Privacy notice

How we use your personal data

This Notice applies to the processing of your personal data when:

• we communicate with you by using email or similar means of communication,
• we meet online by using third-party teleconferencing tools, or
• you visit or use our UK websites and other digital properties (such as apps) or platforms (each, a “Site”) and each such Site may have an additional specific privacy notice.

We will only process your personal data in accordance with the applicable laws and when we have a legal basis for the processing as identified below. We will use your personal data for the purposes for which it was collected, unless we reasonably consider that we may process it for another purpose which is compatible with the original purpose.  We will notify you in advance if we change or add to those purposes and seek your consent, if necessary by law.

We adopt stringent physical security and robust information collection, storage and processing practices beyond the reasonable measures required by law to secure your personal data and to prevent from accidental loss or unauthorised access, use, alteration, or disclosure, including access controls.

We keep your personal data no longer than necessary in accordance with retention periods as part of our Records and Information Management policy. In most cases, for contractual and financial information, including any complaints, customer training or correspondence, the relevant retention period is no more than 11 years. In the pharmaceutical industry there are a number of instances where personal data is required to be kept by law for a period of time which may be shorter or longer than 11 years.  To determine the appropriate retention period, we consider the amount, nature and sensitivity of the data, the potential risk of harm resulting from its unauthorised use or disclosure, the purposes for which we disclose the personal data and whether we can achieve those purposes by other means and any applicable legal requirements (whichever is the longest). We will take reasonable steps to delete personal data no longer required or we take appropriate steps to anonymise (irreversibly remove any identifiers from) your personal data. We describe some of the retention periods in the specific sections which may be applicable to you below. If you would like further information, please Contact Us.

We collect personal data about you directly during our interactions with you or in some cases indirectly through a third-party service provider, who may also be a joint controller. This may include: your name, surname, your business address, email address and phone number necessary for the performance of a contract with you, to meet legal obligations or where we have a legitimate interest.

We may also process your personal data where we have a legal obligation such as

• tax, accounting, regulatory, pharmacovigilance, advertising and compliance and other legal obligations, or,
• to detect, investigate, prevent or report activities that may violate our policies or be illegal, such as fraud, terrorism, misrepresentation, security incidents or crime, or,
• in the case of dispute resolution, legal claims, compliance with legal and self-regulatory obligations, and investigative purposes deemed necessary (including disclosure in connection with regulatory queries, legal process or litigation), maintenance of records of any consents, (including preferences or other settings to enable us to comply with data protection law), or,
• for due diligence processes such as prior to setting up a trading account, or,
• for mergers and acquisitions in relation to our group companies.

We also have a legitimate business interest in processing your personal data for managing our business, the promotion of our products, services and events, the management, operation and improvement of our Sites, communication and business. We may use techniques such as artificial intelligence to process and analyse data contained in records of our communications, online meetings with you, including your voice and image, and other interactions with you, survey responses (where applicable), your marketing preferences, including any consents you have given us.

Also, depending on your interaction with Teva, we may collect additional personal data for other purposes.   Please expand the section most relevant to you.

Sharing your personal data

Generally, we may share your personal data with the following categories of recipients (in all cases, only when necessary to fulfil their functions):

• external consultants, professional advisors and agents;
• other companies in the Teva group of companies worldwide located in the European Economic Area and beyond such as India, Israel, and the USA, who may provide group services such as HR, Finance, Compliance, Legal, Marketing, and IT. You can view a list of all the Teva affiliates at the following website: https://www.tevapharm.com/contact-us/. We rely on adequacy decisions for the transfer of personal data to countries in the European Economic Area, Israel and the United States, which are decisions by the UK ICO that having assessed the adequacy of the data protection laws in the relevant countries, the UK ICO deems the level of protection in those countries as broadly equivalent to that in the UK. For transfers to India we rely on standard contractual clauses which contractually ensure the same degree of protection to your personal data as that which you would expect by law in the UK.
• third party service providers which process your personal data on behalf of Teva and who are bound by contractual obligations to keep your personal data confidential and appropriately secure to the same standard as could be expected in the UK, or regarded as adequate by the UK ICO, such as:
• various IT support, website hosting, CRM hosting, event management and analytics providers;
• investment houses for the purposes of benefits management, training providers, inquiry and other database hosting and support; and
• various HR, finance, travel and administration services;
• government authorities (including tax authorities), regulatory agencies including European Medicines Agency or equivalent locally, law enforcement officials and pharmaceutical self-regulatory bodies such as EFPIA in Europe;
• in relation to the performance of our relations, the protection of our legitimate interests or the compliance with our legal obligations, we may disclose your personal data to service providers such as banks, postal service providers, lawyers, auditors, etc. When dealing with such providers, we require them to strictly comply with all applicable data protection rules and laws, as well as the specific rules applicable to their activities and the protection of the information they process in the course of such activity;
• in the event that the business is sold or integrated with another business, potentially our advisers, any prospective purchaser’s advisers and any new owners of the business and third parties (and their advisors) with whom we merge with or acquire in future.

Your Rights and withdrawing consent

You may be entitled under the applicable law to ask Teva for a copy of your information, to correct it, erase or restrict its processing, or to ask us to transfer some of this information to other organisations. You may also have rights to object to some processing (in particular, where we do not have to process the information to meet a contractual or other legal requirement, or where we are using the information for direct marketing). These rights may be limited in some situations – for example, where we can demonstrate we have a legal requirement to process your personal data.

Where you have consented to the processing of your data, you may also tell us that you wish to withdraw your consent at any time.

You have a right to opt-out or change your preferences for any direct marketing, such as emails promoting our products, services and events at any time. You can do this by contacting us using the details set out below. For certain Sites, you may also have an ability to change some marketing preferences online or in-app.

You may be resident in a country which affords similar privacy rights to those described above.  If you have any concerns about how we process your personal data or wish to exercise any of your rights you may have or wish to obtain other information, you can contact us using the details set out below.

Contact Us

If you have any concerns or questions about how we process your personal data or you wish to exercise any of your rights or obtain other information, such as a copy of a legitimate interests balancing test, you can get in touch with the Teva Data Protection Office by contacting us:

• for the UK, Switzerland or EU, please write to our Data Protection Office at Teva Europe EUPrivacy@tevaeu.com
• for the United States, write to USPrivacy@tevapharm.com
• for anywhere else, please write to IMPrivacy@tevapharm.com

The data controller for personal data gathered by or on behalf of Teva depends on your interaction with the relevant UK company. For personal data gathered by Teva UK Limited the data controller is Teva UK Limited (Company No 00302461) whose registered office is Ridings Point, Whistler Drive, Castleford, WF10 5HX; for personal data gathered by Norton Healthcare Limited, the data controller is Norton Healthcare Limited (Company No 00947980) whose registered office is Ridings Point, Whistler Drive, Castleford, WF10 5HX and for personal data gathered by Teva NI Limited, the data controller is Teva NI Limited (Company No NI023272) whose registered office is Old Belfast Road, Millbrook, Larne, Northern Ireland, Northern Ireland, BT40 2SH.

We hope that we can satisfy any queries you may have about the way in which we process your personal data. If you have unresolved concerns, you also have the right to complain to the UK Information Commissioner at Make a complaint | ICO   or the relevant data protection authority in your country (a list of EU data protection authorities is available from here).

July 2025