At our company, privacy begins with trust.

In 2001, Merck & Co., Inc. (Rahway, NJ, USA), which has a tradename of MSD outside of the U.S. and Canada, established a Privacy Office to develop and oversee a global privacy program for our operations around the world. Our program is based on four privacy values that provide the foundation for responsible engagement, interactions and use of information about people:

  • respect for individual privacy expectations,
  • building and preserving trust,
  • preventing privacy harms, and
  • compliance with the letter and spirit of privacy and data protection laws around the world.

Our privacy program is built on a platform of organizational accountability for privacy, stewardship of the data we use to operate our business, consistent global privacy practices and standards that carry on our tradition of upholding high ethical standards across our business practices, and ongoing oversight to ensure that we continue to respond to changes in privacy expectations as technology and our business continue to evolve. For more information about our program, please see the global privacy program global privacy program section of our corporate responsibility report.

Our Approach to Privacy Trust

Since we believe that trust is a core privacy value and essential to our corporate mission to discover, develop and provide innovative products and services that save and improve lives around the world, our global privacy program strategy is centered on two primary goals that aim to drive trust in how we engage with people and how we access, use and transfer information about people around the world:

Consistent Global Standards

Since we established our global privacy program in 2001, we have worked to implement and uphold consistent global privacy standards to provide assurance for how we manage our privacy and data protection obligations across countries and regions and to support our certifications. There are many privacy regulations and frameworks that have existed over time, and below is a non-exhaustive list of the Company’s past and current regulations and certifications (an * next to a regulation means it is no longer applicable):

  • US-EU Safe Harbor (2001)*
  • US-Swiss Safe Harbor (2009)*
  • APEC Cross Border Privacy Rules (2013)
  • EU Binding Corporate Rules (2016)
  • US-EU Privacy Shield (2016)*
  • US-Swiss Privacy Shield (2018)*
  • EU General Data Protection Regulation or GDPR (2018)
  • EU-U.S. Data Privacy Framework (DPF) program, the UK Extension to DPF and the Swiss-U.S. Data Privacy Framework program (2023)

Each of our certifications is based on our Cross Border Privacy Rules Policy

Merck & Co., Inc., Rahway, NJ, USA, which has a tradename of MSD outside of the U.S. and Canada’s privacy program, described in this privacy statement, complies with the Cross-Border Privacy Rules system (CBPRs). More information about the CBPR system can be found here. To view our certification, please see the CBPR System Directory. For more information on the scope of our participation, or to submit a privacy inquiry through BBB National Programs, our Accountability Agent, please click on the official seal below:


We recognize that it can be difficult and overwhelming for people to understand all of the different ways that information about them can be observed, sensed, collected, shared, used, analyzed and transferred, so we use a variety of approaches to support our goal of making our practices transparent both to people about whom we process information as well as the regulators and their agents who review our practices. Key examples include:

  • Online Privacy – our Internet Privacy Policy describes the ways in which we process information about people online;
  • Tracking Technologies – our Global Online Tracking Policy describes the ways in which our web sites and online services use cookies and other online trackers;
  • Contextual Notices – which we provide at the time you use or participate in our services.
  • Comprehensive Privacy Notices – these are intended to provide a thorough perspective on how our privacy practices apply to specific stakeholders.;

Data Subject Rights

Learn about your rights as a data subject.

Please use this form for any request related to your personal data that we hold.

Vennligst bruk dette skjemaet for enhver forespørsel knyttet til dine personopplysninger som vi har.

Questions About Privacy?

MSD (Norge) AS
Haakon VIIs gate 5 (WeWork entrance in Munkedamsveien)
Postboks 1579 Vika
N-0118 Oslo

MSD Animal Health Norge AS
Thormøhlensgt. 55
N-5006 Bergen

MSD Animal Health Innovation AS
Thormøhlensgt. 55
N-5006 Bergen

Email: DPO Norway