Nykode Therapeutics AS recognizes the importance of processing data about you as an individual, such as your name, address or e-mail address (“Personal Data”).
This Privacy Statement sets out how we may use, process and store Personal Data.
This Privacy Statement explains how Nykode Therapeutics ASA, Gaustadalléen 21, 0349 Oslo, Norway (“we”, “us”, “our”) process personal data about you.
If you visit our webpage, communicate with us, makes agreements with us or in relation to recruitment. This Privacy Statement will also apply to information gathered from you when visiting our facilities.
1. Why we process personal data, and what we collect
We process personal data for different reasons, depending on who you are and how the personal data is collected. We process personal data for the following reasons:
- In order to provide information about our products and services, including sending newsletters, we use email addresses. Use of your email address is based on your consent, cf. Article 6 (1) (a) of the GDPR.
We do not use automated decisions that have a legal effect or similarly significantly affect you.
- In order to answer any inquiries from you, we process your name, phone number, email address, title and any other personal information included in your inquiry, Article 6 (1) (f) of the GDPR, where the need for processing your personal data overrides your interests and fundamental rights.
- If we enter into an agreement with you (selling, purchasing etc.), we process your business contact details and information regarding the agreement in order to fulfil the agreement between the parties, cf. Article 6 (1) (b) of the GDPR.
- If you visit our facilities, we process your business contact details to identify you and to inform you about applicable visitor rules, where our legitimate interest in correctly identifying you and providing you with visitor instructions overrides your interest in the information not being processed, cf. Article 6 (1) (f) of the GDPR.
- For recruiting purposes, we collect and store your CV, application, certificates and references, where the necessity in processing the personal data overrides your interest in the personal data not being processed, cf. Article 6 (1) (f) of the GDPR. Where the personal data contains special categories of personal data, we will process the personal data in connection with establishing potential legal claims, cf. Article 9 (2) (f) of the GDPR.
- We have implemented security solutions on our website, in our contractual processes and at our premises. On our website we process your business contact details, cookies chosen and user behavior. In our contractual processes we use your business contact details and other documentation as legally required. At our premises images of you are captured by video surveillance in marked areas. The processing of your personal data in the security solutions is for the purpose of ensuring anti-corruption, anti-fraud, anti-bribery, technical and physical security which overrides your interest in the information not being processed, cf. Article 6 (1) (f) of the GDPR.
- Finally, we also make analyses in order to optimize our products, marketing, website, sales and to know more about our customers’ preferences in relation to our products and maintaining a CRM database. We do this by making analyses of our datasets with information about website use, customer preferences, purchase history, sales and by sending questionnaires where our legitimate interest in processing the personal data overrides your interest in the data not being processed, cf. Article 6 (1) (f) of the GDPR.
2. Sharing of Personal Data with third parties
We do not share personal data with third parties unless you have consented to allow us to do so, or for legal reasons. We may use third party data processors to collect, store or in other ways process personal data on our behalf. We have entered into data processing agreements with all data processors we work with to ensure privacy compliance.
We do not transfer personal data to countries outside the EU/EEA unless we have implemented adequate contractual safeguards to protect your information. You can always request a copy of applicable transfer agreements, which includes the transfer of personal data, by contacting us.
3. Storing of personal data
We will keep your personal data for as long as is needed to fulfill our purposes of processing described above, unless we are required under applicable law to keep your personal data for a longer period or if it is necessary for us to retain the information for handling and defending a claim or a dispute.
4. Your rights
In connection with our processing of your personal data, you have the following right to ask us:
- for information about or access to your personal data. There are some exemptions, which means you may not always receive all the information we process;
- to stop using your personal data by objecting. However, it only applies in certain circumstances, and we may not need to stop the processing of your personal data if we can give legitimate reasons to continue using your personal data;
- to erase your personal information in certain circumstances;
- for a copy of your personal data in a structured, commonly used and machine-readable format. If technically feasible, you may request that the personal data is transmitted directly to another company or person acting as a data controller;
- to rectify he personal data you think is inaccurate. You also have the right to ask us to complete the personal data you think is incomplete;
- to restrict the processing of your information in certain circumstances.; and
- withdraw your consent. However, this will not affect our right to process personal data obtained prior to the withdrawal of your consent, or our right to continue parts of the processing based on other legal bases than your consent.
To exercise your rights, please contact us at email@example.com. We will respond to your inquiry as soon as possible, and at the latest within 30 days.
If you wish to exercise your rights, we will require that you confirm your identity by providing additional information. We do this to ensure that third parties are not given access to personal data.
If you believe that our collection, storage and use of Personal Data does not comply with our Privacy Statement or does not comply with privacy law, you may contact us or complain to the local data protection authority.
6. Changes to our Privacy Statement
Nykode Therapeutics ASA may change this notice from time to time in the future. Any such changes will be posted here and, where appropriate, notified to you in writing. We advise you to check back frequently to see any updates or changes.