Data subject: the natural person whose personal data are being processed;
Personal data: any information concerning an identified or identifiable natural person;
Personal data worthy of special protection: (i) data concerning religious, philosophical, political, or trade union opinions or activities; (ii) data concerning health, intimate sphere, or membership in a race or ethnic group; (iii) genetic data; (iv) biometric data that uniquely identify a natural person; (v) data concerning administrative and criminal prosecutions and sanctions; and (vi) data concerning social welfare measures.
Processing means any operation concerning personal data, regardless of the means and procedures used, namely collection, recording, storage, use, modification, communication, archiving, deletion or making accessible;
Communication: the transmission of personal data or making them accessible;
Data controller: the private individual who, individually or together with others, determines the purpose and means of processing;
Data Processor: the private individual who processes personal data on behalf of the Data Controller.
The entity that carries out the Processing of Users’ Personal Data is. 3B Biotech Research SAGL, a company under Swiss law (CHE-306.517.065), whose registered office is located at Balerna Via Sottobisio 30 – 6828 (CH) Switzerland.
The Data Controller holds the website https://3bbiotech.com/
The contact details of the Data Controller are as follows:
SECURITY OF PERSONAL DATA
The Data Controller is committed to taking appropriate technical and organizational security measures in accordance with its legal and contractual obligations to protect the Personal Data of the Data Subject. As the Data Controller, we undertake to regularly monitor the security measures implemented in order to keep them in line with the passage of time and the evolution of technology. However, the transmission of information via an open network such as the Internet or other electronic means of communication entails certain security risks, so it is not possible to absolutely guarantee the security of information transmitted in this way, in other words, “zero risk” cannot be assured.
PURPOSE OF PROCESSING AND CATEGORIES OF PERSONAL DATA
Contact forms and correspondence
The User’s Personal Data, communicated by the User through the forms appearing on the Site and through the various and common means of communication, are processed for the purpose of following up the Data Subject’s requests for information about products and services.
The data processed may be as follows: (i) first and last name, (ii) address, (iii) e-mail address, (iv) telephone number, (v) nationality, …
The Data Controller retains the user’s data until the purpose of the processing is achieved or can no longer be achieved, subject to the rights of the Data Subject discussed below.
Cookies and browsing data
CATEGORIES OF RECIPIENTS OF TREATMENT
In order to achieve the processing purposes mentioned above, the Data Controller may carry out the transmission of user’s personal data to certain categories of data recipients, which can be listed as follows:
- Business partners;
- Legal entities in charge of advising and managing the Site;
- Persons engaged in the provision of telecommunications services (including e-mail service);
- Subjects in charge of newsletter delivery service;
- The competent authorities to whom data must be transmitted under legal and contractual obligations.
In principle, the Data Subject’s Personal Data is processed by the Data Controller and its auxiliaries, respectively the above-mentioned recipients of the processing.
However, user data may be disclosed abroad, where necessary according to the purpose of processing, subject to verification by the Data Controller that an adequate protection regime exists in the country of disclosure (with reference to Annex 1 of the Federal Data Protection Ordinance). The Data Controller undertakes to regularly check the contents of the aforementioned Annex.
RIGHTS OF THE PERSON CONCERNED
The Data Subject is guaranteed the following rights (non-exhaustive list), which can be exercised at any time by means of a request made in writing to the Data Controller’s contacts indicated above:
- You can at any time and free of charge be informed about your personal data that we are processing as well as receive from us, in a readable format, the personal data provided.
- If we process your incomplete or inaccurate personal data, you can at any time have it rectified and be informed about the rectification process if necessary. If it does not involve disproportionate effort, recipients will also be informed of the rectification of personal data.
- You have the right to ask the Data Controller for the deletion of processed personal data, as well as to ask for their limitation to what is necessary for the purpose of processing.
We undertake to comply with any request of the Interested Person without delay but, in any case, within a period of 30 days after receipt of any documentation necessary for the completion of such request.
CURRENT VERSION, CHANGES AND UPDATES
In order to ensure that our Policy always complies with applicable legal requirements, we reserve the right to make changes at any time.
Last update: September 11, 2023.