Legal Notice

Legal Notice

THERADIS Pharma

SAS with a capital of 125 000 euros

Company Head Office:
41, Chemin des Presses
06800 Cagnes-sur-Mer France

SIREN 489 404 442
Registry of Commerce and Companies: Antibes France
Intra-Community VAT number: FR 95 489 404 442

Pharmaceutical Establishment
Manufacturer – Distributor – Importer
ANSM – Authorisation Number: MM 18/144

THERADIS PHARMA has appointed
a Data Protection Officer:
ANAXIA CONSEIL company.
The DPO can be contacted at the following address:
dpo.theradispharma@anaxia-conseil.fr

Web Host: Magic online

Groupe CELESTE – Nuxit
20 rue Albert Einstein
77420 Champs sur Marne

commercial@nuxit.com

PERSONAL DATA PROTECTION POLICY

DEFINITIONS

For the purposes of this Policy, the following terms will be used: 

DPIA” Data Protection Impact Assessment.

CNIL” National Commission on Informatics and Liberty.

Recipient” The natural or legal person, public authority, service or any other body that receives communication of personal data, whether a third party or not.

Personal data” Any information relating to an identified or identifiable natural person; an ‘identifiable natural person’ is considered to be one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

DPO” Data Protection Officer.

Data Subject” The natural person to whom the personal data being processed relates.

GDPR” European Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.

Data controller” The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing.

Data processor” A natural or legal person, public authority, service or other body which processes personal data on behalf of the controller. 

Third party” A natural or legal person, public authority, service or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Processing” Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. 

RECITALS

THERADIS undertakes the protection of personal data as a core commitment.

THERADIS therefore commits, through this Data Protection Policy, to comply with the regulations on the protection of personal data for its employees, customers, prospects, suppliers, service providers, … in accordance with the European Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data  (GDPR) and Law No. 78-17 of 6 January 1978 relating to data processing, files and freedoms.

PURPOSES

Through this Data Protection Policy, THERADIS expressly commits to:

  • Comply with the recommendations and, more broadly, the doctrine of the CNIL regarding the protection of personal data, or to justify any deviation
  • Conform to the recommendations of the National Cybersecurity Agency of France (ANSSI)
  • Anticipate any project implementing personal data in compliance with the principles of Privacy by Design and Privacy by Default defined in Article 25 of the GDPR
  • Establish internal procedures to monitor compliance with legal obligations and commitments made by THERADIS
  • Facilitate the exercise of the rights granted to data subjects
  • Ensure the greatest transparency regarding the processing of personal data implemented

DATA PROTECTION OFFICER (DPO)

The DPO is the “conductor” of compliance within an organization. They aim to train and inform, advise, monitor and raise awareness on all issues relating to the protection of personal data. Their duty is the protection, security and confidentiality of personal data. 

In order to ensure the greatest respect for the regulations and ensure the greatest transparency towards its employees, customers, prospects, suppliers, service providers, …, THERADIS, in its capacity as data controller, has appointed a DPO who can be reached at the following address:

dpo.theradispharma@anaxia-conseil.fr / 400 Avenue Roumanille, Village Greenside, BP 309, 06906 SOPHIA ANTIPOLIS Cedex. 

DATA COLLECTION AND USE

THERADIS assumes, in its capacity as data controller, to collect only the personal data strictly necessary for the purposes for which they are processed, and to do so directly from the data subjects (employees, customers, prospects, suppliers, service providers).   

When the consent of the data subject is necessary for the collection and processing of certain data, THERADIS commits to obtain this consent accordingly to the requirements of the GDPR.

In the event that data is collected indirectly, THERADIS formally takes on itself to inform its employees, customers, prospects, suppliers, and service providers thereof.   

THERADIS also takes responsibility to not process data in a manner incompatible with the purposes for which it was initially collected.

THERADIS collects the personal data that you voluntarily provide through the Contact forms.

DATA RETENTION

THERADIS undertakes to retain the personal data you provide for a period not exceeding that necessary for the purposes for which they are processed.

DATA DISCLOSURE

THERADIS wishes to be transparent regarding the use of personal data of its employees, customers, prospects, suppliers, service providers.

To this end, they are informed that personal data concerning them may be disclosed to:

  • Internal departments of THERADIS that have a justified need to access such data
  • Any data processor or service provider with a real need to access such data
  • Any organization (third party) to which THERADIS is legally obliged to disclose such personal data

RESPECT FOR INDIVIDUAL’S RIGHTS

Within the framework permitted by the European Regulation, THERADIS formally commits to respect and ensure respect for the rights enjoyed by its employees, customers, prospects, suppliers or service providers, namely:

  • Right to information
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability   
  • Right to object
  • Right not to be subject to a decision based solely on automated processing   
  • Right to decide the fate of one’s personal data after death

In order to guarantee an effective response within the regulatory timeframe, THERADIS has established a procedure for managing individuals’ rights.

You can exercise your rights by contacting THERADIS PHARMA • RIL • 41 Chemin des Presses, 06800 Cagnes-sur-Mer.

DATA BREACH MANAGEMENT 

THERADIS formally commits itself to take all measures to minimize the impact of a potential personal data breach on data subjects.

To this end, THERADIS, in its capacity as data controller, bears to notify any personal data breach to the CNIL within a maximum of 72 hours of becoming aware of it, unless the breach in question is unlikely to pose a risk to the rights and freedoms of natural persons.

THERADIS also bears to communicate any personal data breach to the data subject as soon as possible when the breach in question is likely to pose a high risk to their rights and freedoms.

To ensure efficient management of personal data breaches, THERADIS has implemented a dedicated procedure for this purpose.

SECURITY AND CONFIDENTIALITY

In compliance with regulations and insofar as the security and confidentiality of the personal data of THERADIS’s employees, customers, prospects, suppliers, and service providers is a major issue, THERADIS undertakes to take all necessary measures to protect Personal Data,including, on a case-by-case basis and in a non-exhaustive manner:

  • Secure access to data by enforcing the authorization policy implemented within the company
  • Ensure the confidentiality of systems through the implementation and compliance with an efficient password policy, as well as pseudonymization measures
  • More generally, implement all appropriate technical and organizational measures to guarantee a level of security appropriate to the risk

Security can only be optimal if, and to the extent that, potential data processors also comply with these various technical and organizational measures.

To this end, THERADIS formally commits to ensuring that all of its data processors and partners provide appropriate guarantees regarding the implementation of technical and organizational measures, compliant with the GDPR and the rights of data subjects.

THERADIS also undertakes to ensure that a contract is concluded between itself and its data processors in this regard.

PRIVACY BY DESIGN 

In compliance with regulations, THERADIS bears, before implementing any personal data processing, to:

  • Inform the DPO of any new personal data processing project
  • Follow the DPO’s advice on issues related to this project concerning personal data protection
  • Conduct or have conducted a DPIA when deemed necessary
  • Raise staff awareness of personal data protection through training and/or awareness sessions and the implementation of educational tools.
  • More generally, implement all appropriate technical and organizational measures effectively and provide the processing with the necessary guarantees to meet the requirements of this regulation and protect the rights of the individual.

COOKIES

No cookies are used on this website.

CONTACT REQUEST

The information collected by THERADIS on the contact forms is subject to data processing for the purpose of:

  • The management of applications, the sole purpose of which is to assess candidates’ ability to fill a position, which constitutes a legitimate interest for THERADIS PHARMA. This data is retained until the current recruitment process(es) are closed, or failing that, for a maximum period of two years, unless you object. The data collected will only be communicated to the human resources department.
  • The management of our customer/prospect database, THERADIS PHARMA having a legitimate interest in developing and maintaining a commercial relationship with its customers/prospects. The data will be retained for a maximum period of 3 years after the end of the commercial relationship, or your last request. The data collected will only be communicated to the sales department.

YOUR RIGHTS AND HOW TO EXERCISE THEM

In accordance with the “Informatics and Liberty” law of January 6, 1978, as amended, and the European Regulation 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data, you have the right to access and rectify information concerning you, as well as the right to object, the right to restriction of processing and the right to erasure within the framework of the regulations in force.   

You can exercise these rights by sending a letter by post (including proof of identity) to THERADIS • RIL • 41 Chemin des Presses, 06800 Cagnes-sur-Mer.

If you believe, after contacting us, that your Data Protection rights have not been respected, you can file a complaint with the CNIL.   

For your complete information, THERADIS has appointed a Data Protection Officer, whom you can contact at the following email address dpo.theradispharma@anaxia-conseil.fr

We assure you that no data will be communicated, transferred, or resold to third parties.

Scroll to Top