Skip to content

Privacy Policy

This Privacy Policy explains how A-REG Solutions s.r.o. (hereinafter “A-REG,” “we,” or “us”) collects, uses, and protects your personal data. We are committed to safeguarding your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable laws.

Company Details:
A-REG Solutions s.r.o.
Karla Čapka 1509,
Unhošť, 273 51, Czech Republic
Email: info@a-reg.com

Effective Date: March 31, 2025

1. Data We Collect and How We Use It

We process personal data for specific purposes, as outlined below. Each activity includes the types of data collected, the purpose, legal basis under GDPR, and retention period.

a) When You Visit Our Website

  • Data Collected: IP address, date and time of access, name/URL of accessed files, referrer URL (previous page), browser type, operating system, and access provider.
  • Purpose: To ensure website functionality, security, and performance, and to analyze usage via cookies and Google Analytics (see Section 3).
  • Legal Basis: Our legitimate interest in operating and securing the website (Art. 6(1)(f) GDPR).
  • Retention: Log data is stored for 30 days and then automatically deleted unless required for security investigations or legal obligations.

b) When You Register for Our Newsletter

  • Data Collected: Name and email address.
  • Purpose: To send you newsletters about our services and updates.
  • Legal Basis: Your consent (Art. 6(1)(a) GDPR).
  • Retention: Stored until you unsubscribe or for 12 months after your last interaction, whichever comes first.

c) When You Register for a Seminar

  • Data Collected: Name and email address.
  • Purpose: To manage your seminar registration and provide related communications.
  • Legal Basis: Your consent (Art. 6(1)(a) GDPR) and performance of a contract (Art. 6(1)(b) GDPR).
  • Retention: Stored until the seminar concludes or for 12 months after your last interaction, whichever comes first.

d) When You Apply for Employment

  • Data Collected: Contact details (e.g., name, email, phone), CV, cover letter, and any other information you provide.
  • Purpose: To evaluate your application and communicate with you during recruitment.
  • Legal Basis: Steps necessary to enter into a contract (Art. 6(1)(b) GDPR) and your consent for extended storage (Art. 6(1)(a) GDPR).
  • Retention: Stored for 6 months after the recruitment process ends, unless you consent to longer storage (e.g., for future opportunities), in which case it’s kept for 2 years.

e) When Reporting an Adverse Event or Complaint

  • Data Collected: Name, contact details, and potentially health-related data (e.g., adverse event details), depending on the report.
  • Purpose: To detect, assess, and prevent adverse events or manage complaints on behalf of our clients (Data Controllers), as required by pharmacovigilance laws or contracts.
  • Legal Basis: Compliance with legal obligations (Art. 6(1)(c) and Art. 9(2)(i) GDPR) and our legitimate interest as a Data Processor (Art. 6(1)(f) GDPR).
  • Retention: Stored until the end of our contract with the client (typically 10 years for pharmacovigilance data, per industry standards), after which it is deleted or returned to the client. Pseudonymized data may be retained longer if required by law.

2. Sharing Your Data with Third Parties

We only share your personal data with third parties under the following conditions:

  • With Your Consent: You explicitly agree to the sharing (Art. 6(1)(a) GDPR).
  • Legal Obligations: Required to comply with laws or regulations (Art. 6(1)(c) GDPR).
  • Contractual Necessity: Necessary to fulfill our contract with you (Art. 6(1)(b) GDPR).
  • Legal Claims: Required to establish, exercise, or defend legal rights, unless overridden by your rights (Art. 6(1)(f) GDPR).

Recipients May Include:

  • IT service providers (e.g., hosting, analytics).
  • Clients (for adverse event reporting).
  • Competent authorities (e.g., health regulators).

International Transfers: If data is transferred outside the EU/EEA, we use safeguards like Standard Contractual Clauses to ensure GDPR compliance (Chapter V).

3. Cookies and Analytics

We use cookies and Google Analytics to improve your experience and analyze website usage.

  • Types of Cookies:
    • Essential Cookies: Enable core functionality (e.g., session cookies, deleted when you close your browser).
    • Analytical Cookies: Track usage patterns via Google Analytics (stored for up to 24 months).
    • Functional Cookies: Remember your preferences (stored for up to 12 months).
  • Purpose: Enhance user-friendliness, recognize repeat visits, and optimize our site (Art. 6(1)(f) GDPR). Non-essential cookies require your consent (Art. 6(1)(a) GDPR).
  • Management: We use a cookie consent banner to obtain your approval for non-essential cookies.
  • Blocking Cookies: You can disable cookies in your browser settings, but this may limit website functionality.

4. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access (Art. 15): Request details about your data and how we process it.
  • Rectification (Art. 16): Correct inaccurate or incomplete data.
  • Erasure (Art. 17): Request deletion, unless we need it for legal reasons or public interest.
  • Restriction (Art. 18): Limit processing in specific cases (e.g., if you dispute accuracy).
  • Objection (Art. 21): Object to processing based on legitimate interests or for direct marketing.
  • Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Complaint (Art. 77): Contact a supervisory authority (e.g., Czech Office for Personal Data Protection – ÚOOÚ, at www.uoou.cz).

How to Exercise Your Rights: Email us at info@a-reg.com. We’ll respond within one month, extendable by two months for complex requests (Art. 12(3) GDPR).

5. Right to Object

If we process your data based on legitimate interests (Art. 6(1)(f) GDPR), you may object for reasons specific to your situation. For direct marketing, your objection is absolute, and we’ll stop immediately. To object, email info@a-reg.com.

6. Data Security

We protect your data using:

  • SSL Encryption: 256-bit encryption (or 128-bit if your browser doesn’t support higher) for secure transmission.
  • Other Measures: Access controls, regular audits, and employee training to prevent unauthorized access, loss, or manipulation.

We continuously update our security practices to reflect technological advancements.

7. Updates to This Policy

This policy is effective as of March 29, 2025. We may update it due to legal changes, new services, or website enhancements. Significant updates will be communicated via email or a website notice. The latest version is always available at https://a-reg.com/privacy-policy/.

8. Contact Us

For questions, requests, or concerns about your data, contact:
A-REG Solutions s.r.o.
Karla Čapka 1509,
Unhošť, 273 51, Czech Republic
Email: info@a-reg.com