Data Privacy Policy

General

Vicore Pharma Holding AB (“Vicore”) shall only process personal data in accordance with applicable data protection law and high industry standards.

Personal data

Vicore processes personal data provided to us;
(i) by you in the day-to-day communications, or
(ii) in connection with entering into or performing an agreement or business arrangement with you, or
(iii) by a third party allowed by law or your consent.

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our business, when contacting us for support or advice or are otherwise contacting us.

The personal information that we collect depends on the context of your interactions and can include the following: Name and Contact Data. We may collect your first and last name, email address, phone number, and other similar contact data when you subscribe to our press releases or are contacting us via email.

We do not collect or retain sensitive personal data relating to your health, ethnic origin, religious beliefs or political conviction etc. unless you submit such information to us. In the rare cases where we do collect sensitive data, we will do so in strict compliance with local data privacy law and you will be asked to actively consent to our processing.

Information is automatically collected when you visit, use or navigate this Website. For details on the information collected and the purpose of this collection please see our Cookie policy.

Purpose

Vicore process personal data for the purpose of communicating with you and to perform, manage and comply with agreements between us as well as rights and obligations which are allowed by law or applicable regulation.

Legal basis

Vicore’s legal basis for processing your personal data, derives from the legitimate interest that Vicore has in the business and/or customer relationship cf. article 6 (1) (f) of the General data protection regulation (GDPR 2016/679). Moreover, it is necessary for Vicore to process said personal data in order to answer inquiries and generally providing customer service.

When you enter into an agreement with Vicore, Vicore’s legal basis for processing your personal data will be based on article 6 (1) (b) of the GDPR (performance of a contract).

If Vicore has a legal obligation to process your personal data, Vicore’s legal basis for processing your personal data will be based on article 6 (1) (c) of the GDPR.

In the rare cases where Vicore collect sensitive personal data, this data will be processed based on your consent; see article 6 (1) (a) of the GDPR.

Sharing of information

We may share your personal information with Vicore group entities and trusted collaborators and suppliers, including those who provide us with technology services and technical support; our advisors, auditors, regulators, and research business partners, as relevant depending on the information received.

Security

Vicore shall use adequate technical and organisational security measures to protect the personal data from loss and to safeguard against access from unauthorised persons.

Transfers of personal data may only occur;
(i) to third parties who perform services on Vicore behalf and who may only process personal data in accordance with our instructions, and may not use personal data for their own purposes; and
(ii) as otherwise permitted by law or your consent.

Transfer to a third country

Vicore has entities in the EU and USA. Accordingly, your personal data may be transferred to a third country as part of our regular procedures. Your personal data may also be transferred to a third country as part of our collaboration with suppliers, regulators etc.

Vicore has ensured that appropriate and suitable safeguards have been implemented to protect your personal data. Either Vicore has agreed on the EU Commission’s standard clauses with the recipients of your personal data, or similar applicable standard. You can ask Vicore for a copy of the agreed provisions.

Duration

The duration Vicore process personal data is limited to (i) what is necessary for the purpose for which the information is collected and to manage our relationship with you and/or (ii) Vicore’s obligation (if applicable) to keep personal data for a certain period according to applicable local law.

Rights

Vicore is the controller of the personal data processing, meaning that we are responsible for that the personal data is processed correctly and in accordance with applicable data protection laws.

Unless prevented by applicable law, or- regulation data subjects have the right to;
(i) know what personal data we process about them,
(ii) request that we rectify or erase inaccurate or incomplete personal data
(iii) object to specific processing of personal data, and
(iv) receive the personal data provided by them and have the personal data transferred to another party responsible for data processing.

Contacts

All communication with Vicore regarding how we process personal data or exercise of any of your rights can be sent by e-mail to DPO@vicorepharma.com or by post to

Vicore Pharma AB
Kornhamstorg 53
111 27 Stockholm
Sweden

Reports and complaints can also be directed to Datainspektionen who is the supervisory authority forour processing of personal data.

Data inspection Board
Phone number: + 46 (0)8-657 61 00
Postal address: Box 8114, 104 20 Stockholm, Sweden
Email address: datainspektionen@datainspektionen.se