PRIVACY POLICY

PRIVACY POLICY

PROTECTION OF PERSONAL DATA (PRIVACY POLICY)

The company fully recognizes the need to ensure the confidentiality of personal data of visitors / users of its website and their security and therefore takes all necessary steps to achieve these goals. This Privacy Policy is an integral part of the Terms of Use of the website and describes the personal data that the Company collects from the subjects, how we use and protect the personal data and the choices that users have about the way we use this data.

In particular, it will describe the ways in which users' personal data can be used, processed, stored and for what purposes the relevant processing will always take place in accordance with the applicable legislation on personal data protection and in particular in accordance with the General Personal Data Protection Regulation (EU 2016/679, GDPR) which entered into force on 25 May 2018. In case any user does not agree with these terms must not fill in the relevant requested boxes regarding the "Communication" of Company with him, the registration of the "Curriculum Vitae" as well as the requested frames regarding the "Pharmacovigilance", but to make use of the other methods of communication with the Managers of the Company. This Privacy Policy does not in any way cover the relationship between the visitors / users of this website and any services that are not subject to its control and / or ownership. This Privacy Policy concerns the services provided through our website www.crosspharma.gr and defines the basis on which we will process the personal data we collect from you or that you yourself provide to us. We would like you to read the following carefully in order to know our views and practices regarding the lawful processing of your personal data. If you use this website you accept and agree to this Privacy Policy as well as the Terms and Conditions of Use of the website as posted on it.

WHERE DOES THE PRIVACY POLICY APPLY

This Privacy Policy applies only to this website and does not apply to information collected through any other website or to company practices that we do not control. This website may contain links to other websites. The Company is not responsible for the personal data protection practices of other websites and recommends that you be informed about the personal data protection policy of the respective website you visit.

INFORMATION / DATA WE COLLECT :

We collect and process any or all of the following information from you:

Information that we collect from you / you provide us directly:

The Company designed its website so that its users can visit it without having to reveal their identity unless they wish. You are not required to provide information directly to us to view and browse this website. However, when you use certain features of the website, such as completing any application / form, etc., we may ask you to provide us with additional information. The information is provided by you after completing the relevant contact form on our website, which includes only contact details (eg name, email address, postal address, telephone number and mobile phone number, etc.).

In addition to the above:

We may ask you for information when you report a problem with the operation of our website. In the event that you contact us, we may keep a record of this correspondence / communication or ask you to complete questionnaires or surveys, which we use for research / statistical purposes, although in any case you are not required to reply to them or We collect details about the actions you take through our website as well as details about your visits to our website, including traffic data, location data, blogs and other contact data, the site that referred you to our Website and sources you have access to.

Information that is automatically collected during your visit and interaction with our website:

When you visit and interact with this website, certain information may be automatically collected, such as: Your computer's address (IP), your browser type, your operating system type, the websites you just visited and after your visit to our website, your connection speed, server connection information, information collected through cookies, webbeacons and other similar technologies. When you visit and interact with this website, certain information may be automatically collected, such as : The address (IP) of your computer, the type of your browser, the type of your operating system, the websites you visited immediately before and after your visit to our website, the speed of your connection, server connection information, information collected through cookies, webbeacons and others similar technologies.

YOUR RIGHTS

According to the General Data Protection Regulation that is already in force as well as according to any new relevant, national or European legislation in force from now on, you have a number of important rights without any charge.

You have the right to access, correct, modify, supplement, update, transmit, freeze or delete your personal data, after contacting us, at the email address registration@crosspharma.gr

According to the applicable laws and regulations, you must send with your request proof of your identification and you will receive a response within thirty (30) days of receipt of your request.

Your rights can be summarized as follows:

Access to your personal data and some other additional information, which you have provided to us voluntarily, in the request for deletion of the personal data concerning you, where possible, in the request for obtaining the personal data concerning you and you have already provided us with a structured, widely used and mechanically readable form and the right to pass this data on to third parties in certain cases, the right to object at any time to the processing of personal data concerning you in cases of direct the right to object to decisions taken by automated means that produce legal consequences and effects for you or to affect you significantly, the right to object in certain cases to the processing of your personal data, otherwise the right to restrict the processing of your personal data in some cases, the right to claim compensation for damages caused by a breach of the provisions on the protection of personal data.

If you wish to exercise any of the above rights, please contact us using our contact details, which are set out in detail below.

MINORS UNDER 18 YEARS OLD

We do not knowingly collect personal information from minors under the age of 18. If we find that we have collected any personal information from a minor under the age of 18 without verifiable parental consent, we will delete the information from our database as soon as possible. If you believe we may have collected information from a minor under the age of 18, please contact us at registration@crosspharma.gr

HOW TO EXPRESS POSSIBLE COMPLAINTS / PROTESTS

The General Data Protection Regulation gives you the right to lodge a complaint with the Supervisory Authority, in this case in the Member State of the European Union (or European Economic Area) in which you work, reside permanently or in the territory in which it took place against you. any violation of the provisions and laws on the protection of personal data.

The supervisory authority in Greece is the Hellenic Authority for the Protection of Personal Data (APDPX), with which you can contact by email at: contact@dpa.gr or by phone at: +30 210 6475600.

USER PERSONAL DATA

The visitor / user can visit the website maintained and managed by the Company, without disclosing his identity and without providing any personal information. In a specific area of this website, you will be able to enter, if and when you wish, the personally requested personal data in the case that you wish to contact the Company, but also in the relevant context required to submit an online report of an adverse reaction that is related to a pharmaceutical preparation of the Company, based on the legislation on pharmacovigilance. By complying with the above statutory obligation for pharmacovigilance, the company may collect personal data of both individuals and Health Professionals who wish to report adverse drug reactions.

In the context of using the present website of the Company, the latter may collect for individuals and Health Professionals personal data which fall into the following categories:

Personal data which the visitor / user is required to fill in the relevant fields, in order to contact the Company, if and when he wishes. Specifically, when filling in the relevant fields of the contact form, the visitor / user enters the following data: Name, email and telephone (optional).

Personal data which the visitor / user is required to fill in the relevant fields, in order to submit his / her CV, if he / she wishes to have his / her skills for integration in the human resources examined. Specifically, when filling in the relevant fields of the CV submission, the visitor / user enters the following data: Name, email and attachment to the CV file.

Personal data that the visitor / user and / or the Health Professional is required to fill in the relevant fields, in order to submit an electronic report, if and if they wish, for an adverse reaction related to a Company drug (pharmacovigilance). Specifically, when filling in the relevant fields of the form regarding the pharmacovigilance, the visitor / user (individual) enters the following data: Name, email and side effect, while the Health Professional when filling in the relevant fields enters the following personal data: Name, email, phone, professional status and side effects.

USE OF PERSONAL DATA

The Company is responsible for the protection of personal data collected through this website, as well as for informing all staff involved about the Privacy Policy. The Company guarantees that all its staff as well as all the members-partners that make it up will faithfully implement this Policy and will comply with the applicable legislation on personal data protection.

Specifically, the Company keeps a file with the above mentioned personal data of the visitors / users and the Health Professionals, in accordance with the requirements of the new General Regulation of Personal Data Protection (EU 2016/679, GDPR) .. The User Data of the website that are registered in the Company's File are those that are declared by the user (Subject) and with his explicit consent when registering in the relevant fields of the website, according to the following.

The registration of the requested personal data by the visiting users and the Health Professionals is done voluntarily and the personal data collected by the Company are related to the purposes of identifying them for communication with them, as well as for the observance of the Pharmacovigilance obligations such as provided for in European Regulations (EU) no. 1235/2010, 726/2004 and the directive 2001/83 / EC that has been incorporated in the Greek legal order with ΥΑ 32221/2013). The Company undertakes not to process, publish or transmit the personal data of its users which it legally collects in any other way or for any other purpose.

In particular, the disclosure of personal data such as the email, name and telephone number of visitors / users and Health Professionals is done in order to determine their exact identity and the possible communication of the Company with them, in case of any question, request , complaint or report.

In addition, the data that you enter when submitting your CV to the Company, the latter processes them for the sole purpose of evaluating them in order to judge your suitability for a job in the Company's potential.

Finally, the registration of the Professional status by the Health Professional takes place in the context of receiving statistical information from the Company in relation to the need to identify the Health Professional and his capacity.

USER RIGHTS

The provision of data is optional. Failure to provide information and / or refusal to consent to the terms of the data processing results in the inability to collect your data and carry out the processing to achieve the aforementioned objectives.

The visitor / user and the Health Professional retain their rights: a) to receive a written answer to their question to the Company, if personal data concerning them have been or have been processed, b) to be updated again without delay and at in an intelligible and clear manner, for all the data concerning it, their origin, the purposes of the processing, the recipients or the categories of recipients, the evolution of the processing for the period from their previous information or information as well as the logic of the automated c) request the correction, deletion or freezing (locking) of data the processing of which does not comply with the provisions of the new Privacy Policy (GPDR), in particular due to the incomplete or inaccurate nature of the data and notification to third parties of the above correction, deletion or commitment if this is not impossible or does not require disproportionate efforts, or if the reason for processing the data disappears or the subjects withdraw their consent (if necessary), or when the data has been illegally processed, etc. the subjects have the right to request the deletion of the data, d) to revoke his consent at any time, e) to object at any time to the Data Controller for the processing of data concerning him, to submit a request for restriction of the processing, to know the identity of the controller and his / her representative, f) to submit a complaint in case of improper processing of his / her personal data to the competent supervisory authority, g) to request the portability of his / her personal data as defined in the provisions of the Regulation on Personal Protection Data (GDPR).

The transfer of personal data to third parties is exceptionally allowed only when required by law or by court or prosecutorial order.

THE COMPANY AS A RESPONSIBLE FOR PERSONAL DATA PROCESSING

At Company the entire staff is responsible for supporting compliance with this policy. The staff processes IFRS only to serve legitimate, business purposes that are directly related to the performance of their duties. All Company personnel are responsible for reporting breaches that have occurred or are in progress, either to the Security Team or to the Data Protection Officer, as soon as they become aware of and follow the procedures and actions provided by the internal policy, as provided otherwise. and the personal data incident plan, which is shared with all employees, and is the specific responsibility and task of data processing, are aware of this policy and have been adequately trained for the proper management and processing of IFRS. . An assessment and recording of the risks that exist for the natural freedoms of the Subjects from the processing of Personal Data they do. They adequately apply and document why they have been selected. specific procedures as appropriate, and how they ensure company compliance. For the fulfillment of their duties, they consult the Company Security Team and the Data Protection Officer.

PROCESSING TIME

The personal data collected by visitors / users and / or Health Professionals will be stored and maintained by the Company for as long as is required to complete the purpose for which they were collected, which in any case will be reasonable.

THE DATA PROTECTION OFFICER (DPO)

The Data Protection Officer, Vasiliki Semiramis Karamitsou, duly takes into account the risk associated with the processing operations, taking into account the nature, scope, context and purposes of the processing and is responsible for informing and advising the Company and its employees. processing personal data, for their obligations, as they derive from the European and Greek legislation on data protection. Monitors compliance with European and Greek legislation, the policies pursued by the Company in relation to the protection of IFRS, including the assignment of responsibilities, awareness and training of employees involved in processing operations, and related audits. Provides advice, when requested, on data protection impact assessment. It cooperates with the supervisory authority, and acts as a point of contact for the supervisory authority and for the subjects on processing issues. He also keeps the documentation files of the procedures for the protection of Personal Data and manages in collaboration with the Company the process of informing the subjects and the Personal Data Protection Authority in case of a security incident.

EXCLUSION PROCEDURE

The visitor / user reserves the right to request from the Company to delete all the information he holds about him, by contacting his relevant request at the following email address: registration@crosspharma.gr

Finally the user can be excluded from the collection of Google Cookies data by modifying his personal settings in Google Ads Settings.

CHANGES

Our privacy policy may change from time to time. We will not restrict the rights of the users of the website without their explicit consent. Any change in the privacy policy of the website will be published on this website and if necessary the Company will inform the users of the application for each change with corresponding notifications (for example via e-mail or text message).

CONTACT DETAILS WITH THE COMPANY:

Content Editor: Vassiliki Semiramis Karamitsou

If you have any questions regarding the processing of your personal data, or wish to make a contact request or wish to exercise any of the above expressly defined rights regarding the protection of your personal data, you may at any time contact Our company, which is the Processor, via email to the following email address: registration@crosspharma.gr

This policy was approved by the Company on 01/02/2021 and will be subject to review whenever deemed appropriate by the Company. Please check the Implementation Date to see when this Policy was last revised. Each revision will take effect upon posting on the website in the appropriate section, and the previous one will be archived. If we make substantial changes to this Policy that extend our rights to use the personal data we have already collected from you, we will notify you and give you the option to use this data in the future.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.