Data Privacy Notice
This Data Privacy Notice will be published on the LimmaTech Biologics AG website.
The Data Privacy Notice describes LimmaTech Biologics AG policies and procedures on the collection, use and disclosure of Personal Data when you interact with us in the context of our services on the website and on other communication channels.
By using the website, you consent to our use of your information provided on this channel in accordance with this Data Privacy Notice.
We will post any modifications or changes to this Data Privacy Notice on this website.
This Privacy Notice has been written based on requirements of the Swiss Federal Act on Data Protections and the European General Data Protection Regulation.
2 Contact information
Who we are and how to contact us
We are the Data Controller of your personal information we collected when interacting with you. Our address is Grabenstrasse 3, 8952 Schlieren, Switzerland.
If you have questions or require more information about our practices or this Privacy Notice, do not hesitate to contact us through email at email@example.com or by phone at +41 44 733 8585.
3 Handling of your Personal Data
What is Personal Data?
By Personal Data we mean all information relating to an identified or identifiable person. The term Personal Data includes sensitive Personal Data, therefore also health data.
How do we use your Personal Data and why?
LimmaTech Biologics AG legal basis for collecting and using the personal information described in this Privacy Notice depends on the Personal Data we collect and the specific context in which we collect the information:
- LimmaTech Biologics AG needs to perform a contract with you
- You have given LimmaTech Biologics AG permission to do so (‘consent’)
- Processing your personal information is in LimmaTech Biologics AG legitimate interests
- LimmaTech Biologics AG needs to comply with the law
How long we store your Personal Data?
LimmaTech Biologics AG will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Notice. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
Where do we store your Personal Data?
LimmaTech Biologics AG will host your Personal Data inhouse and/or offsite in Switzerland. In the context of clinical studies, Personal Data may be transferred to data centers in other countries. This will be made transparent to you in the information we have provided to you when you have entered one of our clinical studies.
With whom we may share your Personal Data?
As LimmaTech Biologics AG needs to comply with laws and regulations and aims to provide the best possible customer service and overall experience it will enter relationships with third parties and we will, therefore, share your Personal Data with these entities in some cases.
LimmaTech Biologics AG does not share your Personal Data with third-parties who intend to use the data for marketing purposes if you have not given your consent to this.
We may share your Personal Data with third-parties in the following contexts:
- Business partners: LimmaTech Biologics AG may share your personal information with partners in the event that this is legitimate from a business perspective. For example, if you are involved in one of our clinical studies, Personal Data may be shared with a CRO or a laboratory.
- Public authorities: The relevant competent authorities may demand the disclosure of Personal Data from LimmaTech Biologics AG. In these cases, we will only hand over the data if there is a legal obligation to do so.
- Medical institutions: LimmaTech Biologics AG may share your Personal Data with medical institutions if patient safety is at risk. E.g. a medical institution may request information in case a patient participating in a study needs urgent medical treatment.
4 Your rights relating to your Personal Data
You have the right under this Privacy Notice, and by law if you are within the EU, to:
- request access to your Personal Data. If you are within the EU, this enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- request erasure of your Personal Data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
- object to processing of your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing of your personal data on this ground. You also have the right to object where we are processing your personal data for marketing purposes.
- request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- request the transfer of your Personal Data. If you are within the EU, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
- withdraw consent. This right only exists where we are relying on consent to process your personal data («Consent Withdrawal»).
Should you wish to report a complaint or if you feel that our company has not addressed your concern in a satisfactory manner, you may contact the supervisory authority, the Swiss Federal Data Protection and Information Commissioner (see www.edoeb.admin.ch for contact details).
5 What Personal Data do we collect?
If you are involved in our research activities or clinical studies as a Health Care Professional, Subject Matter Expert or Consultant we will collect information needed to fulfill the contractual obligations. This includes but is not limited to your identity and contact data, data related to your professional background, financial data.
If you are involved in a clinical study as a study participant, you were informed about which Personal Data is collected and who will have access to that information. For detailed information please consult the information we have provided to you when you have entered one of our clinical studies.
Technical data collection on this website:
Log Files: LimmaTech Biologics AG website follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services‘ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking user’s movement on the website, and gathering demographic information.
Cookies and Web Beacons: Like any other website, LimmaTech Biologics AG website uses ‚cookies‘. These cookies are used to store information including visitors‘ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users‘ experience by customizing our web page content based on visitors‘ browser type and/or other information.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers‘ respective websites.
The information generated by the cookie about your use of this website (including your IP address) is transmitted to Google on servers in the United States and stored there. Google is certified under the Privacy Shield Agreement, and as such warrants its compliance with European data protection law.
On our behalf, Google will use this information to analyze the use of our online offering by users, to compile reports on activities within this online offering, and to provide us with other services related to the use of this online offering and internet usage. As part of this process, pseudonymized user profiles may be created from the data that is processed. These usage profiles are automatically deleted after 26 months.
We only use Google Analytics with IP anonymization activated. This means that the IP address of the website’s users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.
The IP address transmitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly. Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offering, as well as prevent the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
For more information about Google’s data usage, settings and opt-out options, please visit Google’s websites: www.google.com/intl/en/policies/privacy/partners (use of data by Google when you use websites or apps of our partners), http://www.google.com/policies/technologies/ads (use of data for promotional purposes), http://www.google.com/settings/ads (manage information that Google uses to show you advertising).
6 Terms and definitions
- Privacy Notice: A privacy notice is a public document from an organization that explains how that organization processes Personal Data and how it applies data protection principles
- Data Controller: A Data Controller determines the purposes and means of processing Personal Data.
- Personal Data: Means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of consent
- Your anonymised IP address
- Information about your Browser
- Information about your Device
- The date and time you have visited our website
- The webpage url where you saved or updated your consent preferences
- The approximate location of the user that saved their consent preference
- A universally unique identifier (UUID) of the website visitor that clicked the cookie banner