Privacy policy

Information Notice About Data Protection.

We care about your privacy and the protection of your rights. The law on data protection in Europe is evolving as the EU General Data Protection Regulation (GDPR) has become effective across the European Union from 25 May 2018. According to the GDPR, we must provide you with the following information.

The conduct of our activities implies the processing of personal data, obtained or not from you, including the personal data of subjects who are in the European Union. Most of the personal data we process are anonymized or pseudonymised.

The new Belgian regulation on data protection in Scientific Research has not yet been adopted. Our privacy policy is therefore in the process of being updated. When the new Belgian regulation will be effective, our privacy policy will be completed and we will bring it to your attention when you next visit in.

According to GDPR, PROMETHERA with headquarters rue Granbonpré, 11 at B-1435 Mont-Saint-Guibert is the controller of the data we process. PROMETHERA ensures fair and transparent processing in respect of the data subject. The data are being processed exclusively for the purpose of Scientific Research.

If you are a patient participating in a clinical trial sponsored by PROMETHERA and you want to know more about your rights, please click here.

For any request regarding your data privacy rights, feel free to contact us at dpo@promethera.com. If you have any questions or comments about the GDPR compliance of PROMETHERA, you may also contact our Data Protection Officer at dpo@promethera.com.

You also have the right to lodge a complaint before a supervisory authority if you consider that the processing of your personal data by PROMETHERA infringes the regulation.

Thank you.


Please read the Privacy Policy carefully.
They contain important information about your rights and obligations.

  1. General Warning
  2. Data Controller
  3. Data Collected
  4. Purpose of processing the data
  5. Rights of the data subject
  6. Periode of storage
  7. Complaint with the supervisory authority
  8. Security
  9. Communication to third parties
  10. Transfer to a non-eu contry or company
  11. Direct marketing
  12. Note concerning minors
  13. Updates and changes to the policy
  14. Validity of the contractual clauses
  15. Applicable law and competent court

1. General Warning

1.1 The S.A. PROMETHERA BIOSCIENCES (hereinafter, « PROMETHERA ») respects the privacy of its data subjects (hereinafter, the “Data Subjects”)..

1.2 PROMETHERA processes the personal data transmitted to it in accordance with the legislation in force, and, in particular, Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data, applicable from 25 May 2018 (hereinafter the “General Data Protection Regulation”).

1.3 Access to the website www.promethera.com (hereinafter, the “Website”) implies the User’s full and unreserved acceptance of this Privacy Policy (hereinafter the “Policy”), as well as its general terms of use (hereinafter the “Terms”) and the cookie policy (hereinafter, the “Cookie Policy”).

1.4 The data subject acknowledges having read the information below and authorizes PROMETHERA to process, in accordance with the provisions of the Policy, the personal data that he/she communicates on the Website.

1.5 The Policy is valid for all pages hosted on the Website and for the registrations of this Website, as well as all company pages managed by PROMETHERA on social networks, who is jointly responsible with the social network for the processing of data visitors to the page. It is not valid for the pages hosted by third parties to which PROMETHERA may refer and whose privacy policies may differ. PROMETHERA cannot therefore be held responsible for any data processed on these websites or by them.

2. Data Controller 

2.1 Simply visiting the Website shall take place without having to provide any personal data, such as first name, surname, postal address, e-mail address, etc.

2.2 As part of the activities of PROMETHERA, the Data subject may be required to provide certain personal data. In this case, the data controller is:

PROMETHERA Biosciences S.A. (Head office)
Watson & Crick Hill | Rue Granbonpré, 11,
B-1435 Mont-Saint-Guibert Belgium
Belgian business registry (BCE) number: 0809.788.365
info@promethera.com

2.3 We have appointed as a single point of contact within our company a data protection officer (more commonly known as “DPO”) whose contact details are:

GL EXPERTISE SRL
(represented by Mrs. Gentiane Verstraeten, Managing Director)
Avenue de la Constitution 12,
1083 Brussels
Belgium
Belgian Business registry (BCE) number: 0893.038.715
dpo@promethera.com

The data protection officer appointed by PROMETHERA shall have at least the following tasks:

  1. To inform and advice the controller or the processor and the employees who carry out processing of their obligations pursuant to the legislation in force in relation to the protection of personal data;
  2. To monitor compliance with the legislation in force and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
  3. To provide advice where requested as regards the data protection impact assessment and monitor its performance;
  4. To cooperate with the supervisory authority;

To act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation and to consult, where appropriate, with regard to any other matter.

2.4 Any question regarding the processing of this data may be sent to the following address: dpo@promethera.com.

3. Data Collected

3.1 By completing the spaces provided under the tabs “Contact” and “Subscribe to our distribution list” on the Website, the User allows, in particular, PROMETHERA to record and store, for the purposes mentioned in point 4, the following information:

3.2 The Data Subject also authorizes PROMETHERA to record and store the following data for the purposes mentioned in point 4:

3.3 In order to facilitate browsing the Website as well as to optimize technical management, the Website may use “cookies”. These “cookies” record, in particular:

All information relating to “cookies” is included in PROMETHERA’s Cookie Policy.

3.4 When the User accesses the Website, the servers consulted automatically record certain data, such as:

3.5 No nominative data identifying the Data Subject is collected through the cookies and servers consulted. This information is kept for statistical purposes only and to improve the Website.

3.6 We also collect some of your data through other companies, including from the following sources.

4. Purpose of processing the data

We process your data for various purposes. For each purpose, on ly the data relevant to the pursuit of the purpose in question are processed. The processing consists of any operation (manual or automated) on a personal data. PROMETHERA collects, stores and uses its Data Subjects’ data mainly for the purpose of Scientific Research, and particular for the following purposes:

4.2 The legal basis of the processing of your personal data is based on :

We have legitimate interest in providing you with this information and interacting with you, especially to respond to your requests or improve or services, prevent abuse and fraud, control the regularity of our operations, exercises, defend and preserve our rights, for example in litigation, as well as evidence of a possible violation of our rights, manage and improve our relations with you, continually improve our website and our products/services, unless such interests are supplanted by your interests or your fundamentals rights and freedoms requiring the protection of your personal data. We take care in any case to maintain a proportionate balance between our legitimate interest and respect for your privacy.

If the legal basis of your treatment is your consent, you have the right to withdraw it at any time without prejudice to the lawfulness of the processing performed prior the withdrawal.

In the context of direct marketing, this means that you can unsubscribe at any time from newsletter and other commercial communications from us. You will be put in “opt-out”. You can unsubscribe by sending us an email at the following address: info@promethera.com or by clicking on the unsubscribe link at the bottom of each email.

5. Rights of the data subject

5.1 According to the regulations on the processing of personal data, the Data Subject has the following rights:

5.2 In order to exercise his rights, the data subject sends a written request, accompanied by a copy of his identity card or his passport, to the data controller:

PROMETHERA Biosciences S.A. (Head office),
To the attention of the DPO / Compliance Manager,
Watson & Crick Hill | Rue Granbonpré, 11,
B-1435 Mont-Saint-Guibert Belgium

5.3 PROMETHERA will then take the necessary steps to satisfy this request as soon as possible and in any case within one month of receipt of the application. If necessary, this period can be extended by two months, given the complexity and the number of requests.

6. Periode of storage

6.1 PROMETHERA will keep the personal data of its Data Subjects for the duration necessary to achieve the objectives pursued (see point 4).

6.2 PROMETHERA may also continue to keep personal data concerning the de-registered Data Subject, including all correspondence or request for assistance sent to PROMETHERA in order to be in a position to reply to all questions or complaints that may be sent to it, and in order to comply with all applicable laws, namely in tax matters or as a part of other legal requirements. 

7. Complaint with the supervisory authority

The Data Subject is informed that he has the right to lodge a complaint with the Data Protection Authority : 

Data Protection Authority
Rue de la Presse, 35 – 1000 Brussels
+32 2 274 48 00
commission@privacycommission.be

8. Security

8.1 In addition, PROMETHERA has taken the appropriate organizational and technical measures to ensure a level of security adapted to the risk and tat, to the extent possible, the servers hosting the personal data processed prevent:

8.2 In this respect, employees of PROMETHERA who have access to this data are subject to a strict confidentiality obligation. Nevertheless, PROMETHERA may in no way be held liable in the event that this data is stolen or hijacked by a third party despite the security measures adopted.

8.3 Data Subjects undertake not to commit acts that may be contrary to this Policy, the Terms, the Cookie Policy or, in general, the law. Violations of confidentiality, integrity and availability of information systems and data which are stored, processed or transmitted by these systems, or the attempt to commit one of these violations, shall be punishable by imprisonment of between three months and five years and a fine of between twenty-six euros and two hundred thousand euros, or one of these penalties only.

9. Communication to third parties

9.1 PROMETHERA treats personal data as confidential information. It will not communicate them to third parties under any condition other than those specified in the Policy, such as to achieve the objectives set out and defined in point 4, or under the conditions in which the law requires it to do so.

9.2 PROMETHERA may communicate its Data Subjects’ personal information to third parties to the extent that such information is necessary for the performance of a contract with its Data Subjects. In such case, these third parties will not communicate this information to other third parties, except in one of the two following situations:

9.3 The communication of this information to the aforementioned persons shall, in all circumstances, be limited to what is strictly necessary or required by the applicable regulations.

10. Transfer to a non-EU contry or company

PROMETHERA transfers data to a non-EU country or company only when that country provides an adequate level of protection within the meaning of the legislation in force, and, in particular, within the meaning of the General Data protection Regulation (for more information on the countries offering an adequate level protection, see : https://goo.gl/1eWt1V), or within the limits permitted by the legislation in force, for example by ensuring the protection data by appropriate contractual provisions.

If you wish, you can obtain a copy of the adapted contractual clauses by sending an email to: dpo@promethera.com.

The information processed by PROMETHERA will be transferred or transmitted, or stored and processed, in the United States or other countries other than the country in which you live, for the purposes described in this Policy. These data transfers are necessary to provide the services worldwide. We use standard contractual clauses approved by the European Commission and we rely on the European Commission’s adequacy decisions concerning certain countries, where appropriate, for data transfers from the European Economic Area to the United States and other countries. If you have any questions in this regard, do not hesitate to contact us at the following address: dpo@promethera.com.

11. Direct marketing

11.1 The personal data will not be used for direct marketing purposes for articles or services other than those to which the Data Subject has already subscribed, unless the Data Subject has previously explicitly consented to such use by ticking the boxes provided for this purpose (“opt-in”). 

11.2 When the Data Subject has given his consent to the use of this information for direct marketing purposes, the latter retains the right to object to such use at any time, upon request and free of charge. The Data Subject may simply communicate his request by writing to the following address: dpo@promethera.com.

12. Note concerning minors

Persons under the age of 18 and persons who do not have full legal capacity are not permitted to use the Website. PROMETHERA asks them not to provide their personal data. Any infringement found in this provision must be reported without delay to the following address: dpo@promethera.com.

13. Updates and changes to the policy

By informing Data Subjects through the Website or email, PROMETHERA may modify and adapt the Policy, in particular to comply with any new legislation and/or regulations applicable (such as the General Data Protection Regulation applicable from 25 May 2018), the recommendations of the Belgian Privacy Commission, the guidelines, recommendations and best practices of the European Data Protection Board and the decisions of the courts and tribunals on this issue.

14. Validity of the contractual clauses

14.1 Failure by PROMETHERA to invoke – at any given time – a provision of this Policy, may not be interpreted as a waiver to subsequently make use of its rights under the said provision.

14.2 The invalidity, expiration or the unenforceable nature of all or part of one of the above or below mentioned provisions shall not give rise to the invalidity of all the Policy. Any fully or partially invalid, lapsed or unenforceable provision shall be deemed not to have been written. PROMETHERA undertakes to substitute this provision with another which, to the extent possible, fulfils the same objective.

15. Applicable law and competent court

15.1 The validity, interpretation and/or implementation of the Policy are subject to Belgian law, to the extent permitted by the provisions of applicable private international law.

15.2 In the event of a dispute relating to the validity, interpretation or implementation of the Policy, the courts and tribunals of Brussels have exclusive jurisdiction, to the extent permitted by the provisions of applicable private international law.

15.3 Before taking any step towards the judicial resolution of a dispute, the Data Subject and PROMETHERA undertake to attempt to resolve it amicably. To this end, they shall first contact each other before resorting, where appropriate, to mediation, arbitration, or any other alternative method of dispute resolution.