Privacy Policy

PIPA Privacy Policy

Last updated 25 May 2018


This website is operated by the Pharmaceutical Information and Pharmacovigilance Association (PIPA).

 PIPA and what it does

PIPA is a membership association for professionals working within the fields of medical information, pharmacovigilance and related functions in the pharmaceutical industry, and in other related professions.

PIPA provides a number of initiatives to help members in their roles including:

 Initiative Link
Member benefits.  Professional accreditation and PIPA’s journal ‘PIPEline’ published 3 times a year
Training.  PIPA offers training courses and eLearning tools for its members.
Guidance.  PIPA provides professional guidance, resources and standards for medical information, pharmacovigilance and Code compliance.

Forums.  PIPA has a number of meeting forums and online discussion forums that members can join.

Conference and networking.  PIPA runs an annual conference to give members the opportunity to learn, network and exchange ideas.

Data protection compliance

Unless stated otherwise, PIPA is the data controller in respect of all personal data collected on this website which means that we are responsible for ensuring that we do so in full compliance with data protection and all other related privacy laws.

This Privacy Policy explains what information is collected about you, how it is used, and the steps taken to ensure that it is kept secure. We also explain your rights and how to contact us.

Links to other websites

Please note, this website may contain links to other websites (such as those of advertisers or our partners).  These are not controlled by us or our service providers and the links are provided for your convenience. We are only responsible for our own privacy practices and our security of our website. We recommend that you check the privacy and security policies and procedures of each and every other website that you visit.


In order to provide our services to you (including PIPA membership), we will obtain details including:

  •  name and contact details of those registering for membership and/or using our services or making bookings and, where you do any of these things on behalf of another person, we may require their contact details as well
  • company name of the organisation you work for
  • membership type for those who subscribe to membership
  • supporting information other information that is relevant to the services you request such as dietary requirements and allergy information where you are attending an event where refreshments are provided. Details of the particular support information needed will normally be shown on the particular website page or other booking materials for the service you require
  • services used – details of events, courses and other services booked and / or used
  • feedback and survey responses we receive from you and others

Where we obtain information

In most cases we will obtain information directly from you (or from someone who requests goods or services for you on your behalf) or the device you use to communicate with us.  The information will be obtained through our website, telephone conversations, emails and written and verbal communications and from records of the services provided to you.  Some of this information may be obtained from our service providers.

We may supplement the information that you provide with other information that we obtain from our dealings with you (such as training you take up, subscriptions, forums you have participated in, events and courses you book for / have attended and details from other PIPA services you have signed up for).

Information about other people

If you provide information to us about any person other than yourself, you must ensure that they understand how their information will be used and that you are authorised to disclose it to us, and to consent to its use on their behalf, before doing so.

IP addresses

In order to understand how users use our website and our services and the things they are interested in, we may collect your Internet Protocol addresses (also known as IP addresses).  Your IP address is a unique address that computer devices (such as PCs, tablets and smartphones) use to identify themselves and in order to communicate with other devices in the network.


In common with many other website operators, we use standard technology called ‘cookies’ on this website. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive and they are used to record how you navigate this website on each visit.

Our cookies are used to enable us to develop our website and to enable you to properly navigate it.  We use cookies to collect personal information to enable us to reflect our users’ interests and by noting who has seen which pages, properties and advertisements, how frequently particular pages are visited and to enable us to determine the most popular areas of our website. We may use cookies to enrich your experience of using our website by allowing us to tailor what you see to what we have learned about your preferences during your visits to our sites.  Sometimes we may use services of third parties and they may use cookies on our behalf in order to provide their services.

The cookies we use on this website are:

ASP.NET_Sessionid session This session cookie keeps track on the visitor so that if they have logged in, they don’t have to log into each page they visit.
Senior CMS_Persistent 2 years This cookie is for looking after any River data associated with the session eg: form fields
__utma 2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmt 10 minutes Used to throttle request rate.
__utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
__utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.

Preventing use of cookies

Most browsers automatically accept cookies, but you can usually change your browser to prevent cookies being stored.  With experience, you can usually choose to switch off all cookies or to allow only certain ‘trusted’ sites to place cookies.

For further information on cookies and Flash cookies and how to switch them off see the Information Commissioner’s website at or visit or



All personal information that we obtain about you and/or any other person whose details you provide will be recorded, used, and protected by us in accordance with current data protection legislation, our Terms and Conditions ( and any other terms and conditions that are relevant to the services you request and this Privacy Policy. We will primarily use the personal information:

  • administration – for registration and general administration (including creating and administering login credentials and access controls for online services and bookings), administering memberships, recording and confirming CPD, compiling the member directory ( and the contractor database (
  • delivery- to provide membership benefits and other services you request from us
  • communication – to communicate with you in the event that any services requested are unavailable or if there is a query or problem with your requests
  • safety – to ensure a safe environment at our events and courses
  • records – for record keeping purposes
  • market research – to carry out market research so that we can improve the services we offer
  • service development – for research purposes and to enable us to understand requirements and develop services
  • analysis – to track and analyse activity on our website and to understand the interests and views of our members
  • getting to know you – to create an individual profile for you so that we can enhance your user experience, to understand and respect your preferences and to provide relevant content and details of opportunities (direct marketing) where you have agreed to receive them

 Consent and lawful processing of personal data

The legal basis for the collection and processing of your personal data is:

  • for administration and service delivery: that it is necessary to fulfil the contract that you are going to enter into or have entered into with us
  • for communication with members and users based outside the European Economic Area: that you have given your explicit consent
  • for dealing with medical needs: that you have given your explicit consent or, in serious cases, that it is in your vital interests to help you
  • for inclusion in our Member Directory or our Contractor Database: that you have given your consent
  • for direct marketing: that you have given your consent
  • in all other cases: that it is necessary for our legitimate interests which are to improve insight and information flow in the pharmaceutical sector and this does not prejudice or harm your rights and freedoms

Disclosing your personal information

In order to provide our services, we may, occasionally, appoint other organisations to carry out some of the processing activities on our behalf. These may include, for example, technology hosts, printing companies and mailing houses. In these circumstances, we will ensure that personal information is properly protected and that it is only used in accordance with this Privacy Policy.

If you agree to be included in our MEMBER DIRECTORY or our CONTRACTOR DATABASE your name, contact details and your organisation will be available to all members.

Use of your personal information at conferences and events and courses

In order to provide and administer events and courses, we will provide relevant details to those running the specific sessions you attend.

 Payment information

The payment card information you provide will only be available to the payment provider, which is, currently, WorldPay.  This will not be available to PIPA.


PIPA teams up with a selection of carefully chosen commercial partners.

You can view an up-to-date list of PIPA partners by clicking the link:


PIPA and PIPA Partners would like to contact you and/or any person whose information you provide to us to invite you to enjoy other services that are available and about a range of other initiatives in a number of ways, including by post, text message, email or, for relevant services, push notification, personalised on-screen messages and social media.   Details of how to opt-in to or opt-out of receiving newsletters and details of offers are on relevant pages of this website, in relevant forms you complete and/or in the electronic message you receive.

 Preferences / Subscribe / Unsubscribe

You and any other person whose information you have provided to us can change your/their mind about whether you/they wish to receive details of offers and opportunities at any time by using any of the methods shown below (see the section ‘How to contact us’ below) or by following the instructions with each offer you/they receive.


We take the security of personal information seriously.  We employ security technology, including firewalls, and Secure Socket Layers to safeguard information and have procedures in place to ensure that our paper and computer systems and databases are protected against unauthorised disclosure, use, loss and damage.

We only use third party service providers where we are satisfied that they provide adequate security for your personal data.


We may monitor or record telephone calls for security purposes and to improve the quality of the services we provide to you.


We will normally keep your personal data for six years after your membership has ended (unless we say otherwise in any documentation you are given) for financial / legal reporting obligations. If, after this point, you have not taken up any further services –  we will keep only minimal personal data (such as your name and the services you have had from us and details of any preferences or consents).


Unless we say otherwise in the privacy notice you are given, we do not transfer personal data outside the United Kingdom or the European Economic Area.  Wherever we transfer your personal data outside the European Economic Area, we will take proper steps to ensure that it is protected in accordance with this Privacy Policy and applicable privacy laws.

If you are based outside the European Economic Area, we will communicate with you and will do so on the basis of your explicit consent.


Privacy laws and practice are constantly developing and we aim to meet high standards.  Our policies and procedures are, therefore, under continual review. We may, from time to time, update our security and privacy policies.  If we want to make any significant changes in how we will use your personal data we will contact you directly and, if required, seek your consent.

We will ensure our website has our most up to date policy and suggest that you visit this page periodically to review our latest version.


You may update or correct your personal information online in relevant membership areas or by contacting us in writing or by email (see the section ‘How to contact us’ below). Please include your name, address and/or email address when you contact us as this helps us to ensure that we accept amendments only from the correct person. We encourage you to promptly update your personal information if it changes.

If you are providing updates or corrections about another person, we may require you to provide us with proof that you are authorised to provide that information to us.


You have a number of legal rights in respect of your personal data.  These include:

  • access. The right to receive a copy of the personal data that we hold about you. The same right applies to any other person whose personal data you provide to us.  We will require proof of identity and proof of authority if the request comes from someone other than the person whose data we are asked to provide.  This will ensure we only provide information to the correct person.  We normally expect to respond to requests within 28 days of receiving them.
  • withdraw consent to direct marketing. You can exercise this right at any time and can update your preferences yourself or ask us to do it for you.  See section ‘Updating and correcting your personal data’ above for details.
  • withdraw consent to other processing. Where the only legal basis for our processing your personal data is that we have your consent to do so, you may withdraw your consent to that processing at any time and we will have to stop processing your personal data.  Please note, this will only affect a new activity and does not mean that processing carried out before you withdrew your consent is unlawful.
  • rectification.  If you consider any of your personal data is inaccurate, you can correct it yourself or ask us to do it for you (see section ‘Updating and correcting your personal data’ above for details).
  • restriction. In limited circumstances you may be able to require us to restrict our processing of your personal data.  For example, if you consider what we hold is inaccurate and we disagree, the processing may be restricted until the accuracy has been verified.
  • erasure. In some circumstances, for example, where we have no legal basis for retaining your personal data, you may be entitled to require us to delete your personal data.
  • object. Where our processing is based on it being in our legitimate interests to do the processing, if, in your situation, your rights and freedoms override those interests, you may be entitled to object to the particular processing.
  • portability. Where you have provided personal data to us electronically, you may be entitled to require us to provide that data to you electronically or to transmit it to another organisation.


MAIL: Privacy Officer, PIPA, PO Box 254, Haselmere, Surrey, GU27 9AF

PHONE: 00 44 (0) 7904 164812