Privacy Policy
Introduction
At Amyl Therapeutics SRL (hereinafter « Amyl »)[1], we attach great importance to the protection of your personal data when you use our website: https://www.amyltx.com/.
This privacy policy describes how we collect, use, store and protect your personal data in accordance with applicable laws and regulations[2].
Which personal data do we collect and use?
Amyl ensures that your personal data is processed in accordance with applicable legislation, in an appropriate manner and limited to what is necessary for the intended purpose.
When you use our contact form, we collect the following data :
- Name and firstname
- Email address
- Phone number
- Name of your company (if applicable)
- Open message
This information is required to respond to your request and to contact you.
Why do we process your personal data?
This section aims to inform you about the purposes and legal basis for the collection and processing of your data. In accordance with the GDPR, personal data is collected for specific purposes and must be based on one of the legal bases set out in Article 6 of the GDPR.
If Amyl wishes to use this data for another purpose, you will be informed in advance.
Your data is collected and processed for the following purposes:
- Responding to your requests and providing you with the information you have requested.
- Communicating with you for commercial or customer support purposes, if necessary.
- Ensuring the management and security of the website.
Personal data may also be collected in order to comply with a court order, to respond to a request from the public authorities, to protect the interests of Amyl, as well as those of its partners, protect its services, its privacy policy and any applicable text, formulate any possible recourse or limit any prejudice that Amyl may suffer.
How long do we keep your personal data?
We keep your data for as long as is necessary to respond to your request and ensure follow up, but no longer than 12 months after your last contact, unless otherwise required by law.
How do we secure your personal data?
Appropriate technical and organizational measures have been put in place to guarantee a level of security appropriate to the risks, including among others, as required:
- Means to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- Means to restore the availability of and access to personal data within appropriate timeframes in the event of a physical or technical incident.
- An internal policy concerning the processing of personal data.
- Limited retention periods.
- Access to the information system limited to authorized personnel empowered to protect personal data.
Details of these security measures are available on request.
What are your rights?
Depending on the type of processing carried out on your personal data, you may have several of the following rights:
Right to information
You have the right to be informed about the personal data collected about you. This information is provided in particular through this policy. However, your request for further information may be refused in certain specific cases.
Right of access
You have the right to ask us about the personal data we hold about you. We can provide you with a copy free of charge, but this does not apply to all documents (in the case of an unfounded or manifestly excessive request, for example). We must also respect the rights and freedoms of others, which cannot be infringed.
Right of rectification
If you believe that your personal data is not accurate or up to date, you have the right to ask us to correct it. We will inform you as soon as this is done.
Right of opposition
You have the right to ask us to stop collecting, using and processing your personal data.
We will no longer process this data, unless we have compelling legitimate grounds that override your interests and rights, or if this is necessary to establish, exercise or defend legal claims.
Right to restrict processing
You have the right to ask us to restrict the processing of your personal data.
This right applies in specific cases, for example when we verify the accuracy of your personal data or when your data is no longer necessary for processing but is required for the establishment, exercise or defense of your legal rights.
Right to erasure
You have the right to ask us to delete your personal data. However, if we are legally obliged to retain some of this data, we will not be able to respond favorably to this request (in which case we will give reasons for our refusal).
Right to withdraw your consent
Where the processing of your personal data is based on your consent, you may withdraw this consent at any time.
Right to portability
If your personal data is processed with your consent or in the context of a contract, you have the right to receive it in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another data controller.
How to exercise your rights?
If you have a complaint, question or problem regarding the use of your personal data, contact our GDPR referent at s.maniscalchi@amyltx.com.
If she is unable to help you adequately, you can always contact the competent authority in case of questions or complaints: Data Protection Authority, Rue de la presse 35, 1 000 Brussels, Belgium, +32 (0)2 274 48 35, contact@apd-gba.be.
If you contact us to exercise your rights, we will reply within one month. Exceptionally, this period may be extended up to three months, with an explanation provided within the first month. The possibility of exercising your rights depends on the processing and the legal basis.
Please indicate clearly the right you wish to exercise and how you wish to receive information (by e-mail, by post). Please note that additional information may be required to confirm your identity and ensure that we are helping the right person.
[1] Whose head office is located Boulevard de Patience et Beaujonc 3/12, 4000 Liège, with the following company number: 0758.775.372.
[2] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR”) and Law of 30 July 2018 on the protection of individuals with regard to the processing of personal data.