Centre International de Développement Pharmaceutique Ltee (“CIDP“, “we”, “us”, “our”, “the Company”) respects your privacy, and is committed to protecting the privacy, confidentiality and security of the personal data you provide us when you use our corporate website. As your trust is prime to the success of our business, we are committed to protect your personal data in compliance with applicable data protection laws. Please read this privacy notice carefully as it contains important information on how CIDP, as a registered data controller, treats the personal data that you provide us including how and why we collect, store, use and share your personal data, your rights in relation to your personal data and on how to contact us and the regulatory authorities in the event you have a complaint.
1. Who are we?
CIDP is a private and independent Contract Research Organisation (CRO) incorporated in Mauritius with subsidiaries in Romania, Brazil and India, that carries out high R&D activities for pharmaceutical, medical device, nutraceutical, and cosmetic industries. Our headquarters are situated at BioPark Mauritius, Socota Phoenicia, Sayed Hossen Road, Phoenix, Mauritius.
2. Which personal data do we collect?
When interacting with you, we may collect the following personal data for the purposes of our business activities:
- your name,
- your contact details (phone and fax numbers, email addresses),
- Your position/job title,
- Any other personal data that you choose to provide to us.
Also, when you choose to receive our marketing communications (including newsletters, promotional and special offers), we ask that you provide us with your email address. The provision of this information is purely voluntary, and you may opt out of receiving our marketing communications at any time by unsubscribing to these communications.
3. How and why do we use your personal data?
We use your personal data in the course of our business activities and interaction with you for the following purposes:
- performing our agreement with you;
- promoting eventual business relationships;
- assisting you with your queries or concerns;
- complying with any legal or regulatory obligations imposed on us;
- fulfilling our legitimate commercial interests; and
- sending you communications if you have consented to receiving the same, and for any other purposes for which we have your consent.
4. To whom do we disclose personal data?
Your personal data may be shared as follows:
- between subsidiaries and affiliates of CIDP as may be relevant for the purposes set out in section 3 above and to facilitate our business activities or relationship, but we shall only do so on a strictly need to know basis;
- with our employees for purposes of fulfilling our business activities, or conducting internal analysis with a view to improving our company and services;
- with our agents, advisers, accountants, auditors, lawyers, other professional advisors, contractors or third-party service providers for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations;
We will ensure that your personal data is kept safely. Only designated persons will have access to your personal data on a strictly need-to-know basis for the purposes of fulfilling our agreement or promoting our business relationship with you. In addition, third parties with whom we share your personal data will be contractually obliged to safeguard all personal data to which they have access.
Some disclosures do not require your consent. This happens when we share your personal data with (i) law enforcement bodies/agencies and other statutory authorities, if required by law and (ii) If required or authorized by law or if we suspect any unlawful activities on your part.
5. Overseas Transfers of Your Personal Data
In some cases, we may need to transfer your personal data with organisations located in countries outside our territorial limits in order to provide our services to you. We will take appropriate safeguards in order to secure the personal data being transferred.
Please note that:
– our website is hosted on [cloud hosting services if abroad].
– E-mails servers and e-filling system servers are transferred
6. Direct Marketing
From time to time, we could use your name and contact information to send you via emails, information that we think may be of interest to you, including stories, events and services offered by CIDP and its subsidiaries as well as special offers and promotions and surveys but we can only do so with your consent.
You may opt-out from receiving marketing communications at any time, free of charge, by following the unsubscribe instructions contained in each of our marketing communications or by contacting us in accordance with the section “Contact Us” below.
7. How long do we keep your information?
Your personal data will be stored for as long as required to fulfil our business purposes and for the period of time required by law. To the extent required by law, we will take reasonable steps to destroy or anonymise personal data in a secure manner when we no longer need it for the purposes for which it was collected (as set out in section 3 of this notice) and retention is no longer necessary for legal or business purposes.
8. Processing of personal data must be justified
We will only process your personal data where we are satisfied that we have an appropriate legal basis to do so, such as (i) for the performance of a contract between us; (ii) where you have provided us with your express consent to process your personal data for a specific purpose; (iii) our use of your personal data is necessary to fulfill our statutory obligations with relevant authorities (regulators, tax officials, law enforcement bodies) or otherwise meet our legal responsibilities; (iv) our use of your personal data is in our legitimate interest as a commercial organization.
9. Security of personal data
CIDP has in place reasonable technical and organisational measures to prevent unauthorised or accidental access, processing, erasure, loss or use of your personal data and to keep your personal data confidential. These measures are subject to ongoing review and monitoring. To protect your personal data, we also require our third-party service providers to take reasonable precautions to keep your personal data confidential and to prevent unauthorised or accidental access, processing, erasure, loss or use of personal data, and to act at all times in compliance with applicable data protection laws. We cannot guarantee that our website will function without disruptions. We shall not be liable for damages that may result from the use of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications, interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses.
10. Children and Minors
For our website, we do not knowingly collect personal data from minors. If you are a minor, you may only use our website and services with the permission of your parent or guardian. Our online services are not directed at children under the age of 13. If you believe we have collected information about a child under the age of 13, please contact our Data Protection Officer so that we may take appropriate steps to delete such information.
11. Links to other websites
12. Access to your personal data
You have the right to request a copy of the personal data we hold about you. To do this, simply contact our Data Protection Officer and specify what data you would like to access. We will take all reasonable steps to confirm your identity before providing details of your personal data.
You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
13. Correction of your personal data
You have the right to ask us to update, correct or delete your personal data. We will take all reasonable steps to confirm your identity before making changes to personal data we may hold about you. We would appreciate it if you would take the necessary steps to keep your personal data accurate and up to date by notifying us of any changes we need to be aware of.
14. Withdrawal of consent and request for deletion or personal data
You may also withdraw your consent to receiving direct marketing communications, or more generally to our processing of your personal data, at any time, and you may in certain circumstances ask us to delete your personal data. However, we may not be able to fulfil our contractual obligations to you if you entirely withdraw your consent or ask us to delete your personal data entirely. To protect your personal data, we shall require that you first prove your identity to us at the time the request is made, for instance by providing a copy of your national identification card, contact details or answering some other security questions to satisfy ourselves of your identity before we may proceed with your request(s).
Whenever reasonably possible and required, we will strive to grant these rights within 30 days, but our response time will depend on the complexity of your requests. We will generally respond to your requests free of charge unless if your request involves processing or retrieving a significant volume of data, or if we consider that your request is unfounded, excessive or repetitive in which case we reserve the right to charge a fee (as mentioned above regarding access).
There may be circumstances where we are not able to comply with your requests, typically in relation to a request to erase your personal data or where you object to the processing of your personal data for a specific purpose or where you request that we restrict the use of your personal data where we need to keep your personal data to comply with a legal obligation or where we need to use such information to establish, exercise or defend a legal claim. To make these requests, or if you have any questions or complaints about how we handle your personal data or would like us to update the data we maintain about you and your preferences, please contact our Data Protection Officer at the address set out under section 18 below.
15. Cookies policy
- What is a cookie?
Cookies are small data files that your browser places on your computer or device. Cookies help your browser navigate a website and the cookies themselves cannot collect any data stored on your computer or your files. When a server uses a web browser to read cookies they can help a website deliver a more user-friendly service. To protect your privacy, your browser only gives a website access to the cookies it has already sent to you.
Session cookies – to allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new page you visit.
Technical cookies – These cookies are required for the proper functioning and operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, to manage your bookings etc.
Analytical cookies – Allows us to gain insight into how our visitors use www. [xxx].mu, such as which web pages viewed, date and timestamp info, platform type used etc. This helps us to improve the way our website works.
Functional cookies – Used to recognise you when you return to our website. This enables us to remember your preferences, such as language or region, which remain as your default settings when you revisit the website.
- How are third party cookies used?
- How do I reject and delete cookies?
16. Amendments to this Privacy Notice
We may amend this privacy notice from time to time. Any amendment will be posted on our website so that you are always informed of the way we collect and use your personal data. Updated versions of this privacy notice will include the date of the revision at the end of this privacy notice so that you are able to check when the privacy notice was last amended. Any changes to this privacy notice will become effective upon posting of the revised privacy notice on the website. Use of our website following such changes constitutes your acceptance of the revised privacy notice then in effect but, to the extent such changes have a material effect on your rights or obligations as regards our handling of your personal data, such changes will only apply to personal data after the changes are applied.
This privacy notice is governed by and shall be construed in accordance with the laws of the Republic of Mauritius. This privacy notice is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this privacy notice, the English version shall prevail.
18. How to contact us?
We have appointed a Data Protection Officer to oversee compliance with and questions in relation to this notice. If you have any questions about this notice, including any requests to exercise your legal rights, please contact our Data Protection Officer using the details set out below:
The Data Protection Officer
Centre International de Développement
BioPark Mauritius, SOCOTA Phoenicia
Sayed Hossen Road, Phoenix, Mauritius
If you believe we have not handled your request in an appropriate manner, you may lodge a complaint with the Data Protection Commissioner (DPC) (The Data Protection Office, 5th floor, SICOM Tower, Wall Street Ebène, Mauritius). However, we ask that you please try to resolve any issues with us first before referring your complaint to the DPC.
Version dated 04/04/2022