Please enable JavaScript.  This webapp requires JavaScript to work at its best.
Inflammatory diseases need innovative thinking
Researching IL-17A and IL-17F in HS
Our investigational Nanobody® approach

Privacy Notice

For Healthcare Professionals

  1. Introduction

    This Privacy Notice (hereinafter referred to as, “Notice”) outlines how MoonLake Immunotherapeutics AG (“MoonLake” “we” “us” or “our”) processes personal data of healthcare professionals (“HCP”), defined as the principal investigator and delegates

    Data protection is a top priority for us. It is greatly important for us to process your personal data in accordance with the Swiss Federal Act on Data Protection (FADP), and, if applicable, the EU General Data Protection Regulation (GDPR) and the UK GDPR (together referred to as, “applicable data protection laws”). We seek to comply with the country-specific data protection regulations applicable to MoonLake.

    By means of this Notice, we would like to inform you of the nature, scope, and purpose of the personal data we collect, use and process, as well as your rights in this regard.

    Please note that, “personal data” refers to any information that relates to an identified or identifiable natural person.

    If you have any questions or comments about this notice, please contact our Data Protection Officer via dpo@moonlaketx.com.

    Terms in this Notice used are not gender-specific.

  2. Data controller

    MoonLake Immunotherapeutics AG
    Dorfstrasse 29
    6300 Zug
    Switzerland
    Web: www.moonlaketx.com

  3. Collection of personal data and purposes of processing

    • Data categories in general

      MoonLake will, depending on the service we provide to you (if any) or interaction, collect and process personal data about you, including:

      • personal details such as your name, identification number, date of birth, phone number physical and electronic address;
      • professional affiliation, such as your job title, employer and work experience;
      • National Provider Identifier (NPI);
      • details of our interactions with you and the products and services you use; records of correspondence and other communication between us e.g. live chats, instant messages and social media communications; records of phone calls between you and us;
      • information about your event participation;
      • identifiers we assign to you, such as your user number;
      • cookies, pixels, unique identifiers and other similar technologies to collect and process information from different channels and devices, including devices that you use to interact with us, to recognize you, remember your preferences, tailor the content we provide to you;
      • information from third parties or delegated third party service providers e.g. website user information collected through third party component providers that we have a relationship with, or through cookies, pixels, social plugins, tags and other similar technologies (see also section 4);
      • media, such as photographs,audio recordings, video recordings and/or other types of media productions, including virtual meetings and webinars, that capture your voice and/or image;
      • publicly available information, such as publications, your affiliation to scientific/ medical networks and comments describing support for and experience with our products.
      • during your sign-up, we store the IP address of the computer system assigned by the Internet service provider (ISP) and used by you at the time of the sign-up, as well as the date and time of the sign-up. The collection of this data is necessary in order to understand the (possible) misuse of your e-mail address at a later date, and it therefore serves the aim of the protection of you and us; and
      • volume and the performance of the access, your web browser, browser language and requesting domain, and IP address (additional data will only be recorded via our Website if their disclosure is made voluntarily, e.g. in the course of a registration or request). When you visit a Website of us, that Website may contain additional information about how we use your information while you are visiting that Website.

      Most of this personal data is provided to us directly by you. We may also receive personal data from third parties, such as service providers or business partners.

    • Purposes - overview

      We always process your personal data for a specific purpose and only process the personal data which is relevant to achieve that purpose. In particular, we process personal data for the following purposes:

      • on-boarding processes, including to verify your identity;
      • managing our relationship with you, including communicating with you in relation to our products and services;
      • taking steps to improve our products and services and our use of technology, including testing and upgrading of systems and processes, and conducting market research to understand how to improve of our existing products and services or learn about other products and services we can provide;
      • sending you newsletters, other publications and invitation to our events;
      • meeting our on-going regulatory and compliance obligations, including disclosures to authorities and regulatory, judicial and governmental bodies or in proceedings, and investigating or preventing crime;
      • ensuring the safety of our customers, employees and other stakeholders;
      • undertaking transactional and statistical analysis, and related research;
      • carrying out surveys and market studies;
      • any other purposes described in this Notice and additional purposes we notify to you from time to time.

    • Collaborations with HCPs and provision of scientific information

      HCPs have the possibility to sign-up for interactions with us. Which personal data are transmitted to us is also determined by the respective input mask used for the signup procedure. The personal data entered by you are collected and processed for the following purposes:

      • 1-1 consultations regarding clinical trials, medical advancements, investigational Medicinal Product (IMP)discussions, and other relevant professional topics;
      • sending newsletters, other publications;
      • sending invitation to our events, medical events, congresses, symposia, educational gatherings, and similar events organized or sponsored by or on behalf of MoonLake;
      • sending emails with IMP information, offers and related content;
      • invitations to contribute or attend launch events relevant to your expertise and professional interests;
      • information about upcoming campaigns, events, or launches through “coming soon” notifications via email;
      • sending you educational materials and updates related to disease and health states;
      • sending emails regarding clinical trials, IMP updates, and other medical content from in-field team members of or on behalf of MoonLake.

    • Registration on our Website

      You have the possibility to register on our Website with the indication of personal data. The personal data transmitted to us are determined by the respective input mask used for the registration. The personal data entered by you are collected and stored exclusively for internal use by MoonLake, and for the purposes apparent from the registration (e.g. registration for an event or sign-up for interactions). MoonLake may transfer to one or more processors (e.g., a parcel service) that also process personal data.

      By registering on the Website, the IP address — assigned by the Internet service provider (ISP) and used by you — date, and time of the registration are also stored. The storage of this data is necessary to prevent the misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the processing of this data is necessary for security purposes. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.

      Your registration, with the voluntary indication of your personal data, is intended to enable us to offer you contents or services that may only be offered to registered HCPs due to the nature of the matter in question. Registered persons are free to change the personal data specified during the registration at any time.

    • Tracking

      Some of our e-mails contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, MoonLake may see if and when an e-mail was opened by you, and which links in the e-mail were called up.

      Such personal data collected and processed in the tracking pixels contained in the newsletters are stored and analysed by us in order to optimize the delivery of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. To process your personal data for this specific purpose, we rely on your consent. You are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by us, unless statutory retention obligations apply. MoonLake automatically regards a withdrawal from the receipt of the newsletter as a revocation.

    • Contact possibility via the Website

      The Website of MoonLake contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If you contact us by e-mail or via a contact form, the personal data transmitted by you are automatically collected and processed. Such personal data transmitted on a voluntary basis by you are stored for the purpose of processing your request and contacting you.

  4. LEGAL BASIS FOR PROCESSING

    Depending on the purpose of the processing activity (see section 2), the processing of your personal data will be one of the following:

    • processed with your consent which we obtain from you from time to time (for instance where required by law),
    • necessary for the legitimate interests of MoonLake, without unduly affecting your interests or fundamental rights and freedoms;
    • necessary for taking steps to enter into or executing a contract with you for the services or products you request, or for carrying out our obligations under such a contract;
    • required to meet our legal or regulatory responsibilities, including when we make the disclosures to authorities, regulators and government bodies referred to in sections 2;
    • in some cases, necessary for the performance of a task carried out in the public interest;
    • when we use special categories of personal data, necessary for establishing, exercising or defending legal claims or where the processing relates to personal data manifestly in the public domain.

    Examples of the “legitimate interests” referred to above are:

    • pursuit certain of the purposes such as managing communication with HCP, answering to your queries, maintaining our professional relationship.
    • exercising our rights under Articles 16 and 17 of the Charter of Fundamental Rights, including our freedom to conduct a business and right to property;
    • when we make the disclosures referred to in section 2 and 4, and keeping our customers, employees and other stakeholders satisfied;
    • meeting our accountability and regulatory requirements around the world, in each case provided such interests are not overridden by your privacy interests.

  5. THIRD PARTIES WHO MAY HAVE ACCESS TO YOUR PERSONAL DATA

    In some instances, we share personal data with our suppliers and other business partners who provide services to us, such as IT and hosting providers, marketing providers, communication services, recruitment services and others. When we do so we take steps to ensure they meet our data security standards, so that your personal data remains secure.

    If required from time to time, we disclose personal data to public and judicial authorities, regulators or governmental bodies and in proceedings, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so.

    If our business is sold to another organisation or if it is re-organised, personal data will be shared with the acquiring or successor organization so that you can continue to receive products and services. We will usually also share personal data with prospective purchasers when we consider selling or transferring part or all of a business. We take steps to ensure such potential purchasers keep the data secure. We will disclose personal data where required to exercise or protect legal rights, including ours and those of our employees or other stakeholders, or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.

  6. TRANSFER OF YOUR PERSONAL DATA

    Sharing your personal data as explained above may involve a transfer of personal data to a country outside the European Economic Area (EEA) and/or the Switzerland and/or UK. Moonlake is therefore committed to complying with the transfer rules under applicable Data Protection Laws and therefore ensure to:

    • transfer your data to countries where the data recipient is located that has been recognized as adequate by the European Commission and/or the Swiss Federal Council; or
    • where a country has not received an adequacy decision, to implement appropriate safeguards, such as the Standard Contractual Clauses (“SCCs”) applicable from time to time.

    You can contact our Data Protection Officer (see contact details above), if you want to have more details or obtain a copy about the mechanism supporting data transfer.

  7. YOUR RIGHTS

    In this section, MoonLake would like to provide you a general overview of your rights. Please note that your rights depend on the applicable data protection laws and therefore, some of your rights and the conditions to exercise these rights may differ from jurisdiction to jurisdiction. You have a right to ask us to rectify inaccurate personal data we collect and process and the right to request restriction of your personal data pending such a request being considered.

    Where we process your personal data on the basis of your consent, you have the right to withdraw that consent at any time. Please also note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

    You have a right to ask us to object to the processing of your personal data, or to request deletion of your personal data – these rights are not absolute under applicable data protection laws (as sometimes there may be other lawful grounds such as a legal obligation or overriding interests that require the processing to continue, for example), but we will consider your request and respond to you with the outcome. When personal data are processed for direct marketing purposes, your right to object extends to direct marketing, including profiling to the extent it is related to such marketing. You may object to direct marketing by clicking the ‘unsubscribe’ link in any of our emails to you, or by emailing us at any time.

    Where we process your personal data on the basis of your consent, or where such processing is necessary for entering into or performing our obligations under a contract with you, you may have the right to request your personal data be transferred to you (known as the “data portability” right). You also have the right to ask us for information regarding some or all of the personal data we collect and process about you. You have also the right of access which means to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, information related to the processing of data and a copy of the data being processed.

    In certain circumstances we may process your personal data through automated decision- making, including profiling.

    Where this takes place, you will be informed of such automated decision-making that uses your personal data, be given information on the logic involved, and be informed of the possible consequences of such processing. In certain circumstances, you can request not to be subject to automated decision-making, including profiling. If you would like to exercise your rights, please let us know by contacting our DPO at the contact details provided above.

    If you are not satisfied with our response, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen.

    Also, if you are Swiss citizen, you may lodge a civil claim in case of personality rights’ infringements regarding the exercise of your rights of access, rectification, and object but also regarding infringements related to data privacy principles. The competent Supervisory Authority in Switzerland is the Federal Data Protection Information Commissioner.

  8. SECURITY

    We treat your personal data in a confidential manner and provides for a sufficient and adequate level of protection of your personal data.

    Your personal data are contained behind secured networks and are only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.

  9. RETENTION PERIOD

    We will keep your personal data for as long as necessary to fulfill the purposes for which we collected it. In general, we will retain personal data for the period of your relationship with us (unless you previously withdraw your consent) reflecting the length of time for which legal claims may be made following termination of such relationship or contract or as we are required by applicable law.

  10. OUR WEBSITE AND COOKIES

    The Website unlockpotentialhs.com uses cookies. Cookies are text files that are stored in a computer system via an Internet browser. These cookies can be used to identify or to collect information about you.

    Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID.

    A cookie ID is a unique identifier of the cookie. It consists of a character string through which Website and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID. Through the use of cookies, MoonLake can provide the users of this Website with more user-friendly services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our Website can be optimized and personalized. Cookies allow us, as previously mentioned, to recognize our Website users. The purpose of this recognition is to make it easier for users to utilize our Website. The Website user that uses cookies, e.g. does not have to enter access data each time the Website is accessed, because this is taken over by the Website, and the cookie is thus stored on the user’s computer system.

    Cookies can be classified as follows, depending on the owner:

    • First-party cookies: They are created, sent to your device and stored by the website you are visiting directly. They allow MoonLake to collect visitor analytics data, remember language settings, and carry out other useful functions that help provide a good user experience.
    • Third-party cookies: They are created and placed by third parties other than the website you are visiting directly. They are not managed by MoonLake, but by the third party that processes the data obtained from the cookies.

    Cookies can also be classified depending on the purpose of their placement. Main categories are:

    • Strictly necessary cookies (also called “technical cookies”): they allow you to browse a website, a platform or an app, and to use the various options or services on it (e.g., control traffic, identify data or session, access to restricted access sections or content, etc.).
    • Functional cookies: they help us to make the website usable by providing you some basic features and by remembering your preferences and choices of using our website (e.g., language, the region from where the service is accessed, etc.). Not accepting cookies may cause slow website performance or poorly adapted recommendations. Analytics cookies: they allow us to have a better understanding of how you interact with the website (e.g., which pages are visited the most) in order to optimize the functioning of the website.
    • Marketing cookies: they enable us to monitor your behavior on the website. The aim is to display advertisements that are meaningful and attractive to you and therefore more useful to third party publishers and advertisers, as well as to make promotional and specific information available to you on the website.

    Cookies may also be divided into two categories depending on the period for which they are stored:

    • Session cookies: they allow MoonLake to recognize and link your actions during a browsing session. When you go to the login page, these temporary cookies will be created to determine whether or not your browser accepts cookies.
    • Persistent cookies: they are placed on your device between sessions. They can be used to remember your preferences or actions on MoonLake Website.
    Cookie name Default Expiration Time Description
    _ga 2 years Used to distinguish users
    _ga_<container-id> 2 years Used to persist session state

  11. CHANGES TO THIS PRIVACY NOTICE

    This Notice is effective as of the date stated at the top of this page. We may update this Notice from time to time. Please refer to this Notice on a regular basis.

    last Update: 18.09.2024