Veeva’s Government Access Request Policy
This Government Access Request Policy describes how we respond to requests from governmental and other public authorities (collectively, “Government Authorities”) for access to Customer Data (as defined in our customer agreements) or other personal information (collectively, “Data”).
Validity
We do not voluntarily disclose Data to Government Authorities. We only disclose Data where there is a valid legal basis to do so (such as through a warrant, subpoena or court order). We review all requests on a case-by-case basis and in accordance with applicable law. If we determine there is a valid legal basis for the request, we comply by providing the least amount of Data necessary to respond to the request.
We never create backdoors in our products or services to allow Government Authorities to access Data.
Challenges
- there is no valid legal basis for it,
- the request is unlawful,
- the request is unclear, overly broad or inappropriate, or
- where compliance with the request would put us in potential breach of applicable laws in another country.
Notification
We notify our customers if a Government Authority requests their Data unless we are legally prohibited from doing so, in the event of an emergency (such as to prevent imminent death or serious physical harm to an individual) or in cases where we reasonably believe such notice would be counterproductive.
Transparency Report
We publish a report of requests we have received and our response to them. We update this report semi-annually.
Veeva’s Government Access Request Report:
This report governs government requests that Veeva processed.
| Types of request | Country of Origin of the Request | Action Taken | Year |
| Subpoena | US | Fulfilled | 2020 |
| Search Warrant | US | Fulfilled | 2020 |
Last updated: 21 November 2023