Primex Pharmaceuticals consisting of Primex Pharmaceuticals Oy and its affiliates Primex Pharmaceuticals AG and Giovanni Ogna e Figli S.r.l
(“Primex”, “we”, “us” or “our”)
Your privacy is important to Primex and accordingly, we protect the personal data you share with us. To protect your privacy, Primex follows applicable law and EU best practices for privacy and data protection.
1 CONTACT PERSON IN MATTERS RELATED TO THE PROCESSING OF PERSONAL DATA
Linda Liitola, Head of Legal and Compliance
Reiffergässli, 6300, Zug, Switzerland
+41 41 720 2000
2 CATEGORIES OF PERSONAL DATA AND PROCESSING PURPOSES
2.1 Personal data of Primex’s website users
You may use our website without providing any personal data about you. In this case, we will collect only the following metadata that result from your use of Primex’s website: Referral page, data and time of access, data volume transmitted, status of transmission, type of web browser, IP-address, operating system and interface, language and version of browser software. Your IP-address is processed to enable your access to our website, and the other metadata mentioned above is processed for purposes of statistics about the website visitors and to help us analyse how the site is used.
On our website, you can report suspected Safety-Related Events. For information on the processing of personal data for Drug Safety related purposes, please refer to Primex’s Drug Safety Reporting Privacy Statement.
We process your personal data primarily for purposes of providing you with the opportunity to use our website and its functionalities. The processing of your personal information is based on your use of our website, and we process the personal data either based on an agreement entered into with you, on our legitimate interest, or in some cases, on the requirement for compliance with a legal obligation to which we are subject. In such case, our legitimate interest could be in particular improving the quality and services of our website by analysing the usage behaviour of the website users, or preventing and resolving possible misconduct.
2.2 Personal data of contact persons of Primex’s business partners
Categories of personal data processed in cases where the contact person is employed by Primex’s business partner includes the name, business contact details, name of the employer, title or position in the organization, content of communication (such as email or business related letters or phone calls). Where the business partner is an individual, the categories of personal data include, in addition to the foregoing, services or goods provided or offered, payment and invoice information, and information on the business relationship.
We process personal data of the contact persons of Primex’s business partners to the extent necessary in order to fulfil our contractual obligations towards the business partner, including invoice processing and communication related to the partnership. We also process personal data of the contact persons to the extent necessary in order to comply with legal obligations to which we are subject.
In addition, certain processing of the contact persons’ personal data is based on the legitimate interest of us or a third party. In such case, the legitimate interest could be in particular Primex group-wide information sharing, marketing and CRM administration activities, prevention of fraud or misuse of IT systems or money laundering, physical as well as IT and network security, as well as potential merger and acquisition activities.
2.3 Personal data of investors or their representatives
Categories of personal data of investors or their representatives include names, contact details, social security numbers / dates of birth / personal identity codes / tax identification numbers, nationalities, photos (in passports or other identity documents).
We process the personal data of investors or their representatives to the extent necessary in order to fulfil our contractual obligations towards the investor and communication related to the investment, as well as to comply with applicable laws (including Anti-Money Laundering Laws and Tax Compliance Laws). In particular, the personal data collected may be used for the purposes of preventing, revealing and investigating money-laundering and terrorist financing as well as for the purposes of bringing under the relevant authorities’ investigation money laundering, terrorist financing and/or criminal acts (by which the assets or benefit of crime have been received).
In addition, certain processing of the investor’s or their representative’s personal data is based on the legitimate interest of us or a third party. In such case, the legitimate interest could be e.g. managing the relationship with the investor, and marketing.
3 SOURCES OF PERSONAL DATA
3.1 Personal data of Primex’s website users
We collect certain metadata automatically when you use our website. We also collect certain personal data directly from you when you report for suspected Safety-Related Events through our website.
3.2 Personal data of contact persons of Primex’s business partners
Primex obtains the basic information of contact persons from the business partners or the contact persons directly. In addition, Primex obtains personal data of the business partners’ contact persons or information relating to them through communications between contact persons and Primex.
3.3 Personal data of investors or their representatives
Primex obtains basic information of the investors or their representatives directly from them. In addition, Primex obtains personal data of the investors or their representatives or information relating to them through communications between the investors or their representatives and Primex.
4 TRANSFERS OR DISCLOSURES OF YOUR PERSONAL DATA
4.1 Why we transfer or disclose your personal data
We will disclose your personal information, without notice, only if required to do so by law or if we in in good faith believe that such action is necessary to (a) conform to the provisions of the law or comply with legal process served on Primex; (b) protect and defend the rights or property of Primex; or, (c) act in urgent circumstances to protect personal safety of the public.
In case we sell our business or part of it or otherwise reorganize our business, personal data processed by us as a controller may be disclosed to buyers and their advisors in accordance with applicable legislation.
4.2 International transfers of personal data
To learn more about the appropriate safeguards we use, please send us an email at the email address set out above.
5 HOW DO WE SECURE YOUR PERSONAL DATA?
We have taken appropriate technical and organizational measures to protect the security of your personal data and to ensure that your choices for its intended use are honoured. We protect your data from loss, misuse, unauthorized access or disclosure, alteration, or destruction by appropriate technical measures such as firewalls.
6 HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
The retention time of the collected personal data is subject to the legal basis and processing purpose for which the data were collected. All collected personal data will be retained at least for the period for which the legal basis for processing of personal data applies.
Where the personal data is collected on the basis of an obligation based on applicable law, the retention time of personal data may also be subject to explicit statutory requirement.
Primex may also retain certain personal data after the termination of the initial processing purpose, should such retention of personal data be necessary to comply with other applicable laws or should Primex need the personal data to establish, exercise or defend a legal claim, on a need to know basis only.
7 WHAT RIGHTS DO YOU HAVE?
“The data subject” refers to natural persons whose personal data is processed by Primex, i.e. Primex’s website users, business partners’ contact persons and investors or their representatives.
The data subjects have the right to access the data processed by Primex as a controller and to get incorrect personal data related to them rectified. If you wish to use your right of access or rectification, please proceed as follows.
You as a data subject also have the right at any time to request us to erase personal data concerning you and processed by us and we are obliged to erase the data if there is no longer a legitimate basis for processing the data. Please note that certain data processed within the pharmaceutical industry are subject to statutory retention requirements, and regardless of a request of erasure, such data we cannot erase until the end of the statutory retention period.
You as a data subject also have the right to object the processing of your personal data if the data has been processed on the basis of legitimate interest, and we are obliged to stop processing such personal data unless we can demonstrate compelling legitimate grounds for further processing of such personal data.
In addition, you as a data subject have the right to file a complaint with the competent supervisory authority regarding our processing of personal data.
8 IN CONCLUSION
If for some reason you believe that we have not adhered to the foregoing, please notify us by email at email@example.com, and we will do our best to determine and correct the problem promptly.
You may refuse to accept cookies from our website and delete existing cookies by selecting the appropriate settings on your browser. If you wish to do so, please refer to your browser’s user guide to find out how to control cookies by adjusting your browser’s preferences.