Privacy Statement
It is important to TOWA Pharma International Holdings, S.L.U. (hereinafter, «Towa») to ensure the privacy and protect the personal data of the users of www.towainternational.com (the «Website»). Therefore, in accordance with both Regulation (EU) 2016/679, of 27 April, General Data Protection Regulation (GDPR), and the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, this privacy notice intends to inform you how we process of the personal data of the users of this Website.
This statement applies to all sections of this Website unless otherwise indicated in a specific informative clause or section of this Website.
Most of our services do not require any kind of registration, which allows the users to access our Website without providing any personal data.
It is important to note that the refusal of providing any mandatory or necessary data may prevent the achievement of the expected purpose.
DATA CONTROLLER
The Data Controller of the data collected through this Website is:
TOWA Pharma International Holdings, S.L.U.
Calle Sant Martí, 75 – 97
08107 Martorelles (Barcelona)
Spain
Tax number B 67563759
QUALITY AND SECURITY IN DATA PROCESSING
You guarantee that the data you provide us is true, accurate, complete, and up to date according to the specific situation and you are liable for any damage and/or harm, direct or indirect, that may arise as a result of the untruthful, inaccuracy or outdated information you have provided.
We inform you that the data collected are processed with the utmost reserve and confidentiality and that technical and organizational security measures are implemented to ensure the confidentiality, integrity, and availability of personal data.
HANDLING OF PERSONAL DATA
The data processed on this Website are those that you provide us through the forms available on this Website or the data you may provide in the sections or contact channels available on this Website. Please note that, if you contact us by phone, your phone number may be automatically registered in our telephone switchboard.
LEGAL BASIS
We process your data based on one or more of the following legal grounds:
Consent | If you give us your consent, we carry out the processing activities related to the scope of the consent and the purposes you were informed. |
Performance of a contract | We process your data if necessary for the performance of a contract or for the implementation of pre-contractual measures, to supply you with our products and services, and to fulfill the obligations set out in the contract. |
Compliance with a legal obligation | We may also process your personal data to comply with the law. |
Legitimate interests
|
We may process your personal data where it is necessary for the purposes of the legitimate interests of Towa. |
Public interest | Exceptionally, we may process your data for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. |
PURPOSES OF THE PROCESSING
Information requests | To deal with information requests and/or queries made by the user through the Website or any contact channel available. We process your personal data on our legitimate interests in responding to your request or, in the event that you send or provide data of special categories (e.g., concerning health data, racial or ethnic origin, sex life or sexual orientation, and religious beliefs, among others), we process your data based on your consent.
Legal basis: legitimate interests (art. 6.1.f. of the GDPR) or consent (art. 6.1.a and 9.2.a of the GDPR). |
Pharmacovigilance | We process the data you provide when communicating possible adverse events in order to detect and prevent problems or harm arising from the use of our products and manage and document the answer provided and report the adverse event to the competent health authorities.
Legal basis: compliance with a legal obligation (arts. 6.1.c. and 9.2.i of the GDPR and Royal Decree 577/2013, of 26 July, regulating pharmacovigilance for human use). For more details on contact to report an adverse event please click here. |
Product quality complaints | We process the personal data provided in the scope of the product quality complaints or suspected counterfeiting of our products, to assess the complaint and follow up.
Legal basis: compliance with a legal obligation (arts. 6.1.c. and 9.2.i of the GDPR, art. 87 Law 29/2006, of 26 July, on guarantees and rational use of medicines and medical devices, art. 132 of Royal Legislative Decree legislative 1/2007, of 16 November, approving the revised text of the General Law for the Protection of Consumers and Users and the good manufacturing practices for medicinal products and active ingredients («GMP»). |
Answering product quality queries | Resolving doubts about the properties or side effects of our products.
Legal basis: compliance with a legal obligation (art. 6.1.c. of the GDPR and GMP rules). |
Reporting Channel | You may report violations of our Code of Ethics or applicable laws through any of the following channels:
– Web report: towainternational.ethicspoint.com – Phone (Spain): 900 999 400 We process the data necessary to handle and investigate the report received and, where appropriate, to take actions to protect the reporting person from retaliation, take corrective action, and/or initiate legal action. Reports may be made either anonymously or confidentially. However, note that by providing your identity and the identity of the person concerned, you will help us to facilitate the investigation, shorten its duration and prevent it from being unsuccessful due to lack of information. The information you provide through the above channels will be sent to us by our third-party provider and only our authorized personnel will know your identity and/or the identity of other persons involved in your report (if you identify them) unless we are required by national or European law in the context of legal proceedings to disclose them, which we will duly inform you in advance unless this could compromise the investigation. We send you an acknowledgment of receipt of the report within seven (7) days from the report date and you receive feedback on the outcome of the investigation (if it is decided to start) within three (3) months from the acknowledgment of receipt. The data provided through any of the reporting channels available will be kept in our provider’s system for the time necessary to decide whether or not to initiate an investigation of the reported facts and, in any case, must be deleted after three (3) months from the date of the report, unless they are necessary to demonstrate the adequate implementation of the corruption prevention model of our company. Data from reports under investigation shall be retained outside of the supplier’s system for the period of time necessary for the investigation of the facts. Once the investigation has been completed, we retain the data in accordance with the period required by law. The official channels for handling reports will be those mentioned in this section and under no circumstances should be used other channels, such as the general contact channel, for the submission of a report. You could find more information on the processing of personal data in the scope of reporting concerning the privacy statement of our reporting web channel. Legal basis: compliance with a legal obligation (art. 6.1.c of the GDPR) and public interest (art. 6.1.e. of the GDPR). |
Cookies | For more information about the processing of your data by us through the use of cookies, please refer to our Cookie Policy, which can be found in the footer of this Website. |
RETENTION PERIODS
Unless otherwise specified elsewhere in this privacy statement or on the Website, your data will be kept for the time strictly necessary to fulfill the purposes of the processing, without prejudice to their retention for the purpose of making them available to the competent authorities or for the establishment, exercise, or defense of legal claims. In this case, the data will be kept blocked until the end of the retention period and will then be deleted.
DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
Your personal data will not be passed on for use by third parties unless we are entitled to do so (inter alia, by virtue of contract or consent). Notwithstanding the foregoing, in the course of our activities and for the same purposes as described in this privacy statement, your data may be processed by service providers, who assist us in providing our services. These service providers, who are considered processors, are carefully selected, and regularly monitored in accordance with applicable data protection regulations and are obliged to ensure the confidentiality and security of your personal data and to use it only for the purposes related to the service provided.
The data are processed with the appropriate level of security, adopting appropriate technical and organizational measures to prevent alteration, loss, unauthorized disclosure, or access to personal data and any other improper form of processing. The application of these measures takes into account, among others, the nature of the data processed, the risks, the state of the art, and the costs of implementation.
In addition, we inform you that your data may be disclosed to other companies belonging to the same corporate group for internal administrative purposes, based on our legitimate interest.
THIRD-PARTY SERVICES
TOWA is not responsible for, the data collection, use, disclosure, or security practices, or other practices, of any third party, including any third party operating a service to which this Website links. The inclusion of a link within this Website does not imply TOWA’s endorsement of such a service.
For further information on how such third parties process your personal data, please read the privacy statements of providers we include on this Website.
TRANSFER TO THIRD COUNTRIES
Your personal data may be processed in whole or in part in countries outside the European Union (EU)/European Economic Area (EEA), which may have a lower data protection level than European countries. In this event, we ensure that your data are processed by our processors in accordance with an adequate level of protection, for example, through standard contractual clauses adopted by the Commission or a supervisory authority, or by obtaining your explicit consent to such processing.
DATA SUBJECT RIGHTS
The regulations in force give you the following rights:
Right of access | You have the right to know what personal data we process concerning you. |
Right to rectification | You have the right to be able to correct, complete or update your personal data at any time. |
Right of erasure
(‘right to be forgotten) |
You may request that your personal data be deleted from our systems and files. |
Right to object | You may object to the processing of your data (e.g., direct marketing communications), as well as due to personal reasons unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. |
Right to restriction | You may request the restriction of processing where you contest its accuracy or where the processing is unlawful, and you oppose the erasure of your personal data and request the restriction of their use instead.
Also, when the data are no longer necessary for processing, you need them for the establishment, exercise, or defense of legal claims. And finally, when you have objected to processing, while it is being verified whether our legitimate grounds override yours. |
Right to data portability | You have the right to obtain a copy of all data you provided and, where technically feasible, you have the right to request that your personal data be transmitted to another controller. |
If you gave us your consent to the processing of your personal data, you may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You also have the right not to be subject to automated individual decision-making, including profiling.
Furthermore, we inform you that you have the right to lodge a complaint with the competent data protection authority (this being the Spanish Data Protection Agency in the case of Spain), by contacting www.aepd.es
You can contact us regarding data protection matters, to update your data, or to exercise your rights by any of the following means:
– Post mail: TOWA Pharma International Holdings, S.L.U.
Ref.: TOWA Data Protection Office
Street Sant Martí, 75 – 97
08107 Martorelles (Barcelona)
Spain
– E-mail: oficinaprotecciondatos@towapharmaceutical.com
CALIFORNIA, NEVADA, AND VIRGINIA RESIDENTS
We do not sell your personal information to third parties for money or other valuable consideration.
We do not share your personal information with unrelated third parties other than as part of a
contract where they provide a service to us for the business and commercial purposes described in
the US Privacy Policy.
UPDATES OF THE PRIVACY STATEMENT
This privacy statement will be updated as deemed necessary. Please visit our Website to check if there have been any changes to this policy and how we process your data when you access our Website.
Last updated: 13 May 2024