PRIVACY POLICY

 

This Privacy Policy (“Policy”) describes how UAB “Biomapas” and its worldwide affiliates (“we”) collects, stores, processes, uses and discloses your Personal Data and your rights as a Data Subject (“you”).

 

The controller for the processing of the Personal Data is:

 

Name UAB “Biomapas”
Company code 135750888
Registered address Savanoriu ave. 109, Kaunas, Lithuania
Telephone number +370 37 366 307
E-mail address info@biomapas.eu
DPO e-mail address data.protection@biomapas.eu
Website www.biomapas.eu

 

  1. WE CARE ABOUT YOUR PRIVACY

Personal Data is any information that can be used to identify an individual. We process your Personal Data with care and in accordance with applicable laws, regulations, our internal policies and Code of Ethics. We take appropriate measures to ensure that your Personal Data is safe with us – for that reason we have also assigned a Data Protection Officer (DPO).

 

We handle your Personal Data according Data Protection principles:

  • Lawfulness, fairness and transparency. Our data collection principles don’t break the law and we do not hide anything from you.
  • Purpose limitation. We only collect your data for the specific purpose.
  • Data minimisation. We only collect the data we really need.
  • Accuracy. We do our best to keep only the correct, accurate and complete Personal Data.
  • Storage limitation. We delete your Personal Data when it is no longer needed.
  • Integrity and confidentiality. We process your Personal Data in a way that ensures appropriate security.

 

  1. WHY DO WE NEED TO PROCESS PERSONAL DATA AND WHAT CATEGORIES OF PERSONAL DATA WE PROCESS?

 

  • JOB APPLICANTS
    • How do we collect information from you?

We might have collected information about you in a variety of ways. For example, you might have sent your application form, CV, resume, motivational letter, we might have contacted you via LinkedIn or other career portal, recruitment company has provided your CV or other staff member of Biomapas has recommended you. We will always notify you at the point of collecting such information.

 

  • What type of information is collected from you?

We collect a range of information about you. This includes:

  • Name, last name;
  • Contact information (phone number, e-mail address);
  • Details of education, qualification, skills, experiences and employment history;
  • Country, city of residence;
  • Other data you voluntarily provided in the CV/other document;
  • In some cases, we may need additional information (e.g. existence of driver’s license).

 

  • How is your information used?

We may use your information to:

  • Process an application for a role you have given us authorisation to submit you for;
  • Contact you for future opportunities that may be interesting to you;
  • send you communications in order to update your details.

We will not process your Personal Data for any other purpose, unless we receive your consent.

 

  • For how long your information is stored?

Your Personal Data will only be processed during recruitment process and stored 6 months after that.

 

  • Where your information is stored?

Your Personal Data will be stored under secure conditions in a range of different places, including but not limited to SharePoint system, email box and lockable cabinets with limited access.

 

  • Where do we process your information?

We always aim to process your Personal Data within EU/EEA. Your personal data might be transferred or processed in a country outside EU/EEA, if you have authorised us to submit you for a job application in a country outside of the EEA.

 

 

  • MARKETING
    • How do we collect information from you?

Personal Data Provided by you: we can collect Personal Data directly from you (provided electronically, in writing, or verbally). We may, for example, ask you for information when we are in touch with you about your interest in our services, when you provide information to us via our website, when we meet you at a networking event.

Personal Data from other sources: we may also collect Personal Data from public sources such as LinkedIn, networking events contact list, search engines, public registers and/or Personal Data from the web-presence of your employer.

 

  • What type of information is collected from you?

We collect a range of information about you. This includes:

  • Company name;
  • Name, Last name of contact person (if applicable);
  • Contact details: phone number, email, fax;
  • Company address.

 

  • How is your information used?

We may use your information to:

  • To respond to your requests or provide you with information you have requested;
  • To send you greetings and informational letters.
  • To contact you with marketing and promotional information about products and services that we offer after we receive your consent;

We will not process your Personal Data for any other purpose, unless we receive your consent.

 

  • For how long your information is stored?

Your Personal Data will be stored in our internal database if only we receive your consent and for no longer than 5 years.

 

  • Where your information is stored?

Your Personal Data will be stored under secure conditions in a range of different places, including but not limited to SharePoint system and email box with limited access.

 

  • Where do we process your information?

We always aim to process your Personal Data within EU/EEA. Your personal data might be transferred or processed in a country outside EU/EEA, if you have requested to provide you information about services in countries outside of the EU/EEA.

 

 

  • PATIENT
    • How do we collect information from you?

We collect personal data about you when you or a third party provides us with information in relation to an adverse reaction / incident that affected you.

 

  • What type of information is collected from you?

We may collect a range of your personal information when you are the subject of an adverse reaction / incident. This includes:

  • Initials;
  • Age / age group / date of birth;
  • Gender;
  • Weight and height (if required);
  • Information about the adverse reaction / incident (e.g. symptoms, duration, outcome, suspected drug / device, concomitant medication, medical history, relevant medical test / procedures);
  • Other relevant medical history;
  • Your contact details of yours.

Some of this information is considered by law to be “sensitive personal data” about you. This includes any information that tells us about your:

  • Health (predisposing conditions, disabilities, disorders etc.);
  • Ethnic origin.

 

  • How is your information used?

We may use your information to:

  • Investigate the adverse reaction / incident;
  • Fulfill the obligations to report the information of the adverse reaction / incident to the appropriate Competent Authorities;
  • Contact you for further information about the adverse reaction / incident you reported.

We will not process your Personal Data for any other purpose than described above.

 

  • For how long your information is stored?

Personal Data related to pharmacovigilance will be stored for as long as the marketing authorisation of the associated product exists and for at least further 10 years after the marketing authorisation has expired.

 

  • Where your information is stored?

Your Personal Data will be stored under secure conditions in locked fireproof cabinets with limited access (for paper files) and in Microsoft SharePoint with limited access (for electronic files). Furthermore, it may be stored in the internal Pharmacovigilance database, the Eudravigilance Database, managed by the European Medicines Agency and the national competent authorities databases outside of EEA

 

  • Where do we process your information?

We share your information with national and/or regional authorities in accordance with pharmacovigilance laws inside and outside EU/EEA. We share your Personal Data (except your name and contact details) with Marketing Authorization Holders of (suspected) drug / device.

 

  • REPORTER
    • How do we collect information from you?

The personal data that we may collect about you when you report an adverse reaction / incident or write an article containing safety data is your:

  • Name;
  • Contact details (which may include your address, e‐mail address, phone number or fax number);
  • Profession (this information may determine the questions you are asked about an adverse reaction / incident, depending on your assumed level of medical knowledge); and
  • Relationship with the subject of the report.

 

  • How is your information used?

We may use your information to:

  • Investigate the adverse reaction / incident;
  • Fulfill the obligations to report the information of the adverse reaction / incident to the appropriate Competent Authorities;
  • Contact you for further information about the adverse reaction / incident you reported.

We will not process your Personal Data for any other purpose than described above.

 

  • For how long your information is stored?

Personal Data related to pharmacovigilance will be stored for as long as the marketing authorisation exists and for at least further 10 years after the marketing authorisation has expired.

 

  • Where your information is stored?

Your Personal Data will be stored under secure conditions in locked fireproof cabinets with limited access (for paper files) and in Microsoft SharePoint with limited access (for electronic files). Furthermore, it may be stored in the internal Pharmacovigilance database, the Eudravigilance Database, managed by the European Medicines Agency and the national competent authorities databases outside of EEA

 

  • Where do we process your information?

We share your information with national and/or regional authorities in accordance with pharmacovigilance laws inside and outside EU/EEA. We might share your Personal Data (except your name and contact details) with Marketing Authorization Holders of (suspected) drug / device.

 

 

We collect Personal Data provided directly from you when you fill in the registration form in website and participate in training. We collect your:

  • Name and last name;
  • Contact details (e‐mail address, mobile phone number, correspondence address);
  • Certificate of training completion.

 

  • How is your information used?

We use your information to confirm your registration and to contact you with regards to your online training. In addition, we use your provided data to create your user account in our training platform and the respective invoices and login forms for your training. Also, we may contact you to remind you about the expiry of your certificate.

We will not process your Personal Data for any other purpose than described above.

 

  • For how long your information is stored?

We store your name, last name and certificate of training completion for 15 years. Other information – for no longer than 5 years.

 

  • Where your information is stored?

Your Personal Data will be stored in SharePoint under secure conditions and with limited access.

 

  • Where do we process your information?

We always aim to process your Personal Data within EU/EEA. Your Personal Data will not be transferred for third-parties and outside EU/EEA, unless otherwise required by you.

 

  1. YOUR DATA PROTECTION RIGHTS

Under the GDPR, you have the right to know about how your Personal Data are processed.  These rights are summarized below:

  • The right to be informed: you have the right to be informed about the collection and use of your Personal data.
  • The right to access: you have the right to obtain a copy of your personal data as well as other supplementary information.
  • The right to rectification: you have the right to rectify inaccurate Personal Data, or complete if it is incomplete.
  • The right to erasure: you have the right to erase your Personal Data.
  • The right to restrict processing: you have the right to request the restriction or suppression of your Personal Data.
  • The right to data portability: you have the right to obtain and reuse your personal data for your own purposes across different services.
  • The right to object: you have the right to object to the processing of your personal data in certain circumstances.
  • The right not to be subject to automated processing: you have the right to object automated individual decision-making. We do not process the personal data in this way.

 

  1. WHAT IF YOU DO NOT WANT TO PROVIDE US WITH YOUR PERSONAL DATA?

Providing appropriate Personal Data is a precondition for specific services, such as the performance of the executed contract, the possibility to successfully apply for a job, or where is a legal obligation to process the personal data. Failure to provide specific personal data may affect our ability to enter into a contract with you, to contact you and/or to proceed with the recruitment procedure.

 

  1. CONTACT

To assist us in complying with our obligation to maintain Personal Data accurate you should immediately notify our contact person in Biomapas in writing of any changes to your Personal Data.

 

If you have any questions about this Privacy Policy or our treatment of your Personal Data, please contact us via email data.protection@biomapas.eu

 

We may amend the Privacy Policy upon our unilateral decision, so, please review this Policy regularly. The Privacy Policy was last updated on 25 May 2018.