Updated: October 1, 2024
Veeva Systems is committed to maintaining a privacy program that is designed around trust,
transparency and respecting your rights in your personal information. This privacy notice describes
how we process personal information, including what information we collect, why we collect it, how
we use it, how we may share it, and your controls over your personal information.
This privacy notice describes the personal information that we process as part of:
- Our websites where this privacy notice is provided,
- Veeva-sponsored events and marketing activities,
- Engaging with representatives of our customers, suppliers and prospective customers and suppliers, and
- Our products.
Our Job Applicant Data Privacy Notice can be found by visiting careers.veeva.com.
Websites. When you visit our websites, we collect the following types of information.
Category of Information | Description |
---|---|
Device & Usage | We collect device and usage information such as cookie records, browser type, internet service provider (ISP), device IP address, operating systems and versions, advertising identifiers, device motion data, web beacons and clickstream data. |
Registration | When you create an account, respond to surveys, register for events, subscribe to publications, or engage in any similar activities through our websites, we collect information that you provide through that process, such as your name, email address, phone number, username and password, job title and survey responses. |
Account Verification | If you log into an account you’ve created with us, we collect your IP address, username and password, and other related information we need to verify you are the account owner, before allowing you to access that account. |
Events and Marketing. When you register to attend a Veeva-sponsored event, such as a webinar, summit or forum, or subscribe to our publications and newsletters, we collect the following types of information about you.
Category of Information | Description |
---|---|
Registration | When you create an account, respond to surveys, register for events, subscribe to publications, or engage in any similar activities through our websites, we collect information that you provide through that process, such as your name, email address, phone number, username and password, job title, survey responses and profile photos. |
Account Verification | If you log into an account you’ve created with us, we collect your IP address, username and password, and other related information we need to verify you are the account owner, before allowing you to access that account. |
Transactional | If there is a fee for the event you have registered for, we will collect information that allows us to collect and process your payment which may include your bank account information or credit or debit card number. |
Attendance | When you attend a Veeva-sponsored event, we collect information about the events you attend and how you engage with us and other event sponsors during the event. We may also take video recordings and photographs during the event that may include your likeness. |
Public Forums | If you engage in our public forums, we collect information you provide such as your public posts. |
Device & Usage | When you attend an online event and access our publications and newsletters, we collect device and usage information such as cookie records, browser type, internet service provider (ISP), device IP address, operating systems and versions, advertising identifiers, device motion data, web beacons and clickstream data. |
Travel Accommodations | For in-person events, we may assist with your travel and hotel arrangements and in these cases, we collect information from you to enable us to provide this assistance such as airline and flight information, lodging and dates of travel. We do not collect precise geolocation information. |
Representatives of Customers, Suppliers and Prospective Customers and Suppliers. If you are a representative of a Veeva customer, supplier or prospective customer or supplier, we collect the following types of information about you.
Category of Information | Description |
---|---|
Professional Identity & Contact | We collect information such as your name, email address, phone number, gender, membership in professional associations, unique identification number assigned to your profession (such as NPI and license number) and the name, size and location of the company you work for and your role within it. |
Our Products.
As part of our data products, we collect the following types of personal information related to the professional identity of healthcare providers and other industry professionals and stakeholders.
Category of Information | Description |
---|---|
Professional Identity & Contact | We collect information such as your name, email address, phone number, gender, membership in professional associations, unique identification number assigned to your profession (such as NPI and license number) and the name, size and location of the company you work for and your role within it. |
Professional Activity | We collect information about your professional activity such as your specialty, educational background, references, contributions to events, participation in clinical trials, publications and publicly available collaborations between you and other professionals or companies in the life sciences industry context. |
Professional Social Media | We collect professional social media information such as hyperlinks to professional network sites, posted content, handles, tweets, hashtags, likes, followers and mentions. |
Professional Images and Recordings | We collect publicly available video recordings and photographs. |
Inferences | We collect inferences, such as your interests and engagement preferences, that may be drawn from the above identifiers. |
We may combine your information with anonymized data files to help improve decisions on how to interact with you and other healthcare professionals.
As part of our healthcare marketing and analytic products, we collect the following types of personal information about consumers within the United States.
Category of Information | Description |
---|---|
Demographic | We collect demographic information such as your name, email address, phone number, gender, age, education level and address. |
Device & Usage | We collect device and usage information such as cookie records, browser type, internet service provider (ISP), device IP address, operating systems and versions, advertising identifiers, device motion data, web beacons and clickstream data. |
Consumer Attributes | We collect consumer information such as buying activity, media consumption, hobbies and interests, buying channel preferences (e.g., online, in store) and travel preferences. |
Inferences | We collect inferences, such as your interests and engagement preferences, that may be drawn from the above identifiers. |
We also process health-related information that has been certified by expert determination to meet the Health Insurance Portability and Accountability Act’s (HIPAA’s) de-identification standards such that the information is no longer considered protected health information or personal information subject to this privacy notice. We do not re-identify or attempt to re-identify any data which has been de-identified.
Websites. When you visit our websites, we collect your information directly from you and indirectly from you by observing your actions on our website or from your devices. This includes collecting information using analytic tools and other tracking technologies. Please see our Cookie Notice for more information.
Events and Marketing. When you register to attend a Veeva-sponsored event or subscribe to our publications and newsletters, we collect your information from you when you register, as directed by you during the registration process, as you engage with us and as you participate in activities and forums we provide.
Representatives of Customers, Suppliers and Prospective Customers and Suppliers. If you are a representative of a Veeva customer, supplier or prospective customer or supplier, we collect your information directly from you, your employer, our customers and suppliers and from publicly available websites such as LinkedIn.
Our Products. As part of our data products, we collect personal information about healthcare providers and other industry professionals and stakeholders from publicly available sources including government and public records, association websites, institutional websites (hospitals, universities, medical facilities), medical databases and registries, and other online professional profiles and web sources related to your professional activity. We may also collect personal information directly from you, your employer and affiliates and our customers.
As part of our healthcare marketing and analytic products, we don’t directly collect your personal information. We source demographic and consumer information from third-party consumer data partners who maintain databases containing information on adult consumers in the United States.
Websites. When you visit our websites, we collect your information to help us understand how you interact with us, to provide you with relevant information and services, and to help us to ensure our websites are working as designed. This includes processing personal information as necessary to analyze, improve and optimize the delivery and use of our websites and their security.
Events and Marketing. When you register to attend a Veeva-sponsored event or subscribe to our publications and newsletters, we collect your information to:
- provide you with the experience and information you’ve registered for or subscribed to;
- inform you of other events or information we believe you may be interested in;
- analyze, improve and promote our events, campaigns, products and services;
- personalize your content and experiences; and
- enable our suppliers, who are also participating in the Veeva-sponsored event, to contact you about their related products and services.
Representatives of Customers, Suppliers and Prospective Customers and Suppliers. If you are a representative of a Veeva customer, supplier or prospective customer or supplier, we collect information about you to allow us to provide you with information about us, the products, services and events we offer, and how we may work together. We also use your information to communicate with you to support, facilitate and advance our relationship.
Our Products. As part of our data products, we collect personal information about healthcare organizations, healthcare providers, and other related industry professionals and stakeholders (collectively, “Healthcare Professionals”) to facilitate our life sciences customers’ communication with them. This enables our life sciences customers to provide up-to-date scientific, medical information and promotional materials to Healthcare Professionals and to engage with Healthcare Professionals in context of drug development and better patient care.
As part of our healthcare marketing and analytic products, we collect personal information to help health brands communicate more effectively with consumers and to measure the impact of healthcare marketing. Relevant health communications enable consumers to make more informed choices about their health care.
The most effective way to deliver relevant communications to the right consumers starts with a deep understanding of the intended audience. We do this by using data and analytics to understand the demographic and consumer characteristics – e.g., age, gender, lifestyle, geography, etc. – most relevant to certain health conditions. More specifically, we use personal information to create “Audience Segments” – groupings of individuals based on non-medical demographic characteristics. Our customers use these Audience Segments to deliver tailored advertising to relevant consumers. You can find out more about our Audience Segments here. While some of our Audience Segments target health and health-related conditions, these segments are based on demographic characteristics alone and do not contain identifiable consumer health information or purport to reveal or infer that any given individual has a specific medical condition or diagnosis.
To make our Audience Segments available for tailored advertising in digital environments, we may ask our partners to identify devices or browsers of users with specific demographic and consumer attributes, and the users of these identified devices or browsers may receive tailored advertising in their web browsers, within mobile applications, and on connected TVs. Tailored advertising does not include using your interactions with us or information that you provide to us to select advertisements to show you.
To help our customers measure the impact of their marketing campaigns, we connect pseudonymized media exposure data (information that we are unable link back to you) with health information that has been de-identified in accordance with the Health Insurance Portability and Accountability Act’s (HIPAA’s) de-identification standards. We report only aggregated insights to our customers; we never report person- or device-level information.
Automated Processing. We do not make decisions about you which have legal or similarly significant effects on you, based solely on the automated processing, including profiling, of your data.
We may share personal information internally and with our subsidiaries and third parties for the following purposes:
- to support the purposes described in the section above entitled “Why We Collect Information and How We Use It”;
- to enable third parties to provide services on our behalf;
- to comply with applicable law, legal obligations and valid legal processes such as search warrants, subpoenas, or court orders;
- as necessary to establish, exercise or defend against potential, threatened or actual litigation;
- when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or investigate or prevent fraud or other illegal activity;
- in connection with a merger, sale or asset transfer; and
- for additional purposes with your consent, where consent is required by law.
When we share your personal information, we will ensure it is used in a manner consistent with this privacy notice and we will take reasonable steps to ensure that we only share the minimum personal information necessary for the specific purpose and circumstance.
We may provide bulletin boards, blogs, or chat rooms on our websites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums and may be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.
We may post lists of customers and testimonials on our websites that contain information such as customer names and titles. We obtain the consent of each customer prior to posting any information on such a list or posting testimonials. To request removal of your personal information from our blog or forum or to have your testimonials removed, contact us at privacy@veeva.com.
Our Products.
As part of our data products, we also share personal information with pharmaceutical, biotechnology and medical device companies (the life sciences industry) to allow those companies to provide you with scientific information about their products and services and as required by applicable law.
As part of our healthcare marketing and analytic products, we also share personal information with our customers in the life sciences industry (pharmaceutical, biotechnology and medical device companies), data analytics providers, consumer data resellers and advertising networks in order to provide our products to our customers. We do not “sell” or “share” sensitive personal information or process sensitive personal information for targeted advertising as such terms are defined under applicable data protection laws.
Do Not Sell or Share My Personal Information
Some states in the U.S. provide residents with the right to opt out of the sale, sharing, or use of their personal information for targeted advertising. We process your personal information for various purposes, some of which may be deemed by the laws in these states as a “sale” or “sharing” of your personal information or as “targeted advertising.” Visit our Do Not Sell or Share page for more information about our practices and how you can exercise your rights.
Web Sites Covered
This privacy statement covers the information practices of the Web sites and Services that link to this Privacy Statement: *.veeva.com, veeva.com/eu, veeva.com/jp, veeva.com/cn, veeva.com/ap, veeva.com/br, veeva.com/la, alignbiopharma.org, alignclinicalcro.org, our Customer Support Portal (collectively referred to as “Veeva Systems Web sites”, “the Company’s Web sites”), our Veeva Vault Services Platform (“Veeva Vault” or “Services Platform”) at *.veevavault.com, and our Veeva Network product (“Veeva Network”) at *.veevanetwork.com. The use of information collected through Veeva Vault or Veeva Network shall be limited to the purpose of providing the service for which the Customer (i.e., life sciences company) has engaged Veeva Systems.
We use a service provider that powers and processes our Customer Support Portal data that is accessed through a link on the Veeva Systems Web site. Although this portal resides on the service provider’s URL, it is branded as Veeva and Veeva Systems’ Privacy Statement governs the collection and use of information collected on these pages. All pages branded as Veeva Systems on this portal have a link to this Privacy Statement.
The Company’s Web sites may contain links to other web sites. Veeva Systems is not responsible for the information practices or the content of such other web sites. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any web site you visit.
Our Web site also includes Social Media Features, such as the Facebook button and Widgets or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy statement of the company providing it.
Web Site Navigational Information
Veeva Systems uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web sites and how this information may be used.
Cookies and Other Tracking Technologies
A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. Technologies such as: cookies, beacons, tags and scripts are used by Veeva Systems and some of our business partners (e.g., our tracking utility company), affiliates, or analytics or service. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We use session cookies to make it easier for you to navigate our site. A session ID cookie expires when you close your browser. Cookies enable us to track and target the interests of our users to enhance the experience on our site.
Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended.
What cookies do we use?
We use the following categories on our websites and other online services:
Category 1 — Strictly Necessary Cookies
These cookies are essential to enable you to browse around our websites and use their features. Without these cookies, services including user account login and access to video content cannot be provided.
Category 2 — Preference Cookies
These cookies collect information about how you use our websites and remember choices you make while browsing. This data may be used to help optimize our websites and make them easier for you to navigate.
For instance, we may store your geographic location in a cookie to ensure that we show you our website localized for your area. We may also remember preferences such as text size, fonts, and other customizable site elements. They may also be used to keep track of what featured products or videos have been viewed to avoid repetition. The information these cookies collect will not personally identify you, and they cannot track your browsing activity on non-Veeva websites.
Category 3 — Statistics Cookies
These cookies help Veeva understand how visitors interact with our websites and help us improve our overall site experience.
Veeva primarily uses Matomo on our website to provide statistics and reporting on our website performance.
Category 4 — Marketing Cookies
These cookies are used to track visitors behavior on our site and potentially across non-Veeva websites. The intention is to display Veeva specific content and advertisements that are relevant and engaging for the individual user. The information these cookies collect will not personally identify you and is used to target content to users anonymously.
How to control cookies
You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
Web Beacons
Veeva Systems uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Veeva may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. Veeva Systems uses Web beacons to operate and improve the Company’s Web sites and email communications.
Veeva Systems may use information from Web beacons in combination with data about Veeva Customers to provide you with information about the Company and services.
Log Files
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you.
Local Storage
We use Local Storage (LS) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
Do Not Track
Currently, various browsers (such as Internet Explorer, Firefox, and Safari) offer a “do not track” or “DNT” option. Veeva Systems does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Veeva Systems takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
Behavioral Targeting / Re-Targeting
We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
Websites and Apps. We only keep your information for as long as it is necessary and relevant for the purposes described in this privacy notice. We retain your information for two years only (or as otherwise required by law).
Events and Marketing. We only keep your information for as long as it is necessary and relevant for the purposes described in this privacy notice.
Representatives of Customers, Suppliers and Prospective Customers and Suppliers. We retain your information for as long as your account is active, as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or as otherwise reasonably necessary for our business purposes.
Our Products. As part of our data products, we keep your information for 10 years after it is no longer professionally relevant for the purposes described in this notice.
As part of our healthcare marketing and analytic products, we retain personal information for up to 12 months from the date we last used the information.
We offer you certain controls over your information. These controls may include the right to access, delete, correct, transfer and opt-out or object to the processing of your information. If you choose to exercise your rights, we will respond to your request in accordance with applicable laws, which may vary depending on where you live. Any U.S. resident may opt out of the sale or sharing of their personal information within our consumer-based advertising products and services.
If you wish to exercise your privacy rights, click here. In order to process your request, we require certain information about you. We will only use this information to verify your identity and facilitate the processing of your request. We may require you to provide proof of your identity. You may use an authorized agent to submit a request on your behalf. Your authorized agent must have your signed permission or power of attorney to submit a request on your behalf. There may be times when we are unable to fulfill your request; in those cases, we will let you know why we are unable to fulfill your request, subject to applicable law.
To opt out of our use of non-essential cookies, visit our Preference Center.
To unsubscribe from Veeva marketing emails, click on the “unsubscribe” link located on the bottom of the email. Please note that customers cannot opt out of receiving transactional emails related to the use of Veeva’s products and services.
Our websites and services are not designed for or directed at children, and we do not knowingly collect personal information from children under the age of 13. We do not knowingly collect any information from children under the age of 18 as part of our data products or our healthcare marketing and analytic products.
If you believe we may have mistakenly collected the personal information of a minor without appropriate consent, please contact us using the methods described in the “Contact Us” section and we will investigate and promptly address the issue.
We maintain a privacy and security program with technical, physical and organizational safeguards designed to protect against the wrongful access, use or disclosure of personal information, and to provide a level of security which we believe is appropriate to the risk our processing of your personal information poses to your privacy. We regularly review and modify our security measures to reflect changing technology, laws and regulations, risk, industry and security practices and other business needs. More information about our security program can be found here.
We are a global company. As a global company, we may transfer your personal information to various locations around the world for the purposes described in this privacy notice. We apply the protections and limitations described in this privacy notice regardless of where we process your personal information.
We also comply with various legal frameworks that enable the cross-border transfer of personal information. Where required, we rely on transfer mechanisms that lawfully support data transfer to other jurisdictions, such as Standard Contractual Clauses, “adequacy” determinations, obtaining your consent or another recognized transfer mechanism.
Data Privacy Framework
Veeva Systems Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF (UK Extension), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the (i) EU-U.S. DPF Principles with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension, and (ii) Swiss-U.S. DPF Principles with regard to the processing of personal information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the DPF program and to view our certification visit the Data Privacy Framework Program website.
If you have questions or concerns regarding our handling of your personal information under the DPF or about our privacy program generally, please contact us at privacy@veeva.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at feedback-form.truste.com/watchdog/request. If neither process resolves your question or concern, you may be able to pursue binding arbitration; visit the Data Privacy Framework Program website for more information about how to submit a complaint.
The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF. We remain responsible for personal information that we transfer to third parties for processing on our behalf. We may be required to disclose personal information that we handle under the DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, as described in more detail by our Government Access Request Policy.
Veeva’s Government Access Request Policy
This Government Access Request Policy describes how we respond to requests from governmental and other public authorities (collectively, “Government Authorities”) for access to Customer Data (as defined in our customer agreements) or other personal information (collectively, “Data”).
Validity. We do not voluntarily disclose Data to Government Authorities. We only disclose Data where there is a valid legal basis to do so (such as through a warrant, subpoena or court order). We review all requests on a case-by-case basis and in accordance with applicable law. If we determine there is a valid legal basis for the request, we comply by providing the least amount of Data necessary to respond to the request.
We never create backdoors in our products or services to allow Government Authorities to access Data.
Challenges. We challenge requests if we believe:
- there is no valid legal basis for it,
- the request is unlawful,
- the request is unclear, overly broad or inappropriate, or
- where compliance with the request would put us in potential breach of applicable laws in another country.
Notification. We notify our customers if a Government Authority requests their Data unless we are legally prohibited from doing so, in the event of an emergency (such as to prevent imminent death or serious physical harm to an individual) or in cases where we reasonably believe such notice would be counterproductive.
Transparency Report. We publish a report of requests we have received and our response to them. We update this report semi-annually.
Type of Request | Country of Origin of the Request | Action Taken | Year |
---|---|---|---|
Subpoena | US | Fulfilled | 2020 |
Search Warrant | US | Fulfilled | 2020 |
Updated: October 1, 2024
The personal information that we process on behalf of and to provide products and services to our customers, including when customer representatives are users of our products and services, is subject to the terms and conditions of our customer agreements.
Where requested, we offer a Data Processing Addendum and Standard Contractual Clauses to enable our customers to comply with data protection laws applicable to our processing of personal information on their behalf. We process, transfer and maintain customer personal information strictly in accordance with our customer agreements and applicable law.
If you are interested in learning about our customers’ use of your personal information, we encourage you to contact the customer. We cooperate with our customers if they need our assistance in fulfilling requests from individuals to exercise their data privacy rights.
Information about our security program can be found here. A list of our support locations and our sub-processors can be found here.
From time-to-time, we may change our privacy notice to reflect changing technology, laws, regulations, risk, industry and security practices and other business needs. The most up-to-date version will be found on this website; we post its effective date at the top. If we make a material update, we may notify you by posting notice on our website or by other means, consistent with applicable law.
If you wish to exercise your privacy rights, click here.
If you have any questions about our privacy practices, you can contact our Chief Privacy Officer at:
Veeva Systems Inc.
4280 Hacienda Drive
Pleasanton, CA 94588 USA
privacy@veeva.com
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Representatives of Customers, Suppliers and Prospective Customers and Suppliers. The legal basis for processing personal information about representatives of our existing and potential customers and suppliers is our legitimate interest in supporting our existing or potential business relationship with such customer or supplier.
Websites and Apps. The legal basis for processing internet protocol addresses is our legitimate interest in providing the Veeva website. The legal basis for the processing of usage data is your consent. If data is collected from you on the basis of consent, we will indicate whether the data in question is required or voluntary information.
Events and Marketing. The legal basis for processing our events and marketing information is that the processing is necessary for the performance of a contract with you or is otherwise processed with your consent.
Our Products. The legal basis for processing personal information as part of our data products is our legitimate interest in providing a database of healthcare organizations, healthcare providers or other professionals who contribute directly or indirectly to healthcare life sciences companies, to provide you with scientific information about their products and services to make available, and as required by law.
Our healthcare marketing and analytic products are currently only available in the United States.
Contact Us.
If you have any questions about our privacy practices, you can contact our Chief Privacy Officer at privacy@veeva.com or our EU Data Protection Officer at eudpo@veeva.com. You can also write to our data controller, Veeva Systems Inc., or our various local representatives, at the addresses below:
Veeva Systems Inc.
Attention: EU Data Protection Officer
4280 Hacienda Drive
Pleasanton, CA 94588 USA
Local representatives of the data controller:
Germany
Veeva Systems GmbH
Attention: EU Data Protection Officer
Lindleystraße 12
60314 Frankfurt am Main
UK
Veeva Systems UK Ltd
Attention: EU Data Protection Officer
Building 5700, 2nd Floor
Spiers House, John Smith Drive
Oxford Business Park South
Oxford, OX4 2RW
Hungary
Veeva Systems Hungary Kft.
Attention: EU Data Protection Officer
Bécsi út 68-84, 1034
Budapest, Hungary
Turkey (data controller representative authorised to represent Veeva in the matters specified in the third paragraph of Article 11 of the Regulation on the Data Controllers’ Registry)
Gökçe Yönetim ve Danışmanlık A.Ş.
İzzet Paşa Mah. Abide-i Hürriyet Cad. Biz Cevahir İş Merkezi No: 158 İç Kapı No: 2
Şişli / İstanbul / Türkiye
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
If you are a resident of California, Colorado, Connecticut, Florida, Montana, Oregon, Texas, Utah or Virginia, you may have the following rights, subject to certain limitations. These rights include:
- Know: Right to know what personal information we hold about you;
- Correct*: Right to correct your inaccurate or incomplete personal information;
- Delete: Right to request your personal information be deleted;
- Portability: Right to obtain a copy of your personal information in a portable and readily usable format;
- Opt-Out: Right to opt out of the sale of your personal information or the processing of your personal information for targeted advertising or certain profiling and automated decision-making activities;
- Limit**: Right to limit the use or disclosure of your sensitive personal information; and
- Non-Discrimination: The right not to receive discriminatory treatment for the exercise of your privacy rights.
If you wish to exercise your rights, click here. You may also exercise your rights by calling us (free of charge) at 1 (877) 807-3230.
* Not available to Utah residents under the Utah Consumer Privacy Act.
** Available to California residents under the California Consumer Privacy Act.
The following additional notice applies to residents of California.
- Identifiers such as a real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address and account name
- Personal Information categories as defined in the California Customer Records statute, Cal. Civ. Code Section 1798.80, such as name, education, employment, employment history and financial information
- Characteristics of Protected Classifications under California or Federal Law
- Internet or other electronic network activity information, such as browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems and advertisements
- Audio, electronic, visual and similar information, such as images and audio, video or call recordings created in connection with your practice
- Professional or employment-related information, such as job title as well as work history and experience in connection with your practice
- Inferences drawn from any of the personal information collected to create a profile or summary about, for example, an individual’s preferences and characteristics*
The categories of personal information we collect include:
* Only as defined under the California Consumer Privacy Act (CCPA). We use personal information to create our Audience Segments (groupings of individuals based on non-medical demographic characteristics). Our customers use these Audience Segments to deliver tailored advertising to relevant consumers via digital and TV advertisements. While some of our Audience Segments target health and health-related conditions, these segments are based on demographic characteristics alone and do not contain identifiable consumer health information or purport to reveal or infer that any given individual has a specific medical condition or diagnosis.
We collect this information to support the purposes described in the section of this privacy notice entitled “Why We Collect Information and How We Use It.” We collect your personal information from the sources described under the “How We Collect Information” section of this privacy notice. We disclose the information from the above listed categories for the purposes and to the categories of recipients described in the section of this privacy notice entitled “Sharing Your Information.”
We process your personal information for various purposes, some of which may be deemed as a “sale” or “sharing” of your personal data under the CCPA. As defined by the CCPA, we sell or share certain data elements within the following categories of personal information: identifiers; personal information categories as defined in the California Customer Records statute; characteristics of protected classes; internet or other electronic network activities; audio, electronic, visual and similar information; professional or employment-related information; and inferences.
Generally, we sell this information to or share it with pharmaceutical, biotechnology and medical device companies (the life sciences industry), data analytics providers, consumer data resellers and advertising networks, as further described in the section of this privacy notice entitled “Sharing Your Information” for the purposes described in the section entitled “Why We Collect Information and How We Use It.”
We do not use or disclose sensitive personal information for any purpose other than those specified in Section 7027(m) of the CCPA regulations.
Privacy Rights Metrics
Request | ||||
---|---|---|---|---|
Know | Delete | Correct | Opt-Out | |
Requests Received | 9 | 7 | 0 | 8 |
Requests Completed (in whole or in part) | 7 | 5 | 0 | 6 |
Requests Not Completed* | 2 | 2 | 0 | 2 |
Average Days to Complete | 13.8 | 13.8 | n/a | 14.1 |
This data reflects requests received from consumers in the State of California from January 1, 2023 – December 31, 2023, using the methods described in this privacy notice. Requests that were in process as of December 31 are not reflected in the above numbers.
*Requests may not have been completed due to a variety of reasons, including where we were unable to verify the request, the request had been made multiple times and previous requests had been complied with, where we did not have personal information on the requestor, or where the requestor withdrew their request.