Privacy Policy

In this Privacy Policy, we describe how we collect and process personal data. For the purposes of applicable data protection legislation, Disruptive Pharma AB (“Disruptive Pharma”) is the controller of your personal data and determines how and why your personal data will be processed.

How we collect data

We collect your personal data:

  • On our website.
  • In our day-to-day business operations.
  • When we engage in a business relationship.
  • Through email correspondence.
  • When you provide us with data through meetings, social media or events.
  • From third parties.

What data we collect

Personal data we process includes:

  • Basic information such as your name, workplace and title.
  • Contact details such as address, email address and telephone number.
  • Professional background, e.g. CV.
  • Information you provide in connection with correspondence, job applications, meetings or events.
  • Email correspondence.

Why we collect your data

Please find below the purpose, legal basis and storage period of the processing of your data.

Purpose. To market our products and services through, for example, newsletters, publications and events. Legal basis. Disruptive Pharma’s legitimate interest in marketing its products and services (Legitimate interest). Storage period. As long as we have a business relationship or until you opt out.

Purpose: To manage our business relationship with you. Legal basis: Disruptive Pharma’s legitimate interest in maintaining and managing its business relationships (Legitimate interest). Storage period: As long as we have a business relationship with you or the company you represent.

Purpose: To handle job applications, meaning that we evaluate your skills and your potential of obtaining employment at Disruptive Pharma and, if applicable, to offer you employment and enter into an employment agreement with you. Legal basis: The processing is necessary for the purposes of Disruptive Pharma’s legitimate interest of recruiting new employees (Legitimate interest). Storage period: Disruptive Pharma stores and processes your personal data in order to evaluate your skills and potential of obtaining employment at Disruptive Pharma until the position you applied for has been filled. If you have applied for a position that has not been explicitly announced for, we store your application until we have been able to evaluate your potential to – within a reasonable future – obtain employment at Disruptive Pharma.

Purpose: To comply with legal obligations. Legal basis: To comply with legal obligations, e.g. Disruptive Pharma’s legal obligations due to applicable accounting and taxation legislation (Legal obligation). Storage period: As long as prescribed by law.

Purpose: For the establishment, exercise or defence of legal claims. Legal basis: Disruptive Pharma’s legitimate interest in establishing, exercising or defending any legal claims (Legitimate interest). Storage period: Information that is relevant for any legal claim is kept for as long as such claim can be made in accordance with applicable legislation.

How we share your data

We may disclose or share your data with:

  • Auditors and other professional advisors.
  • Service providers and suppliers.
  • A third party when it is necessary in order to provide services to you or comply with a legal obligation.
  • Social media such as Instagram, Facebook, LinkedIn or Twitter when you contact us through such services. If you use these services, we refer to the respective service’s privacy policy for information on how they process personal data.

We strive to process all your data inside EU/EEA. However, some of Disruptive Pharma’s IT providers may operate outside EU/EEA. When personal data is shared with these providers, Disruptive Pharma has ensured that the level of protection is equivalent to that applicable in the EU/EEA, through the standard contractual clauses. You can read more about the these here.

If we transfer your personal data outside the EU/EEA, such transfer will be subject to appropriate safeguards in accordance with applicable data protection legislation.

Your rights

Below is a summary of your rights under data protection law. The websites of the EU supervisory authorities can usually provide you with detailed information on these rights.

The right of access. You have the right to access and receive a copy of your personal data, and other supplementary information.

The right to rectification. You have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing.

The right to erasure. You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.

The right to restrict processing. You have the right to restrict the processing of your personal data when you have a particular reason for wanting the restriction. This means that you can limit the way that we use your data. This is an alternative to requesting the erasure of their data.

The right to data portability. The right to data portability gives you the right to receive personal data you have provided to us in a structured, commonly used and machine-readable format. It also gives you the right to request that we transmit this data directly to another controller, where possible. This right only extends to data processed based on consent or the performance of a contract.

The right to object. The right to object gives you the right to object to the processing of your personal data based upon public task or legitimate interests at any time. This effectively allows you to stop or prevent us from processing your personal data. You may also object to processing of personal data for marketing purposes. When we receive an objection to processing for direct marketing, we will not process your personal data for this purpose.

Right to lodge a complaint. You have a right to lodge a complaint regarding our processing of your data with the Swedish Authority for Privacy Protection, Box 8114, SE-104 20 Stockholm, Sweden (or your own national data protection authority). The contact details for local national data protection authorities can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Changes to this privacy policy

Disruptive Pharma reserves the right to make changes to this Privacy Policy from time to time. If substantial changes to the Privacy Policy are made, Disruptive Pharma will inform you about such changes by email, provided that Disruptive Pharma has your email address, or if possible in some other manner.

How to contact us

Do not hesitate to contact us if you have any questions about this Privacy Policy or the processing of your data or if you would like to exercise any of your rights under applicable data protection legislation.

You can contact us at: stefan.strom@disruptivepharma.com

 

Updated as of October 28, 2021.