Last Updated: May 24, 2021
(i) When you browse or visit our website, https://www.chemomab.com/ (“Website”);
(ii) When you make use of, or interact with, our Website and you contact us (e.g. customer support, need help, submit a request);
(iii) When you attend a marketing event and/or we exchange business cards; and/or
(iv) When we use the Personal Data of our customers and service providers (e.g. contact details).
WHAT INFORMATION WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED
- When you browse or visit our Website When you browse or visit our Website, we collect information about you through cookies, analytic tools and log files. This information is collected to help us understand how the Website is used and for statistics and marketing purposes. Our legal basis for collecting this information is consent and/or our legitimate interest. For more information, please read out cookies policy.
- When you make use of, or interact with, our Website When you contact us, you will provide us with the following information: full name, email address, company name, contact details, phone number, comments/ messages and any other Personal Data you decide to provide us. We use this information in order to receive and answer your questions, to provide you with support, analyze your query and customize your experience. Our legal basis for collecting this information is that processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, legitimate interest (e.g. to provide support and answer your questions) and/or in some contexts, consent. We share this information with third party platforms for hosting purposes and email services. This information will be retained until we no longer need the Personal Data or you send a valid deletion request. Where we do not process this information in this manner, we would not be able to receive and answer your questions, to provide you with support, analyze your query nor customize your experience.
- When you attend a marketing event, exchange business cards with us or otherwise provide us with Personal Data for marketing purposes We also use your contact details, business cards and other data you choose to share with us for marketing purposes. This information is collected in order to establish a business discussions and to send you marketing communications. Our legal basis for doing so is legitimate interest (e.g. b2b marketing communications) and/or in some contexts, consent. Where we do not process this information in this manner, we would not be able to establish a business relationship with you nor send you marketing communications. We share this information with third party platforms for hosting purposes and email services. This information will be retained until we no longer need the Personal Data or you send a valid deletion request.
- When we use the Personal Data of our customers, service providers, resellers, distributors, agents and/or finders (e.g. contact details) We collect the following Personal Data from our customers and/or services providers: full name, email address, phone number, company name, job title, billing information, and any other data said individuals choose to share with us. We collect this information in order to communicate with our customers and service providers, to perform agreements with our customers and service providers and in some contexts, to send marketing communications. Our legal basis for collecting this information is that processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract and legitimate interest (e.g. contract related communications). We share this information with third party platforms for hosting purpose and email services. We also use CRM systems. This information will be retained until we no longer need the Personal Data or you send a valid deletion request. Where we do not process this data, we would not be able to perform our agreements with or communicate with our customers and service providers.
Finally, please note that some of the abovementioned Personal Data will be used for detecting, taking steps to prevent, and prosecution of fraud or other illegal activity, to identify and repair errors, to conduct audits, and for security purposes. Personal Data may also be used to comply with applicable laws, with investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims. In certain cases, we may or will anonymize or de-identify your Personal Data and further use it for internal and external purposes, including, without limitation, to improve the services and for research purposes. “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about the use of our services. We may use Anonymous Information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them).
HOW WE PROTECT AND RETAIN YOUR INFORMATION
- Security. We have implemented technical, organizational and security measures designed to protect your Personal Data. However, please note that we cannot guarantee that the information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.
- Retention of your Personal Data. We generally retain your Personal Data as follows: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings.
HOW WE SHARE YOUR PERSONAL DATA
In addition to the recipients described above, we may share your Personal Data as follows:
- With our business partners with whom we jointly offer products or services. We may also share Personal Data with our affiliated companies.
- To the extent necessary, with regulators, courts or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order;
- If, in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares or assets to a third party, we will disclose your Personal Data to such third party (whether actual or potential) in connection with the foregoing events;
- In the event that we are acquired by, or merged with, a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your Personal Data in connection with the foregoing events, including, in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company; and/or
- Where you have provided your consent to us sharing or transferring your Personal Data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality).
ADDITIONAL INFORMATION REGARDING TRANSFERS OF PERSONAL DATA
- Storage: We store the Personal Data with the following storing companies: Gmail and Google services.
- Access from Israel: Access from Israel is currently covered by the European Commission’s adequacy decision with respect to Israel.
- External transfers: Where we transfer your Personal Data outside of EU/EEA (for example to third parties who provide us with services), we will generally obtain contractual commitments from them to protect your Personal Data. When Chemomab engages in such transfers of personal information, it generally relies on i) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR) (for example, when we access from Israel), or ii) Standard Contractual Clauses issued by the European Commission. Chemomab also continually monitors the circumstances surrounding such transfers in order to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the GDPR.
YOUR PRIVACY RIGHTS. HOW TO DELETE YOUR ACCOUNT
Rights: The following rights (which may be subject to certain exemptions or derogations) shall apply to certain individuals (some of which only apply to individuals protected by the GDPR):
- You have a right to access Personal Data held about you. Your right of access may normally be exercised free of charge, however we reserve the right to charge an appropriate administrative fee where permitted by applicable law;
- You have the right to request that we rectify any Personal Data we hold that is inaccurate or misleading;
- You have the right to request the erasure/deletion of your Personal Data (e.g. from our records). Please note that there may be circumstances in which we are required to retain your Personal Data, for example for the establishment, exercise or defense of legal claims;
- You have the right to object, to or to request restriction, of the processing;
- You have the right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and that you have the right to transmit that data to another controller;
- You have the right to object to profiling;
- You have the right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
- You also have a right to request certain details of the basis on which your Personal Data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality;
- You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.
You can exercise your rights by contacting us at firstname.lastname@example.org. You may use an authorized agent to submit a request on your behalf if you provide the authorized agent written permission signed by you. To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.
USE BY CHILDREN
We do not offer our products or services for use by children and, therefore, we do not knowingly collect Personal Data from, and/or about children under the age of eighteen (18). In the event that we become aware that you provide Personal Data in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at email@example.com.
INTERACTION WITH THIRD PARTY PRODUCTS
We enable you to interact with third party websites, mobile software applications and products or services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.
We use log files. We use such information to analyze trends, administer the Website, track users’ movement around the Website, and gather demographic information.
- LinkedIn We reserve the right to remove or add new analytic tools.
If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at firstname.lastname@example.org.