Privacy Policy for Diamyd Medical AB (publ)

General

Diamyd Medical AB (publ), Reg. No. 556242-3797, Kungsgatan 29, 111 56, Sweden (“Diamyd Medical”, or “we”), takes all necessary measures to make sure that personal data concerning patients participating in clinical trials, external partners, visitors of our website and other persons whose personal data may be subject to processing by Diamyd Medical is being processed by us in a lawfully, fairly and transparent manner.

We respect your right to privacy, and we are committed to comply with applicable data protection rules and to safeguard your rights. We want to make sure that you are aware of what types of information we collect or obtain from you via the website or during your communication or interaction with us, how this information is used and how we work to protect it.

 

This Privacy Policy describes, amongst other things, which information we collect about you, how your personal data is processed and for what purposes we collect and use the personal data. This Privacy Policy also describes your rights and how you can contact us about the use of your personal data.

Diamyd Medical AB is the data controller responsible for processing your personal data in accordance with applicable data protection legislation.

 

Types of data we process

Personal data means all types of information which can, directly or indirectly, be used to identify a living physical person (“Personal Data”).
Diamyd Medical collects and processes Personal Data in the form of your e-mail address when you sign up for our press releases and/or financial reports.

Diamyd Medical further collects information that is necessary for us to be able to contact you in your role as a representative for a company. Diamyd Medical collects and processes information about you if you represent a company that is a customer, supplier, contractor or otherwise partner of ours, as well as a potential customer, supplier, contractor or otherwise partner of ours. The information that we collect and process in such cases include contact information (such as name, address, work title, what company you work for, email address and telephone number).

Diamyd Medical also collects Personal Data in connection with recruiting personnel. When you contact us to apply for a job opportunity with us, we collect such Personal Data that you provide us with in connection with such application. Personal Data normally included in a job application is contact information (name, address, email address and telephone number), CV (including previous work experience and education), and occasionally picture and personal registration number.

Diamyd Medical collects and processes Personal Data about you when you choose to participate in a clinical trial conducted by Diamyd Medical. Personal Data that Diamyd Medical collects and processes in such cases include name, age, sex and health information.

 

Why we process your data

Diamyd Medical collects and process Personal Data relating to you for the following reasons:
  • to send press releases and financial reports that you have requested and to respond to communications you have sent us;
  • to contact you as a representative for a customer, supplier, contractor or otherwise partner of ours;
  • to market ourselves and our services and invite you to events we believe might be of interest to you or the company that you represent (provided however, that you will always have the right to opt-out of any marketing messages from us);
  • to develop and improve our services;
  • to process job applications;
  • to conduct clinical trials (only with your prior consent); and
  • to fulfil requirements by law.

 

Legal grounds for processing your data

Diamyd Medical’s processing of your Personal Data is based on the legal grounds as follows.

Legitimate interests

The legitimate interest of Diamyd Medical also constitute the legal basis for processing in situations where you provide us with your contact information or otherwise has expressed an interest in our products or services. The legitimate interests of Diamyd Medical in such cases are for Diamyd Medical to be able to market its products and services. Furthermore, the legitimate interest of Diamyd Medical is the legal basis for when Diamyd Medical is processing your Personal Data when you are a representative for a customer, supplier, contractor or otherwise partner of ours. The legitimate interests of Diamyd Medical in such cases are Diamyd Medical’s need to contact you as a representative to administer the relationship Diamyd Medical has with the company that you represent. Furthermore, the legitimate interest of Diamyd Medical is the legal basis for Diamyd Medical’s processing of your Personal Data in connection with your job application, in which cases the legitimate interests of Diamyd Medical are to be able to secure that its employees has sufficient education and experience.

Consent
Diamyd Medical’s processing of your Personal Data is based on your consent where you have chosen to participate in a clinical trial. You can at any time withdraw your consent to such processing by contacting us. You will find contact details at the end of this policy document.

Legal obligation
Diamyd Medical may process your Personal Data for the purpose of complying with safety standards and other statutory requirements, based on the legal ground that this is necessary for compliance with a legal obligation to which Diamyd Medical is subject.

 

How long we store your personal data

Your Personal Data is stored only for as long as there is a need to keep the data in order to fulfil the purposes for which the data was collected in accordance with this Privacy Policy.

The Personal Data will be deleted if the purpose of collection and use of Personal Data has been achieved, or if you withdraw your consent (if applicable) to the processing of Personal Data by contacting us (for contact information, please see below).

 

How the data may be shared

Diamyd Medical will not sell, trade or lease your Personal Data to third parties. However, Diamyd Medical may share Personal Data with our trusted subcontractors and co-operation partners in order to provide you with our services. They may need access to your Personal Data in their assignment for us, but they will not be allowed to use the Personal Data for any other purpose.

Unless otherwise set forth below or in any specific information regarding our processing of your Personal Data, Diamyd Medical will not transfer your Personal Data to any country outside the EU/EEA. Personal Data that Diamyd Medical collect may be transferred to Internet service providers based outside of EU/EEA as a part of such Internet service provider’s provision of services to Diamyd Medical. Personal Data may also be transferred to USA through Diamyd Medical’s choice of e-mail solution and web site traffic analysis services. Diamyd Medical has ensured that your rights are guaranteed before making such transfer to USA by Microsoft’s and Google’s adherence to EU-US Privacy Shield. More information is available at www.privacyshield.gov.

Personal Data may be disclosed by Diamyd Medical to comply with legal requirements or other requirements from official authorities, in order to safeguard Diamyd Medical’s legal interests or to detect, prevent, or draw attention to frauds or other safety or technical problems. 

 

Protection of your personal data

Diamyd Medical has taken technical measures to ensure that the data is protected against destruction through accident, against any modification, unauthorized circulation of or unauthorized access to the data, as well as any other kind of unauthorized processing of the data.

 

Cookie information

Our website uses cookies. You can find out more about cookies, how we use them and how to control them on our Cookie Policy page.

 

Your rights

Corrections and additions
You are always entitled to access your Personal Data for viewing, and to request that we correct or update your Personal Data.

 

Restriction of use and data portability Under certain circumstances (expressed in applicable data protection legislation), you may request that Diamyd Medical restricts the use of your Personal Data or delete your Personal Data. If you have provided us with Personal Data, you also have the right to have your Personal Data resubmitted to you, in a structured and accessible format, for transfer to another user/processor. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

 

Changes to this privacy policy

Diamyd Medical may, at any time, make amendments to this Privacy Policy. Diamyd Medical will publish the amended version on this page.

 

How to contact us

If you wish to exercise any of the abovementioned rights or if you have any questions regarding Personal Data held by us or this Privacy Policy, you may contact us by e-mail at privacy@diamyd.com or by postal mail to Diamyd Medical AB, Kungsgatan 29, SE-111 56 Stockholm.

 

Last updated on May 25, 2018