Since the European« General Data Protection Regulation» entry into force, ERMIUM
THERAPEUTICS informs in a transparent way about processing of handled personal data in accordance with Articles 12, 13 and 14 of the GDPR legislation.
Our data are hosted in European Union inside ours outsourced datacenters based in France, e.g. OVH® which is ISO27001 certified.
Data processing controller :
Ermium Therapeutics
Processing purpose :
Processed data :
Identities, contact details, professional function and relationship history
Recipients and possible source personal data :
Only R&D division and company management may access
communicated or stored data.
We point out that we could possibly feed our prospects database from
public information or partners or social networks or partnering platforms.
Data retention and erasure
The maximum period for which the personal data will be stored is settled to 3 years.
Processing legal basis
The legal basis for data handling and processing is based on the consent
of the persons concerned or precontractual measures in absence of or
our legitimate interests in absence of.
Data processing controller :
Ermium Therapeutics
Processing purposes
• Client relationship management and monitoring/report of activities
within the contract(s)
• Invoicing management
• Accounting management
• Customer service management
Processed data :
Identities, contact details, professional function, relationship history
Recipients and possible source personal data originate :
Only business development division or R&D division or support division
or accounting/finance division and company management may access communicated or stored data.
We point out that we could possibly transfer data to involved ERMIUM
THERAPEUTICS providers e.g. intellectual property firm or marketing
support.
Data retention and erasure :
The maximum period for which the personal data will be stored is settled to
5 years after the end of the client relationship. Data retention is settled to 10
years after publication concerning nominative accounting documents.
Processing legal basis :
The legal basis for data handling and processing is based on the contractual
relationship performance or our legitimate interests in absence of or French
legal obligations in absence of.
Data processing controller :
Ermium Therapeutics
Processing purposes
• Potential investors relationship management
• Precontractual relationship management
Processed data :
Identities, contact details, professional function; relationship history
Recipients and possible source personal data originate :
Only company management, the chief scientific officer and chief
financial officer may access communicated or stored data.
We point out that some of those above functions may be operated by
external consultants.
Data retention and erasure :
The maximum period for which the personal data will be stored is
settled to 10 years after inactivity of the relationship.
Processing legal basis :
The legal basis for data handling and processing is based on the consent
of the persons concerned or precontractual measures in absence of or
our legitimate interests in absence of.
Data processing controller :
Ermium Therapeutics
Processing purposes
• Relationship management
• Administration and management of the company
Processed data :
Identities, contact details, professional function, mandatory regularity data
including when needed e.g. ID card copies and necessary according K.Y.C.
guideline.
Recipients and possible source personal data originate :
Only company management and chief financial officer and legal officer
may access communicated or stored data.
Data retention and erasure :
Mandatory regularity data including when needed e.g. ID card copies and
necessary according to K.Y.C. guideline is only stored during the funding
operation duration. Others data are stored during the legal period of
retention.
Processing legal basis :
The legal basis for data handling and processing is based on our legitimate
interests in absence of or French legal obligations in absence of.
Data processing controller
Ermium Therapeutics
Processing purposes
• Supplier relationship management
• Accountancy management
Processed data
Identities, contact details, professional function, invoicing data
Recipients and possible source personal data originate
Only personnel in charge of company management or supplier relationship
– including accounting staff and purchasing division – may access
communicated or stored data.
We point out that we could possibly feed our potential or current suppliers
database from public information.
Data retention and erasure
The maximum period for which the personal data will be stored is settled
to 5 years after the end of the relationship. Data retention is settled to 10
years after publication concerning nominative accounting documents.
Processing legal basis
The legal basis for data handling and processing is based on the supplier
relationship performance or precontractual measures in absence of or our
legitimate interests in absence of.
Data processing controller
Ermium Therapeutics
Processing purposes
• Application management
• Job interviews management
• CV database feeding
Processed data
CV and possible cover letters and all other documents or data
provided for recruitment process
Recipients and possible source personal data originate
Only company management and involved personnel and personnel
in charge of recruitment may access communicated data.
We point out that we could possibly transfer data to partners, especially search firms or some company committee members.
We also point out that we could possibly feed our CV database from
public information, jobboards or partners
Data retention and erasure
The maximum period for which the personal data will be stored is
settled to 2 years after relationship inactivity.
Processing legal basis
The legal basis for data handling and processing is based on the
consent of the persons concerned or precontractual measures in
absence of or our legitimate interests.
Ermium Therapeutics © 2023 All Rights Reserved
Design by Cédric Adam
