2. What PERSONAL DATA is collected and Processed by Pharmetheus?
2.1 Company representatives
3. Our processing of your personal data
3.1 Company representatives
We use personal data to manage our business relationship with you (“Business relationship purposes”). The processing is based on Pharmetheus’ legitimate interest in maintaining and managing its business relationships. The data will be stored as long as we have a business relationship with you or the company you represent.
We use your contact information to market our services through, for example, newsletters, publications and events (“Marketing purposes”). The legal basis for other marketing activities (reaching out to you with newsletters etc.) is Pharmetheus legitimate interest in marketing its products and services. The data is stored as long as we have a business relationship or until you, where applicable, opt out.
We process data regarding transactions between you or the company/organization you represent and Pharmetheus (“Compliance purposes”). The legal basis is for complying with a legal obligation, e.g. Pharmetheus’ legal obligations due to the Swedish Accounting Act (Sw. bokföringslagen). The data is stored as long as prescribed by law, i.e. seven years for receipts and financial information.
We may use personal data for the establishment, exercise or defence of legal claims (“Legal purposes”). The legal basis is Pharmetheus’ legitimate interest in establishing, exercising or defending any legal claims. Information that is relevant for any legal claim is kept for up to ten years in accordance with the Swedish Act on Limitation (Sw. preskriptionslagen).
3.2 Job applicants
We use data you provide us with to process your job application (“Recruitment purposes”). The legal basis is Pharmetheus’ legitimate interest in recruiting employees with adequate skillsets. The data is stored as long as necessary to assess if you are suitable for employment at Pharmetheus.
For the establishment, exercise or defence of legal claims in relation to recruitment (“Legal purposes”). The legal basis is Pharmetheus’ legitimate interest in establishing, exercising or defending any legal claims related to recruitment. We will not store your data for more than 25 months after we recruited someone for a position that you applied for.
4. Who do WE SHARE your personal data with?
We share your data with trusted third parties where necessary for the purposes of the processing. Personal data is shared with the following parties:
- professional advisors or auditors,
- subcontractors, and
- governmental authorities.
5. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
5.1 Pharmetheus strives to process your personal data within the European Union (EU) or the European Economic Area (EEA). Except for the situations described below, Pharmetheus will not transfer your personal data to any country outside the EU/EEA. If personal data is transferred to any country outside of the EU/EEA, Pharmetheus will ensure that such data is stored and handled in a secure manner. Further Pharmetheus will comply will all requirements that apply to transfers of personal data to countries outside of the EU/EEA pursuant to applicable data protection legislation.
5.3 Pharmetheus uses Amazon Web Services for storing data on servers in Ireland. Through Pharmetheus’ use of Amazon Web Services your personal data is transferred to the United States. Your rights are safeguarded through Amazon Web Service’s adherence to the EU-US Privacy Shield. More information is available at www.privacyshield.gov.
6. Your rights
6.1 Pharmetheus will, upon your request as well as on its own initiative, correct, anonymise, delete or supplement information that is found to be incorrect, incomplete or misleading.
6.2 You have the right to access your personal data and request that Pharmetheus correct, delete, or restrict its processing of personal data, all as set out in the applicable data protection legislation. Further, you have a right to object to Pharmetheus’ processing of your personal data as set out in the applicable data protection legislation (for example if the information about you is incorrect or if you consider the processing of your personal data to be unlawful). If personal data has been shared with third parties, Pharmetheus will inform such parties of any corrections, deletions or limitations of use with respect to personal data that is made in accordance with this section 6.
6.3 You have a right to data portability, i.e. a right to receive personal data, which you have provided, in a structured, accessible and machine-readable format, which can be transferred to another user or data processor. This only applies where the processing is based either on your consent or an agreement between Pharmetheus and you.
6.5 Should you have any concerns regarding our processing of your personal data, please let us know, and we will do our best to meet your complaints. You also have a right to submit a complaint with the Swedish Data Protection Authority (Sw. Datainspektionen).
7 Protection of your personal data
10 Contact information
Pharmetheus’ contact information:
Company reg. number: 556895-6352
Postal address: Uppsala Science Park, Dag Hammarskjölds väg 36B, 752 37 Uppsala, Sweden
Phone number: +46(0) 18 51 33 28
E-mail address: firstname.lastname@example.org
Contact information of Pharmetheus’ data protection officer: Martin Fransson, email@example.com