Third-Party Access and AI Models

Third-Party Access to Veeva Software/Data and Use of Veeva Data in AI Models

Veeva supports customer choice and maintains an open approach. Veeva customers may provide their third-party service providers with access to the customer’s instance of Veeva cloud software and to Veeva’s proprietary data products and use Veeva’s proprietary data products in AI models pursuant to the terms and limitations set forth below.

1. Third Party Access to Veeva Software

   Software Access by Restricted Competitors

   To protect Veeva’s intellectual property while enabling customer choice, the Veeva competitors listed in the table below (Restricted Competitors) must enter into Veeva’s standard restricted software access agreement (RSAA) before accessing Veeva’s cloud software applications. Each of the Restricted Competitors is familiar with the RSAA process, has entered into RSAAs in the past, and is able to sign an RSAA for any new customer project on a self-service basis. This list may be updated from time to time and Veeva will provide notice directly to any new competitors added to the list giving them 90 days to enter into Veeva’s standard access agreement or cease access to all Veeva applications. Regardless of whether specifically listed below, the requirement for an RSAA applies to any subsidiary or affiliate entity of a Restricted Competitor.

   Restricted Competitor List
   IQVIA, including IQVIA Holdings, Inc. and any of its corporate affiliates or subsidiaries (for example, any entities operating under the names IQVIA, HighPoint, Quintiles, Cegedim, AHM, Wingspan and any entity operating as “an IQVIA business”)
   Medidata, including Medidata Solutions Inc. and any of its corporate affiliates or subsidiaries (for example, any entities operating under the names Medidata or Dassault Systèmes SE and any entity operating as “a Medidata business”)
   Reltio, including Reltio Inc. and any of its corporate affiliates or subsidiaries (for example any entity operating under the name Reltio or as “a Reltio business”)
   Viseven, including Viseven Europe and any of its corporate affiliates or subsidiaries (for example any entity operating under the name Viseven or as “a Viseven business”)
   Platforce, including Platforce Limited and any of its corporate affiliates or subsidiaries (for example any entity operating under the name Platforce or as “a Platforce business”)

   Software Access By Third Parties That Are Not Restricted Competitors

   Access to Veeva’s cloud software applications by competitors and other third parties not listed in the table above is hereby approved by Veeva (without the need for an RSAA) subject to the terms of and compliance with the customer’s Master Subscription Agreement (MSA) with Veeva. As stated in the MSA, the customer remains responsible for ensuring that any third parties that are provided access to Veeva cloud software applications by the customer are aware of and comply with the terms of the MSA, including the obligation to maintain the confidentiality of Veeva information. Customers must ensure that such third parties access and use the Veeva cloud software only to provide services to the customer for the customer’s internal business requirements and not for any competitive purposes. The customer is responsible for breach of the Veeva MSA by any such third parties.

   Software Access for CROs to Conduct Study Builds

   Only CROs that are members of Veeva’s CRO partner program for clinical data management are authorized to conduct study builds in Veeva Vault CDMS. Please contact your Veeva account representative to confirm if a CRO you are considering is an authorized CRO program partner.

2. Third Party Access to Veeva Data Products

   Third Party Access to Veeva Data Products and Crossix Analytics Products

   Certain third parties are required to enter into an appropriate ADUA with Veeva before accessing Veeva’s proprietary data products (Veeva OpenData, Veeva Link, and Compass) and Crossix analytics products (collectively, “Veeva Data Products”). For those third parties required to enter into an ADUA, the requirements and process for granting third-party access to Veeva data products or Crossix analytics products are set out below.

   Access to Veeva Data Products by third parties not required to enter into an ADUA is hereby approved by Veeva (without the need for an ADUA) subject to the terms of and compliance with the customer’s applicable governing agreement (“Agreement”) with Veeva. As stated in the Agreement, the customer remains responsible for ensuring that any third parties that are provided access to Veeva Data Products by the customer are aware of and comply with the terms of the Agreement, including the obligation to maintain the confidentiality of Veeva Data Products. Customers must ensure that such third parties access and use the Veeva Data Products only to provide services to the customer, only for the customer’s internal business requirements, and not for any competitive purposes. The customer is responsible for breach of the Agreement by any such third parties.

   When an ADUA is required for Veeva OpenData, Link and Compass.

   For access to Veeva OpenData, Veeva Link and Compass, a Veeva authorized data use agreement (ADUA) must be in place with (i) any third party that offers a competitive data product, including through a subsidiary or affiliated company (e.g., IQVIA and other data providers), and (ii) any third party that will access Veeva data products to conduct analysis for a Veeva customer (e.g., analytics firms, consulting firms, ad agencies) before the third party is provided with access to Veeva data products. A large network of companies already have a Veeva ADUA in place and are authorized to receive Veeva data products without further action or approval from Veeva (see here). An ADUA is not needed to load Veeva data products to a cloud software solution unless the cloud software solution provider falls into category (i) or (ii) above.

   When an ADUA is required for Crossix Analytics Products.

   For access to Crossix analytics products a Crossix-specific ADUA must be in place with (i) any third party, including any subsidiary or affiliated company, that is also a provider of services or solutions for measurement, optimization or benchmarking of consumer and HCP marketing/advertising (e.g., IQVIA, Ipsos, DeepIntent, Symphony, HealthVerity), (ii) any advertising agency, and (iii) any person or entity that will use the Crossix analytics products to generate analysis or other deliverables for a customer. A Crossix ADUA is not needed to load Crossix analytics products to a cloud software solution unless the cloud software solution provider falls into category (i), (ii), or (iii) above.

   If you need help confirming whether a third party you do business with needs to enter into a Veeva ADUA before accessing Veeva data products or Crossix analytics products please contact: (i) tpa@veeva.com for Veeva OpenData, Link and Compass, or (ii) analytics_products_contracting@veeva.com for Crossix analytics products.

3. Use of Veeva Data Products with AI Models

   Veeva customers are permitted to use the Veeva Data Products in the customer’s private AI model for the sole use and benefit of the customer. For clarity, the customer may not permit Veeva Data Products to be loaded into or processed by any publicly-available artificial intelligence or machine learning application, model, website, software, or tool (collectively, “AI Model”) or permit Veeva Data Products to contribute to the training of any AI Model that may be used (including by the customer’s AI vendor) for the benefit of any entity other than the customer. After expiration or termination of the customer’s subscription to a Veeva Data Product, the customer will stop using and delete any AI Model that was trained on Veeva Data Products.