Aconitum Pharmacovigilance (PhV) Privacy Policy

Concepts used in the Privacy Policy

Adverse Reaction – an unwanted negative response of the human body to the medicine.

Personal Data – the information set out in this policy and relating to any natural person (person) whose identity can be identified (patient, consumer, medical specialist or any other person who contacts Aconitum due to experiencing adverse reactions).

Patient – a person taking Aconitum.

Pharmacovigilance – Pharmacovigilance refers to scientific and other activities related to the detection, evaluation, understanding and prevention of adverse reactions and other medical problems. Read more:

Data Controller – UAB Aconitum, company code: 135554131, Inovacijų str. 4, Biruliškės village, Kaunas district, LT-54469.

Purpose of Data Processing– The purpose of the processing of personal data directly and indirectly from the patient by Aconitum is to ensure the functioning of the pharmacovigilance system as required by existing pharmacovigilance legislation.

Aconitum Pharmacovigilance System and Individual’s Privacy

The Law on Pharmacy of the Republic of Lithuania shall lay down that the registrant of a medicinal product must have a pharmacovigilance system which ensures the fulfilment of the pharmacovigilance tasks of the registered medicinal product. Therefore, Aconitum must monitor the data of pharmacovigilance to determine whether there is a new risk, whether the risk has changed or the benefit-risk balance of medicinal product has changed.

It is especially important for Aconitum to ensure safe usage of medicinal products. For this reason, Aconitum communicates and exchanges information with people (patients, specialists) who contact Aconitum to learn more about the usage of products.

This Privacy Policy defines how Aconitum collects and uses Personal Data to assist Aconitum in performing monitoring and security obligations (also known as pharmacovigilance obligations) in relation to all medicinal products manufactured, registered or marketed by Aconitum or medicinal products that are in clinical trials.

If personal data are provided about other medicinal products, it is not collected or stored; the information provided in written form is destroyed immediately.

This Policy does not apply to Personal Data that is obtained and processed for the purpose of quality assessment of food supplements, consultation, complaints or the resolution of disputes.

The Scope of this Privacy Policy

Privacy Policy applies to information which Aconitum receives from individuals via internet, telephone, fax, e-mail or mail. Personal Data may also be obtained from Aconitum through special forms provided by the Person on a website, which is managed or controlled by Aconitum .

Aconitum may also receive information about the patient indirectly, i.e., the third party can also report to Aconitum about the patient who experiences adverse reaction. Such a third party may be medical specialists, pharmacists, relatives, carers or other adults.

What kind of information does Aconitum collect and why?

For pharmacovigilance purposes, Aconitum is legally bound to collect certain Personal Data. Therefore, the personal data for this purpose is collected and processed on the basis of the law (Article 6.1.c of the EU General Data Protection Regulation shall apply).

Patients (persons who have experienced an adverse reaction)

We collect personal data of the patient when a Person or a third party provides information about the adverse reaction of a person (patient) to Aconitum.

The person (patient) can submit the data to the national department for the control of medicinal preparations by filling in a special form (

The submission of the data to Aconitum is not necessary if it has been already provided to the State Medicines Control Agency.

Pharmacovigilance legislation requires detailed records of each possible adverse reaction reported by Aconitum. This makes it possible to assess the case and compare it with other adverse reactions associated with the particular medicinal product. Such data helps to identify new information on the safety of medicines (for example, the drug can be removed from the market due to side effects if it is found that the risks of the medicine outweigh its benefits or if new safety information is added to the summary of product characteristics, etc.). Therefore, it is very important to report any adverse reaction of the drugs, including all of them listed in the Package Leaflet.

If the Patient has the suspected adverse reaction himself, Aconitum collects and manages the following information about this Person:

Personal Data of the person who has possibly experienced the adverse reaction:

the initials of the person;

the age of the person;

the sex of the person;

the weight and height of the person;

the name, surname, telephone number and e-mail address of the person’s doctor;

the medical institution of the person;

the name, surname, telephone number and e-mail address of the person’s pharmacist

the pharmacy of the person;

Data on Usage of Drugs

detailed information about the product which caused a reaction (including prescribed doses or doses consumed by the person; the reason of consuming or prescribing the product and any subsequent changes of the normal regime);

detailed information about other medicinal products or measures used or consumed by the person during the course of the reaction (including prescribed doses or doses consumed by the person; duration of other medicinal products’ usage; the reason for consuming or prescribing the product and any subsequent changes of the normal regime);

Data on Possible Adverse Reactions

detailed information about the possible adverse reaction; the information about whether the reaction was treated; the response to the treatment; any long-term effects caused by the reaction to the health status of the person; and other medical information that the rapporteur considers appropriate.

Sensitive Data

According to the law, some information is considered to be sensitive data. Such data reveal information about the health status of the person (e.g. information about the condition of the person who possibly had an adverse reaction at the time).

This information is only processed when it is relevant and necessary to record the Person’s reaction in accordance with the pharmacovigilance requirements applicable to Aconitum. These requirements are intended to enable Aconitum and the competent pharmacovigilance authorities (the European Medicines Agency) to identify and manage such adverse reactions in the future.


Aconitum tends to collect the information in cases when the Person provides the information about possible adverse reaction to Aconitum. Pharmacovigilance legislation requires to ensure the traceability of adverse reactions and the possibility of follow-up. Aconitum must keep a sufficient amount of information about the rapporteurs in order to contact them after receiving a report about possible adverse reaction. If a Person reports a possible adverse reaction, which have been experienced by other persons, Aconitum collects the following information about the person who sent the report:

The name, surname;

personal contact details (personal address, e-mail address, telephone or fax number);

personal occupation (this information may be needed to select questions about an adverse reaction, depending on your presumed medical knowledge); and the relationship between the person and the person whose adverse reaction is reported.

The information about representatives, carers, relatives and other rapporteurs, who are not medical specialists, is not included in the pharmacovigilance database of Aconitum (see below).

How do we use and share your information?

For the purposes of pharmacovigilance obligations, Aconitum may use and share personal information for the following purposes:

to investigate the adverse reaction;

to contact the person for further information on the reported adverse reaction;

to compare the information on adverse reactions in accordance with the information available to Aconitum and to investigate the safety of the series, Aconitum product or active substance;

and submit mandatory notifications to national authorities or to the EU Eudravigilance database to investigate the safety of the series, Aconitum product or active substance on the basis of the reports received from other sources.

Personal Data may also be passed on to other pharmaceutical companies in the European Union that are partners of Aconitum through joint marketing and distribution, and licensed partners, in cases when pharmacovigilance obligations require such security information to be exchanged. When Aconitum transmits personal data to its partners, the data will be pseudonymous, i.e. presented in a form that does not allow to identify the person. Aconitum shall in no case disclose the collected data for commercial or marketing purposes.

In accordance with pharmacovigilance legislation, Aconitum shares information with national and European authorities.

Moreover, the personal data may be transferred to a third party (e.g. health care institution) if it is required by applicable law, court order or order of an official of the public body, or if such disclosure is required for any criminal or other legal investigation and judicial proceedings in Lithuania or abroad in the European Union.

The international pharmacovigilance database

In accordance with its pharmacovigilance obligations, Aconitum has to review the overall tendencies in the reports, which are received from each country where Aconitum is sold. The analysis is performed by a highly qualified authorized specialist of the Aconitum (a person who is liable for pharmacovigilance at Aconitum). In order to meet these requirements, the information of the reports (considering possible adverse reactions) is shared using the Aconitum Pharmacovigilance Database. This database is also a platform, which is used to report adverse reactions to the EU Eudravigilance database. All personal information may be transferred to the Eudravigilance database. All data provided in the “Rapporteur” section may also be transmitted, except cases when the rapporteur is not a health specialist. The data are transmitted as anonymous as possible (i.e. without using the name of the person).

How Aconitum guarantees Personal Rights?

The dignity and privacy of the patient are very important. For this reason, Aconitum ensures the confidentiality and security of personal information about the possible adverse reactions by using organizational and technical measures.

Aconitum is obliged to keep all information, including personal data which is related to the safety of medicinal products, for at least ten years after the expiry date of the marketing authorization (removal from the register of medicinal products or the suspension/revocation of the medicinal products registration).

The person has the following rights:

To get familiar with personal data that is processed (to find out what personal data are processed, for what purposes and terms of time);

Request to correct or delete personal data;

To object to the transfer of personal data outside the EU.

To obtain the information about personal data, which is processed, by contacting the Aconitum via e-mail address   or at the following address on business hours: Inovacijų st. 4, Biruliškės village, Kaunas district LT-54469. Considering the legal requirements, Aconitum may not remove or modify any information (personal data) received within a possible adverse reaction report (unless this information is inaccurate or excessive). Nevertheless, Aconitum may require proof of personal identification prior to requesting access to Aconitum stored information or personal data.

Data Security

Aconitum is taking measures to protect your personal data against accidental loss, unauthorized access or use, alteration or disclosure. Data is transmitted using encryption and stored on a secure server. Moreover, we are taking further information security measures such as access control and strict physical protection as well as robust information collection, storage and processing practices.

Changes of the Privacy Policy

Aconitum will regularly review this privacy policy and security measures. If Aconitum decides to change this Privacy Policy, the Aconitum site will make publicly available information about the changes.

Contact Information

Your data are provided to Aconitum and stored in databases and servers in Lithuania. These servers are owned and maintained by Aconitum.

Whenever you have any questions or concerns about this privacy policy, please contact us via e-mail address: