Anjarium Privacy Notice

Last updated: [March 29, 2024]

What is this Privacy Notice about?

This Privacy Notice explains how we process personal data, primarily in relation with our business and our website. If you would like more information, please feel free to contact us (sec. 2). “Personal data” means any information relating to an identified or identifiable natural person, and “processing” means any handling of personal data, such as collecting, storing, using, and sharing it.

Who is responsible for processing your data?

For the data processing, the following company is the “controller”, i.e., the party that is primarily responsible to ensure compliance with data protection laws (also “we”):

Anjarium Biosciences AG
Wagistrasse 23
8952 Schlieren
Switzerland

If you have any questions regarding data protection, please feel free to contact us at:

Anjarium Biosciences AG
Wagistrasse 23
8952 Schlieren
Switzerland

privacy@anjarium.com

You may provide us with data that relates to other individuals as well (e.g., work colleagues). In this case, we understand that this data is correct and that you act within your rights when sharing it with us. We may not be in direct contact with these individuals and cannot inform them directly about our data processing, but we ask that you to inform these individuals about our data processing (e.g., by pointing them to this Privacy Notice).

How do we process data in relation with our products and services or when receiving your products or services?

When you use our products or services or if we receive products or services from you (as supplier or service provider), we process data for onboarding, for the conclusion of an agreement and for its performance and management:

  • We may advertise our products or services, e.g., through newsletters. More details are set out in sec. 4.
  • We may process personal data if we are in contact with you in view of a potential agreement. This is mostly data you provide to us, e.g., your name, contact details or date of birth, information collected through forms, details of products or services requested and the date of agreement.
  • If we enter into an agreement with you, we process the data from the onboarding and information on the agreement (e.g. the date and the content of the agreement). 
  • We also process personal data during and after the agreement. Examples are information on the purchase of products or services, payments, contacts with customer service, claims, complaints, returns, data on the termination of the agreement and – if there ever should be disputes in relation with the agreement – also on these and related proceedings. Without these data processing operations, we would not be able to perform agreements.
  • We also process the data set out above for statistical purposes. These statistics support the improvement and development of products and business strategy generally. We may also use them on a personally identifiable basis for marketing purposes; for more information, please see sec. 4.

For corporate partners, we process less personal data because data protection law applies to data of individuals only. However, we process data of individuals with whom we are in contact, e.g. name, contact details, professional details and details from communications, and details about management persons, etc. as part of the general information about companies with which we cooperate. 

How do we process data for marketing?

We also process personal data to advertise our products and services:

  • Newsletter: We send out electronic information and newsletters, which may include advertising for our products and services. We will ask for your consent before sending out electronic marketing, except for certain offers to existing customers. In addition to your name and e-mail address, we may also process information about which products or services you have used, whether you open newsletters, and which links you click on. For this purpose, a service provider we use includes invisible images that are loaded from a server via a coded link and transmits related information. This is a common method that helps us assess the effect of newsletters and optimize them. You can object by setting your email program accordingly (e.g. by switching off automatic loading of images).
  • Online advertising: where applicable, information on personalized display of advertising on third-party sites and platforms.
  • Market research: We also process data to improve and develop new products or services, e.g., information about purchases made or reactions to newsletters or information from customer surveys and polls or from social media, media monitoring services and public sources.

How do we work with service providers?

We use services from various third parties, especially IT services (examples are providers of hosting or data analysis services), shipping and logistics services and services from banks, the post office, consultants, etc. In relation with service providers for our website, please see sec. 8.

Can we disclose data abroad?

The recipients of data are not all located in Switzerland, in particular certain service providers (especially in IT). These providers may have locations within the EU or the EEA, but also in other countries worldwide, e.g., in the USA. We may also share data with authorities abroad if we are legally compelled to do so or, for example in relation with a sale of assets or with legal proceedings (see sec. 10). Not all these countries have an adequate level of data protection. We therefore use appropriate safeguards, in particular the EU standard contractual clauses, which can be found here. In certain cases, we may share data abroad without such safeguards, as permitted under applicable data protection law, e.g., with your consent or where the disclosure is necessary for the performance of the contract, for the establishment, exercise, or enforcement of legal claims or for overriding public interests. 

How do we process data in relation with our website?

For technical reasons, every time you use our website, some data is collected that is temporarily stored in log files (log data), in particular the IP address of the device, information about the internet service provider and the operating system of your device, information about the referring URL, information about the browser used, date and time of access, and content accessed when visiting the website. We use this data to provide our website, to ensure security and stability, to optimize our website and for statistical purposes.

Our website also uses cookies. These are small files that your browser saves on your device. This allows us to separate individual visitors from others, but usually without identifying visitors. Cookies may also include information about content accessed and the duration of the visit. Certain cookies (“session cookies”) are deleted when the browser is closed. Others (“persistent cookies”) are stored for a certain period of time so that we can recognize recurring visitors. We may also use other technologies, such as tracking pixels or browser fingerprints. Tracking pixels are tiny, invisible images that allow collection of certain data on user behaviour (e.g., site visits), by sending information back to the web server when loaded. Browser fingerprints are information about the configuration of your device that make your device distinguishable from others.

You can configure your browser in the settings so that it blocks or deletes certain cookies and other stored data. You can find out more about this in the help pages of your browser (usually under “privacy”).

Cookies and other technologies may also be used by third parties that provide services to us. These may be located outside of Switzerland and the EEA (for more information, see sec. 7). For example, we use analytics services so that we can optimize and personalize our website. Cookies and similar technologies from third-party providers also enable them to target you with individualized advertising on our websites or on other websites as well as on social networks that also work with this third party and to measure how effective advertisements are (e.g., whether you arrived at our website via an advertisement and what actions you then take on our website). The relevant third-party vendors may record website usage for this purpose and combine their records with other information from other websites. They can record user behavior across multiple websites and devices to provide us with statistical data. The providers may also use this information for their own purposes, e.g. for personalized advertising on their own website or other websites. If a user is registered with the provider, the provider can assign the usage data to the relevant person. 

The most important third-party provider is Google. You can find more information about them below. Other third parties generally process personal and other data in a similar way.

We use Google Analytics on our website, an analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, USA) and Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland). Google collects certain information about the behavior of users on the website and about the end user device. The IP addresses of visitors are shortened in Europe before being forwarded to the USA. Google provides us with evaluations based on the recorded data, but also processes certain data for its own purposes. Information on the data protection of Google Analytics can be found here, and if you have a Google account yourself, you can find further details here.

How do we process data via social media?

We operate our own presences on social networks and other platforms (LinkedIn). If you communicate with us there or comment on or redistribute content, we collect information for this purpose, which we use primarily for communication with you, for marketing purposes and for statistical evaluations (see sec. 4 and 10). Please note that the provider of the platform also collects and uses data (e.g. on user behavior) themself, possibly together with other data known to them (e.g. for marketing purposes or to personalize the platform content). Insofar as we are jointly responsible with the provider, we enter into a corresponding agreement, about which you can obtain information from the provider.

What are other processing purposes?

Typical (though not necessarily frequent) cases are as follows: 

  • Communication: When we are in contact with you (e.g. when you call us or when you communicate with us by e-mail or on a social media platform), we process the content as well as information about the nature, timing, and location of the communication. For your identification, we may also process information about proof of identity. Telephone conversations with us may be recorded; we will inform you of such recordings at the beginning of each conversation. If you do not want us to record such conversations, you have the option at any time to terminate the conversation and contact us by other means (e.g. by e-mail).
  • Compliance with legal requirements: We may disclose information to authorities as required by law or to comply with internal regulations. 
  • Prevention: We process data to prevent crime and other misuse, for example fraud prevention or for internal investigations.
  • Legal proceedings: Where we are involved in legal proceedings (e.g. court or administrative proceedings), we process data such as information about other parties to the proceedings and individuals involved such as witnesses and disclose data to such parties, courts, and authorities, possibly also abroad.
  • IT security: We also process data for monitoring, controlling, analyzing, securing, and assessing our IT infrastructure, as well as for backups and archives.
  • Competition: We process data about our competitors and the market environment in general (e.g. the political situation, the association landscape, etc.). We may also process data about key persons, such as their name, contact details, role or function and public statements. 
  • Transactions: If we sell or acquire assets, business units or companies, we process data to prepare and execute transactions, e.g. information about customers or their contact persons or employees, and we may also disclose such information to potential buyers or sellers. 
  • Other purposes: We process data to the extent necessary for other purposes such as training and education, administration (e.g. contract management, accounting, enforcement and defense of claims, evaluation and improvement of internal processes, preparation of anonymous statistics and evaluations; acquisition or disposal of receivables, businesses, parts of businesses or companies and safeguarding other legitimate interests.

How long do we process personal data?

We process your personal data as long as it is necessary for the purpose of processing (in the case of contracts, usually for the duration of the contractual relationship), as long as we have a legitimate interest in storing it (e.g. if in order to enforce legal claims, for archiving and or to ensure IT security) and as long as data is subject to a statutory retention obligation (for certain data, for example, a ten-year retention period applies). After these periods have expired, we delete or anonymize your personal data.

What else should be considered?

Depending on the applicable law, data may only be processed on the basis of legal grounds. This does not apply under the Swiss Data Protection Act, but it does under the European General Data Protection Regulation (GDPR) to the extent it is applicable. In this case, our processing is based on a necessity to prepare for and perform agreements (sec. 3), to safeguard legitimate interests of us or third parties, e.g. statistical evaluations (sec. 3) or for marketing purposes (sec. 4), that it is required or permitted by law, or that you have provided separate consent. The relevant provisions are article 6 and 9 GDPR.

You are not under an obligation to provide data to us, except in some cases such as when it is required to comply with a contractual obligation). However, we must process data for legal and other reasons when we conclude and execute contracts. The use of our website would also not be possible without some data processing (see sec. 8).

What are your rights?

You have certain rights, subject to conditions and restrictions under applicable law: 

  • You may request a copy of your personal data and further information about our data processing; 
  • You may object to our data processing, especially in relation with direct marketing;
  • You may have incorrect or incomplete personal data corrected or completed or supplemented by a note of dispute;
  • You may request receipt of the personal data that you have provided to us in a structured, common and machine-readable format;
  • You may revoke your consent at any time if we process data based on your consent. The revocation is only valid for the future, and we reserve the right to continue to process data based on another basis in the event of a revocation. 

If you wish to exercise such a right, please feel free to contact us (cf. sec. 2). We will usually have to verify your identity (e.g. by means of a copy of your ID card). You are also free to file a complaint against our processing of your data with the competent supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC).