Privacy

Privacy at Philips 

At Philips we have a longstanding commitment to privacy and data protection.
Processing of personal data is vital to achieve Philips’ strategic ambition to make the world healthier and more sustainable through innovation. Just as being able to process personal data is necessary to realize Philips’ strategy, protecting personal data and preserving privacy is equally crucial to Philips.
This page gives you an overview of the Philips approach to privacy and data protection and how we comply with applicable data protection law, such as the EU General Data Protection Regulation (GDPR).

Our approach to privacy and data protection  

Our approach to privacy and data protection is based on the following principles: 

 

  • Security: we are committed to ensure the security of the personal data entrusted to us. We  operate under global security policies that guide our activities to protect against vulnerabilities and manage any incidents. 
  • Compliance: we handle all personal data with integrity in compliance with all applicable privacy regulations of the countries in which we operate. 
  • Beneficial: we aim to create innovative solutions that benefit our customers, patients and society as a whole. We use your personal data in line with your reasonable expectations.


These principles form the foundation of the Philips approach to privacy and data protection.
Read more about the Philips Data Principles

Our Binding Corporate Rules  

At Philips we have a longstanding commitment to respect the privacy of our consumers, customers and other individuals we deal with, such as patients. To live up to this commitment, we have adopted and implemented a set of Binding Corporate Rules (known as Philips Privacy Rules) which define how we adequately process personal data throughout the Philips group, both in our capacity as Controller and as Processor.  

 

We also rely on our Binding Corporate Rules when transferring personal data between Philips group companies worldwide. In fact, we were one of the first companies in Europe to have received the approval of the competent data protection authorities of the European Union for our Binding Corporate Rules.

 

The Philips Privacy Rules (Controller) define, for example, under which legal basis we legitimately process personal data, what are the envisaged criteria to retain personal data (before erasure) or when to provide privacy notices to the relevant individuals.

 

You can find our Philips Privacy Rules (Controller) below.

The Privacy Rules (Processor) establish internal standards on how to process personal on behalf of our Customers.

 

You can find our Philips Privacy Rules (Processor) and the list of the sub-processers that Philips uses below.

Our Philips Privacy Notice 

In our capacity as Controller, we want to be clear about what personal data we collect about you, why we collect it, and what we do with it. That’s why we have developed a comprehensive and easily accessible Privacy Notice, which explains in clear and plain language when and how we process personal data.

 

Our Privacy Notice also explains how individuals can effectively exercise their privacy rights, submit a privacy complaint or contact our Data Protection Officer. By clicking on the below link, you can select the Privacy Notice for your country.

Our Privacy contact form 

Individuals have certain privacy rights relating to their personal data. For example, they have the right to receive a copy of their personal data, to rectify their personal data, or to delete their personal data.

 

To enable individuals to effectively exercise their privacy rights, submit a privacy complaint/question or contact our Data Protection Officer, we have created our privacy contact form.

Our Privacy framework

At Philips, we acknowledge that privacy and data protection are fundamental human rights to empower individuals to keep control over their personal data. To effectively embed privacy and data protection within our operating model and company culture we have implemented a privacy framework. The core components of this framework are summarized below.

Privacy assessments

We perform privacy compliance assessments (such as data protection impact assessments), where necessary, to ensure compliance with our privacy policies and applicable data protection laws.

 

Records of personal data processing activities

We maintain a comprehensive register of personal data processing activities carried out by Philips in our capacity as Controller, and Processor.

 

Personal data breaches

We spend a lot of time and effort on the protection of our systems and the personal data we process. In the unfortunate event a personal data breach occurs, we have a comprehensive personal data breach procedure in place.

 

Privacy trainings

We continuously train our employees to increase their knowledge on privacy and data protection. These trainings are tailor-made for the specific job functions and audience. 

You are about to visit a Philips global content page

Continue

You are about to visit a Philips global content page

Continue

Our site can best be viewed with the latest version of Microsoft Edge, Google Chrome or Firefox.