Data Protection Policy
I. Data protection
policy and information obligations
We are pleased about your visit to our website and your interest in CuroGens, our products and our services. Transparency about data protection and data security of our website visitors, customers and contractual partners is an important concern for us. in all of our
business processes, we take the protection of your personal data very seriously.
This data protection policy informs you in accordance with Art. 12 et seq. GDPR on how your personal data is handled when you use our website. In particular, it explains what data we collect and what we use it for. It also tells you how and why this is done.
, always taking into account the applicable data protection provisions, in particular the EU General Data Protection Regulation (GDPR), the Swiss Federal Data Protection Act and other applicable national laws.
This data protection policy applies to all CuroGens companies mentioned below.
II. Responsible body
The responsible body is the CuroGens group company, which decides on the purposes and means of processing personal data in accordance with applicable law. This also includes the (mobile) applications to which this data protection policy refers. The responsible bodies are, therefore, the following:
CuroGens Inc. – US Headquarters
14300 Clay Terrace Blvd.
Carmel, IN 46032
CuroGens Germany GmbH
Vestervang 2, 2.
8000 Aarhus C
CuroGens Ghana Limited
Asafoatse Afua Street, 22B.
Curogens Iberia SLU
Carrer de Muntaner 239 penthouse
III. Data Protection Officer
Several data protection officers have been appointed for our group of companies.
For all other CuroGens companies:
IV. Purpose and legal basis of the processing of personal data data
V. Recipients of the data
Access to your data is given within our group
to those offices that require them to comply with our contractual and legal obligations.
obligations Service providers and indirect agents used by us (for example, technicians
service providers, shipping companies, waste disposal companies) can also
receive data for these purposes. Depending on the circumstances, we order
these service providers within the framework of order processing. are then
subject to our instructions and may only process the data for strictly defined purposes
purposes In some cases, we also jointly define the purposes and means of the data.
treatment within the framework of co-responsibility.
In individual cases, we also pass on personal information
data to our legal and tax advisors, forcing these recipients to
keep special confidentiality and secrecy due to their professional status.
SAW. Transfer of data to third countries
As CuroGens, we treat your data
mainly in Switzerland or in an EU Member State. Personal data is
transferred between affiliated companies in Switzerland, the European Union,
the UK and Singapore. Only relevant departments and/or people
in our company they have access to the data to process your queries and requests.
For the aforementioned cookie-based tools/plug-ins and those mentioned
purposes, we also transfer the aforementioned data to third countries in the
on the basis of legal bases and measures to ensure an adequate level of
data protection mentioned there.
Potential risks may include non-enforceable data
rights of the subjects and a lower level of data protection. We minimize risk to the extent
as possible by entering into order processing contracts (if such contract
a relationship exists) and standard contractual clauses including
supplements required by the control authorities.
VII. Duration of data storage
We initially process and store your personal information
data for the duration for which the respective purpose of use requires
corresponding storage. Depending on the circumstances, this also includes the
deadlines for the initiation of a contract and the subsequent execution of the
contract. If a contractual relationship ends, the purposes of data processing will not
statutory retention periods no longer apply or expire, we will delete your data.
There is a great variety of terms for the conservation of data and documents,
resulting from the Commercial, Fiscal or Civil Code, for
example. Elimination periods range from a few days to 10 years, depending on
VII. data security
To ensure proper security of your
data on our website and systems, we take the necessary technical and
organizational measures to protect your data from loss, destruction,
unauthorized access and manipulation. The measures we apply are continuous
developed in accordance with technological progress.
We use TLS encryption for our web forms. East
protects your entries in our web forms during transmission to our servers. You
You can recognize an encrypted connection by the fact that the address line of your
the browser changes from “http://” to “https://” and by the padlock
symbol in the line of your browser. However, we would like to point out that this
it does not represent complete protection against attackers.
IX. Your rights as an interested party
Under the GDPR, you have the right to
following legal rights of data subjects, provided that the prerequisites are met
Right to information about your data stored by
us according to art. 15 GDPR,
Right to rectify inaccurate data in
in accordance with art. 16 GDPR,
Right to deletion of data stored by us
in accordance with art. 17 GDPR,
Right to limitation of data processing
stored by us in accordance with art. 18 GDPR,
Right to data portability in accordance with
Art. 20 GDPR,
Right of revocation at any time provided for in art. 7 (3)
GDPR any consent you have given us; this will result in us not being allowed
continue data processing based on this consent in the future.
Right to file a claim with a competent body
supervisory authority pursuant to art. 77 of the RGPD if you consider that
the processing of your personal data violates the provisions of the RGPD: you can
exercise their right to claim before the competent authority in any country or
state where our offices are located or in the country or state where you are located
Right of opposition
To the extent that the processing of your data is
made to protect legitimate interests, you have the right to object to
this processing at any time using the contact details provided if your
particular situation gives rise to reasons that prevent such data processing.
Then we will no longer process your data unless it is predominantly based on
our own legitimate interest or other legal basis. if you would like
exercise your right of opposition, send an email to the above email addresses of
our data protection officers.
X. Obligation to provide data
In principle, you are not required to provide
us with your personal data. However, if you do not do this, we will not be able to
to provide you with unrestricted access to our website or to respond to your
inquiries to us. Personal data that we absolutely do not need for the
the aforementioned processing purposes are marked accordingly as voluntary
XI. Automated decision making/profiling
We do not use automated decision making or
profiling (an automated analysis of your personal circumstances).
Our data protection policy is regularly
reviewed and updated periodically to comply with the legal regulations on data protection
and applicable privacy laws.