This Privacy Policy describes the ways in which Oculis Holding AG (“Oculis”, “we” or “us”) having its registered office at Oculis Holding AG, Bahnhofstrasse 7, 6300 Zug, Switzerland collects and processes information about you that identifies you directly or indirectly (“Personal Data”), either alone or in combination with other information made available to us, through your interactions with us via our website www.oculis.com (the “Services”).
Oculis is responsible for the processing of your Personal Data as it decides why and how it is processed, thereby acting as the “Data Controller” of such Personal Data. This Privacy Policy covers how we respect your privacy rights with respect to the processing of your Personal Data in relation to the Services and/or for the purposes described in this Privacy Policy.
This Privacy Policy is intended for individuals interacting with the Services. Wherever required, we will also present you with specific privacy policies for the purposes of activities not covered under this Privacy Policy including but not limited to recruitment, employment, or third party management.
Do take note that if you access any third-party link or website from our Services, you may need to refer to the privacy policies of such third parties. Oculis does not endorse and is not responsible for the information or privacy practices of websites or services owned by third parties.
By continuing using the Services, you agree to this Privacy Policy. We consider the protection of your Personal Data and privacy to be a very important matter. As such, we invite you to carefully read this Privacy Policy.
If you have any questions in relation to the processing of your Personal Data or this Privacy Policy, please refer to our Contact us section below.
How do we deal with Personal Data from individuals under the age of 13?
Our Services are not directed at children. We do not knowingly collect any Personal Data about children under the age of 13 on our website or for the purposes mentioned in this Privacy Policy. If Personal Data about children has been mistakenly provided to us and you would like to request that such Personal Data be removed, please refer to our Contact us section.
What Personal Data do we process and for which purposes?
Most of our Services do not require any form of registration or sign-up to access the Services. However, depending on how you interact with us, we may collect and process Personal Data that directly identifies you such as your name, contact details and email address. We may also collect certain Personal Data that does not directly identify you, but which makes identification possible through the combination of other information or identifiers such as your company name and position. If you submit Personal Data relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.
For inquiries via our contact form, you must provide your name, e-mail address, and your message. We process and save the Personal Data provided in the contact request or via e-mail to process and answer your request and to get in touch with you. The legal bases for processing your Personal Data are to perform our obligations under any contract with you, or for our legitimate interests.
We share important information and updates about Oculis via our newsletter, email bulletins and other online communications. You can sign up to receive these via the Investor Relations section of our website or you may be added to our mailing list because of your professional involvement and interactions with Oculis. We process your contact information, such as name, title and email address, to support our legitimate interests, however, if you decide that you no longer wish to receive such communications, you can opt-out by unsubscribing at any time, by clicking the unsubscribe link in the email or by clicking the unsubscribe link in the Investor Relations section of our website.
We may also collect and process information about your visit to this website, such as the pages you visit, the website you came from and the searches you perform. We may use such information to help improve the contents of the website and to compile aggregate statistics about people using our website for our internal usage statistics and market research purposes. In doing this, we may install “cookies” or similar technologies that collect the domain name of the user, your internet service provider, your operating system, and the date and time of access. Cookies are created and stored on the user’s computer, phone or other devices when the user’s browser loads a particular website. Every time the user goes back to the same website, the browser retrieves and sends this “cookie” file to the website. Cookies are useful because they serve key purposes like helping a website remember your preferences and settings, performing analytics to improve services, serving you relevant content or advertisements and authenticating you on the websites. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie, this will enable you to decide if you want to accept it or not. You can also refuse cookies altogether. However, if you do not accept our cookies, you may not be able to use all functionalities of our website. When you visit our website, you may be presented with a cookie-setting banner that allows you to manage the settings and accept or deny the cookies. It is legally permitted to store cookies on your machine if they are essential to the operation of the website, but for all other types of cookies we need your permission to do so. On our website, you have the option to consent to the use of cookies while visiting the website for the first time when a cookie banner will be shown or manage these settings anytime later by clicking the Cookie Settings link in the footer of the website. These cookie settings give you the option of accepting or denying your consent to every category of cookies (with the exception of the necessary cookies which are always active). Please refer to our Cookie Settings to learn more about what types of cookies we use (the purpose they serve, their lifespan, and their provenance) and how you can manage your preferences.
Certain of our Services, including this website, may use the web analysis service “Google Analytics 4” from Google LLC, of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to optimize them. Google Analytics 4 is an analytics service that enables us to measure traffic and engagement across our website. In order to increase the security of your Personal Data, the “IP anonymization” function is activated by default and cannot be adjusted by users which means that Google Analytics 4 will not store IP addresses of users. For more information on how IP anonymization works, click: https://support.google.com/analytics/answer/12017362?hl=en.
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity for us and to provide us with other services relating to website activity and internet usage. Oculis uses the data received from Google Analytics for business planning, for its own business activities and for marketing measures in order to better understand how the content of our web services and the associated experience can be improved.
Certain of our websites also use Cookiebot cookies to enable you to manage the cookies easily and help us to obtain your consent for our placement and use of cookies on your device. We need these cookies to remember the choices that you have made regarding cookie settings.
The legal basis for the processing of your Personal Data when we do website analytics is your consent or our legitimate business interests.
We may use your Personal Data for our business purposes, including audits, monitoring and prevention of fraud, and infringement.
Also, we may use your Personal Data:
- if we are required to do so because of an applicable law, requests from public and government authorities (including court order, subpoena, or governmental regulation), even outside your country of residence;
- if we need to enforce our terms and conditions;
- when we believe in good faith that the use of Personal Information is necessary to protect legal rights, the security or integrity of this website;
- to protect your safety or the safety of others;
- as part of any criminal or other legal investigation or proceeding in your country or in other countries; or
- to the extent reasonably necessary for development of or to proceed with the negotiation or completion of a corporate or commercial transaction.
We do not collect sensitive Personal Data. You are requested to not disclose your sensitive Personal Data to us unless we specifically ask for it (e.g., national identification card numbers, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual).
When and to whom do we disclose your Personal Data?
We may share your Personal Data with other Oculis subsidiaries and affiliates worldwide to exchange information and maintain databases in different countries. We also may transfer Personal Data to third parties who act on our behalf, for further processing in accordance with the purpose(s) for which the data were originally collected or may otherwise be lawfully processed, evaluating the usefulness of our Services, data management, or technical support.
We will not sell, share, or otherwise transfer your Personal Data to third parties other than those indicated in this Privacy Policy.
In the course of our activities and for the same purposes as those listed in this Privacy Policy, your Personal Data can be accessed by, or transferred to the following categories of recipients on a need to know basis to achieve such purposes:
- our personnel (including personnel, departments or other companies of the Oculis group);
- our independent agents or brokers (if any);
- our other suppliers and service providers that provide services and products to us; and
- our IT systems providers, cloud service providers, database providers and consultants.
These third parties have contracted with us to only use Personal Data for the agreed upon purpose, and not to sell Personal Data to third parties, and not to disclose it to third parties except as may be permitted by us, as required by law, or as stated in this Privacy Policy.
Also, we may disclose your Personal Data to a third party if we are required to do so because of an applicable law, requests from public and government authorities (including court order, subpoena, or governmental regulation), even outside your country of residence; if we need to enforce our terms and conditions; when we believe in good faith that the disclosure is necessary to protect legal rights, the security or integrity of this website; to protect your safety or the safety of others; as part of any criminal or other legal investigation or proceeding in your country or in other countries; or to third parties, advisors, and other entities to the extent reasonably necessary for development of or to proceed with the negotiation or completion of a corporate or commercial transaction.
Your Personal Data may also be processed, accessed, or stored in countries outside Switzerland. Such countries may offer a different level of protection of Personal Data. If we transfer your Personal Data to external companies in other jurisdictions, we will make sure to protect your Personal Data by applying the level of protection required under applicable data privacy laws by implementing adequate technical and organisational measures. In the event that your Personal Data is transferred to a service provider based in a third country (countries outside the European Union that do not have a level of data protection comparable to the data protection law of the European Union, as determined by a competent data protection authority) and processed there, Oculis ensures the protection of your Personal Data by means of Standard Contractual Clauses or EU Model Clauses or another method in accordance with applicable law. Should these Standard Contractual Clauses in the future be declared null and void and/or be revised by the European Commission, we will adopt other applicable and/or approved instruments to provide for appropriate safeguards required for the third country transfers and enter into such agreed instruments in a written and legally binding form.
How long do we keep your Personal Data?
We keep your Personal Data for as long as you use the Services. We may also keep your Personal Data for a reasonable period following the fulfilment of our Services or termination of your relationship with us or discontinuation of your use of our Services, unless a longer retention period is required or permitted by law.
How do we protect your Personal Data?
We have implemented appropriate technical and organisational measures designed to provide an adequate level of security and confidentiality to your Personal Information. The purpose of these measures is to protect Personal Information against accidental or unlawful destruction or alteration, accidental loss, unauthorized disclosure or access and against other unlawful forms of processing.
What are your rights and how can you exercise them?
Whenever we process Personal Data, we take reasonable steps to keep your Personal Data accurate and up-to-date for the purposes for which they were collected. We will provide you with the ability to exercise the following rights under the conditions and within the limits set forth in the law:
- the right to be informed about what Personal Data we have about you and how we process your Personal Data;
- the right to access your Personal Data as processed by us and, if you believe that any information relating to you is incorrect, obsolete or incomplete, to request its correction or updating;
- the right to request the erasure of your Personal Data or the restriction thereof to specific categories of processing;
- the right to withdraw your consent at any time, without affecting the lawfulness of the processing before such withdrawal;
- the right to object, in whole or in part, to the processing of your Personal Data;
- the right to request a data portability, i.e. that the Personal Data you have provided to us be returned to you or transferred to the person of your choice, in a structured, commonly used and machine-readable format without hindrance from us and subject to your confidentiality obligations; and
- the right to object to automated decision making including profiling resulting in a significant or legal effect, i.e. you can request an human intervention in any automated decision making process related to processing of your data resulting in a significant or legal effect, and where such processing is not based on your consent, authorised by law or necessary for the performance of a contract. However, we don’t currently make decisions using automated processes only that result in significant or legal effects on individual.
If you have a question or want to exercise the above rights, you may send an email to our Data Protection Officer at privacy@oculis.com or a letter to Oculis at the address described in the Contact us section below. If you have a complaint about how your Personal Data is being processed, you also have the right to contact the Data Protection Authority in your country.
How frequently do we update this Privacy Policy?
We keep our Privacy Policy under regular review and update it as and when required. The last version of this Privacy Policy was last updated on October 1, 2023.
Contact us
If you wish to contact us regarding how we use your Personal Data or you wish to exercise your data privacy rights, please email us at privacy@oculis.com or write us to the following address:
Oculis Holding AG
Data Protection Officer
Bahnhofstrasse 7
6300 Zug
Switzerland