Privacy Policy

Last updated: May 5, 2023

  1. OVERVIEW
  1. Bramson Productions Inc. (“Bramson”, “we”, “us” “our” or variants thereof as the context requires) a New York corporation, which operates the MSD One application (the “App”). This Privacy Policy sets forth the ways that we collect information from and about individuals, how we comply with applicable laws that require the protection that information, and how to contact us if you have questions about how we process personal data and information. If you have any questions or comments regarding data that we collect under this policy, please direct them to [email protected].
  2. In the App, we process data as a data processor on behalf of MERCK SHARP & DOHME LLC (“MSD”) who are the controllers of that personal data. Where we provide the App and other services on behalf of our clients, our clients determine how and why personal data submitted to the our services is used, either by or at the direction of such customers. With respect to such Personal Data, Bramson is a “data processor” (“Data Processor”) under the EU General Data Protection Regulation (“GDPR”) and a “service provider” under the California Privacy Rights Act (“CPRA”), and (2) MSD is the “controller” (“Data Controller”) under GDPR.
  3. If you are a California resident or data subject in Europe, please see the “Additional Disclosures for California Residents” and “Additional Disclosures for European Data Subjects” in Sections 16 and 17, respectively.
  1. INFORMATION WE PROCESS
  1. When you access the App, we collect, and in the last 12 months have collected, the types of information, described in Sections 3 through 5 below entitled "access information," "contact information and content" and " information from other sources.”
  1. ACCESS INFORMATION
  1. When you visit the App and/or use any of our services, we may collect information about your computer or mobile device, including where available, your geographic location, IP address, operating system and browser type, device type, bandwidth, etc. for system administration and analysis. If you use our mobile applications, you may grant the application access to your device’s camera, microphones, geolocation information, or other files stored on your device. You can revoke this permission using the features of your mobile device.
  2. We may also keep details of your visits to the App including, but not limited to, traffic data, location data, weblogs and other communication data, time spent on the App, number of pages viewed, referring web pages, the resources that you access and the date and time of access, etc. To the extent this information can identify you directly, or indirectly when combined with other information, it will be subject to this privacy policy.
  1. The App use cookies, web beacons, and other technologies in order to provide you with an improved browsing experience and to allow us to improve our App and our services. When you first access the App, depending on your location, you may receive a message advising you that cookies and similar technologies are in use.
  2. If the App access your device’s location, microphone, camera, or photos, we will ask for permission in order to access those features.
  1. CONTACT INFORMATION AND CONTENT
  1. MSD may provide us with certain information about you to into the App. This may include information about your participation at an event. This may include your name, job title, function title, or profession, business contact information such as your email or phone number, work address, role at the meeting and other relevant information collected by MSD and relating to your participation in an event.
  2. Users of the App and our services may also give us personal information by entering into our App. This includes information you provide when you register to use our App, participate in meetings produced by Bramson, complete a survey, use any interactive functions on our App, inquire about our App or services or when you report a problem with our App or services. The information you give us may include your name, business contact information such as your job title or role, email address, business address, or phone numbers; personal contact information such as email address and phone number. If you choose to provide a social media profile or connect a social media profile with the app, we may automatically collect selected information about you from your social media account. The information we collect depends on your social media privacy settings for sharing such personal data, and may include name, profile picture, age range, gender, language, country and other public information available through such social media platform.
  3. You can also create an account on some of our Apps. When creating an account on any of our App directly, you may provide or be provided specific information necessary for such account like a password. In the event that you are given (or where you have chosen) a password which enables you to access certain parts of the App, you are responsible for keeping this password confidential. You must not share a password with anyone.
  4. Some of our services, such as mobile applications, offer the ability to upload content to the services (“User Content”). This User Content may include photographs, videos, messaging to other users, survey responses, announcements, or biographical information that you share with the App. It may also include a descriptive biography or messages, photos, or videos that you can upload or create through the App (“User Content”).
  1. THIRD PARTY INFORMATION
  1. We may also receive information about you from other parties (including, for example, service providers, business partners, affiliates, sub-contractors in technical services, search information providers, social networks, advertising networks, advertising exchanges, data management platforms, content recommendation platforms and analytics providers) and may receive information about you from them. Depending on its nature, this information from other sources will either be "access information" or "contact information", as described below.
  1. THE WAY WE USE INFORMATION
  1. We collect and use your information for business and commercial purposes in accordance with the terms of our privacy policy in effect at the time of our use. Our business and commercial purposes for collecting and using information, including in the last 12 months are:
  1. Providing and managing the Site and services, including: (i) providing you with access to our App and services; (ii) customizing your experience; (iii) allowing you to participate in meetings, panels and events; and (iv) analytics;
  2. Administrative purposes, including: (i) bug detection and error reporting; (ii) auditing user interactions; (iii) fraud and security monitoring; and (iv) complying with legal obligations;
  3. Working with strategic partners and affiliates;
  4. Developing new products and services;
  5. As directed by MSD; and
  6. Otherwise with your consent or at your direction.
  1. We may also share your personal information as we believe is necessary or appropriate to comply with applicable law or legal process or to protect, enforce, or defend the legal rights, privacy, safety, or property of the App and services, our employees, agents or users.
  2. Your "access information" is used to route the requested web page to your computer or mobile device for viewing. It enables us to provide you with access to our App. We use this information to administer our App and for internal operations, including troubleshooting, data analysis, site analysis, testing, research, statistical and survey purposes, to improve our App, to ensure that content is presented in the most effective manner for you and for your device, to allow you to participate in interactive features of our services, when you choose to do so, as part of our efforts to keep our App safe and secure; and where you have provided your consent, to make suggestions and recommendations to you about goods or services that may interest you;
  3. Your "contact information" enables us to operate and manage the App, provide services to you, or to provide information tailored more to your needs, or to forward your message or enquiry to another entity that is better able to do so. As such, your contact information may enable us or our selected strategic partners or clients to contact you, for example, to respond to a query you have submitted to us. We will also use and analyze the information we collect so that we can administer, support, improve and develop our business, customer service and the features of our App and our services generally;
  4. The information we receive from other sources will be combined with access information and/or contact information. We will use the combined information for the purposes set out above;
  5. We will use the information you provide to us to contact you by email, telephone, and/or in-mobile app notifications to notify you occasionally about important changes or developments to the App.
  6. We will ask you to give your consent to the use if we ever seek to use your personal data for marketing purposes, whether on our behalf or on behalf of MSD. If you change your mind about being contacted by selected parties or us, please click "unsubscribe" from any emails received.
  1. DISCLOSURE OF YOUR INFORMATION
  1. Where we process information as a data processor or service provider on behalf of a data controller or business, we only use your information as directed by such data controller or business. For MSD One, the Data Controller is MERCK SHARP & DOHME LLC (“MSD”).
  2. We share your information only as described in this privacy policy. The types of entities to whom we disclose and have shared information within the last 12 months, include the following:
  1. our subsidiaries and related companies. We share information with these entities for our business purposes such as marketing and technical operations;
  2. service providers, subprocessors, who are trusted companies and individuals that perform functions to us for specific services. These functions include cloud storage providers, email services, services providing usage analytics, data analysis, handling transactions and providing customer service. These agents have access to information in order to perform their functions but may not use, retain or disclose it for any purpose other than to perform the services they are contracted to perform.
  1. We may also disclose your information to other parties:
  1. where we are required to do so by law;
  2. in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; and/or
  3. to exchange other information with other companies and organizations for fraud protection and risk reduction.
  1. ANALYTICS
  1. We and other parties may use collect analytics about your usage of the App to help us understand how users access and use the App.
  1. PROVIDING INFORMATION IS YOUR CHOICE
  1. There is no legal requirement for you to provide any information at our App. However, our App will not work without certain "access information" described above. Failure of your browser to accept "cookies" will not prevent your use of our App but may prevent certain features from working.
  2. For any "contact information" that is requested on a Site, failure to provide the requested information will mean that the particular feature or service associated with that part of the Site may not be available to you.
  3. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track,” visit https://www.allaboutdnt.com.
  1. HOW LONG WE STORE YOUR INFORMATION
  1. We will only retain your information for as long as necessary to fulfill the purposes for which we collected it. If we do not process your personal data as a data processor or service provider on behalf of another data controller or business, we will retain and use your information as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. In line with this policy, we will either securely delete or anonymize your personal data so that it cannot be linked back to you. If we process your personal data as a data processor or service provider, please contact the data controller or business responsible for your information.
  1. DATA SECURITY
  1. The transmission of information via the internet is not completely secure. Although we will use reasonable commercial efforts to protect your information and implement appropriate technical and organizational security measures, we cannot guarantee the security of your data transmitted to our App; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorized access. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate safeguards to secure the information we collect online, consistent with our corporate policies, industry standards, and the requirements of the data controller.
  2. Our App may, from time to time, contain links to and from the websites of our strategic partners, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
  1. CHILDREN UNDER 16
  1. 1 The App are not intended for children under 16 years of age. No one under age 16 may provide any information to or on the App. We do not knowingly target advertising to, or collect information from, children under the age of 16. If you are under 16, do not access the App or provide any information on the App or on or through any of its features, register on the App, use any of the interactive or public comment features on the App, or provide any information about yourself to Bramson, including your name, telephone number, email address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at [email protected]. We also do not knowingly “sell” the personal information of minors under 16 years old who are California residents.
  2. CHANGES TO THIS PRIVACY POLICY

We reserve the right to edit and reissue this policy at any time. Any changes will be effective immediately upon posting of the revised policy. Your continued use of our App indicates your consent to the privacy policy then posted. Please check this policy regularly for any changes. If the changes are material, we may provide you additional notice to your email address.

  1. CONTACT
  1. If we process your personal data or information as a data processor or service provider on behalf of a client as a data controller, we will work with our clients to support them in enabling their data subjects to exercise their rights in and to any Personal Data that we process on their behalf. Should you have questions about how MSD collects and uses Personal Data, please refer to the MSD Privacy notice at https://www.msdprivacy.com/us/en/internet-privacy-policy/ or contact the Merck Global Privacy Office at [email protected] or through the address most relevant to you from https://www.msd.com/contact/contacts.html. If you contact MSD with questions about the App, please identify that you have used and provided personal data or information through the MSD One App, as well as the nature of any information that you provided to us through the App.
  2. Should you have other questions or concerns about our privacy policies and practices, please contact us by email at [email protected].
  1. ADDITIONAL DISCLOSURES FOR CALIFORNIA RESIDENTS
  1. If you are a resident of the state of California, please see “Your California Privacy Rights”.
  1. ADDITIONAL DISCLOSURES FOR EUROPEAN DATA SUBJECTS
  1. This Section 16 applies to individuals within the European Economic Area (“EEA”), United Kingdom (“UK”) and Brazil. Under the General Data Protection Regulation or similar data protection laws (“Data Protection Law”), in certain circumstances, you have the right to (i) request access to any personal data we hold about you and related information; (ii) obtain without undue delay the rectification of any inaccurate personal data; (iii) request that your personal data is deleted provided the personal data is not required by us for compliance with a legal obligation under European or Member State law or for the establishment, exercise or defense of a legal claim; (iv) prevent or restrict processing of your personal data, except to the extent processing is required for the establishment, exercise or defense of legal claims; and (v) request transfer of your personal data directly to a third party where this is technically feasible.
  2. In addition, where you believe that we have not complied with its obligation under this privacy policy or European law, you have the right to make a complaint to an EU Data Protection Authority or the UK Information Commissioner's Office.
  3. If you would like to exercise any of these rights and we process your personal data as a data processor on behalf of a data controller, please contact the data controller. Please see section 14 above for information on contacting MSD. If we do not process your personal data on behalf of a data controller, please email us at [email protected]. If we do process information on behalf of a controller, and you contact us directly, we will notify the data controller responsible for your information of the request.
  4. Where we collect information as a data controller, we collect and use your information for business and commercial purposes in accordance with the terms of our privacy policy in effect at the time of your use. Our business and commercial purposes for collecting and using information, including in the last 12 months, include where: (i) you have provided your consent which can be withdrawn at any time; (ii) the processing is necessary to facilitate your request such as for the performance of a contract to which you are a party or to perform services you have requested; (iii) we are required by law; (iv) where processing is required, to protect your vital interests or those of another person; or (v) the processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by your rights and interests.
  5. Where we process personal data as a data processor for a data controller, such processing is done only upon the documented instruction of such data controller who is responsible for such personal data.
  6. For personal data from the European Union or the EEA:
  1. We will only transfer your personal data to trusted third-parties who provide sufficient security guarantees and who demonstrate a commitment to compliance with applicable law and this privacy policy.
  2. We will not transfer personal data originating from the EEA to third parties located outside of the EU without ensuring adequate protection under European law.
  3. Where transfer is to a third party is located in a country not recognized by the EU Commission as

ensuring an adequate level of protection, we will take appropriate steps to refrain from such transfer unless such transfer meets any exceptions set forth in the GDPR.

Your California Privacy Rights

  1. This following provides specific information for residents of California ("consumers" in this section), as required under California privacy laws, including the California Consumer Privacy Act ("CCPA”) and California Privacy Rights Act (“CPRA"). The CCPA and CPRA require that we provide certain information to California consumers about how we handle their personal information that we have collected, whether online or offline. “Personal information" is any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, device or household, including the categories identified in the table below to the extent they identify, relate to, describe, are capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer, device or household. Personal information does not include: publicly available information from government records; de-identified or aggregated consumer information; health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994. Any terms defined in the CCPA have the same meaning when used in this section.

  1. The following categories of personal information may be collected in the App. We do not sell any personal information or share it for any business purpose other than for the use of the App and our services:
  1. Contact information. This may include real name, postal address, email address, and phone number;
  2. Professional or employment information, such as a job title or professional affiliation;
  3. Internet or other electronic network activity information, including, but not limited to, Internet Protocol address, browsing history, search history, and information regarding a consumer's interaction with the App;
  4. Geolocation data, if shared by the user;
  5. Audio, photo, or other data reflecting personal information when shared or uploaded by the user to the App.
  1. Categories of Sources of Personal Information. We obtain the categories of information listed above from the following categories of sources:
  1. Directly from you. For example, when you create a profile or account, fill out a

promotional form purchase products and services, enter contests, or complete surveys.

  1. Indirectly from you. We use cookies, web beacons, and other technologies to

automatically collect information about your use of our Website or Services. Examples include your browser type and operating system, web pages you view, links you click, your IP address, the length of time you visit our Website and/or use our Services; and the referring URL, or the web page that led you to our Website.

  1. From businesses. We also act as a service provider for business who are responsible for the collection and processing of your information. This information is used in our services only pursuant to a written contract for specific limited purposes.

  1. California law grants California consumers certain rights and imposes restrictions on particular business practices as set forth below.
  1. California consumers have the right to opt-out of our sale of their personal information. We do not sell personal information.
  2. Subject to certain exceptions, California consumers have the right to make the following requests, at no charge, up to twice every 12 months:
  1. Deletion. The right to request deletion of your personal information that we have collected about you, subject to certain exemptions, such as where the information is used to complete the transaction for which the personal information was collected, detect security incidents, debug to identify and repair errors that impair existing intended functionality, or comply with a legal obligation.
  2. Copy. The right to request a copy of the categories or specific pieces of personal information that we have collected about you in the prior 12 months.
  3. Right to Know. The right to request that we disclose specific information about our data practices with regard to your personal information over the prior 12 months, including the: categories of personal information collected; categories of sources of personal information collected; business and/or commercial purpose(s) for collecting and selling their personal information; categories of third parties with whom we have disclosed or shared their personal information; categories of personal information that we have disclosed or shared with a third party for a business purpose; categories of personal information we have sold; categories of third parties to whom the consumer's personal information has been sold and the specific categories of personal information sold to each category of third party.
  1. Submitting Requests. If we process your information on behalf of our client as a service provider, please contact the business. If we provide you services directly, you can submit a copy, deletion and right-to-know request by emailing [email protected]
  2. Incentives and "Non-Discrimination". The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on financial incentives, including loyalty programs offered to California consumers related to their personal information.
  3. Non-Discrimination. If consumers exercise their rights under CCPA, businesses may not discriminate against them including by denying or providing a different level or quality of goods or services or charging or suggesting that a business will charge different prices or rates or impose penalties, unless doing so is reasonably related to the value provided by the consumer's data.
  4. Disclosure of Incentives. If businesses offer any financial incentives for the collection, sale or deletion of their personal information, consumers have the rights to be notified of any financial incentives offers and their material terms, as well as to opt-out of such offers at any time. Businesses may not offer unjust, unreasonable, coercive or usurious financial incentives. We do not offer any financial incentives in exchange for personal information.