(Last Modified: June 29, 2021)
CTS Ltd. (“Company”, or “we”), a pharmaceutical and consumer healthcare company, focuses on solutions that have clinically proven efficacy and safety, supporting the health of people, animals and plants (“Services”), is operating several websites (“Websites”) in which the Company interacts with its users (“User/s”, “you”).
We respect the privacy of our Users and believe that it is of utmost importance. Therefore we encourage you to read this Policy carefully before accessing our Websites or use our Services.
This Policy explains what data we may collect from you, how such data may be used or shared with others, how we safeguard it, and how you may exercise your rights related to your personal data (as defined below) under the EU General Data Protection Regulation ("GDPR" or “Regulation”), which shall apply to you in the event you are present inside the European Economic Area ("EEA"), or other applicable regulation.
This Policy is an integral part of our Terms and Conditions. Therefore, any defined terms that are used herein but not defined, shall have the meaning ascribed to it in our Terms and Conditions.
We reserve the right to periodically amend or revise this Policy which will go into effect immediately upon the implementation of the revised Policy on our Websites. The last revision date will be reflected in the “Last Modified” heading located at the top of this Policy. We will make a reasonable effort to notify you if we implement any changes that substantially change our privacy practices. We recommend that you periodically review this Policy to ensure that you understand our privacy practices and check for any amendments.
2. WHO ARE WE AND CONTACTING US
4 Haharash St, Hod Hasharon 4524075, Israel
Email: [email protected]
Questions, comments, requests and complaints regarding this Policy and the data we hold are welcome and should be addressed to us by using the contact details above. All requests will be dealt with promptly and efficiently.
3. DATA CONTROLLER / DATA PROCESSOR FOR GDPR PURPOSES
Under the GDPR we act as the “Data Controller” of our Users’ Personal Data.
4. DATA WE COLLECT
We may collect the following types of data:
4.1. “Non-Personal Data” –non-personal and anonymized information which may be gathered or made available through your access to our Websites and interaction with the Content, including but not limited to, your aggregated usage and technical information transmitted or automatically collected through your device and access time and date. For the avoidance of doubt, we are not aware of the identity of the User from who we collect such data from.
4.1.1. Non-Personal Data may be used by us without limitation and for any purpose, including for commercial, research, or statistical purposes, without further notice to you.
4.2. “Personal Data” – individually identifiable information, namely information that identifies an individual or may, with reasonable effort, identify an individual. This may include your actions while using the Websites, online identifiers, name, emails, etc., subject to applicable law.
4.2.1. In case you will voluntarily provide us with your Personal Data, we may manage it under a “Customer Ticket” in one of our systems in accordance with the terms of this Policy.
4.2.2. For the avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be considered as Personal Data for as long as such connection or linkage exists.
5. HOW WE COLLECT DATA
We may collect data as follows:
5.1. Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as your communications with us etc., all as detailed in this Policy.
6. PROCESSING OF PERSONAL DATA – PURPOSES AND LAWFUL BASIS
We have included in the table below information about which data is processed, how we process and use your data and the lawful basis for which we do so subject to the GDPR.
|Type of Data||Purpose of Processing||Lawful Basis|
| Contact details and Customer support
If you voluntarily contact us in any manner, whether for support, to submit a request or for customers inquiries, whether by sending us a direct email or through other means of communications, e.g., sending any online form available on the Websites (i.e. “Contact us” or “Talk to us” banners) or through our social media profile pages, you may be asked to provide us with your contact information such as your full name, email address, phone number, and any other optional contact details you will provide us voluntarily.
Please note that in case you will provide us with Customer Support data, sometimes we will need to retain such data as part of our legal duties for safety and clinical purposes.
| We will process your contact details solely to contact you, responding to your inquiries, and providing you with the support or information that you have requested.
We may process the contents of our correspondence with you to improve our Services, as well as to resolve any disputes with you (if applicable).
| The lawful basis for processing such Personal Data will be to perform the contract between you and us, meaning we will use the data for addressing your requests and inquiries.|
After completing any such request, we will retain your information as part of our business records under our legitimate interest.
Some of the Personal Data might be processed under our legal obligation, such as tax law or drugs and safety regulations.
If you voluntarily subscribe to our newsletter, where applicable, you will be asked to provide us with your email address. You can unsubscribe at any moment through the “unsubscribe” link within the email or by contacting us directly.
|We will use this information solely to provide you with the respective content, such as media publications, updated regarding our current and future Services, etc.||The lawful basis for processing such Personal Data will be your explicit consent while voluntarily subscribing to our newsletter.|
|Purchase and Credit Card details
In the event you will purchase any of our products online, if applicable, you will be required to provide us with certain details for completing such purchase and providing the purchased good to you.
Such Data may include your contact details (e.g. Name, Address, Phone, Email), purchased product data, and payment data (e..g. credit card details).
|We collect and use those details for allowing you to complete the purchase, for charging and invoicing you, for keeping financial records as we are required under law, and for delivering the purchased products to you.
|The lawful basis for processing such Personal Data will be our contract with you, meaning that we will process such Personal Data to provide you with the applicable requested product/s. Also, we will keep and retain some of the data for longer periods, in accordance with our legal duties (e.g. tax and bookkeeping law) and our legitimate interests as a business unit.|
If you are interested in working with us, in order to apply for our vacancies, you may voluntarily provide us with you CV through the means of communications we make available on our Websites.
| In the event you send us your CV, note that, your provision of Personal Data in connection with recruiting is voluntary, and you determine the extent of information you provide us. We do not request or require any sensitive Personal Data concerning religion, health, sexual orientation, or political affiliation in connection with recruiting.
If you are hired, the information may be used in connection with employment and corporate management.
|The lawful basis for processing your CV and other details voluntarily provided by you therein, will be, regards your contact details, to perform the contract between us and you, meaning that we will process such information to communicate with you and address your application.|
Regards your resume embedded in your CV we will use this information for the purpose of examine you resume in the context of managing our recruiting and hiring process.
We will also use this Personal Data to demonstrate compliance with corporate governance and legal and regulatory requirements.
|Online identifiers and other Technical Data
When you access our Websites, we may, either directly or indirectly (through cookies), collect certain online identifiers, including your IP address, Advertising ID, and IDFA.
| We process this data in order to (i) operate, provide, maintain, protect, manage, customize, and improve our Websites, and how we offer it; (ii) enhancing your experience with or Websites; (iii) audit and track usage statistics and traffic flow.
| Such processing is part of our legitimate interests as a commercial business.|
Without derogating from our Users’ data protection rights as described hereunder, please note that before further processing your Personal Data for a purpose other than what we specifically mentioned above, in case we intend to do so, we will provide you with reasonable information regarding the revised purpose of processing.
7. COOKIES POLICY AND TRACKING
7.2. A “cookie” is a small piece of information that a website assigns to your device while you access such website. Cookies are very helpful and may be used for a variety of different purposes. These purposes include, among other things, allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences, and making the interaction between you and the website quicker, easier and smoother. Cookies are also used to help customize your experience and for advertising purposes (including personalized advertising). You can find out more information about cookies at www.allaboutcookies.org.
7.3. Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may remove cookies by following the instructions in your device preferences. However, please note that if you choose to disable cookies, some features of our Websites and Services may not operate properly and your online experience may be limited.
7.4. In general, several types of cookies may be used on our Websites including the following:
a) Essential Cookies – which are necessary for the site to work properly (usually appears under our name/cookie tag);
b) Functional Cookies – designated to save your settings on the site - your language preference or other view preferences (also, under our name/cookie tag);
c) Session Cookies – used to support the Website's functionality – such Cookies are stored only temporarily during a browsing session and are deleted from your device when you close the browser.
d) Targeting Cookies - these cookies are used to collect information from you to help us improve our products and services and serve you with targeted advertisements that we believe will be relevant to you (e.g., Google’s Cookies).
e) Social networks Cookies - Social Plug-In Cookies (e.g., Facebook, Twitter, LinkedIn Cookies, or pixels, etc.) enable sharing your usage information with your social network’s accounts.
f) Analytics Cookies - give us aggregated and statistical information to improve the Website and System and further developing it e.g., Google analytics, Google Firebase Crashlytics, etc.
g) Third-party services used by us – for example, an external service supporting our career and recruiting options through the Website (e.g., Comeet or Workday), or an external service which allows us to screen short videos on our Website (e.g., YouTube or Vimeo).
In addition to the above, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may remove cookies by following the instructions in your device preferences. However, please note that if you choose to disable cookies, some features of our Websites may not operate properly and your online experience may be limited.
More information about your ability to disable cookies can be found here (as applicable to your browser): Google Chrome; Firefox; Internet Explorer; Safari; Edge; Opera.
8. SHARING DATA WITH THIRD PARTIES
We do not share any Personal Data collected from you with third parties except in the following events:
8.1. Legal Requirement: We will share your information in this situation only if we are required to do so to comply with any applicable law, regulation, legal process, or governmental request (e.g., to comply with a court injunction, comply with tax authorities, etc.);
8.2. Policy Enforcement: We will share your information, solely to the extent needed to (i) enforce our policies and agreements; or (ii) to investigate any potential violations thereof, including without limitations, detect, prevent, or take action regarding illegal activities or other wrongdoings, suspected fraud or security issues, solely to the extent required;
8.3. Company’s Rights: We will share your information to establish or exercise our rights, to prevent harm to our rights, property, or safety, and to defend ourselves against legal claims when necessary, subject to applicable law;
8.4. Third Party Rights: We will share your information, solely to the extent needed to prevent harm to the rights of our Users, yourself, or any third party’s rights, property, or safety;
8.5. Service Providers – we share your information with third parties that perform services on our behalf (e.g. customer service, tracking, servers, service functionality, marketing, and support, etc.), as reasonable for our business purposes. These third parties may be located in different jurisdictions.
8.6. Corporate Transaction - we may share your information in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy;
8.7. Authorized Disclosures - we may disclose your information to third parties when you consent to a particular disclosure. Please note that once we share your information with another company, that information becomes subject to the other company’s privacy practices.
9. YOUR USER RIGHTS UNDER PRIVACY PROTECTION LAWS
9.1. The data protection applicable regulation provides you with the ability to exercise some rights regarding your Personal Data that we hold such as:
• Right to access your Personal Data - you can ask us to confirm whether or not we have and use your Personal Data, and if so, you can ask for a copy of your data;
• Right to correct your Personal Data - you can ask us to correct any of your Personal Data that is incorrect, after verifying the accuracy of the data first;
• Right to erase your Personal Data - you can ask us to erase your Personal Data if you think we no longer need to use it for the purpose we collected it from you. You can also ask for such erasure in any case in which the process of your data was based on your consent, or where we have used it unlawfully, or where we are subject to a legal obligation to erase your Personal Data. any request for such erasure will be subject to our obligations under the law (e.g., our obligation to keep some records for tax or customs purposes);
• Right to restrict our use in your Personal Data - you can ask us to restrict our use of your Personal Data in certain circumstances;
• Right to object to how we use your Personal Data - you can object to any use of your Personal Data which we have justified by our legitimate interest if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information;
• You can always require us to refrain from using your data for direct marketing purposes;
• You can ask us to transfer your information to another organization or provide you with a copy of your Personal Data (Portability Right);
• Right to file a complaint to a supervisory authority for data protection issues. However, we will appreciate the chance to deal with your concerns before you approach the authorities, so please feel free to contact us in the first instance.
9.2. If you wish to exercise any or all of the above rights, please contact us through the contact means detailed above.
9.3. Please note that not all those rights apply in every jurisdiction, and though those rights principally apply under the GDPR towards EU residents, similar rights may apply in other jurisdictions, to some extent, in accordance with the relevant jurisdiction. Thus, if you are not an EU resident but still have any such request, we encourage you to contact us with any such inquiry and we will do our best to assist you, in accordance with the applicable law and our legitimate and lawful interests.
9.4. Subject to the applicable regulation, where we are not able to provide you with the information for which you have required, or to the extent you have required, whatever that reason might be, we will endeavor to explain the reasoning for this and inform you of your rights. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information under the Regulation. Please note that in the event you have asked us to exercise your data rights herein, we will respond to your request without undue delay and at the latest within one (1) month (following the receipt of the validation proof we require), under the Regulation.
10. DATA RETENTION
Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our Services and to comply with our legal obligations, resolve disputes and enforce our agreements if applicable. We may keep some of your Personal Data as a User for more extended periods to protect our legal interests or under any safety or other legal requirements.
11. SECURITY & DATA TRANSFER
We use physical, technical, and administrative security measures for the Services that we believe comply with applicable laws and industry standards to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed or accidentally lost.
However, unfortunately, the transmission of information via the internet and online data processing cannot be 100% secure. As such, although we will do our best to protect your Personal Data, we cannot guarantee the security of data transmitted via the Websites and any transmission of your data shall be done at your own risk.
If you feel that your privacy was not dealt with properly or was dealt with in a way that was in breach of our Policy or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data Please contact us at our email. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) if we discover a security incident related to your Personal Data.
Note that, your Personal Data might be processed in other territories outside your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer, in accordance with applicable law. You may exercise your rights, where applicable, to receive information on such transfer mechanism.
12. PROTECTING CHILDREN
Our Websites are not directed, nor are intended for use by children (the phrase "child" shall mean an individual that is under age defined by applicable law which concerning the European Economic Area (“EEA“) is under the age of 16 and with respect to the U.S.A, under the age of 13) and we do not knowingly process a child’s information. We will discard any information that we receive from a User who is considered a "child" immediately upon discovering that such User shared information. Please contact us if you have reason to believe that a child has shared any information with us.