Privacy Policy

Dear User(s), At Laboratories Mayoly Spindler we are fully aware of the importance of privacy and particularly concerned about the protection of your personal data.

That is why we have taken all necessary measures to comply with all the provisions relating to the protection of personal data.

This policy is intended to inform you about how Laboratories Mayoly Spindler (hereinafter collectively referred to as “MAYOLY”, "Mayoly Spindler", "we", "us", "our"), as data controller, undertake to collect, process and protect your personal data in accordance with the Data Protection Act of 6 January 1978 as amended, the European General Regulation on Data Protection (EU GDPR 679/2016) and, more generally, all applicable legal and regulatory provisions

Purpose of this Policy

Respecting to the live streaming webinars conducted on the MAYOLY website(www.mayolylive.com), Mayoly Spindler, is deemed as data controller for the personal data that will be provided to us; and for this reason, this present Policy is given to you, with the purpose to inform you how your personal data will be assembled, used, stored and, treated in general. Mayoly Spindler does also contract an external provider based in EU for the communication and the management of the current Website platform. This provider is the data processor and strictly acts on behalf the instruction of Mayoly Spindler for the services execution of this data processing.

Protecting the privacy of your personal data is very important to us, thus we have taken all appropriate measures in order to safeguard the security and confidentiality of the information related to visitors and/or users of our website.

We kindly ask you to read the present Policy carefully, so as to be properly informed of your data privacy rights, as well as the personal data collected and processed throughout your visit across our website and use of our corresponding internet services.
‍
The personal data that will be treated by MAYOLY, that is, obtained, used, transferred, or stored are as follows:

Common data (Public at large, Actor in the Health Sector)

IDENTIFICATION PERSONAL DATA

• Surname, name, country, postcode, language

CONTACT PERSONAL DATA

• Electronic mail address, phone number (particular and/or professional), your preferred contact

THE FOLLOWING UP OF DATA NAVIGATION

• Information about your visits to our websites

• including the type of browser and operating system used, access times, pages viewed, URLs clicked

• your IP address and the page you viewed before browsing our websites.

• your answers to all the surveys in which you participate

Actor in the Health Sector

PROFESSIONNAL DATA/Your Activity DATA

• your professional background, your position, the institution where you practice, your specialty, your Practicing License Number (e.g., RPPS, INAMI, NHS…)

• if an email we have sent you has been opened or if you have accepted an invitation to a webinar

• Your responses to any questionnaire you may participate in, including responses to disease or practice surveys (such as estimating the number of patients with certain conditions)

• The content of your message entered on the board dedicated to /chat available on the website

This information will be provided directly to you and sensitive personal data will not be required. You will not be obliged to provide this information in order to participate in events, but only that which is indispensable for your participation; however, you are responsible for the veracity of all information provided. In case of false declaration, laboratories Mayoly Spindler reserves the right to take anyappropriate sanctions against user as described in our Terms and Conditions.

Sources of collection of personal data

We may collect your personal data in different ways:

• Data that you communicate to us through different media.
• Data that you communicate to us when registering on of our digital platform, or participating in one of our events, when you are in contact with our medical representative.
• Data that we collect automatically (via our website for example).
• Data that we collect from public sources in accordance with applicable legislation.
• Data that we lawfully collect from third parties with whom we interact.

Purposes of processing

The personal data that you are providing to us will be treated, only, with the following purposes:

To provide our services, which include:

- Sending you an email invitation to the webinar, creating an account for you to provide access to the webinar(s), forwarding you any documentation (newsletter, calendar events, updates, press release etc.…) associated to the webinar.
‍

- Giving you access to any replays or recorded seminars, and results regarding questionnaires, surveys, or quizzes you participated to, if any.

To contact and interact with you, which include:

- Responding to your questions and requests for services, and to solicit your comments.

- Sending important notices, such as changes to our terms of use, internal policies.

To assess our daily operations, which include:

- For internal purposes such as auditing, data analysis, etc. in the view of assessing the number of participants, the time spent on the website, the number of times the website is consulted.
‍

- Monitoring and analysis of trends, usage and activity related to our services to understand which parts of our digital platforms and services are of most interest and to improve the design and content of our platforms; and
‍

- To ensure that we have up-to-date information on our platform.

To be compliant with regulations, law, guidelines, codes and industry/occupational rules and regulations applicable in pharmaceutical industry, which include:

- your data might be transferred in the framework of French Anti-Gift Act and Transparency of interest links for healthcare professional practicing in France and governed by article L1453-4 of French civil code or for any equivalent extraterritorial regulation, if any.
‍

- Investigate and take appropriate action against users who violate our rules or engage in behavior that is illegal or harmful to others or to the property of others.
‍

On which legal grounds are we processing your Data

For legitimate purpose

We process your personal data to help us to improve our services and to minimize any disruption to the services we can offer you. It also enables us to make our communications with you more personalized, and to make your experience of our services effective and efficient.
‍

For legal purposes

Mayoly Spindler is committed to ethical and professional practices and collects your data to ensure that the services offered do not cause difficulties for practitioners and patients or not encourage unfair, dishonest, and corrupt practices. When Mayoly act in this way, you can be assured that we take all measures to protect your data.
‍

Your Consent

Mayoly Spindler takes great care to always seek your consent when required. Therefore, we only use your data especially profiling, canvassing or other purposes in accordance with recognized practices in this area.
‍

Data Transferences

Transferences of your data to a third party are not performed, unless in cases expressly anticipated in this clause. MAYOLY could have the obligation to transfer your personal data to Last Update: November 2023third parties, national or foreign, without your previous consent when: (i) such transference is duly anticipated in the law (as is the case of adverse reactions, which we send to corresponding authorities); (ii) when the transference is necessary for the prevention or medical diagnosis, the provision of sanitary assistance, medical treatment or the management of sanitary services. MAYOLY could send personal data to other companies affiliated or subsidiary of MAYOLY or our service providers for these webinars). Those third parties will only access the information absolutely necessary for the execution of their duties and only under explicit contractual terms for the protection of your privacy and your personal data.

Personal data will not be stored outside the EU.

Measures adopted for protection of personal data

MAYOLY should notify you that it develops a treatment of the personal data that you provide, according to the principles disposed by the applicable normative. MAYOLY has adopted and maintains the safety, administrative, technical, and physical measures necessary to protect your personal data against damages, loss, alteration, destruction, or the unauthorized use, access, or treatment. MAYOLY looks to maintain correctly guarded the safety measures adopted for your personal data.

Your rights

You may exercise the following data subject rights, to the extent applicable:
‍

• Right of access, so as to be informed of the personal data we process, the purpose of processing and the recipient of data.
• Right to rectification, for the correction of any inaccurate information about you.
• Right to erasure (right to be forgotten), so as to ensure the erasure of your personal data from our files, so long as its processing is no longer necessary or obligatory for the compliance with a legal obligation of the Company or the defense of a lawful interest before the Court.
• Right to restriction of processing, in case the accuracy of your personal data is disputed.
• Right to data portability, so as to receive your personal data in a structured, commonly used and machine-readable format.
• Right to object, if you no longer wish your personal data to be processed for direct marketing purposes. Please note that your personal data is not subject to profiling by CLIENT.

To exercise those rights, please contact our Data Protection Officer at:
- By email: rgpd@mayoly.com
- By post: Mayoly Spindler (To the attention of the Data Protection Officer) - 6 avenue de l’Europe – 78400 Chatou, France
‍

MAYOLY will make all reasonable efforts to address your request within a period of one (1) month from receipt of the request. However, if it is impossible to meet this deadline due to the complexity of your request or the number of simultaneous requests, we will timely inform you within same deadline for the reasons of the delay and will make all reasonable efforts to address your request without undue delay and, in any case, within a period of two (2) more months.

MAYOLY reserves the right not to satisfy your request, if manifestly unfounded or excessive, and will notify you accordingly. Nevertheless, you have the right to lodge a complaint to the Data Protection Authority Last Update: November 2023of your country (https://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm) pursuant to the provisions of article 77 GDPR.

Revocation of consent

You could revoke at any moment the consent granted to MAYOLY for the treatment of your personal data. To revoke your consent, you should send your request to the Data Protection Officer mentioned in the previous section.

The use of cookies, web beacons and other technologies

Our website utilizes "Cookies". A cookie is a small file of letters and numbers that is downloaded on to your computer when you visit a website. These data files allow the exchange of information between our website and the navigator you utilize. Cookies can do several things, e.g., remembering your preferences, count the number of people looking at a website, etc. On this website only cookies necessary for the required administrative functioning of the site are used.

By virtue of their operation, cookies fall under the following categories:

“Technically necessary cookies”

Technically necessary cookies are used to store information or access information stored in your device, in order to transmit a network communication or provide an information society service requested by the user/subscriber. We also use technically necessary cookies to enable your connection and save your website preferences (e.g. such as security, network management, and accessibility, and measuring audience). Those technical cookies are only used by MAYOLY and Services providers only and will be maintained for a duration provide above in table details.
By virtue of their operation, cookies fall under the following categories:

According to the legal framework, consent of users is not required for the placement of technical cookies since the provision of our website services would not be feasible without technical cookies.

Please see below the details of technically necessary cookies which are in use:

“Third-party Cookies”

Τhird-party cookies collect anonymous, aggregated statistical data regarding the way you use your website, such as the pages visited more often, the page from which you visited the Website, the type of browser in use etc. These aggregated data cannot identify users.

We use third party cookies for the sole purpose of analyzing the Website’s traffic and to improve its performance. When you first visit the Website, your consent is required for the use of thirdparty cookies, by virtue of the provisions of applicable laws. Your cookie settings are available anytime and you may freely amend and/or revoke your consent to the use of third-party cookies, whereas the cookie notice pops-up at every visit.

Please see below details on the third-party cookies which are in use:

Control cookies through your browser

Users may change their browser settings in relation to the acceptance of cookies. Depending on your browser, you may choose either to automatically accept all cookies default setting, to receive a notice or to block the use of all cookies.

Instructions for each browser are available at the following links:

- Internet explorer
- Microsoft Edge
- Mozilla Firefox
- Google Chrome
- Safari
- Opera

Information Security

MAYOLY is committed to safeguard the security of your personal data. To achieve this, we have adopted all appropriate technical and organizational measures, the adequacy of which we regularly audit, such as: SSL Protocol: The SSL (Secure Sockets Layer) Protocol used by our website, is the current world standard for the certification of website users and the encryption of data between website users and web servers. An encrypted SSL communication protects personal data by requiring all information transferred between a customer and a server to be encrypted from the sender’s software and to be decrypted by the receiver’s software. In addition, all information sent through an SSL protocol is protected through a mechanism which automatically detects if the transferred data has been altered.

Nevertheless, visitors/users must be aware that no system used for security or transmission or transfer of data through the Web is 100% secure, whereas CLIENT cannot guarantee the security of means used from users for the transfer of information to the Website’s servers.

Modification of this Policy

Any modification in this Policy will be opportunely informed to you and before the establishment of any change in the treatment of your data, being it telephonically, by e-mail or by means of updating of this present Policy in our webpage.

Consent for the treatment of your Personal Data

When providing your personal data after readingthis present Policy, you are granting your consent for the treatment of the personal data that you’ll provide to MAYOLY, uniquely for the purposes and under the terms anticipated in this Policy. In case of disagreement with the provision of some of the data we are requesting from you, or some of the uses we will make of them, you should, before to providing the data, express your non-acceptance. You have the right to provide only the data you consider necessary for the listed objectives.

Retention of data collection

Your personal data is retained only for 5 years to to fulfil the above-mentioned purposes, unless its retention is necessary so as to comply with a legal obligation or to exercise, ground and defend our lawful rights and interests before the Court or any other Regulatory Authority. If the MAYOLY website ceases to exist your data will be destroyed.