Merck provides this California Consumer Privacy Act Supplemental Notice (“California Supplement”) to provide information to California residents whose personal information is processed by Merck pursuant to the California Consumer Privacy Act (“CCPA”)
Categories of Personal Information Collected and Disclosed
During the preceding 12 months, Merck has collected and/or shared for our business purposes the following categories of personal information:
- Identifiers, such as your name, contact information and online identifiers.
- Medical, health, and biometric information, where that information is processed in those situations outside the scope of either the Health Insurance Portability and Accountability Act or the California Confidentiality of Medical Information Act.
- Internet and electronic network activity information, such as information about your interactions with our online resources.
- Audio, electronic and visual information, such as video testimonials.
- Professional information and education information, such as information about medical specialty.
- Inferences we derive from the information that we collect.
- Other information that we collect when you provide it or as disclosed to you, such as in our GIPP
Please see the GIPP for more information about the information we collect, how we collect it, and how we use and share that information. In particular, we describe:
- “How do we collect personal information online?“
- “Why do we collect, use, and disclose personal information?“
Calendar Year 2020 Metrics
Requests to Know:
Requests to Delete:
Requests to Opt-Out:
The median number of days within which we substantively responded to Requests to Know, Requests to Delete, and Requests to Opt-out: 15.6 days
Your California Choices and Rights
California residents may request access to the specific pieces and categories of personal information that we have collected about you, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information has been shared. California residents also have the right to submit a request for deletion of your information under certain circumstances. Consistent with California law, if you choose to exercise either of these rights, we will not charge you different prices or provide different quality of services unless those differences are related to your information.
If you would like to access or delete information, or otherwise exercise your rights under the CCPA, you may contact us using the contact information provided at https://www.msdprivacy.com/us/en/index.html. Any such request may be manually or electronically signed by any process that satisfies the California Uniform Electronic Transactions Act. These rights are not absolute, and we will respond in accordance with the CCPA. For example, once we receive your request, we may verify it by requesting information sufficient to confirm your identity. If you would like to use an agent registered with the California Secretary of State to exercise your rights, we may request evidence that you have provided such agent with power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf.
Do Not Track
Some internet browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the web sites you visit indicating that you do not wish to be tracked (“DNT-signal”). As reflected in the Policies above, we are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms described in our cookie panel, where deployed. In addition, where we deploy a cookie panel, it is designed to identify a browser-initiated DNT-signal and apply it to the cookie settings per your preferences. However, despite our best efforts, this may not function for all browsers. Using the cookie banner settings will ensure that your preferences are appropriately reflected. Despite the protections described above, whether we deploy a cookie panel or not in your market, we do not currently recognize or respond directly to browser-initiated DNT signals.
Effective date: July 1, 2021