PRIVACY POLICY
OVERVIEW
Regenica Biosciences, Inc., and its subsidiaries (“Regenica”, “Company”, or “we”) is a biopharmaceutical company specializing in identifying, developing, and delivering therapies as treatments or as pre-exposure defense measures. We process personal data in different contexts and we do so by fully respecting your privacy and your other rights and freedoms, as part of our unwavering commitment to ethical and responsible practices. We process personal data collected through our websites; we gather personal data for marketing and educational purposes; we process personal data for conducting clinical trials and we process the personal data of our employees. We recognize that innovation and new technology drive continual change in risk, expectations, and laws, so we follow privacy accountability standards and aim to promptly adapt how we apply those standards in response to those changes.
This Privacy Policy generally sets forth Regenica’s practices regarding the collection, use and disclosure of personal data and/or information that you may provide Regenica. By using Regenica sites, and other methods, whenever you submit personal data and/or information to Regenica, you acknowledge and agree with the terms of this Privacy Policy. Please read this entire Privacy Policy before using Regenica sites and/or submitting personal data and/or information to Regenica.
Regenica also has specific policies for how we process personal data from our website (cookies), for clinical trials and personal data for our employees.
In principle: Regenica collects, uses and stores the minimum amount of personal data that you voluntarily submit to Regenica that is necessary for one or more legitimate business purposes and to comply with legal obligations. Regenica limits who has access to the personal data in our possession to only those who need it for a legitimate business purpose or if required by law. Regenica protects personal data through physical and technical security measures tailored to the sensitivity of the personal data we hold. Regenica communicates with our employees, customers, suppliers, business partners and others about how we intend to use personal data in our day-to-day operations. Regenica takes reasonable steps to ensure the personal data we process is accurate and up-to-date. Regenica integrates privacy in the design of our projects that involve the use of personal data.
For European Union (“EU”) data protection law purposes, we process personal data as a controller or joint-controller, depending on the context of the processing activity. The controller is the entity that, alone or jointly with others, establishes the purposes and the means of a processing activity. A “processing activity” is an activity that we engage in for a specific, identified purpose, and that involves the collection and use of personal data.
WHO WE ARE
We are Regenica Biosciences, Complaints at 2219 Poinsettia Dr., San Diego, CA 92106, Attn: Legal Department, send an email to info@regenicabio.com, or you can call us at 1-619-933-1328.For data protection purposes, including the EU data protection law, we are the controller of your personal data, and you can contact us with any inquiries you may have regarding the processing of your personal data.
TYPES OF PERSONAL DATA WE COLLECT AND USE
“Personal data”, means any information related to an identified or identifiable individual. Depending on the context in which we process your personal data, we collect and otherwise process the following, by way of example and not limited to:
Information that you provide via a Regenica website or by some other method and that can directly or indirectly identify or locate you: name, address, telephone number, e-mail address, and any other related information you submit to us. Information that a Regenica website collects automatically: the date and time of the website session, movements across the website, information about your browser, your IP address, and information related to your online activity gathered through our weblogs and cookies. Personal data, including data related to an individuals’ health or a clinical trial. Employment details and history, biographical information, educational history, benefits, compensation, contact details, performance, and use of Company resources by employees, contractors, and applicants in connection with their role or potential role for Regenica. Contact information for key personnel of customers and potential customers for the purpose of performing sales, services, education, research, and marketing. Social Security Numbers to the extent necessary for compensation and/or Regenica products and services.
Our Policy Towards Children
Our websites are not directed towards children. We do not knowingly collect personal data from children through our websites. If a parent or guardian becomes aware that his or her child has provided us with personal data without their consent, please contact us. If we become aware that a child is using our websites and has provided us with personal data, we will delete such information from our files. Some of our clinical trials process personal data of children. The consent of parents or legal representatives is sought in this case, and in accordance with the laws where the clinical trials are being conducted.
WHAT WE DO WITH YOUR PERSONAL DATA
In the case of personal data collected through our websites, we use it for educational and marketing purposes about our own commercial and pipeline products and related disease states. In the case of our employees, we collect personal data during the application process, we hire a third party to conduct background checks for successful applicants, we store biographic data, data related to health, identification data, bank accounts numbers, addresses, phone numbers that are all necessary for day-to-day business purposes or for compliance with a legal obligation. For security purposes we also monitor to a certain extent how employees use our IT systems. We have an Acceptable Use of Electronic Resources Policy that is made available to our employees. Our Employee Privacy Policy is available to all our employees and prospective employees. Please contact info@regenicabio.com, or as noted below, if you have questions.
In the case of clinical trials, we collect, store and analyze your personal data generated via clinical trials we are conducting utilizing clinics, research institutions, clinical research organizations, and healthcare professionals that we contract with.
For the processing of Social Security Numbers, Regenica has implemented reasonable technical, physical and administrative safeguards to help protect the Social Security numbers and other sensitive personal information from unlawful use and unauthorized disclosure. All Regenica employees are required to follow these established procedures, both online and offline. In particular, access to Social Security numbers is limited to those employees and service providers who have a need to access this information to perform tasks for Regenica. We will only disclose Social Security numbers with those service providers, auditors, advisors, and/or successors in interest who are legally or contractually obligated to protect them, or as required or permitted by law.
PURPOSES FOR COLLECTING AND PROCESSING PERSONAL DATA
The purposes for which we collect and process your personal data are:
To ensure the proper operation of our day-to-day business and for complying with legal obligations. To respond to your requests for information, products, and/or services. If you apply for a job via our career center, to consider you for employment. To contact you and provide you with disease state, product, and general services information. If you have a business or professional relationship with Regenica, we may use your personal information generally to develop our business relationship with you and/or further the advancement of services. For legal and compliance obligations, such as adverse event reporting and for other everyday business purposes, such as website management, research and development, educational, and commercial purposes.
GROUNDS FOR PROCESSING
For those processing activities that fall under the EU data protection law, the legitimate grounds for processing personal data that Regenica relies on are:
Consent for clinical trials, for the collection and use of data through our website and for personal data processed for marketing and educational purposes. To fulfill our legitimate business and healthcare initiative interests. The necessity to enter a contract, where appropriate and for compliance with legal obligations.
WHO HAS ACCESS TO YOUR DATA
Except as provided herein, Regenica will not share your personal data with third parties unless you have consented to the disclosure. We only share your personal data with our agents, contractors or partners in connection with services that these individuals or entities perform for, or with, Regenica such as: sending e-mail messages, managing personal data, hosting our databases, providing personal data processing services, providing customer service, and facilitating the job application process.
These agents, contractors or partners are restricted from using one’s personal data in any way other than to provide services for Regenica, or services for the collaboration in which they and Regenica are engaged (for example, some of our products are developed and marketed through joint agreements with other companies). For the purposes of EU data protection law, Regenica enters controller-processor arrangements with our agents, contractors or partners that qualify as processor.
Regenica will share personal data to respond to duly authorized subpoenas or other lawful information requests of governmental authorities, including to meet national security or law enforcement requirements, or where required by law. In exceptionally rare circumstances where national, state or Company security is at issue, Regenica reserves the right to share our entire database of visitors and customers with appropriate governmental authorities.
DATA INTEGRITY
Regenica takes reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current. Regenica also ensures personal data is limited to the information relevant for the purposes of processing as noted in this policy.
As a convenience, our websites may sometimes contain links to a number of other (non-Regenica) websites that we believe may offer useful information. The Policy presented here does not apply to those non-Regenica sites. You should contact these sites directly for information on their privacy policies, confidentiality procedures, and data collection, distribution and protection procedures.
Please note that linked non-Regenica websites may also use cookies. Regenica cannot control the use of cookies by these non-Regenica sites. In addition, when you link from a Regenica website to another website, that site may have the ability to recognize that you have come from a Regenica site. If you do not want any other websites to know that you have been on one of Regenica’s websites, we recommend that you do not use the links provided in our sites.
TRANSFER OF DATA OVERSEAS & PRIVACY SHIELD PRINCIPLES
If you are located outside the United States (US) and you interact with us via one of our websites, mail, e-mail, phone, or you participate in one of our clinical trials, then your personal data is transferred to the US. If you are based in the EU or Switzerland, please be informed that the US did not obtain an adequacy decision for the level of protection afforded to personal data. However, we provide appropriate safeguards for your data in the US, as we elected to self-certify under the EU-US Privacy Shield and under the Swiss-US Privacy Shield.
Privacy Shield and its Principles:
Regenica has elected to self-certify to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework (“Privacy Shield”) for commercial, research and development, and employee data. Regenica processes the personal data we receive in the US from the EU, the EEA, and Switzerland in accordance with the Privacy Shield Principles, as applicable. If there is any conflict between the terms in this policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. For personal data originating in the EU, the EEA, or Switzerland, this policy demonstrates our commitment to processing your personal data in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement, and Liability. Under these principles, you have the right to access your own data that has been transferred to Regenica under Privacy Shield, and request the correction, amendment or deletion of such data. In accordance with this policy regarding disclosure and sharing of personal data, detailed herein, your personal data will only be shared as appropriate with third parties that process information on behalf of, or with, Regenica. If we disclose personal data received under Privacy Shield to a third party, Regenica ensures that the third party has contractual provisions or processes in place that require the same level of security and confidentiality safeguards as required under Privacy Shield, as the case may be. Under certain circumstances, Regenica may remain liable for the acts of certain third parties if those third parties process the EU or EEA-originating personal data that Regenica discloses to them in a manner that is inconsistent with the Privacy Shield Principles.
In compliance with the Privacy Shield Principles, Regenica commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Regenica at:
Regenica Biosciences, Inc., Complaints
2219 Poinsettia Dr.,
San Diego, CA 92106,
Attn: Legal Department,
Or send an email to info@regenicabio.com, or you can call us at 1-619-933-1328.
If, after attempting to address privacy questions or concerns with Regenica directly you still have a specific privacy concern that has not been resolved, you may choose to mediate your concern by a neutral third party. Regenica has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit adr.org for more information or to file a complaint. The services of the American Arbitration Association are provided at no cost to you.
American Arbitration Association
Case Filing Services
877.495.4185: Toll free
877.304.8457: Fax
casefiling@adr.org
Contact your Data Protection Authority: If you are based in the EU or the EEA, you may choose to contact your local Data Protection Authority (“DPA”), or the Swiss Federal Data Protection and Information Commissioner, if you are based in Switzerland. Your DPA or the Swiss Commissioner may refer your complaint directly to the Department of Commerce on your behalf.
HOW DO YOU CONTROL YOUR DATA
Whether you reside in the US, reside in or otherwise find yourself in the EU, Regenica is committed to facilitate the exercise of your rights granted by EU data protection law and our commitment to privacy, noted above, in a timely manner – the right to access your data, to ask for erasure, correction, portability of your data or to object to the processing of your data. In order to be able to reply to your request and if we are not certain of your identity, we may need to ask you for further identification data to be used only for the purposes of replying to your request. If you have any inquiries, you may contact us at: 2219 Poinsettia Dr., San Diego, CA 92106, Attn: Legal Department, send an email to info@regenicabio.com, or you can call us at 1-619-933-1328.
Access to Your Own Personal Data
You have the right to obtain confirmation of your personal data whether we process it or not, as well as the right to obtain information about the personal data we process about you and to obtain a copy of this data.
Erasure, correction and other requests including receiving communication
You have the right to obtain erasure, correction and portability of your personal data, under certain conditions. You also have the right to object at any time to receiving marketing/educational materials from us by following the opt-out instructions in our e-mails, as well as the right to object to any processing of your personal data based on your specific situation. In the latter case, we will assess your request and provide a reply in a timely manner, according to our legal obligations.
Please be sure to include your e-mail address if you are writing to unsubscribe to any service or materials we provide you. Also, please note that you may continue to receive materials while we are updating our lists. For all the processing operations that are based on you consent, as described above, you can withdraw consent at any time and we will stop those processing operations. All processing of your personal data based on your consent before withdrawal remain lawful. As to adverse event reporting and related personal data, Regenica reserves the right to not remove or amend such personal data and/or adverse event information as required by law or regulation. Regenica does not engage solely in automated decision making or profiling using your personal data.
DATA SECURITY
We are committed to processing your personal data in a secure manner, by creating specific technical and organizational measures to prevent the personal data we hold from being accidentally or deliberately compromised.
We conduct information risk assessments, we ensure that our staff understands the importance of protecting personal data and we are responsibly managing access rights within the Company. We include both physical security and IT security in our overall data security approach. We are diligent in selecting vendors that process personal data on our behalf so that they also ensure appropriate technical and organizational measures to protect the data. Regenica makes reasonable efforts to notify individuals and regulatory authorities, as required by law, if we reasonably believe that personal information has been stolen, disclosed, altered or infringed by an unauthorized person. We created and maintain a breach notification and reporting protocol. If there are questions or concerns regarding this policy or a potential breach, please contact at: 2219 Poinsettia Dr., San Diego, CA 92106, Attn: Legal Department, send an email to info@regenicabio.com, or you can call us at 1-619-933-1328.
ACCEPTANCE OF TERMS
By using this site or any other Regenica site and voluntarily providing your personally identifiable information to us, you consent to the collection and use of such personally identifiable information as set forth in this Policy. If you do not agree to the terms of this Policy, please do not provide us with any information or personal data and do not use our websites.
CHANGES TO THIS NOTICE
We reserve the right, at any time, to modify, alter, or update this Policy, and any such modifications, alterations, or updates will be effective upon posting. In the event we modify this Policy, your continued use of our sites will signify your acceptance of the modified Policy. The time stamp you see on the Policy will indicate the last date it was revised. We will duly inform you of any changes via our website and we provide you, as noted herein, the opportunity to express your consent for processing your data for different and new purposes.