Privacy Policy

The confidentiality and integrity of your personal information are some of the main concerns of IMMUNETHEP, S.A.

This Privacy Policy Statement describes the way IMMUNETHEP, S.A. collects and uses the personal information about its employees, customers and/or potential customers, partners and suppliers.

Who is responsible for processing your personal information?

IMMUNETHEP, S.A. is responsible for processing the personal information about its employees, customers and/or potential customers, partners and suppliers.

How do we collect your personal data?

Your personal information will be gathered and processed in the following situations:

- When you establish a relationship or propose to establish a business relationship with IMMUNETHEP, S.A.; and/or

- When you give your express consent to this purpose.

For what purposes and on what basis may your personal information be used?

According to the New Data Protection Regulation, the use of personal information must be justified based on at least one legal argument for the processing of personal information.

We may collect and use Personal Data to fulfil the obligations arising from the law, for the performance of contracts, to manage trade relations, to assess interest in possible trade relations and for Communication & Marketing purposes.

What personal data may be gathered?

The following sets of personal information may be gathered through the channels and services described in this Privacy Policy Statement:

- Personal Information: Name, address, nationality, marital status, personal contacts, photo, taxpayer number, IBAN, Social Security number, number and expiry date of the Identity Document, number and expiry date of driving license, date and place of birth.

- Additional Personal Information: Household, function/position held, professional contacts, academic qualification.

- Website: By using the website you will be providing information about your IP address, the device used, and use details, namely date, time and type of requests made.

How do we keep your information safe?

We use a variety of safety measures and authentication tools to help keep your personal information safe, intact and available.

Although we cannot provide protection against intrusion when transferring information through the internet or website, IMMUNETHEP, S.A., our service providers and commercial partners will make every effort to implement and ensure physical, electronic and procedural safety, aimed at protecting your personal information in accordance with the applicable data protection requirements.

We have implemented, inter alia, the following measures:

- Restricted access to your personal information, subject to the “need-to-know” principle and for the purposes arising from contractual arrangements or by your express consent;

- Protection of information technology systems using firewalls, to prevent unauthorised access to your personal information; and

- Monitoring of information technology systems to prevent, detect and deter the inappropriate use of personal information.

How long do we keep your data?

Your personal data is kept as long as necessary for the purposes for which they were gathered.

All personal data will be irreversibly anonymised or deleted in a secure manner at the end of the maximum retention period.

With whom may we share your personal information and how do we keep it safe?

Your personal data is stored on protected servers, ensuring such information is processed following the appropriate security measures and is only accessed and used in accordance with our security policies and standards.

IMMUNETHEP, S.A. will only use subcontractors whose security policies and standards are aligned with its own security policies and standards.

The email address of IMMUNETHEP, S.A. and of the Data Protection Manager

info@immunethep.com

dpm@immunethep.com

How may you modify or withdraw your consent?

You may, at any time, alter or withdraw your consent with effects going forward.

After you withdraw all of your consents, we will stop contacting you and sending you information for the purposes described in the Privacy Policy Statement.

To alter or withdraw your consent, you must send us an email to: dpm@immunethep.com

By getting in contact with us, you have the right to the protection of your information and the right to submit a complaint to the Compliance Authority.

If you have any issue related to our use of your personal data, feel free to write us at: dpm@immunethep.com.

Under the terms established by law, you may request that we:

- Provide additional information on how we use your personal data;

- Provide a copy of your personal information;

- Provide the personal data to another entity responsible for processing your request, if it is in writing;

- Update your personal data;

- Delete any personal information which is no longer legal, on condition that a justification is provided;

- Restrict the use of your personal information until the complaint submitted has been analysed and decided on.

Should you exercise any of these rights, we will analyse the request. Please allow up to 1 (one) month for our reply.

If you are not satisfied with our use of your personal information or our reply after you have exercised any of the aforementioned rights, you have the right to submit a complaint to the Compliance Authority (Portuguese Data Protection Committee – CNPD).