PRIVACY POLICY

This Privacy Policy describes how PHARMELL Life Sciences SA (hereinafter referred to as “Pharmell”) collects, processes, and protects personal data of the users of the website (“Users”). It is aligned with the EU General Data Protection Regulation (GDPR), the Swiss Data Protection Act (DPA), and the revised Swiss Data Protection Act (revDPA). Application of these laws depends on individual circumstances.

This Privacy Policy may not cover all data processing activities by Pharmell. In specific cases, other policies or terms (e.g., terms of use) may apply. All terms not defined herein are defined in the Terms accessible at include www.pharmell.com/terms-of-use
 

In this Privacy Policy, Pharmell describes what it does with the Users’ data when the Users visit, browse, or use the site www.pharmell.com (referred to as the "Website"), when the Users request or use Pharmell’s Services, when the Users are in contact with Pharmell in the context of a contract or when the Users communicate or interact with Pharmell in any other way. If necessary, Pharmell will inform the Users through a separate statement about any processing activities not covered by this Privacy Policy.

If the Users provide Pharmell with data or share data with Pharmell concerning other individuals, such as family members, colleagues, etc., Pharmell assumes that the Users are authorized to do so and that the data in question is accurate. By sharing data about other individuals with Pharmell, the Users confirm the above. Users should ensure that these individuals have been informed about the terms of this privacy policy.

The term "personal data" refers to means any information relating to an identified or identifiable natural person. If the Users provide Pharmell with personal data about others (e.g., family members or colleagues), Users should ensure that they are informed of this Privacy Policy, and the Users are authorized to share their data.

"Sensitive personal data" refers to a subcategory of personal data that is specially protected under applicable data protection laws. Examples of sensitive personal data include information revealing racial or ethnic origin, data concerning health, data related to religious or philosophical beliefs, genetic data, biometric data used to uniquely identify a natural person, and data regarding political or trade union-related views or activities, data relating to administrative and criminal proceedings or sanctions.

The term "processing" refers to any operation or set of operations which is performed on personal data or on sets of personal data, irrespective of the means and procedures used, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, archiving, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The "controller" responsible for data processing described in this Privacy Policy is:

Pharmell Life Sciences SA
Avenue de Gratta-Paille 2, 1018 Lausanne (Switzerland)
Maurianne Pietro
[email protected]

Pharmell processes personal data for the needs of its core tasks and supporting activities. 

When engaging with and/or using the Website, Pharmell collects the specific following personal data and information about Users ("User Information"):
•    (i) Full name;
•    (ii) company name, if applicable;
•    (iii) email address;
•    (iv) address;
•    (v) phone number;
•    (vi) Know Your Client (KYC) data, such as wealth, income, indebtedness capacity, education, past investment experience, entities controlled by Users, portfolio data, certified ID copies, etc.;
•    (vii) IP address;
•    (viii) visiting date on the Website;
•    (ix) research criteria;
•    (x) list of the Startups viewed on the Website;
•    (xi) Users’ interaction with the Services such as their navigation details on the Website, notably without limitation information about Users’ Web browser, webpages Users visited and saved, and log files; and
•    (xii) data collected from third-party plugins/websites such as without limitation Facebook, Google, LinkedIn, Twitter, XING, Keen IO, Intercom, Mailchimp, Sentry, Cloudflare, Amazon Cloudfront, that are provided when Users submit their User Information through the Services.

Pharmell collects the User Information when Users access and use the Services, in particular:

•    (i) when Users access and navigate through the Website;

•    (ii) when Users willingly and voluntarily submit User Information through web forms, by uploading User Content on the Website, or with their explicit consent by separate submission outside the Website;

•    (iii) when Investors submit an inquiry about a startup or Start-Up of their interest;
when Start-Ups submit an inquiry about an Investor of their interest;

•    (iv) through third-party plugins/websites; and

•    (v) through cookies and other analytics tools.

The User Information listed in Section 3 is strictly necessary for Pharmell’s core Services to provide notably a meeting place for Start-Ups and Investors. 

In addition, in line with applicable law and where appropriate, Pharmell may process the User’s personal data and personal data of third parties for the following purposes, which are in Pharmell’s (or, as the case may be, any third parties') legitimate interest, such as:
•    (i) to provide and develop Pharmell’s Services and Website; 
•    (ii) to provide Users email alerts on interesting new Start-Ups;
•    (iii) to communicate with the Users;
•    (iv) the Users’ subscription to Pharmell’s newsletter, in order to provide them further news and updates such as new early stage ventures matching their interest;
•    (v) to provide Users with targeted marketing (including organizing events ) and advertising tailored to their preferences;
•    (vi) to offer Users similar Services;
•    (vii) to re-engage Users accessing and using the Services;
•    (viii) to improve the Services;
•    (ix) for cybersecurity of the Services; and
•    (x) for statistical and planning purposes 
•    (xi) for market and opinion research, media surveillance; 
•    (xii) to assert legal claims and defense in legal disputes and official proceedings 
•    (xiii) to prevent and investigate criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud); 
•    (xiv) to ensure Pharmell’s operations, including its IT, website and other appliances.  

If the Users have given Pharmell the User’s consent to process the User’s personal data for certain purposes (for example when registering to receive newsletters or carrying out a background check), Pharmell will process the User’s personal data within the scope of and based on this consent, unless Pharmell has another legal basis, provided that Pharmell requires one. 

Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal. Users should note however that such data processing is strictly necessary to provide the Users the Services and that a withdrawal may lead to the drawback that Pharmell would not be able to provide and perform properly the Services anymore.

Pharmell typically use "cookies" and similar techniques on its Website, which allow for an identification of the User’s browser or device. A cookie is a small text file that is sent to the User’s computer and automatically saved by the web browser on the User’s computer or mobile device, when the Users visit Pharmell’s website. If the Users revisit Pharmell’s website, Pharmell may recognize the Users, even if it does not know the User’s identity. 
Besides cookies that are only used during a session and deleted after the User’s visit of the website ("session cookies"), Pharmell may use cookies in order to save Users configurations and other information for a certain time period (e.g., two years) ("permanent cookies"). 

Notwithstanding the foregoing, the Users may configure the User’s browser settings in a way that it rejects cookies, only saves them for one session or deletes them prematurely. Most browsers are preset to accept cookies. Pharmell uses permanent cookies for the purpose of saving Users configuration in order to under-stand how the Users use Pharmell’s services and content and to enable to show the Users customized offers and advertisement (which may also happen on websites of other companies; should the User’s identity be known to Pharmell, such companies will not learn the User’s identity from Pharmell; they will only know that the same Users is visiting their website has previously visited a certain website). Certain cookies are sent to the Users from Pharmell, others from business partners with which Pharmell collaborates. 

If the Users block cookies, it is possible that certain functions are no longer available to the Users. 
In accordance with applicable law, Pharmell may include visible and invisible image files such as the newsletters and other marketing e-mails. If such image files are retrieved from Pharmell’s servers, Pharmell can determine whether and when the Users have opened the e-mail, so that Pharmell can measure and better understand how the Users use Pharmell’s offers and customize them. Users may disable this in the User’s e-mail program, which will usually be a default setting.

By using Pharmell’s Website and consenting to the receipt of newsletters and other marketing e-mails the Users agree to Pharmell’s use of such techniques. If the Users object, the Users must configure the User’s browser or e-mail program accordingly.

In the context of Pharmell’s business activities and in line with the purposes of the data processing set out in Section 3, Pharmell may transfer data to third parties, insofar as such a transfer is permitted and Pharmell deems it appropriate, in order for them to process data for Pharmell or, as the case may be, their own purposes. In particular, the following categories of recipients may be concerned:  
•    Pharmell’s service providers (such as e.g. banks, insurances), including processors (such as e.g. IT providers); 
•    dealers, suppliers, subcontractors and other business partners; 
•    domestic and foreign authorities or courts; 
•    the media; 
•    the public, including Users of Pharmell’s Website; 
•    competitors, industry organizations, associations, organizations and other bodies; 
•    acquirers or parties interested in the acquisition of business divisions, companies or other parts of Pharmell; 
•    other parties in possible or pending legal proceedings; 
•    affiliates of Pharmell; 
together Recipients. 

Certain Recipients may be within Switzerland but they may be located in any country worldwide. In particular, the Users must anticipate the User’s data to be transmitted to other countries in Europe and the USA where Pharmell’s service providers are located. 

If a recipient is located in a country without adequate statutory data protection, Pharmell requires the recipient to undertake to comply with data protection (for this purpose, Pharmell uses the revised European Commission’s standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj), unless the Recipient is subject to a legally accepted set of rules to ensure data protection and unless Pharmell cannot rely on an exception. 

An exception may apply for example in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if the Users have consented or if data has been made available generally by the Users and the Users have not objected against the processing.

Pharmell processes and retain the User’s personal data as long as required for the performance of Pharmell’s contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. 

Personal data may be retained for the period during which claims can be asserted against Pharmell or insofar as Pharmell is otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as the User’s personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, to the extent possible. In general, shorter retention periods of no more than twelve months apply for operational data (e.g., system logs).

Pharmell has taken appropriate technical and organizational security measures to protect the User’s personal data from unauthorized access and misuse such as internal policies ,training,IT and network security solutions, access controls and restrictions, and encryption of data carriers and transmissions.

In the context of Pharmell’s business relationship the Users must provide Pharmell with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of the contractual obligations (as a rule, there is no statutory requirement to provide Pharmell with data). 

Without this information, Pharmell will usually not be able to enter into or carry out a contract with the Users (or the entity or person the Users represent). In addition, the website cannot be used unless certain information is disclosed to enable data traffic (e.g. IP address).

Pharmell may partially process the User’s personal data automatically with the aim of evaluating certain personal aspects (profiling). In particular, profiling allows Pharmell to inform and advise the Users about Services possibly relevant for the Users more accurately. For this purpose, Pharmell may use evaluation tools that enable Pharmell to communicate with the Users and advertise the Users as required, including market and opinion research.

In establishing and carrying out a business relationship, Pharmell generally do not use any fully automated individual decision-making (such as pursuant to article 22 GDPR). Should Pharmell use such procedures in certain cases, Pharmell will inform the Users separately on this.

In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), the Users have the right to access, rectification and erasure of the User’s personal data, the right to restriction of processing or to object to Pharmell’s data processing, in particular for direct marketing purposes, for profiling carried out for direct marketing purposes and for other legitimate interests in processing in addition to right to receive certain personal data for transfer to another controller (data portability). 

Users should note, however, that Pharmell reserves the right to enforce statutory restrictions on Pharmell’s part, for example if Pharmell is obliged to retain or process certain data, have an overriding interest (insofar as Pharmell may invoke such interests) or need the data for asserting claims. If exercising certain rights will incur costs on the Users, Pharmell will notify the Users thereof in advance. Pharmell has already informed the Users of the possibility to withdraw consent in Section 4 above. Users should further note that the exercise of these rights may be in conflict with the User’s contractual obligations and this may result in consequences such as premature contract termination or involve costs. If this is the case, Pharmell will inform the Users in advance unless it has already been contractually agreed upon. 

In general, exercising these rights requires that the Users are able to prove the User’s identity (e.g., by a copy of identification documents where the User’s identity is not evident otherwise or can be verified in another way). In order to assert these rights, Users should contact Pharmell at the addresses provided in Section 2 above. 
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

Pharmell may amend this Privacy Policy at any time without prior notice. The current version published on Pharmell’s Website shall apply. If the Privacy Policy is part of an agreement with the Users, Pharmell will notify the Users by e-mail or other appropriate means in case of an amendment.

This Privacy Policy is governed by Swiss law. Disputes arising from this Privacy Policy are subject to the exclusive jurisdiction of Lausanne, Switzerland.

Version effective as of February 24th, 2025