Privacy Policy

Your privacy is our top priority; by accessing or using the site, you agree to the terms of this Privacy Policy.

Who we are?

Effective Date: 8th Aug 2025

The following Privacy Policy governs the online information collection practices of PharmaEdge (“PharmaEdge Inc” “we,” “us,” “our”). It outlines the types of information that we gather about you while you are using our website https://pharmaedge.ai/ and the ways in which we use this information.


PharmaEdge Inc. (“PharmaEdge”) provides AI-based analytics software and professional services to pharmaceutical and life-sciences companies (our “Clients”) for competitive intelligence, strategy, conference planning, monitoring, and ad-hoc research (the “Services”). Client employees and contractors who are provisioned accounts are “Authorized Users.” We process information that Clients or their Authorized Users upload or generate in the Services (“Client Data”)—typically business contact details and project materials—and we may combine it with information from publicly available sources and licensed third-party data (“Third-Party Data”) to deliver analytics. We do not request or process patient-level health data via the Services. PharmaEdge acts as a data processor for Client Data and as a data controller for our own website, account management, and operations. We handle personal data in accordance with applicable laws and industry best practices.

PURPOSE AND SCOPE

The Privacy Policy applies primarily to information that we collect online; however, it may apply to some of the data that you provide to us offline and/or through other means, as well (for example, via telephone or through the mail).

The Privacy Policy documents and describes the manner in which our organization collects information from all our users/viewers of our services. While providing our services on behalf of our registered users, we collect information related to viewers. The use of information collected on behalf of our users is governed primarily by our contract for the engagement with them and the privacy policies governing their organization. We are not accountable for the privacy policies and practices undertaken by our users or any other third parties.

HOW WE COLLECT DATA ABOUT YOU

We may collect different data from or about you depending on how you use the sites. 

Data provided by registered users:

 

Account creation and login

When you create an account or login into your account, we collect personal information such as first name, last name, email address, and password.

 

Data provided by non-registered users:

 

 

Access pre-existing user’s content

PharmaEdge does not provide public link access to Client content. Only Authorized Users provisioned by a Client can access content after signing in. PharmaEdge processes the personal information used for authentication and audit on behalf of the Client and only as necessary to provide the Services, under our agreement with the Client.

 

Data collected through automated means:

 

 

 

System data

Technical data about your computer or device, like device type, operating system, and IP address. This data helps us improve the delivery of our web pages and to measure traffic on the site.

The collection of data will also depend on the individual settings of your device and software. It is recommended to refer to the policies of your device manufacturer or software provider to learn about information they might share with us.

 

User Generated Data:

 

 

Account Creation, log in, and Usage as a viewer

Clients and their Authorized Users may submit or upload content to the Services (“Client Content”)—for example: project materials, documents, datasets, dashboards, notes, tags, comments, and configuration settings. Clients may also share certain content via link with individuals who do not have a PharmaEdge account (“Recipients”). Where a Client enables a shared link, PharmaEdge may collect limited contact details from Recipients (e.g., name, organization, work email) on the Client’s behalf to validate access and log activity. The Client is the data controller for Client Content and Recipient submissions; PharmaEdge acts as data processor and handles such data only under the Client’s instructions and our agreement. We do not request or process patient-level health data, and Clients should not upload such information.

 

Data Collected from Third Parties:

 

Integration of Third Parties such as Google Drive, OneDrive, Dropbox, Box

When you connect your existing cloud storage such as Google Drive, we access your account on your behalf to get information about your files & folders. When you choose to create a Google Drive file link in <Organization Name>, we download the selected file(s) from your Google Drive and store it in our own storage for reliability purposes.

 

Data collected during transactions:

 

 

 

B2B sales/contracting data collected outside the web app

PharmaEdge collects limited business contact and transactional information from prospective and current Clients during the proposal, SOW, contracting, invoicing, and support process – not via the PharmaEdge platform.

This may include:

  • names, job titles, and work contact details;
  • company name, proposal/SOW and order details, service type and scope;
  • pricing, purchase order and invoice details, payment status, and service dates;
  • identifiers from our billing systems or payment processor. We do not store full payment card numbers or bank account credentials.

PharmaEdge processes this information as an independent controller to evaluate opportunities, enter into and perform contracts, process payments, provide support, maintain accounting/records, and comply with legal obligations (legal bases: performance of a contract and legitimate interests).

Payments are handled via invoice/wire; PharmaEdge does not collect payment information through the website/app.

Some information is collected through the use of cookies, web beacons, and tracking technologies. Please refer to the Cookie Policy for more details on the type of cookies being used.  

THE TYPES OF INFORMATION WE COLLECT AND STORE

We may collect personal and sensitive personal information about you and store this information in connection with the provision and fulfilment of our services to you. Personal information may include:

  • First name and last name
  • Email address 
  • Location
  • IP Address

HOW WE USE YOUR PERSONAL INFORMATION

The above personal information may be used for the following purposes:

  • To provide you with information about our offerings and/or our periodic newsletters;
  • To respond to your requests;
  • For creation or development of business intelligence or data analytics in relation to the offerings provided by us (for this purpose we may share the personal information with certain software or tools available online);
  • To manage our relationship with you;
  • For internal record keeping;
  • To provide you with authorization to login and use your user account;
  • To verify your identity;
  • To maintain correct and up-to-date information about you;
  • To identify you as a contracting party;
  • To improve our website;
  • To enable automated handling of the subscriptions;
  • To otherwise be able to provide the services to you and

 

To comply with our legal or statutory obligations.

WHO HAS ACCESS TO YOUR DATA WITHIN OUR ORGANIZATION?

Within our organization, access to your data is limited to those who require access to provide you with the products and services you purchase from us, to contact you, and to respond to your inquiries, including refund requests. Those staff members may be on teams, such as marketing, events, development, executive, and customer support. Employees only have access to relevant data to their team on a ‘need to know’ basis.

WHO DO WE SHARE YOUR DATA WITH OUTSIDE OUR ORGANIZATION, AND WHY?

Processors

We may use service providers & third parties for operating and improving the sites, to assisting with certain functions, such as payment processing, email transmission, conducting surveys or contests, data hosting, managing our ads, third-party solutions for marketing and analytics, and some aspects of our technical and customer support. We take measures to ensure that these service providers access, process, and store information about you only for the purposes we authorize, through the execution of Data Processing Agreements or Addenda.

Authorities

We may access, preserve, and disclose information about you to third parties, including the content of messages if we believe disclosure is in accordance with or required by applicable law, regulation, legal process, or audits. We may also disclose information about you if we believe that your actions are inconsistent with our Terms of Service or related guidelines and policies, or if necessary to protect the rights, property, or safety of, or prevent fraud or abuse of, the Company or others.

Transfer of business

If PharmaEdge (or substantially all of its assets) is involved in a merger, acquisition, reorganization, sale of assets, insolvency, or similar transaction, personal information may be transferred to the acquiring entity as part of the transaction. Where required by law, we will notify Clients and Authorized Users of any material change in ownership or use of personal information and indicate choices you may have.

How long we keep information

We retain personal information only as long as necessary for the purposes below, then delete or de-identify it per contract and law:

  • to provide and secure the Services for Authorized Users (platform access, support, audit logs);
  • to honor opt-out requests and suppression lists;
  • to administer proposals/SOWs, invoicing, and account records;
  • to understand platform usage and improve the Services (in accordance with our agreements);
  • to detect, investigate, and prevent security incidents or misuse;
  • to meet legal, tax, accounting, and compliance obligations.

 

Because retention needs differ, we apply category-based schedules (e.g., authentication/audit logs vs. billing records vs. support tickets). We can include specific durations (e.g., contract files for X years; audit logs for Y days) if you want them stated explicitly.

WHY AND FOR HOW LONG DO WE STORE THE INFORMATION WE COLLECT FROM YOU?

We retain certain information collected from you while you are a member on the site, and in certain cases where you have deleted your account, for the following reasons:

  • So that you can use our sites;
  • To ensure that we do not communicate with you if you have asked us not to;
  • To provide you with a refund, if entitled;
  • To better understand the traffic to our sites so that we can provide all members with the best possible experience;
  • To detect and prevent abuse of our sites, illegal activities and breaches of our Terms of Service; and
  • To comply with applicable legal, tax or accounting requirements.


We retain user data for as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the type of data, the category of user to whom the data relates, and the purposes for which we collected the data.

SECURITY

We use administrative, technical, and organizational measures appropriate to the risk, including (without limitation) encryption in transit and at rest, access controls and least-privilege, multi-factor authentication for internal systems, network segregation, logging/monitoring, regular backups, and employee training. While no system can be 100% secure, we continually improve our controls to protect Client Data and our operations. (We’ll avoid naming certifications unless you ask us to.)

YOUR RIGHTS UNDER THE GDPR

You have certain rights if you are within the EU. This includes
  • Right to access. This right allows you to obtain a copy of your personal data, as well as other supplementary information.
  • Right to restrict processing. You have the right to restrict the processing of your personal data in certain circumstances.
  • Right to rectification. You have the right to have any incomplete or inaccurate information we hold about you corrected.
  • Right to object to processing. The right to object allows you to stop or prevent us from processing your personal data. This right exists where we are relying on a legitimate interest as the legal basis for processing your personal Data. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Right to erasure. You have the right to ask us to delete or remove personal data when the personal data is no longer necessary for the purpose which you originally collected or processed.
  • Right to Data Portability. You have the right to receive the personal data which you have provided with us, in a way that is accessible and machine-readable.

To exercise your rights, you can contact us at privacy@pharmaedge.ai

YOUR RIGHTS UNDER THE CCPA

Users who are California residents have certain rights under the California Consumer Privacy Act (CCPA). Included in these rights are

  • Right to know. You have the right to request to know more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.
  • Right to deletion. You have the right to request the deletion of personal information that we have collected about you.
  • Right to non-discrimination. If you choose to exercise any of your rights under CCPA, we will treat you like all other users. In other words, there is no penalty for exercising your rights under CCPA.
  • Right to opt out. You have the right to opt out of the sale of your personal information. We do not sell personal information. However, the service providers we partner with (for example, our advertising partners) may use technology on the service that “sells” personal information as defined by the CCPA. If you wish to opt out of the use of your personal information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so by following the instructions below. Please note that any opt-out is specific to the browser you use. You may need to opt-out on every browser that you use.


To exercise any of these rights under CCPA, please email privacy@pharmaedge.ai. To know more about your rights and how to exercise them visit our Data Subject Request Policy.

OUR POLICY CONCERNING CHILDREN & THEIR DATA

Our Services and website are not directed to children. We do not knowingly collect personal information from children under 16 in the EU/UK (or under 13 in the U.S.). If you believe a child has provided personal information, contact us and we will delete it.

LINKS TO OTHER WEBSITES

Our website may include links to third-party sites or services. Their privacy practices are governed by their own policies; we do not control those sites. We encourage you to review the privacy policies of any third party you visit.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. If we make material changes, we will notify you (e.g., via the Services, email, or as required by law). The “Last Updated” date will indicate the effective date of the current version.

Contact Information

If you have any questions about this Privacy Policy, you can contact us at privacy@pharmaedge.ai.

CONTACT DETAILS OF OUR DATA PROTECTION OFFICER

Siddharth Subramaniam
Data Protection Officer PharmaEdge Inc
E-mail: siddharth.subramaniam@pharmaedge.ai