Privacy at Philips 

At Philips we have a longstanding commitment to respect the privacy of our consumers, customers and other individuals we deal with, such as patients. To live up to this commitment, we have adopted and implemented a set of Binding Corporate Rules (known as Philips Privacy Rules) which define how we adequately process personal data throughout the Philips group, both in our capacity as Controller and as Processor.  

We also rely on our Binding Corporate Rules when transferring personal data between Philips group companies worldwide. In fact, we were one of the first companies in Europe to have received the approval of the competent data protection authorities of the European Union for our Binding Corporate Rules.

The Philips Privacy Rules (Controller) define, for example, under which legal basis we legitimately process personal data, what are the envisaged criteria to retain personal data (before erasure) or when to provide privacy notices to the relevant individuals.

You can find our Philips Privacy Rules (Controller) below.

The Privacy Rules (Processor) establish internal standards on how to process personal on behalf of our Customers.

You can find our Philips Privacy Rules (Processor) and the list of the sub-processers that Philips uses below.

In our capacity as Controller, we want to be clear about what personal data we collect about you, why we collect it, and what we do with it. That’s why we have developed a comprehensive and easily accessible Privacy Notice, which explains in clear and plain language when and how we process personal data.

Our Privacy Notice also explains how individuals can effectively exercise their privacy rights, submit a privacy complaint or contact our Data Protection Officer.

Individuals have certain privacy rights relating to their personal data. For example, they have the right to receive a copy of their personal data, to rectify their personal data, or to delete their personal data.

To enable individuals to effectively exercise their privacy rights, submit a privacy complaint/question or contact our Data Protection Officer, we have created our privacy contact form.

At Philips, we acknowledge that privacy and data protection are fundamental human rights to empower individuals to keep control over their personal data. To effectively embed privacy and data protection within our operating model and company culture we have implemented a privacy framework. The core components of this framework are summarized below.

Privacy assessments

We perform privacy compliance assessments (such as data protection impact assessments), where necessary, to ensure compliance with our privacy policies and applicable data protection laws.

Records of personal data processing activities

We maintain a comprehensive register of personal data processing activities carried out by Philips in our capacity as Controller, and Processor.

Personal data breaches

We spend a lot of time and effort on the protection of our systems and the personal data we process. In the unfortunate event a personal data breach occurs, we have a comprehensive personal data breach procedure in place.

Privacy trainings

We continuously train our employees to increase their knowledge on privacy and data protection. These trainings are tailor-made for the specific job functions and audience.