Website Personal Data and Privacy Policy

1. Who we are

This website under the domain name uni-pharma.gr (hereinafter the ‘website’) is property of ‘UNI-PHARMA KLEON TSETIS PHARMACEUTICAL LABORATORIES SA’, with the distinctive title ‘UNI-PHARMA SA’. The company is based in Kifissia, Attica, 14th km of the Athens – Lamias National Road, P.C.14564, VAT number 094320634, Athens Tax Office for Limited – Commercial Companies, General Commercial Registry (GEMI) no. 000760401000, legally represented, with the e-mail unipharma@uni-pharma.gr and telephone +30 210 8072512, contact hours: 07:30 – 15:30, (hereinafter the ‘Company’).

We consider the protection of your personal data particularly important, and we comply with the current personal data protection and privacy legislation.

This Policy describes how our company, in compliance with the provisions of the European Regulation for the Protection of Personal Data (EU 2016/679) and the National Law 4624/2019 (hereinafter as GDPR), manages the Personal Data disclosed to us with the utmost care, ensuring, at any case, their protection and privacy.

By visiting and navigating our website, you accept the Terms of Use of the Website, the Data Protection Policy and the Cookies Policy, as applicable.

For this purpose, we inform you of what the Regulation and the National Law requires on the protection of personal data that we process and store when you use our website and how we use this data.

With this privacy policy you are notified, and wherever asked – within the website -, you may agree or not with the collection, processing and use of personal data by the company, in accordance with the General Data Protection Regulation (GDPR) and the following terms of use.

Please take the necessary time to read this privacy policy carefully.

2. Personal data we collect

The company collects and processes Personal Data, i.e. information related to a natural person who is or can be identified from this information, regardless of whether the identification can be carried out directly or indirectly. Processing of this data means any work carried out in relation to this data, whether automated or not.

Personal Data includes, for example, information such as name, home address, e-mail address or telephone number that can be used to identify a visitor to the company ‘s website.

The company lawfully processes the Personal Data, as it collects and processes them exclusively for specified, explicit and legitimate purposes and only to the extent necessary for the realization of these purposes. The data it kept is accurate and up to date, seeking for this purpose the assistance of the data subjects, i.e. the natural persons to whom the data concern. The company retains the data for as long as necessary for the implementation of the specific purposes.

The personal data you provide us, while browsing the above website or by participating in one of our contests, are kept in a file under the responsibility of the company.

Below you may find the data we collect:

A) When visiting and navigating our website, the IP address (Internet Protocol address) of your access computer, the website through which you visit us, the device ID or other device identifiers, the date, time, duration of the visit, the browser type, browser settings, user’ s place of origin and operating system are recorded.

This technical information may, in individual cases, constitute personal data. We limit the collection of data to the absolutely necessary, in order to achieve compliance with the data processing principle, pertaining to the minimization of data processing.

As a rule, we use technical data, however, only to the extent that this is necessary for technical reasons, for the operation and protection of our website and application against attacks and malicious use, as well as in pseudonymous or anonymous form for statistics aims.

B) We collect data for the specific purposes of processing the Personal Data, for which you willingly provide us with data, namely when you wish to contact us by email or if you subscribe to some services, as well as when you give us feedback, the following information is collected and processed:
– Full name
– Contact details (contact phone number, home address, postal code, email address).

If you provide personal data on behalf of a third party, you must obtain the third party’s consent before disclosing their data to us. In this case, before this person provides you with the above consent, you must notify them of this privacy policy.

– In the context of medical information and drug safety, our company has a legal obligation to be informed about adverse effects and interactions, about the lack of effectiveness of its drugs, complaints on quality and/or other aspects related to safety or quality of our company’s products.
Pharmacovigilance obligations require us to process information that may allow us to identify, directly or indirectly, an individual, i.e. the patient and/or the person reporting the adverse event (personal data). Any personal data provided to the company regarding adverse reactions or other pharmacovigilance-related activities will be used solely for these purposes.

If you provide us with information about our company’s products (e.g. through our website), we will evaluate and review your information (which may include information about your health status, adverse events and, if applicable, your name). For this purpose, we may also contact you.

The personal data we may collect about you, when you are both the reporting person and the company of the medicine, is as follows:

  • First & last name or initials of your first and last name
  • Contact info
  • Your medical history and other characteristics, including laboratory data, pregnancy, weight and height, age
  • Information on the product that caused the adverse event and information on dosage, route of administration, indication and duration of treatment
  • Information about other medicines or treatments you are taking
  • Description of the adverse event
  • Date of occurrence of the adverse event, date of interruption, duration
  • Laboratory test results

The personal data we may collect about you when you are only the reporting person of an adverse event (and not the company of the medication) is as follows:

  • First & last name or initials of your first and last name
  • Contact info
  • Job title
  • Relationship to the subject (medicine recipient)

Your personal data is kept in our company’s records for the time required, in accordance with the current legislation on pharmacovigilance. Every recording of spontaneous reports of individual incidents concerning either an adverse reaction, after using a product of our company, or a quality complaint, is made in printed form and kept in a safe place, accessible only to pharmacovigilance personnel.

Our company also has a legal obligation to report significant adverse events to the competent health authorities, in which case we transfer your information after pseudonymisation, so that no information is transferred resulting in your direct identification. The purpose of processing in this context is to provide medical information to your questions, complaints, as well as pharmacovigilance and incident monitoring, to fulfill legal obligations and in relation to legal claims.

When you use this website, you fill out an online form or send us an e-mail at emergency@uni-pharma.gr to report an adverse reaction, when using a product of our company. In the relevant e-mails you can also receive information about how we process your personal data in relation to unwanted actions.

You may also report an adverse event directly through the EOF (National Medicines Agency) at the following address:

For patients:
EOF (National Medicines Agency)
Mesogion 284
15562 Cholargos, Athens
Tel: +30 21 32040337
Website: https://www.eof.gr and https://www.kitrinikarta.gr

For healthcare professionals:
Through the yellow card https://www.kitrinikarta.gr

The company collects, processes and uses the Personal Data concerning you, mainly when you visit its website, exclusively for the following purposes, in particular for: a) monitoring the website traffic b) improving the services we provide you through the navigation on our website, aiming at faster service c) responding to your requests and in general communicating with you regarding the information you provide through your messages and requests, d) complying with the obligations imposed on us by the GDPR, e) the fulfillment of our legal obligations and the raising of claims f and f) the protection of the company’s interests.

We would also like to inform you that in the event of an acquisition of all or part of our website by another company, we will share information with that successor company.

The company stores and uses your Personal Data when you contact them by telephone or e-mail or when you wish to send us information in any other way, and you therefore transmit your data to us for the purposes mentioned in this policy.

When applying for a job position in our Company and considering the prospect of future cooperation, we collect only the relevant necessary data, based on the consent of the candidate. These data are processed by specially authorized and properly trained persons, who are committed to maintaining confidentiality, respecting privacy and all the basic principles of transparency, security, trust, legal permissibility and necessity of the processing. In the context of evaluating the suitability for the coverage of a specific Job Position, we collect and process data included in the fields of the Job Application and of any CVs and other submitted data of Candidate Employees, namely: identification and contact information, full name, patronymic, year of birth, telephone number, e-mail address, gender, nationality, candidate’s education and skills info, previous work experience, identity/passport details, photograph, military service information (where applicable), positions and activity areas of interest. The data included in your CV and (in case-by-case) rest of data you submit or fields of the Job Application are processed in accordance with the most appropriate technical and organizational measures in our servers or our partners’ servers and are subject to processing for a period of thirty-six (36) months from your submission.

Exclusively when deemed necessary for resolving any disputes, or in the context of legal actions, we may retain your data, always in the light of the basic principles of transparency, security, trust, legal permissibility and the necessity of the processing.
The company may keep employee training records, which may include personal information, experience and training information.

Finally, we store and use your data, to the extent that we are legally obliged to do so, such as in view of an official directive or a judicial or other decision of the Authorities. Also as to safeguard our rights and claims, and for defending our rights before the courts.

The processing of Personal Data takes place, depending on the case, in accordance with the current legislation and this privacy policy, or in accordance with the consent given by you. In some cases, data is only used in pseudonymous or anonymous form.

4. How long we keep your personal data

The management of the server where the data is stored is carried out using the appropriate methods, exclusively and only by strictly limited staff of the company and the staff of the server company.

We keep your data for as long as necessary for the respective purpose of processing. Different retention periods for your data may apply, depending on the purpose of the processing. When the storage period expires, the data is deleted accordingly.

In addition to the rules set by us, there are other periods when we are obliged to keep a record depending on the requirements and nature of our relationship with you or applicable law. This may occur e.g. on tax data and data collected in the frame of pharmacovigilance services, which must be observed. These specific mandatory data retention periods vary, depending on the applicable national legislation.

The data retention period may vary depending on the type of data and its use. The criteria on which this is based are among others legal obligations, pending or potential disputes, intellectual property, proprietary rights, contractual obligations, filing.

5. Third parties to whom your personal data is transmitted

The company may transmit the data to other companies of its Group, to affiliated companies within the European Economic Area, which will process the data on behalf of the company as data controllers or data processors, exclusively and only for reasons mentioned in this Policy and ensuring data safety. When transmitting the data, the company takes all necessary security and confidentiality measures to ensure the highest possible level of security.

For instance, the company, in order to support its operations, may share your personal data with third-party external service providers, such as e.g. with a partner company of IT applications and infrastructure.

We process data mainly within the European Union (EU) and the European Economic Area (EEA). For transfers to countries not considered safe by the European Commission, should such transfers take place, suitable and proper safeguards for the protection of personal data are received, such as standard contractual clauses or other legal tools.

6. Data security

The security of your personal data is a high priority for the company. We are committed to keeping your personal data secure. Therefore, we protect your data, stored with us, through technical and organizational measures to effectively prevent loss or unauthorized access or misuse of it by third parties.
Specifically, our employees, who process personal data, are committed to maintaining confidentiality. To protect your personal data, data is transmitted in encrypted form. To ensure the long-term protection of your data, the technical security measures are regularly monitored and, if necessary, adapted to the respective prevailing technology standards. Unfortunately, no system for transmitting or storing data is 100% guaranteed to be secure.

7. Social media

The company has official accounts on the following social media:

Facebook, Linkedin & Youtube

With the help of each of the above platforms, and with your consent, we collect and process some of your data (such as your username and photo). The purpose of this processing, whether anonymized or not, is to provide updates on our content or to communicate with you by responding to messages you send us.

You provide your consent by liking or following our pages and you can withdraw it just as easily, in the very same way (unlike, unfollow). Your consent contains acceptance of our data protection policy, which is located in a prominent and easily accessible place on each page. If you do not agree with our policy, you should withdraw your consent in the proper manner (unlike, unfollow).
Based on the above, the social networking platform is also considered a data controller of your data.

If you choose to link your social media account to our website to enable social media sharing, certain Personal Data from your social media account will be shared with us, which may include Personal Data that is part of your profile or those of your friends.
We may receive Personal Data from other third parties to confirm information or better understand your interests by associating demographic data with the Personal Data you have provided.

To ensure more complete protection of the rights of our social media pages visitors, we strictly comply with our obligations regarding the protection of personal data.
In this context, we implement a number of appropriate technical and organizational measures, such as limiting the people who have access to media management, in order to ensure secure data processing.

It is also possible to subscribe to our website, so that we can send you various newsletters from time to time. In every newsletter you receive, you have the option to unsubscribe, with a relevant link at the end of the email by selecting the ‘unsubscribe’ field. The company reserves the right to delete any recipient from the newsletter lists without justification.

The company and its partners make every effort for the smooth operation of the newsletters, however, technical or organizational problems are always a possibility. For any issue that arises, as well as for any relevant information regarding the operation of the newsletters, please contact us.

Please note that the company is not responsible for the manner or means by which each of the above platforms processes your data. Find out about the policy of these media from the respective links.

Regarding the submission of comments by users on the posts and/or pages maintained by the company on social media, and with respect to open dialogue and expression of different opinions, we inform you that the company has no general obligation to control the content submitted by the users of these media. Nevertheless, it makes efforts to ensure a safe online environment.
Therefore, the company has the right to remove any type of content deemed to violate the terms of use of the website, such as abusive, vulgar, pornographic, threatening, advertising or content that violates intellectual property rights or contains false statements, while maintaining the ability to block users who submit it.

Our website provides access to third party websites. The placement of these hyperlinks has been made with the sole purpose of facilitating visitors during their internet browsing. It is in no way an indication of acceptance or approval of the content of the hyperlinked websites. Each link leads to a different website, the browsing of which is subject to its own terms of use and data protection.
The company bears no responsibility whatsoever for the content and personal data management policy of the hyperlinked website. Access using the provided hyperlinks to the respective website takes place at the sole responsibility of the user himself. We encourage you to read the data protection policies of all websites you visit.

By choosing that you agree and consent to the processing of your Personal Data, you give your consent to the processing of the data for the above specific purposes, and you can at any time withdraw your consent, as well as exercise any of your legal rights, namely access your data and obtain a copy of it, correct inaccurate personal information, erase (forget) your data or restrict their processing. You may also request portability of the data in a structured, commonly used and machine-readable format and transmission to another controller, object to being subject to a decision made solely based on automated processing, including profiling, which produces legal results that concern you or significantly affect you in a similar way, except in case data processing is necessary for the exercise of legal rights of our company or of third parties, to fulfill a legal obligation, for reasons of public interest or to defend our legal rights before judicial or other authorities.

The company handles your requests with due care to ensure the security of your data and the protection of your rights. For this reason, in case there are doubts as to the person requesting the disclosure of Personal Data, we may ask you for additional information, necessary to confirm your identity.

The company responds to your requests without delay and in any case within one (1) month upon receiving each request, unless if due to the complexity of your request or due to the multitude of requests, we need an extension of another (2) two months, within which we will get back to you in which case we will inform you within the month. If your requests are manifestly unfounded or excessive, in particular due to their repetitive nature, the company may either impose a reasonable fee, taking into account the administrative costs of providing the information or communicating and performing the requested action, or refuse to proceed with the request.

In the event of a breach of your data and since this breach may pose a high risk to your rights and freedoms and under the condition that it does not fall under one of the exceptions expressly provided by law, the company undertakes the obligation to inform you without undue delay.

You may contact the company at any time, and particularly to exercise your rights, submit a question or complaint at the following e-mail address: dataprivacy@uni-pharma.gr
In addition, if you believe that your data has been breached, you have the right to file a complaint with the competent Hellenic Data Protection Authority JUSTICE AND CONSUMERS ARTICLE 29 – NationalData Protection Authorities (europa.eu)

10. Cookies

Cookies are small text files sent to your browser and stored on your computer while you are on our website. In no case will cookies contain personal information or information that would allow anyone to contact the website visitor, by phone, e-mail, etc.

The use of cookies makes it easier for the website to remember information about your visit, collecting useful data about your search preferences, improving your search experience the next time you visit us.

Cookies are unique to each web browser and contain anonymous information about the websites you visit and the devices you use. We may also use similar technologies, like:

  • Pixel Tags. Pixel tags (also known as web beacons and transparent GIFs) are used, among other things, to track the actions of the Website users, to measure the success of marketing campaigns and to compile statistics about the website usage and response rates.
  • Adobe Flash. Local shared objects (Flash LSO – also known as Flash cookies) and other technologies are used, among other things, to collect and store information about your use of the Website. Note that setting the Flash player to restrict acceptance of Flash LSOs may reduce or impair the functionality of some Flash applications.
  • Google Analytics. Google Analytics is a service provided by Google, Inc. (‘Google’). We use Google Analytics to collect anonymous statistics to improve the Website.

You can selectively disable Google Analytics by installing the opt-out plugin provided by Google in your browser.

Certain information is automatically collected by most browsers or devices, such as Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, manufacturer and model of the device, language, type and version of the internet browser and the name and version of the Website you are using.

For more information please check our cookie policy.

11. Minors

The content and services of our website are directed exclusively to people over 16 years of age and we do not knowingly collect any information about people under this age limit. If you are under the age of 16, you are not allowed to submit your information to us in any way, unless you have the consent of the person exercising parental care.

Since it is not technically possible to effectively check your age in all circumstances, in the event that the submission of personal information concerning minors is reported and verified, we undertake to immediately delete all relevant information. This deletion applies without prejudice to the need to maintain the data in case of exercising or supporting our legal claims, or the provision of consent by a guardian.

12. Amendments

This Agreement revises and supersedes any previous version of the personal data protection policy.

The company reserves the right to amend the terms of this Policy, which may be reviewed and updated at any time and without notice. The website users are kindly requested to check these terms regularly for any changes, as the continued use of the website implies that they accept all possible amendments thereof.

LAST REVISED: 11/6/2024.