The General Data Protection Regulation (GDPR) has been in effect as law in all EU member states since May 25, 2018. The regulation brought about a number of changes for those processing personal data and strengthened rights for individuals in terms of personal privacy.

Medmind AB

Nodeus Group
BOX 17217
104 62 Stockholm

Data controller:
Medmind AB is the organization that in its own company collects and handles personal data.

Data protection Officer:
The company's "Data Protection Officer" is Jonas Edström, who has supervisory responsibility both at company level and at group level.

Spidernode is a database that contain information about you who are executives in health care, veterinary care, dental care or at political and official level, through the media, patient, interest and client organizations participate in, influence and decide on health economics, budget processes, drug use and drug benefits.

The data is the basis for marketing and routines for withdrawing and recalling medicines in certain cases and for correct identification in cases at the Health and Medical Care Responsibility Board. Employees within the Life Science industry need the data to be able to determine who has the right to receive drug information and/or drug samples.

Through the use of your personal data described in this document, Medmind can provide increased knowledge about the information needs of individuals in the health, healthcare and life science sectors that is valuable to both the recipient and the provider of information. You are important to us and it is important for you in your professional role to participate in the exchange of information.

Collection takes place of name and address information together with information about position, education, professional specialty, year of graduation, age, gender, social security number and workplace information. Information about your function's influencing and decision-making role is also processed.

Personal data that Medmind collect comes from the National Board of Health and Welfare, companies within Nodeus Group AB's group as well as from publicly available sources and public registers.

Medmind AB updates Spidernode on an ongoing basis and contacts all individuals on an ongoing basis in the register, to provide information on how the personal data is used upon contact and to check that the information is correct

Medmind's legitimate interest in this personal data, Medmind supports the collection of this personal data in accordance with Article 6.1 (f) GDPR.

Healthcare managers and authorities need workplace information for healthcare personnel in order to be able to quickly reach them with socially important information. Companies in the Life Science industry also have a need to be able to carry out authorization and identity checks in connection with the marketing of prescription drugs to prescribers (cf. the Medicines Act (2015:315) ch. 12 § 1) and when handing over drug samples to prescribers (cf. the Swedish Medicines Agency's regulations (LVFS) §§ 11-13). In order to be able to fulfill their obligations according to the aforementioned constitutions, the pharmaceutical companies need access to current information about healthcare professionals and their qualifications. In addition, there is a need for up-to-date contact information for health care personnel to provide information about side effects, drug withdrawals, etc

The personal data is stored in Spidernode during the time the registered person is active in healthcare and therefore has an interest in the information via our services.

Medmind encrypts all its personal data during data storage on servers and the company's local computers and also in all data transmission between Medmind and Medmind's customer or user.

The main encryption technology Medmind uses is BitLocker.

Medmind only discloses personal data to those who have a direct professional connection to the information and to the healthcare industry.

The categories of recipients that have a business relationship with healthcare are life science companies, pharmacies, education, recruitment, organizational consultants, healthcare principals and agencies

Medmind has a personal data processing agreement with the person who processes personal data on Medmind's behalf to ensure that the processing takes place according to Medmind's instructions.

Medmind only discloses personal data under agreements/conditions that stipulate how the personal data may be used and that prohibit unauthorized use of the personal data contrary to the legal basis and purpose of the processing. All transmission to and from Medmind and between users or customers takes place via closed encrypted transmission methods such as BitLocker, Secure File Transfer Protocol (FTPS) and encrypted platforms.