Privacy Policy
The website belene.com is offered by:
Ceres Pharma (belene.be)
Kortrijksesteenweg 1091 bus B,
9051 Sint-Denijs-Westrem
Belgium
Company number (VAT-BE): BE0641.953.324
E-mail : gdpr@ceres-pharma.com
Phone : 0032 9 296 47 70
Feel free to contact us should you have any privacy-related questions. We promise to reply soon!
1. WHY THIS PRIVACY STATEMENT?
Every person (hereafter the “User”) who visits or uses the Website discloses a certain amount of personal data. The personal data is information which allows ceres-pharma.com to identify you as a natural person, regardless of whether we actually do this. You are identifiable as soon as it is possible to create a direct or indirect link between one or more data and you as a natural person.
We only use and process your personal data in accordance with the GDPR and any replacement legislation, or any similar regulation under any applicable law, and any regulatory requirements or codes of practice governing the use, storage or transmission of personal data. Every reference in this Privacy Statement to the ‘GDPR’ is a reference to the Regulation of 27 April 2016 on the Protection of Natural Persons with regard to the Processing of Personal Data and on the Free Movement of such Data (General Data Protection Regulation).
Through this Privacy Policy, the User of the Website, our customers, suppliers, prospects or an individual affiliated with another organization that maintains contact with us are informed of the processing activities Ceres Pharma may carry out with his or her personal data. Ceres Pharma reserves the right to modify this Privacy Policy at all times. Every substantial change will be clearly communicated towards the User. We advise you to consult this document regularly.
2. WHO IS RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA?
2.1. CONTROLLER
Ceres-pharma.com is the controller and responsible for the processing and decides alone or in cooperation with others which personal data are being collected as well as the purposes and the technical and organizational means with regard to the processing of those personal data.
Ceres Pharma has appointed a Data Protection Officer (DPO). Our DPO can always be contacted using the contact details provided above.
2.2. PROCESSOR(S)
Ceres Pharma is free to rely on processors. A processor is the natural or legal person who processes your personal data upon request and on behalf of the controller. The processor is required to ensure the security and confidentiality of the personal data. The processor shall always act on the instructions of the controller.
Ceres Pharma relies on the following categories of "processors":
• Companies we have engaged for marketing purposes;
• Companies we have engaged for hosting purposes;
• Companies we have engaged for administrative purposes;
• Companies we have engaged for communication purposes;
• Companies we have engaged for statistical purposes;
• Companies we have engaged for payment purposes.
3. ON WHAT LEGAL GROUNDSAND PURPOSES ARE MY DATA PROCESSED?
In accordance with the GDPR we process personal data on the following legal grounds and purposes:
• On the basis of the execution of the contract agreed upon with you or the execution of pre-contractual steps taken at your request; like Customer management: customer administration, order management, deliveries, checking creditworthiness, support, complaint monitoring, dispute management
• On the basis of compliance with legal or regulatory provisions with regard to the management of the contractual relationship, invoicing in particular;
• Communication: If our communications are considered as “direct marketing” under the applicable legislation, we will ensure that we have a proper legal basis for processing your data. This may be your consent if you subscribe to our newsletter, or our legitimate interest if you are one of our customers
• Events: upon receiving your consent through event registration, and in accordance with our legitimate interest to facilitate the efficient and secure management of the event, we may process your personal data for purposes such as registering your attendance, providing updates on event logistics, and sharing relevant information before, during, and after the event. Photographs will only be taken if you have been properly notified and where a valid legal basis exists.
• Product or other information: when you give consent to process your personal data—either for yourself or as a contact person for a customer or prospect—by requesting information about our products, whether by email or at an event or meeting, your information will be processed to provide the requested information.
· Prospect: Your personal data may be processed when you have been in contact with us at an event or meeting, during a visit from one of our representatives, or when you have otherwise expressed interest in us and/or our products or services (based on our legitimate interest to build, maintain and manage business relationships)
We may also process personal information provided to us by third parties, or the attendance list of conventions and events where we actively participate (based on your consent or our legitimate interest)
• We have implemented a “Whistleblower Policy” in accordance with the legal requirements of Directive 2019/1937 on the protection of persons who report breaches of Union law, and the Belgian law of November 28, 2022 implementing such directive. If your personal data are processed to handle, evaluate and, if necessary, further investigate (anonymous) reports, we will carry out such processing based on our legal obligation to comply with the aforementioned legislation
· Website: When visiting the website of Ceres Pharma, some data are being collected for statistical purposes. Such data is necessary to optimize your user experience. These data are: IP-address, probable location of consultation, hour and day of the consultation and the pages which are being consulted. When you visit the Website, you explicitly agree to this collection of data for statistical purposes.
Ceres Pharma uses cookies and similar technologies on its websites. Cookies are small data files that are stored on the device you use to browse our website during your visit. These files enable us to recognize your browser on subsequent visits, meaning you do not have to re-enter your details, adjust your preferences, or reset your settings each time. This contributes to a more efficient and user-friendly experience on our website.
In addition, cookies allow us to optimize the functioning of our website, analyze visitor behavior, and compile statistics. Third parties may also use these cookies to track your browsing activity across different websites, enabling them to provide you with targeted and relevant advertisements while omitting non-relevant ones.
Cookies do not pose any risk to the security of your computer or other devices.
We use necessary, analytical, marketing, and social media cookies. Necessary cookies are placed based on our legitimate interest in providing a properly functioning and secure website. For analytical, marketing, and social media cookies, we will always seek your explicit consent before placing them.
For more information regarding our use of cookies, retention periods, and how you can manage your preferences, please refer to our cookie policy.
• In addition to processing your personal data for the purposes described above, we may also process this data on the basis of our legitimate interest in conducting audits or otherwise verifying that our internal processes are functioning properly and in accordance with applicable laws, regulations, or contractual obligations. This enables us to safeguard our assets and business operations against misuse or unlawful activities and to ensure compliance with our policies.
• We may further process your personal data to comply with applicable legal obligations, or on the basis of our legitimate interest to respond to requests from regulatory authorities.
• Moreover, your personal data may be processed in the context of corporate activities, such as reorganizations, based on our legitimate interest in managing our business with integrity.
4. WHICH PERSONAL DATA ARE BEING PROCESSED?
Ceres Pharma commits to only collect and process adequate, relevant and limited to what is necessary for the purposes for which they are processed. The following categories of personal data are processed by Ceres Pharma:
• Personal identification data (name, first name, address, login details);
• Contact details (telephone number and e-mail address);
• Financial identification data (bank details);
• Electronic identification data (IP address, location, cookies);
• Personal data (gender, age, date and place of birth, nationality).
This data is collected at the time of your registration on the Website and when you use our services. Other personal data may be collected later, e.g. in the context of our after-sales. These data are necessary for the provision of Ceres Pharma services. The amount of personal data collected depends on your use of the Website and the functionalities of the Website.
5. WHO RECEIVES YOUR PERSONAL DATA?
We only share your data with employees within Ceres Pharma who have been expressly authorised by us and only if they require access to such data to perform their tasks.
Your personal data may be processed on our behalf by processors providing business support services, such as direct mailing, website hosting, physical security, marketing, market research, etc.
Should we cease our activities or transfer them to another party, for example in the event of a sale of our business, it is possible that your personal data will be disclosed to third parties who will wholly or partially continue our operations. In such circumstances, we will inform you where feasible; however, this may not always be technically or commercially practicable.
Furthermore, we will only share your data if we are required to do so by law or by order of a governmental authority.
Your personal data will not be sold, passed on or communicated to any third parties, except in case you have given us your explicit prior consent.
6. INTERNATIONAL DATA TRANSFERS
Your data may be transferred to countries outside the European Union. In such cases, we will ensure that the processing of personal data is always adequately protected in accordance with specific contractual obligations and in compliance with applicable data protection legislation.
7. HOW LONG DO WE STORE YOUR PERSONAL DATA?
Your data is stored as long as necessary to achieve the ends pursued. They will be erased from our database as soon as they are no longer necessary for the ends pursued or if you validly exercise your right to erasure.
8. WHAT ARE MY RIGHTS?
8.1. GUARANTEE OF A LEGITIMATE AND SECURE PROCESS OF YOUR PERSONAL DATA
Your personal data are always processed for the legitimate purposes explained in point 3. They are collected and processed in an appropriate, relevant and non-excessive manner, and are not kept longer than necessary to achieve the intended purposes.
8.2. RIGHT TO ACCESS
If you can prove your identity, you have the right to obtain information about the processing of your data. Thus, you have the right to know the purposes of the processing, the categories of data concerned, the categories of recipients to whom the data are transmitted, the criteria used to determine the data retention period, and the rights that you can exercise on your data.
8.3. RIGHT TO RECTIFICATION OF YOUR PERSONAL DATA
Inaccurate or incomplete personal data may be corrected. It is primarily the responsibility of the User to make the necessary changes in his "user area" himself, but you can also request us in writing.
8.4. RIGHT TO ERASURE (OR “RIGHT TO BE FORGOTTEN”)
You also have the right to obtain the erasure of your personal data under the following assumptions:
Your personal data are no longer necessary for the intended purposes;
You withdraw your consent to the processing and there is no other legal ground for processing;
You have validly exercised your right of opposition;
Your data has been illegally processed;
Your data must be deleted to comply with a legal obligation.
The deletion of data is mainly related to visibility; it is possible that the deleted data are still temporarily stored.
8.5. RIGHT TO LIMITATION OF PROCESSING
In certain cases, you have the right to request the limitation of the processing of your personal data, especially in case of dispute as to the accuracy of the data, if the data are necessary in the context of legal proceedings or the time required to Ceres-pharma.com to verify that you can validly exercise your right to erasure.
8.6. RIGHT TO OBJECT
You have the right to object at any time to the processing of your personal data for direct marketing purposes. XXX will stop processing your personal data unless it can demonstrate that there are compelling legitimate reasons for the processing which prevail over your right to object.
8.7. RIGHT TO DATA PORTABILITY
You have the right to obtain any personal data which you have provided us in a structured, commonly used and machine readable format. At your request, this data may be transferred to another provider unless it is technically impossible.
8.8. RIGHT TO WITHDRAW YOUR CONSENT
You may withdraw your consent to the processing of your personal data at any time
9. HOW TO EXERCISE MY RIGHTS?
If you wish to exercise your rights, you must send a written request and proof of identity by registered mail to Ceres Pharma, Kortrijksesteenweg 1091 B, 9051 Sint-Denijs-Westrem, Belgium or by email to gdpr@ceres-pharma.com. We will respond as soon as possible, and no later than one (1) month after receipt of the request.
10. POSSIBILITY TO LODGE A COMPLAINT
If you are not satisfied with the processing of your personal data by Ceres Pharma, you have the right to lodge a complaint with the competent Belgian Data Protection Authority Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussel - +32 2 274 48 00 - Contact@apd-gba.be
PRIVACY STATEMENT FOR PHARMACOVIGILANCE
As a pharmaceutical company, Ceres Pharma has a legal responsibility to monitor the safety of all products worldwide that we develop, produce or market. With the following information, we would like to inform you which personal data we process in the context of so-called pharmacovigilance and for which purposes we use this data. The scope of this statement is limited to the collection and processing of your personal data for pharmacovigilance and/or medical information inquiries.
The monitoring of adverse reactions, side effects and/or interactions with other medicinal products (“event”) associated with the use of medicinal products is known as pharmacovigilance. The legally defined pharmacovigilance obligations relate to our medicinal products and allow us and the competent regulatory authorities to record events and to collect, process or use personal data in this respect. Comparable regulations exist for our medical devices and cosmetics. In the following, we therefore use the term pharmacovigilance comprehensively for the above-mentioned products.
In order to fulfil our legal responsibilities in this respect, we must collect and process information that allows a natural person to be identified, directly or indirectly ("personal data"), from a patient brought to our attention and/or the person reporting such an event. Under certain conditions, we also must report these events to the relevant regulatory authorities. In case such an event occurs, we ensure that all personal data is processed exclusively for pharmacovigilance purposes and only where relevant and appropriate in order to document, assess and report the event properly in accordance with our respective pharmacovigilance obligations.
In order to safeguard this personal data, we have implemented appropriate state of the art technical and organizational measures.
LEGAL BASIS
The legal basis for the processing of your personal data is the fulfilment of our legal obligations regarding the applicable pharmacovigilance laws and regulations, respectively the safeguarding of the considerable public and our own legitimate interests, which consist in ensuring high safety and quality standards for our products (Art. 9 Para. 2 lit. i GDPR, Art. 6 Para. 1 lit. c GDPR / Art. 6 Para. 1 lit. f GDPR in conjunction with Section 22 para. 1 lit. c BDSG).
CATEGORIES OF PERSONAL DATA
We may need to process the following personal data (including collection, storage and further use, hereinafter together “process”):
ABOUT THE PATIENT AFFECTED BY THE EVENT
Where appropriate, we can process the following additional personal data related to health and medical history of the person experiencing such an event if and to the extent this is required to process the event for pharmacovigilance purposes:
Name and/or initials of the patient,
Date of birth/age group, sex, weight, height
Information on health, racial or ethnic origin and sexual life
Medical history and state of health, including, but not limited to, for example: details of the product suspected of having caused the event, including the dosage you have been taken or were prescribed, the reason for taking or prescribing the product, and any subsequent changes to your usual medical therapy; Details of any other medicines or medications you are taking or were taking at the time of the event, including the dosage you have been taking or were prescribed, the period you were taking the medicine, the reason for taking the medicine and any subsequent changes to your medical therapy, Details of the event that you suffered, the treatment you received for that event, the potential long-term effects of the event on your health, and any other information about your medical history that the reporter considered relevant, including documents such as laboratory reports, medication history and patient history.
ABOUT THE PERSON REPORTING THE EVENT TO US
With respect to the person which has reported the event to us we can process the following data, in order to allow further inquiries by the regulatory authorities and or to further investigate the event:
Name,
Contact details (e.g. which may include, but not limited to, your address, e-mail address, telephone or fax number),
Profession (this information may determine the questions you are asked about the event, depending on the assumed level of your medical knowledge about the event), and
Relationship to the subject of the report.
PURPOSES OF THE PROCESSING
As part of meeting our pharmacovigilance obligations, we may process personal data in order to investigate the event, contact you to obtain further information about the event you reported, compare the information on the event with information on other events reported to us and, on this basis, analyze the safety of a production batch, product or active substance as a whole, and to provide mandatory reports to national and/or regional competent regulatory authorities to enable them to analyze the safety of a production batch, product, generic ingredient or active substance as a whole, together with reports from other sources. These reports contain details about the reported incident but will only contain limited personal data of the patient (note that the name of the patient will never be provided).
TRANSFER OF PERSONAL DATA
As part of meeting our pharmacovigilance obligations, we may share and/or disclose personal data as follows:
within Ceres Pharma to analyze and process a reported event.
with the competent regulatory authorities, with regard to a suspected event.
with third-party service providers of Ceres Pharma. Appropriate data protection security measures are implemented at our service providers to whom we pass on personal data and who are providing services on our behalf.
with other pharmaceutical companies acting as co-marketers, co-distributors or other licensing partners, where the pharmacovigilance obligations for such a product require such exchange of safety information. Please note that also in this case appropriate data protection security measures are implemented at these business partners.
with legal successors if the company, a therapeutic area or a specific product is sold, assigned, transferred or taken over by a third party. In this case we will require this third party to process personal data only in accordance with the applicable data protection law.
if information about events is published (for example, in the form of case studies and summaries); in these cases, all identifiers are removed from publications to keep your identity private.
THIRD COUNTRIES
A transfer to third countries (outside the EU/EEA) may take place to the following recipients or categories of recipients due to compliance with the statutory reporting obligations:
Subsidiaries of Ceres Pharma which are established in a third country,
Distributors and, where appropriate, other companies (established in a third country) acting as co-marketers, co-distributors or other licensing partners, where the pharmacovigilance obligations for a product require such exchange of safety information.
Competent authorities.
If you are not satisfied with the processing of your personal data by Ceres Pharma, you have the right to lodge a complaint with the competent Data Protection Authority Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussel - +32 2 274 48 00 - Contact@apd-gba.be
RETENTION PERIODS
We will use and store the personal data collected according to the aforementioned requirements in accordance with the respective mandatory and other legal requirements governing the storage and reporting of pharmacovigilance related information. Such mandatory requirements currently oblige us to archive the respective pharmacovigilance information, which may include personal data for the duration of the product life-cycle (i.e. until the respective product has been taken from the market) and for an additional ten years thereafter.
YOUR RIGHTS AS DATA SUBJECTS
If we process personal data, the persons concerned are entitled to the following rights:
Art. 15 GDPR Right to information
Right to information about your personal data stored by us.
Art. 16 GDPR Right of rectification
Right to rectification of incorrect or incomplete personal data concerning you.
Art. 17 GDPR Right to deletion
Deletion of your personal data unless there is a legal obligation to keep records.
Art. 18 GDPR Right to restrict processing
If certain conditions are met, you have the right to have your personal data blocked and not processed further.
Art. 20 GDPR Right to data transferability
The right to data transferability of personal data concerning you that you have provided to us.
Please note, however, that these rights may be limited in order to fulfil our legal obligations. Your rights are not fully applicable if there is a legal basis for the processing of your personal data (e.g. information collected in the context of reporting an event cannot be deleted unless it is incorrect).
There is no automated decision-making including profiling according to Art. 22(1) and (4) GDPR.
Data subjects also have the right to file a complaint with a data protection authority.
CONTACT DETAILS OF THE DATA PROTECTION OFFICER
For any questions you may have with respect to pharmacovigilance data protection or data protection in general please contact our data protection officer:
by registered mail to Ceres Pharma Benelux, Kortrijksesteenweg 1091 B, 9051 Sint-Denijs-Westrem, Belgium by email to gdpr@ceres-pharma.com.
Version: 1 oktober 2025
