Data Protection Declaration

Responsible body within the meaning of data protection laws, in particular the EU Data Protection Ordinance (DSGVO):

Tentamus Pharma (UK)Ltd.
RiversideRoad
PridePark
Derby DE248HY
United Kingdom

The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

You can exercise the following rights at any time using the contact details provided by our data protection officer:

• Information about your data stored with us and their processing,
• Correction of incorrect personal data,
• Deletion of your data stored with us,
• Restriction of data processing if we are not yet allowed to delete your data due to legal obligations,
• objection to the processing of your data with us and
• Data transferability, provided that you have consented to the data processing or have concluded a contract with us.
• If you have given us your consent, you can revoke it at any time with effect for the future.

You can contact your local supervisory authority at any time with a complaint. Your competent supervisory authority depends on your state of residence, your work or the alleged infringement. A list of supervisory authorities in Germany (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_node.html .

We process your personal data only for the purposes stated in this data protection declaration. Your personal data will not be passed on to third parties for purposes other than those mentioned. We will only pass on your personal data to third parties if:

• you have given your express consent,
• processing is required to process a contract with you,
• the processing is necessary to fulfil a legal obligation,
• the processing is necessary to protect legitimate interests and there is no reason to believe that you have an overriding interest worthy of protection in not disclosing your data.

This information is technically necessary in order to correctly deliver the content you have requested from websites and is mandatory when using the Internet. They are processed in particular for the following purposes:

• Ensuring a trouble-free connection of the website,
• Ensuring a smooth use of our website,
• evaluation of system security and stability as well as
• for other administrative purposes.

The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about you personally. The recipients of the data are only the responsible body and, if applicable, the contract processor.

Anonymous information of this kind may be statistically evaluated by us in order to optimize our Internet presence and the technology behind it.

Your personal data is stored for the period necessary to fulfil the original purposes for which it was collected. Please note that in certain cases a longer storage period may be required or legally permissible, or to enable us to pursue our business interests, conduct audits, comply with legal obligations, enforce our agreements or settle disputes.

The criteria by which we determine our retention periods include the following:

• How long will the data be needed to provide you with our products or services or to conduct our business?
• Are we subject to a legal, contractual or similar obligation to store your data? Examples include mandatory laws to retain data in accordance with local laws, governmental orders to store data relevant to an investigation, or data that must be retained for contractual purposes or possible litigation.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

As far as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time here . The legality of the data processing operations already carried out remains unaffected by the revocation.

For transparency reasons, we would like to point out that we use the Google Tag Manager of the provider Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The Google Tag Manager itself does not collect any personal data. The Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites. We use the Tag Manager for the Google Analytics service. If you have made a deactivation, this deactivation will be taken into account by Google Tag Manager. For more information on the Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html .

This website uses Google Maps API to display geographical information visually. When using Google Maps, Google also collects, processes and uses data about the use of map functions by visitors. You can find more information about Google’s data processing in the Google Privacy Policy . There you can also change your personal data protection settings in the Data Protection Centre.

Detailed instructions for managing your own data in connection with Google products can be found here .

On some of our websites we embed YouTube videos. YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA is the operator of the corresponding plug-ins. When you visit a page with the YouTube plugin, a connection to Youtube servers is established. Youtube will be informed which pages you visit. If you are logged into your Youtube account, Youtube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.

In our live chat you have the opportunity to contact Tentamus employees directly and to clarify your questions in a conversation in the form of a real-time chat.

For our live chat, we use LiveChat Inc.As far as data is processed outside the EU/ EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. LiveChat is headquartered at 101 Arch Street, 8th Floor Boston, MA 02110, USA. A transfer of data to the USA and access by US authorities to the data stored by LiveChat cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time here , however please note that if you do this you may not be able to use the full functionality of this website. The legality of the data processing operations already carried out remains unaffected by the revocation.

If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.

This website uses the services of CleverReach (CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany) to send newsletters.

When you register for our newsletter, we collect and process personal data such as your name and email address. In addition to this, the date and time of your registration and your IP address are stored on CleverReach's servers. We may also analyze data about your interaction with the newsletter, for example, whether you click on links. CleverReach places great emphasis on data security and therefore carries out regular maintenance and updates systems as needed. In this way, CleverReach ensures high operational stability, performance, and maximum security.

If you do not want your usage of the newsletter to be analyzed by CleverReach, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter by contacting us through the web-formula or by contacting our designated Data Privacy responsible listed at the start of the data privacy statement.

Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.

The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of CleverReach. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.

Your personal data will be passed on to Tentamus based in Berlin, Germany. We do not sell or disclose any personal data of our website visitors to third parties, except in the following cases:

• Sharing within Tentamus, in accordance with our web privacy policy and taking into account all applicable confidentiality and security measures.
• Passing on to third parties that we have commissioned to provide services for us. These service providers are contractually obligated to use or disclose the information exclusively for the provision of services on our behalf or for the fulfilment of legal obligations.
• Disclosure to companies, organisations or individuals outside Tentamus if we have good reason to believe that access, use, storage or disclosure of the information is necessary for any of the following reasons:
  • Enforcement of applicable terms of use, including investigation of possible violations
  • Compliance with all applicable laws, regulations, court decisions or official orders to be enforced
  • Identification, prevention or other measures in the area of fraud, security problems or technical challenges
  • Protection against interference with the rights, property or safety of Tentamus, our users or the public, in accordance with legal requirements.
  • Disclosure to regulatory or law enforcement authorities when we believe in good faith that we are required by law to disclose information in connection with the discovery of criminal offences, the collection of taxes or duties, compliance with applicable laws or court orders, or in connection with legal proceedings.

You can apply to our company electronically, especially by e-mail. We will of course use your details exclusively for processing your application and will not pass them on to third parties. Please note that unencrypted e-mails are not transmitted with access protection.

If you have applied for a specific position and it has already been filled or if we consider you suitable for another position, we would be happy to forward your application within the company. Please let us know if you do not agree to a forwarding.

Your personal data will be deleted immediately after completion of the application process or after a maximum of 6 months, unless you have expressly given us your consent for a longer storage of your data or a contract has been concluded. The legal basis is Art. 6 Para. 1 a, b and f DSGVO and § 26 BDSG.

We provide links to other websites for your orientation and information. These linked websites may have their own privacy statements or policies, and we encourage you to read them. We are not responsible for the content of linked websites or for questions arising from their use.

We reserve the right to adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply for your next visit.