, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing, which overrides your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. If you are objecting to direct marketing by us, we will honor your request and cease such marketing.
If you have any questions about how Merz processes personal data or about exercising your rights as a data subject, you can contact Merz at any time at:
Global Privacy Office
6501 Six Forks Road
Raleigh, NC 27615
Hours: Monday-Friday, 8:00 AM to 8:00 PM ET