Established in 2001, the Merck Privacy Office is driven by a global mission that is based on four privacy values: respect for individual privacy expectations, building and preserving trust, preventing privacy harms, and compliance with the letter and spirit of privacy laws. The Merck privacy program is built on a foundation of organizational accountability for privacy and global privacy practices and standards that carry on our tradition of upholding high ethical standards across our business practices, and ongoing oversight to ensure that we continue to respond to changes in privacy expectations. For more information about our program, please see the global privacy program section of our corporate responsibility report.
We believe that trust is a core privacy value and essential to our mission, so we have developed our privacy program around the following key elements we use to define privacy trust:
On October 31, 2013, the Merck privacy program was certified as compliant with the requirements of the Asia Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) system. The APEC CBPR system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. Merck is the first healthcare company in the world, and the second multinational company, to achieve this certification. Achievement of APEC certification demonstrates to our customers, patients, and other stakeholders our strong commitment to accountable, values-based, privacy and data protection practices in every region of the world in which we operate.
Our certification by the U.S. APEC Accountability Agent, TRUSTe, applies to Merck business processes across our operations that transfer personal information from Merck affiliates in the U.S. to our affiliates in other APEC member economies. Since all Merck operations globally participate in our global privacy program and adhere to a common set of privacy practice and standards, we anticipate that our affiliates in other APEC member economies will obtain certification for transfers of personal information that originate in those economies after those economies are approved as participants in the APEC CBPR system.
On November 5, 2001, Merck & Co., Inc. certified its adherence to the Safe Harbor Agreement between the European Commission and the U.S. Department of Commerce for transfers of personal information from the European Economic Area to the U.S. We have reaffirmed our adherence to the Safe Harbor annually.
We protect Social Security Numbers (SSNs) in accordance with our Global Privacy and Data Protection Policy, which requires in relevant part that SSNs be appropriately secured, in accordance with their sensitivity, from loss, misuse, and unauthorized access, disclosure, alteration or destruction.
Our privacy notices are an important part of our approach to transparency in what we do with personal information.More information about Transparency and Privacy at Merck
Write to us at:
Merck Privacy Office
Merck & Co., Inc.
One Merck Drive
Merck Privacy Office
Or in the U.S. call:
If you are a healthcare professional in the U.S., call: