Purpose of the Privacy Policy:

This policy will explain how and why aPureBase collects data on their online domains. It will explain how personal data is collected, stored and handled as well as explain how the use of cookies is implemented.

Shortly about aPureBase:

aPureBase is a single source global pharma data provider. We work with a big network of data partners to deliver contact information on healthcare professionals to pharmaceutical companies.

Contact information:

Emdrupvej 28A
2100 Copenhagen Ø
Denmark
legal@apurebase.com
+45 31 33 33 91

Purpose of collecting data on our website:

We collect data on our site to improve the overall experience, provide more accurate content and to do marketing analysis, as well as create a line of communication (with permission where needed, such as e-mail newsletters).

Data is collected in two ways:

• – Data given by you
• – Cookies

All personal data collected through our website(s) is data given freely by you, for example by:

• Submitting a request through a form
• – Leaving a comment where possible
• – You participating in competitions or surveys
• – You signing up for our newsletter
• – You accepting more than necessary cookies

You can read more about how exactly aPureBase handles personal information securely according to GDPR here: https://apurebase.com/data-policy/

Cookies:

We track cookies to improve your site experience and for marketing analytics. You can read our Cookie policy and adjust your settings on this page.

How long:

Personal data which we would store in our CRM system is kept no longer than 10 years, unless updated, used or validated.

Who has access to the data?

In some instances, aPureBase uses third-party providers for collecting or analyzing data. These sub-suppliers could be located worldwide, but if based outside of EU/EEA they will abide by the EU Model Contractual Clauses to ensure your data protection. No matter what, your data is safe with us – because we care for data!

Rights of Data Subjects

The Data Subjects have rights as described in the following.

• – Access to registered information about themselves
• – Data rectification
• – Objection to and restriction of Processing
• – Objection to automated decision-making and profiling
• – Data portability
• – Data erasure

Data Subject Requests (SAR)

Any data requests can be sent to legal@apurebase.com
Registered persons in the databases are entitled to obtain, based upon a request made in writing and upon successful verification of their identity, the following information about their own personal data:

• – the purposes of the collection, processing, use and storage of their personal data
• – the source(s) of the personal data, if it was not obtained from the data subject
• – the categories of personal data stored for the data subject
• – the recipients or categories of recipients to whom the personal data has been or may be transmitted, along with the location of those recipients
• – the envisaged period of storage for the personal data or the rationale for determining the storage period
• – the use of any automated decision-making, including profiling

Data Protection Principles

aPureBase collects Personal Data in a transparent way and only with the full knowledge of interested parties. Once the information is available, aPureBase assures confidentiality and that the data will be:

• – processed fairly and lawfully in accordance with individuals’ rights
• – adequate, relevant and not excessive given the specified and lawful purpose for which it was obtained
• – accurate and kept up to date
• – not kept any longer than necessary
• – kept safe from unauthorised or unlawful access or processing, and protected against accidental loss, destruction or damage, and not transferred to a country outside the European Economic Area unless that country
• – has equivalent levels of protection for personal data unless the receiving party abide the EU Model Contractual Clauses.

aPureBase processes Personal Data in compliance with all data protection principles.

Commitments

To exercise data protection aPureBase assures to:

• – restrict and monitor access to data
• – have in place transparent data processing procedures
• – at any time consider the risks regarding implementation of new procedures and systems
• – exercise data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorisation etc.)
• – have in place clear procedures for reporting privacy breaches or data misuse
• – ensure secure networks to protect online data from cyberattacks.

aPureBase’s Data Protection Policy can be seen on: https://apurebase.com/data-policy/

Documentation

aPureBase actively and positively considers the risks of any data processing undertaken and has technical and organisational controls in place to provide documentation of the processing carried out to prove compliance with all applicable Data Protection laws and regulations.

Data Security

aPureBase has adopted internal instructions on information security in order to protect personal data against being destroyed, lost or modified, from unauthorised disclosure, and against unauthorized access to or knowledge of them. Procedures are established for granting access rights for those of our employees who handle personal data. To avoid data loss, continuous data backup will be conducted.