This is an HTML version of an attachment to the Freedom of Information request 'DG SANTE contacts with industry re. Supplementary Protection Certificates (SPCs) manufacturing waiver'.



 
Ref. Ares(2018)6622688 - 21/12/2018
EUROPEAN COMMISSION 
DIRECTORATE-GENERAL FOR HEALTH AND FOOD SAFETY 
 
Health systems, medical products and innovation 
  Medicines: policy, authorisation and monitoring 
Head of Unit 
Brussels,  
SANTE/B5/AL/mmc 
sante.ddg1.b.5(2018)7370731 
 
By registered letter with 
acknowledgment of receipt 

 
Dear Ms Tansey, 
Subject: 
Your application for access to documents – Ref GestDem 2018/5418 
We refer to your e-mail of 12/10/2018 in which you make a request for access to 
documents, registered under the above mentioned reference number. 
We also refer to our letter of 14/11/2018 extending the time limit for responding to your 
application, pursuant to Article 7(3) of Regulation (EC) No 1049/2001 and to our letter 
dated 4 December 2018 providing the first part of the documents relating to points i) and 
ii) of your request mentioned below. 
1. 
Scope of your request 
In your request, you ask on the basis of Regulation (EC) No 1049/20011 access to:  
i) 
a list of meetings of DG SANTE officials and/or representatives (including the 
Commissioner and her Cabinet) and representatives of individual companies 
and/or industry federations (such as, but not limited to, EFPIA and/or its member 
companies); consultancies or law firms acting for companies/industry groups; 
and/or, patients groups, at which a manufacturing waiver for Supplementary 
Protection Certificates (SPCs) was discussed (since June 2016); 
 
                                                 
1  Regulation (EC) No 1049/2001 regarding public access to European Parliament, Council and 
Commission documents (OJ L 145, 31.5.2001, p. 43). 
Ms Rachel Tansey 
Corporate Europe Observatory  
Rue d'Edimbourg 26  
1050 Brussels  
Belgium 
Advance copy by email: xxxxxxxxxxxxxxxxxxxxxxxxx@xxxxxxxx.xxx  
 
 
Commission européenne, B-1049 Bruxelles / Europese Commissie, B-1049 Brussel - Belgium. Telephone: (32-2) 299 11 11. 
E-mail: xxxxxxxxxxxxxxxxxxxxxxxx@xx.xxxxxx.xx 

(ii) 
minutes and other reports of these meetings; 
(iii) all 
correspondence 
(including emails) between DG SANTE officials and/or 
representatives (including the Commissioner and Cabinet) and representatives of 
companies and/or industry associations (including consultancies/law firms acting 
on their behalf), or patients groups, in which a manufacturing waiver for 
Supplementary Protection Certificates (SPCs) was discussed (since June 2016). 
We consider your request to cover documents held up to the date of your request received on 
12 October 2018. 
2. 
Identification and assessment of the relevant documents 
As mentioned in our letter dated 4/12/2018, some documents falling within the scope of 
your request originate from third parties. Please find in annex I the list of all 
correspondence related to point iii) of your request for access to documents, and in 
Annex II, III, IV, V and VI the corresponding documents. Having examined these 
documents under the provisions of Regulation (EC) No 1049/2001 regarding public 
access to documents, we have come to the conclusion that they may be only partially 
disclosed as their full disclosure is prevented by the exceptions to the right of access laid 
down in Article 4 of Regulation (EC) No 1049/2001.  
3. 
Reason for refusal 
Protection of the privacy and integrity of the individual, in particular in accordance with 
Community legislation regarding the protection of personal data - Article 4(1)(b) of 
Regulation (EC) No 1049/2001 

Pursuant to Article 4(1)(b) of Regulation (EC) No 1049/2001, access to a document has 
to be refused if its disclosure would undermine the protection of privacy and the integrity 
of the individual, in particular in accordance with Community legislation regarding the 
protection of personal data. The applicable legislation in this field is Regulation (EC) No 
2018/1725  2of the European Parliament and of the Council of 23 October 2018 on the 
protection of natural persons with regard to the processing of personal data by the Union 
institutions, bodies, offices and agencies and on the free movement of such data, and 
repealing Regulation (EC) No 45/2001 and  
All documents to which you have requested access contain personal data such as names and 
surnames of Commission and company's staff. 
Indeed, Article 3(1) of Regulation 2018/1725 provides that personal data ‘means any 
information relating to an identified or identifiable natural person […]’. The Court of Justice 
has specified that any information, which by reason of its content, purpose or effect, is 
linked to a particular person is to be considered as personal data3. 
                                                 
2 Official Journal L 205 of 21.11.2018, p. 39. 
3 Judgment of the Court of Justice of the European Union of 20 December 2017 in Case C-434/16, Peter 
Novak v Data Protection Commissioner, request for a preliminary ruling, paragraphs 33-35, 
ECLI:EU:T:2018:560 


In its judgment in Case C-28/08 P (Bavarian Lager)4, the Court of Justice ruled that when a 
request is made for access to documents containing personal data, the Data Protection 
Regulation becomes fully applicable5. 
Pursuant to Article 9(1)(b) of Regulation 2018/1725, ‘personal data shall only be 
transmitted to recipients established in the Union other than Union institutions and bodies if  
‘[t]he recipient establishes that it is necessary to have the data transmitted for a specific 
purpose in the public interest and the controller, where there is any reason to assume that the 
data subject’s legitimate interests might be prejudiced, establishes that it is proportionate to 
transmit the personal data for that specific purpose after having demonstrably weighed the 
various competing interests’. 
Only if these conditions are fulfilled and the processing constitutes lawful processing in 
accordance with the requirements of Article 5 of Regulation 2018/1725, can the 
transmission of personal data occur. 
According to Article 9(1)(b) of Regulation 2018/1725, the European Commission has to 
examine the further conditions for a lawful processing of personal data only if the first 
condition is fulfilled, namely if the recipient has established that it is necessary to have the 
data transmitted for a specific purpose in the public interest. It is only in this case that the 
European Commission has to examine whether there is a reason to assume that the data 
subject’s legitimate interests might be prejudiced and, in the affirmative, establish the 
proportionality of the transmission of the personal data for that specific purpose after having 
demonstrably weighed the various competing interests. 
In your application, you do not put forward any arguments to establish the necessity to have 
the data transmitted for a specific purpose in the public interest. Therefore, the European 
Commission does not have to examine whether there is a reason to assume that the data 
subject’s legitimate interests might be prejudiced. 
Notwithstanding the above, please note that there are reasons to assume that the legitimate 
interests of the data subjects concerned would be prejudiced by disclosure of the personal 
data reflected in the documents, as there is a real and non-hypothetical risk that such public 
disclosure would harm their privacy and subject them to unsolicited external contacts.  
Consequently, we conclude that, pursuant to Article 4(1)(b) of Regulation 1049/2001, 
access cannot be granted to the personal data, as the need to obtain access thereto for a 
purpose in the public interest has not been substantiated and there is no reason to think that 
the legitimate interests of the individuals concerned would not be prejudiced by disclosure 
of the personal data concerned. 
 
 
 
 
                                                 
4 Judgment of 29 June 2010 in Case C 28/08 P, European Commission v The Bavarian Lager Co. Ltd, 
EU:C:2010:378, paragraph 59. 
5 Whereas this judgment specifically related to Regulation (EC) No 45/2001 of the European Parliament 
and of the Council of 18 December 2000 on the protection of individuals with regard to the processing 
of personal data by the Community institutions and bodies and on the free movement of such data, the 
principles set out therein are also applicable under the new data protection regime established by 
Regulation 2018/1725. 




Means of redress 
In accordance with Article 7(2) of Regulation (EC) No 1049/2001, you are entitled to make 
a confirmatory application requesting the Commission to review this position. 
Such a confirmatory application should be addressed within 15 working days upon receipt 
of this letter to the Secretary-General of the Commission at the following address: 
European Commission 
Secretary-General 
Transparency, Document Management & Access to Documents (SG.C.1) 
BERL 5/282 
B-1049 Bruxelles 
or by email to: xxxxxxxxxx@xx.xxxxxx.xx  
 
 
Yours sincerely, 
 
   [Electronically signed]  
 
Olga Solomon 
 

Electronically signed on 21/12/2018 10:33 (UTC+01) in accordance with article 4.2 (Validity of electronic documents) of Commission Decision 2004/563