Introduction

This privacy policy sets out how Aptahem AB (“Aptahem”, “we”) uses and protects your personal data.

Aptahem AB is a public, biotech company with its corporate domicile and principal place of business at Norra Vallgatan 58, 211 22 Malmö, Sweden and listed in the Commercial Register of the Swedish Chamber of Commerce under number 556970-5782. This policy applies to the personal data for which Aptahem acts as data controller; in other words, where we have control over what happens with your data and how this data is handled.

Aptahem is committed to ensure that your privacy is protected and will only process your personal data in conformity with the General Data Protection Regulation or GDPR (in effect since May 25, 2018). Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy policy.

How we use your personal data

Profile data or customer relationship data

We may collect and store the following information on our customers and business partners (or their personnel) to create profiles in order to facilitate the administration of our services and to maintain contact:

  • name, surname and job title
  • contact information including telephone number or email address
  • internet protocol (IP) address
  • demographic information such as postcode
  • social media tracking pixels that allow platforms such as Facebook and Twitter to interact with this website
  • other information relevant to customer and/or job offers

The legal basis for this processing is your consent OR the performance of a contract between you and us and/or taking steps, at you request, to enter into such a contract OR our legitimate interests, namely the proper administration of our website and business, our relationships with customers, communicating with customers and keeping records of those communications.

When you voluntarily provide us this information through our website or any other information channel, the personal data provided by you will be used only for the purpose of responding to your query or your request for information. The legal basis for such processing is your consent. We will not use this personal data for direct marketing purposes.

Job applicant data

If you post your personal data as a job applicant, the personal data provided by you will be used for recruitment and employment purposes or –if you agree to this- for informing you of future job opportunities. The legal basis for this processing is taking steps, at you request, to enter into a contract between you and us OR your consent.

Clinical trial data

Subjects may participate in clinical trials of Aptahem’s products in order to further research and develop these therapeutics drugs. By giving consent to participate in such clinical trials, the doctor or investigator conducting the clinical trial will collect personal data of the subject, including data relating to their health and pharmaceutical needs. Aptahem receives this information (required by law) in a pseudonymized form. This means we cannot directly identify the subject.

If you are an investigator/doctor or other study personnel conducting clinical trials of Aptahem your personal data (e.g. contact details, qualifications, CV) will be collected. This to meet global regulatory and compliance guidelines (legal obligation).

About cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. We are using cookies on our website.

Providing your personal data to others

Transfers to third parties

We may disclose your personal data to third parties in the following cases:

  • insofar as reasonably necessary for our business or administration purposes. Under certain circumstances, these third parties provide technical, organisational or consultancy support services (e.g. IT-support or legal support) and may occasionally have access to your personal data in order to enable them to provide these services. All companies providing such support services are required to apply the same standards of protection as us and cannot use your personal data for their own purposes;
  • when disclosure is necessary for compliance with a legal obligation to which we are subject; or
  • when we have your consent to disclose your personal data.

Your personal data will not be transferred to third parties without taking appropriate protection.

We will never sell or rent your personal data to third parties.

International transfers

We have offices and facilities in Malmö, Sweden and may collaborate with other partners outside the EU. Transfers of your data outside of EU countries will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted and approved by the European Commission, a copy of which can be obtained from our Data Protection Officer. Your personal data are stored on the secure server of Aptahem.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over these other websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites; and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the websites concerned.

Retaining and deleting personal data

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

The period of retention of job applicant data will be no longer than two (2) years.

The period of retention of clinical trial data will be at least twenty-five (25) years after the completion of the trial.

In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:

  • the period of retention of profile data will be determined based on current relationship but will be no longer than five (5) years after our last contact.
  • the period of retention of customer relationship data will be determined based on our contractual agreements but will be no longer than ten (10) years after conclusion of the contract.

Notwithstanding the other provisions of this section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject.

Your rights

It is important to know that you can exercise different rights which give you a certain control over your personal data. You can always contact our Data Protection Officer at dpo@aptahem.com to exercise your rights:

  • Right to be informed about the purposes of the processing (see above) and the identity of the data controller.
  • Right of access: The Data Subject may, at any time, request an extract of the data that Aptahem has on you.
  • Right to rectification: We take all reasonable steps to ensure that the data we hold is up to date. If you find that your data is inaccurate or incomplete, you have the right to ask us to correct it.
  • Right to object: The Data Subject may, at any time, object to the use of your data by Aptahem and by its active partners.
  • Right to erasure: The Data Subject may, at any time, notify Aptahem by requesting deletion of your personal data.
  • Right of limitation of processing: the Data Subject may, in particular, obtain a limitation of processing in case of disputing the accuracy of the data, or if the processing is considered being illegal.
  • Right of portability: The Data Subject has the right to receive the personal data communicated to Aptahem, and may also ask the company to send this data to another data controller.

Questions and complaints

If you have any questions or complaints on how Aptahem processes your personal data, you can always contact our Data Protection Officer via the following e-mail: dpo@aptahem.com.

If you believe that our processing of your personal data infringes data protection laws, you also have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. We however kindly request that you also present your complaints to our Data Protection Officer first, so that we can quickly find a suitable solution to your problem.

For Sweden:
Data Protection Authority
Swedish Authority for Privacy Protection (IMY)
Integritetsskyddsmyndigheten, Box 8114,
104 20 Stockholm,
Sweden
Email: imy@imy.se

Aptahem may change its Privacy Policy from time to time. We encourage you to review this Privacy Policy periodically from our website.

Privacy Policy Aptahem AB, version 2.0, 2023-02-10

Download Privacy Policy as pdf