Privacy policy

This Privacy Policy specifies the rules for collecting, processing and using data (including personal data) obtained from the website www.celonpharma.com by Celon Pharma S.A., which is the Data Controller, and data obtained by Reception Desk employees during telephone calls to Celon Pharma S.A. to the number: (22) 751 59 33.

This document also refers to data sent to the email addresses: [email protected] and [email protected], dedicated to investors and media representatives, respectively. The data sent to the above-mentioned addresses and processed by Celon Pharma S.A. are processed exclusively for the purposes of communications and providing information on the Company’s business activity.

Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: the “GDPR”), we kindly inform you that:

  1. The data controller of your personal data is Celon Pharma S.A. (hereinafter: the “Company”) with its registered office in Kiełpin, ul. Ogrodowa 2 A, 05-092 Łomianki, entered into the register of business entities under no. 0000437778, by the District Court for the Capital City of Warsaw in Warsaw, 14th Commercial Division of the National Court Register, NIP 118-16-42-061, the share capital of PLN
    5 100 000 PLN fully paid up (the “Controller”);
  2. It is possible to contact the Data Controller in writing, at the address indicated above, or electronically at the email address: [email protected].

The definitions used in this Privacy Policy have the following meaning:

a) the Website – the website at the address: www.celonpharma.com;

b) the Website Owner – Celon Pharma S.A. with its registered office in Kiełpin, ul. Ogrodowa 2 A, 05-092 Łomianki;

c) a User – any person visiting the website www.celonpharma.com.

  1. In connection with the processing of personal data, Users have the following rights:

Right of access by the data subject (Article 15 of the GDPR)

At all times Users have the right to obtain the confirmation of the processing of their personal data. In such cases, Users have the right to:

  • obtain access to their personal data;
  • obtain information on the purposes of the processing; the categories of processed personal data; the recipients or categories of recipients of personal data; the envisaged period for which the personal data will be stored or the criteria used to determine that period; the rights which Users have under the GDPR; the right to lodge a complaint with the relevant supervisory authority; and the sources of data;
  • obtain copies of their personal data;

2. Right to data rectification (Article 16 of the GDPR) and their erasure (Article 17 of the GDPR – Right to be forgotten)

Users have the right to request the erasure of all or some of their personal data. Users are entitled to request the erasure of personal data, in particular where the personal data are no longer necessary in relation to the purposes for which they were collected or processed, or an objection has been made to their processing, or  consent has been withdrawn based on which they were processed, or they have been unlawfully processed.

3. Right to restriction of data processing (Article 18 of the GDPR)

In connection with the processing of personal data, Users have the right to restrict the processing if:

  • a User contests the accuracy of personal data;
  • the processing of the data is unlawful and a User opposes the erasure of the data and requests the restriction of their use instead;
  • the Company no longer needs the personal data for its purposes, but the data are required by the User for the establishment, exercise or defense of legal claims;
  • the data processing has been objected to - we will restrict the processing of data until it is verified whether the legitimate grounds of the controller override the grounds for the objection.

4. Right to data portability (Article 20 of the GDPR)

A User has the right to receive the personal data which the User has provided to us and to transmit those data to another data controller of the User’s choice. The right to transmit applies when we process personal data based on a consent or a prerequisite for the performance of the contract and the processing is carried out by automated means, i.e., in IT systems. A User may also request the Company to transmit the personal data directly to another controller. The Company stipulates that in such case the request will be fulfilled only where it is technically feasible.

5. Right to object (Article 21 of the GDPR)

Users have the right to object to the use of personal data where the data is processed on the basis of a legitimate interest (Article 6(1)(f) of the GDPR).

6. Right to withdraw consent (Article 7 of the GDPR)

A User has the right to withdraw his or her consent which was given when using the Website as well as during the use of other services provided by the Company.
Please send statements on the exercise of the above rights to the following email address: [email protected].

7. Right to lodge a complaint with a supervisory authority (Article 77 of the GDPR)

In connection with the processing of personal data, a User may file a complaint with the President of the Personal Data Protection Office.

In matters not covered by this Privacy Policy, applicable law will apply accordingly.

The Data Controller reserves the right to change this Privacy Policy by publishing a new version on the Website.

Period of storing personal data

Users’ personal data are stored only for a period necessary to fulfill the purposes of the processing. When processing data, the Company takes into account the special nature of the data and their scope.

IP address and cookies

By running the website www.celonpharma.com, the Company collects data using cookie technology so that we can store information about the preferred settings of Users’ computers (or other devices) and users’ preferences for the next visit to our website. Users’ personal data are processed in the form of cookie files based on Art. 6(1)(a) of the GDPR (consent expressed through a web browser).