Privacy Policy

As part of this privacy policy, the administrator presents the key information regarding the processing of personal data under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as "GDPR"), as well as the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws 2018, item 1000, as amended).Additionally, the administrator informs that this policy is informational and general in nature, meaning that any specific details of the policy may also be included in the terms and conditions or in the information clauses provided to the Client (User) at the time of data collection.

Personal Data Administrator
The personal data administrator (hereinafter referred to as the "Administrator"), meaning the entity determining the purposes and means of personal data processing on the website www.innoxpharma.com (hereinafter referred to as the "Service"), is Innox Sp. z o.o., headquartered at Żurawia 71, 15-540 Białystok, Poland. The Administrator can be contacted via email at: office@innoxpharma.com or in writing at the above-mentioned address.

Data Protection Officer
The Administrator has appointed a Data Protection Officer, Ms. Monika Korniluk-Kopeć. The Data Protection Officer can be contacted via email at: monika.korniluk@innoxpharma.com or in writing at the Administrator's headquarters.

Purposes, Legal Bases, and Retention Periods for Personal Data Processing
Within the framework of the Service, the Administrator processes personal data for various purposes and to varying extents:

(The specific purposes, legal bases, and retention periods would follow here if provided.)

Purpose and Legal Basis for Processing Data of Users/Clients Using the Service
Data Retention Period

  • For entering into and performing a contract for the provision of electronic services (e.g., by filling out a contact form on the Service) (Article 6(1)(b) GDPR):
    Personal data will be stored for the duration of the contract and up to the statute of limitations for claims arising from the contract.
  • For handling potential complaints, claims, and requests (Article 6(1)(c) and (f) GDPR):
    Personal data will be retained for the period necessary to address complaints, claims, and requests from Service Users.
  • To enable direct communication with the administrator, including correspondence and responding to inquiries submitted via the contact form on the Service (Article 6(1)(f) GDPR – legitimate interest of the administrator):
    Generally, data will be processed for periods specified by law. If no specific retention period is indicated, data will be stored as long as it serves the legitimate purpose of the administrator, regulated by the possible duration of legal claims. The retention period for correspondence depends on the purpose of the data processing related to that correspondence.
  • For managing and operating the Service, ensuring functionality, and facilitating the use of the Service, including the use of cookies, data analysis, and statistics collected automatically through the Service, including third-party cookies (Article 6(1)(f) GDPR):
    Personal data will be processed for as long as it serves the legitimate interest of the administrator, but no longer than the period necessary for legal proceedings or the duration of legal claims, unless objections are raised. If objections are raised, processing will cease unless there are legally justified grounds for further processing.
  • To deliver tailored services, offers, and communications to Service Users (Article 6(1)(a) GDPR – upon User's consent):
    Personal data will be processed for the period necessary to fulfill the purpose for which it was collected (e.g., marketing activities), but no longer than until the User changes settings on their device, cookies, or browser, effectively withdrawing their consent.
  • For pursuing other legitimate interests of the administrator (Article 6(1)(f) GDPR), including:
    • Establishing, exercising, or defending legal claims.
    • Ensuring functionality and ease of use of the Service (detailed information on cookies is available in the Cookie Policy).
      Personal data will be retained for the period necessary to fulfill the purpose for which it was collected, but no longer than until the expiration of the statute of limitations for mutual claims or the submission of an objection unless there are legally justified grounds for further processing. After an objection, data may be retained for demonstrating compliance with legal obligations and related claims.
  • For managing and interacting with accounts on social media platforms (e.g., LinkedIn), including engaging with Users and communicating with them (Article 6(1)(f) GDPR):
    Please note that the rules for using social media platforms, where the administrator's accounts are located, are determined by the entity managing those platforms.
  • Personal data will be retained for the period necessary to fulfill the purpose for which it was collected (e.g., marketing, analytics, and statistical activities), but no longer than until an objection is raised unless there are legally justified grounds for further processing. After an objection, data may be retained for demonstrating compliance with legal obligations and related claims.

Voluntary Nature of Providing Data
Providing personal data is voluntary.

Automated Data Processing
No automated decisions, including those resulting from profiling, will be made based on your personal data.

Data Recipients and Transfer of Data Outside the EEA
Personal data may be shared with:

  • Entities supporting the administrator's activities, particularly IT service providers and marketing service providers.
    Data transfer occurs only when necessary for the specific purpose of personal data processing and only to the extent required to achieve that purpose.

Some data processing operations may involve transferring personal data to countries outside the European Economic Area (EEA) due to the administrator’s use of IT infrastructure service providers. In such cases, the administrator will implement mechanisms to legalize the transfer and ensure adequate protection of personal data, in compliance with EU law. These mechanisms include choosing IT infrastructure providers who guarantee an appropriate level of data protection through mechanisms such as adherence to the Privacy Shield program or the use of Standard Contractual Clauses as outlined in GDPR.

Your Rights
In connection with the processing of your personal data by the administrator, you have the right to:

  • Access your data and rectify it.
  • Request the deletion of your data.
  • Restrict the processing of your data.
  • Transfer your data.

You may withdraw your consent at any time (withdrawal will not affect the lawfulness of data processing based on your consent before its withdrawal).

If data processing is based on the administrator's legitimate interest, you have the right to object to the processing. For cookies, objections can only be made by clicking on the Preferences option and changing your consent preferences.

The scope of each right, the circumstances in which they can be exercised, and the procedures for doing so are determined by legal provisions. The applicability of specific rights depends, among other factors, on the purpose and legal basis for the administrator's processing of your personal data.

You also have the right to file a complaint with the President of the Personal Data Protection Office if you believe that the processing of your personal data violates the law.

News

Devrim Aran, participated in the ACG Healthcare conference in New York and has been interviewed by Vikas Magdani

Devrim Aran, CEO, Innox Corp. sits down with ACG NY during the 15th Annual Healthcare Conference
more
Apr 20th, 2022
View all