Privacy policy

This Privacy policy helps our online service users (“You” or “User”) understand what personal and other data Repolar Pharmaceuticals Oy (“Repolar” collects on its web services, and how we process this data. The Privacy policy applies to the use of all of Repolar’s online services. If the user of the online services does not accept this Privacy policy or the terms and conditions of Repolar’s online services, the online services should be used.

“Personal data” means data from which an individual User is identifiable. Repolar may also collect non-personal data from which an individual is not identifiable. Repolar may also create such non-personal data by deleting the portion of the data from which an individual is identifiable.

Personal data processing

Repolar only collects personal data that is relevant to fulfilling the purposes defined in this Privacy policy. Repolar collects log data generated by the use of the online service.

Repolar can process personal data

· for the use of online services

· to maintain and develop online services

· for statistics on the use of online services

· to reach online service users

· to send marketing and advertising materials to users

· to improve Repolar’s other products and services

· to draw up market and other surveys and reports on online services and Repolar’s other products and services

· to interpret users in order to provide more relevant service and content

· for automated decision-making

Repolar is committed to complying with the EU Data Protection Regulation ((EU) 2016/679), the Finnish Data Protection Act and other applicable laws and regulations governing the processing of personal data, and to processing personal data in accordance with good data management and processing practices. Repolar’s personnel are obliged to keep all personal data strictly confidential.

The data is processed based on the use of the site, the legitimate interest of Repolar, the express consent of the user or the customer relationship.

To develop its online services, Repolar may use third-party tools such as Google Analytics.

Disclosure, transfer and erasure of data

Repolar will not publish the personal data of Users in online services. The Users of online services can personally make data about themselves public to other users for online service use, such as by leaving comments within the online services or by using their name as the online service user name / alias. Repolar is not responsible for the privacy of data that the User chooses to make public within the online service.

Repolar will not disclose your personal data to third parties for marketing, marketing research, survey or database purposes without your consent. The personal data may be used for targeted advertising within the online services and for other similar purposes and, with your consent, for email marketing of Repolar’s products and services.

Repolar may use external service providers to provide technical solutions and services for processing of the stored data, and use a special technical interface to access the stored data. Personal data may be shared with such service providers and third parties to the extent necessary to maintain, develop and provide online services. Repolar may also use third-party services, such as email providers, credit card companies, and data analysis and company information providers. Repolar will share personal data with the above-mentioned parties only to the extent necessary to provide these services. Repolar is not be liable for any acts or omissions by such third parties.

Repolar may share non-personal data (such as anonymous data on the Users; website addresses directing to the online services and addresses used to exit the online services; types of device platforms; the use of online services, such as links, icons or image clicks, etc.) with third parties to help them understand the uses of certain content. In exceptional circumstances, personal data may be disclosed to third parties in situations where a law or regulation or other order issued by authorities so requires, or to monitor and ensure the terms and conditions of online services and to ensure the security of online services.

Repolar may disclose personal data in the event of a transaction or asset deal in which Repolar or its business or parts thereof are sold to the recipient of the data.

Personal data is generally not transferred outside the European Union or the European Economic Area. In the event that personal data is transferred outside the European Union or the European Economic Area, the security and appropriateness of the processing of personal data will be ensured by an agreement that takes into account the standard contractual clauses of the European Commission under the Data Protection Regulation, or other appropriate safeguards.

Repolar is not responsible for third-party activities (including people, companies and services), the content of third-party websites, the use of data disclosed by the User to third parties, or any other products or services that third parties may offer, even if the service is linked to Repolar’s online services, such as social media messaging services.

We will store the User’s personal data only for the required period, so that we can fulfil the purposes described in this Privacy policy. In addition, some data may be stored longer to the extent necessary to fulfil statutory obligations.

Personal data protection

All personal data is protected in accordance with Repolar data protection policy against unauthorised access and unintentional or unlawful data processing.

Data protection is a process for ensuring the confidentiality, integrity and availability of data. At Repolar, data protection is managed in accordance with the Group’s data protection policy. The data protection policy applies to all information assets and related processes that Repolar manages or processes. This applies to data processing related to both Repolar and its personnel, as well as its partners and customers. The information security of Repolar’s systems and processes is at a very high level, and they are protected against hacking and denial-of-service attacks.

The personal data register is maintained on a secure server. These security features include password protection that allows access to the stored data only to Repolar’s employees and to Repolar’s partners to whom Repolar has specifically granted authorisation for this purpose. The register is appropriately protected in accordance with industry standards and through technical and organisational protection systems. Although Repolar does its best to protect the data it collects, it cannot guarantee the security of the data with absolute certainty during processing, sending or storage. Repolar will disclose, within its online services or through its other services, any security threats that compromise the security of your personal data. Repolar may also temporarily close the online services to protect your personal data.

Cookies and other usage tracking tools

A cookie is a small file that a website stores on the device used by the visitor for browsing and which the visitor’s browser offers to the website every time they visit the site again. The User accepts the use of cookies when they arrive at the site. For example, cookies allow a site to maintain a session (a single visit to the site) during its use. Also, cookies transferred to the User’s computer do not allow the data on the participant’s hard disk to be viewed.

Repolar uses cookies to identify and track visitors at its website, their online service use and usage habits to improve the quality and adaptability of online services and to offer recommendations, and to further develop the online services and to target its marketing. In addition to cookies, Repolar may also use or later deploy other tools for usage tracking.

The online services may include third-party advertisements or material that may store their own cookies on the User’s computer, or may use other tracking tools. Such third-party services are subject to their own privacy policies, and Repolar is not responsible for data collection or processing by those operators.

User rights

The User has the right to inspect the data contained in Repolar’s register. When the User wishes to exercise their inspection right, they must send a request to asiakaspalvelu@repolar.com. The User has the right to request personal data about them to be rectified, supplemented or deleted from the register if the data is incorrect, unnecessary, incomplete or outdated for the purpose of processing personal data. Repolar also takes the above measures on its own initiative. The User also has the right, under certain conditions, to request the restriction of processing, to object to the processing of personal data or to request the transfer of their personal data to another system.

You have the right to refuse to receive Repolar’s promotional emails by following the instructions in these messages for deletion from the mailing list. If You choose not to receive promotional emails, Repolar may still send You non-promotional customer messages, such as emails regarding your user account, online service provision or Repolar’s business.

If you notice deficiencies or illegalities in our processing of personal data, you have the right to file a complaint with the data protection authority at tietosuoja@om.fi

Amendments to this Privacy policy

Repolar may modify this Privacy policy from time to time. The amendments will be updated to the online services, and the User should regularly review this page for any amendments. The amendments will also be communicated separately in the online services. By continuing to use the online services after such an amendment, you agree to the modified terms of the Privacy policy.

Controller

The controller for the processed personal data is:

Repolar Pharmaceuticals Oy

Business ID: 2012066-7 Nihtisillantie 3, 02630 Espoo, Finland

For more information on data protection and personal data processing, please contact asiakaspalvelu@repolar.com