Pluri – Privacy Policy

Last updated on 26 December 2022

  1. Introduction

Pluri Biotech Ltd., on its behalf and on behalf of its related companies (“Pluri” “we” or “us”) respects the privacy of its participants, employees, sites visitors and website visitors (these and any others with respect to whom we collect personal data, shall collectively be referred to as “you” or “Data Subjects”) and is committed to protecting the personal information you may share with us.

This policy and notice (the “Privacy Policy”) explains the types of information we may collect from you, that we may receive about you or that you may provide during your participation in our services, business transactions, conferences or when you visit our sites or website. We are transparent about our practices regarding the information we may collect, use, maintain and process and describe our practices in this Privacy Policy. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

What is Personal Data?

Regarding our relations with you in connection with your use of our services, “Personal Data” means any data, which may enable the identification of a specific person, or is otherwise linked to such potentially identifying data.

  1. For What Purposes Do We Collect Your Personal Data?

We will use your Personal Data to provide and improve our services to our participants and others and meet our contractual, ethical and legal obligations. All Personal Data will remain accurate complete and relevant for the stated purposes for which it was processed, including for example:

Processing which is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract:

  • Carrying out our obligations arising from any contracts entered into between you and Pluri and to provide you with the information, and services that you request from Pluri.

Processing which is necessary for the purposes of the legitimate interests pursued by Pluri:

  • Notifying you about changes to our terms;
  • Contacting you for the purpose of providing you with technical assistance and other related information about the services;
  • Replying to your queries, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity;
  • Contacting you to give you commercial and marketing information about events or promotions or additional services and products offered by Pluri, including in other locations;
  • Soliciting feedback in connection with your use of the services;
  • Tracking use of Pluri facilities and services to enable us to optimize them;
  • Contacting you to inform you of additional services which may be of interest to you;

Processing which is necessary for compliance with a legal obligation to which Pluri is subject:

  • Compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution in so far as it relates to our staff, participants, facilities etc.
  • If necessary, we will use Personal Data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding;
  • For security purposes and to identify and authenticate your access to the parts of the facilities;

Non-Personal Data. We may share or otherwise use non-Personal Data in our sole discretion and without the need for further approval.

 

  1. How Do We Collect Your Data?

We collect two main categories of Personal Data:

  1. Data Received From You.We collect Personal Data required to provide services when you register interest, or when you provide us such information by entering it manually or through your use of our website, facilities and services, or in connection with site visits, in the course of preparing a contract, or otherwise in engaging with us. We also may collect Personal Data when you call us for support, in which case we collect the information you provide us. We also collect Personal Data through our CCTV recordings which automatically collect information about your presence in the Pluri facilities. You may provide us Personal Data voluntarily, such as your name, e-mail address, phone number, and location when you contact us. We urge you not to share any medical or other related sensitive information with us when communicating with us unless specifically requested by us for the services. Regardless of our data retention policies, we may remove from our records, at any time, any such sensitive information.
  2. Data Automatically Collected or Generated Through Your Use of Our website. When you visit, interact with or use our website, including any e-mail sent to you by us, we may collect or generate technical data about you. We collect or generate such data either independently or with the help of third-party services, including through the use of cookies and other tracking technologies (as further detailed in our ‘cookies’ section below). Such data consists of connectivity, technical or aggregated usage data, such as IP address, non-identifying data regarding the device, operating system, browser version locale and language settings used, the cookies and pixels installed on such device, and the activity (clicks and other interactions) of users of our website.

If you choose to give us your e-mail address, we will communicate with you via e-mail. We do not share your e-mail address with other individuals, entities and/or parties outside of Pluri. Depending on how your email application is set up, information about your actions, use of the email sent by us, may be transmitted automatically when you receive, open and/ or click on an e-mail from Pluri. In any event, you may opt out from receipt of any additional e-mails from Pluri, at any time.

 

  1. Website Data Collection and Cookies

When you access or use our services or website, Pluri may use industry standard technologies such as cookies, pixels and similar technologies, which store certain information on your computer or browsing device and which will allow us to identify the computer or device and, in some cases, to identify them with the user, and to enable automatic activation of certain features, and make your user experience more convenient and effortless. We use different types of cookies: some cookies are strictly necessary, they are required for the operation of our website and services under our terms with you; We also use analytical and performance monitoring cookies, which allow us to recognize and count the number of visitors and to see how visitors move around our website and services when they are using it. Finally, we use functionality cookies which are used to recognize you when you return to our website. This enables us to personalize content to your preferences, including for example, your choice of language or region.

Different cookies are kept for different periods. Session cookies are used to keep track of your activities online in a given browsing session; these cookies generally expire when the browser is closed but may be retained for a period on your device. Permanent cookies remain in operation even when you have closed the browser; they are used to remember your login details and password. Third-party cookies are installed by third parties with the aim of collecting certain information to research behavior, demographics. Third party cookies on our site include, for example, Google Analytics. Likewise, pixels from Youtube and others enable integration of third-party service providers may be embedded on our site. Third party cookies will be retained according to the terms of those third parties, and you can control those cookies in your browser settings.

We use cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests of improving, optimizing and personalizing our services, and these are not overridden by your rights.

Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies your online experience on our websites and services will be limited.

How to disable cookies: the effect of disabling cookies depends on which cookies you disable but, in general, the websites and some services delivered through them may not operate properly, may not recognize your device, may not remember your preferences and so on, if cookies are disabled or removed. However, allowing or disabling cookies is your choice and in your control. If you want to disable cookies on our site, you need to change your browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies can be found here: Microsoft EdgeGoogle ChromeFirefoxSafari.

  1. How Do We Retain and Store Your Data?

Pluri Biotech Ltd. is located and operates under the jurisdiction of the State of Israel, which has been declared by the European Commission, on the basis of Article 45 of Regulation (EU) 2016/679 as a country outside the European Union (the “EU”) which offers an adequate level of data protection.

Company’s parent, Pluri Therapeutics Inc. is a Nevada-based corporation, and thus abides by the applicable U.S. privacy law; however, it has also taken upon itself, to adopt additional security measures regarding the storage of your Personal Data, and only to use it in accordance with this Privacy Policy.

While privacy laws may vary between jurisdictions, Pluri has taken reasonable steps to ensure that your Personal Data is treated by its affiliates and Service Providers in a secure and lawful manner, and in accordance with common industry practices, regardless of any lesser legal requirements that may apply in their jurisdiction.

Pluri retains Personal Data it processes only for as long as required in our view, to provide the services and as necessary to comply with our legal and other obligations, to resolve disputes and to enforce agreements. We will also retain personal data to meet any audit, compliance and business best-practices.

Data that is no longer retained may be anonymized or deleted. Likewise, some metadata and statistical information concerning the use of our services are not subject to the deletion procedures in this policy and may be retained by Pluri. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.

Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and are free to securely delete it for any reason and at any time, with or without notice to you.

  1. With Whom Do We Share Data?

We may share your data (including Personal Data) with certain third parties, including law enforcement agencies, our service providers, and our affiliates – but only in accordance with this Privacy Policy:

  1. Compliance with Laws, Legal Orders and Authorities.We may disclose or allow government and law enforcement officials access to certain Personal Data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations, including for national security purposes. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
  2. Service Providers and Business Partners.We may engage selected third-party companies and individuals to perform services complementary to our own (hosting services, data analytics services, media sources, e-mail distribution and monitoring services, and our business, legal, financial and compliance advisors) (collectively: “Service Providers”). These Service Providers may have access to your Personal Data, depending on each of their specific roles and purposes in facilitating the goals of our website, and may only use it for such purposes. A list of the Service Providers we currently engage that have access to your Personal Data can be viewed
  3. Protecting Rights and Safety. We may share your Personal Data with others, if we believe in good faith that this will help protect the rights, property or personal safety of Pluri, any of our users or any members of the general public.
  4. Security Measures

Pluri maintains physical, electronic and procedural safeguards to help guard your Personal Data. We restrict access to personally identifiable information to those persons who need to know that information to provide products or services to you and any persons you have authorized to have access to such information. While we strive to protect your Personal Data, we cannot guaranty the security of any information you transmit to us.

Pluri shall act in accordance with its policies and with applicable law to promptly notify the relevant authorities and data subjects in the event that any Personal Data processed by Pluri is lost, stolen, or where there has been any unauthorized access to it, all in accordance with applicable law and on the instructions of qualified authority. Pluri shall promptly take reasonable remedial measures.

  1. Transfer of Personal Data Between the Pluri Group Entities / Service Providers

We may allow access to your Personal Data for the uses prescribed in this Privacy Policy, internally, between our group entities. In instances where Personal Data is collected from individuals within the EU, we will make sure that for the transfer outside EU borders (a) an EU Commission Adequacy Decision is in place, or (b) we have a legitimate interest of such transfer, and the recipient entity is bound by similar security measures that we apply, and further subject to the provisions of Section 5.

  1. EU Data Subject Rights Regarding Personal Data under GDPR

Please note that you may have certain rights regarding the manner of collection, processing and usage of your Personal Data pursuant to applicable privacy laws such as the EU General Data Protection Regulations (“GDPR”). Under the GDPR (to the extent it applies to you) you may be eligible for the following rights:

  • Right to Access. You have a right to access your personal data that we process and receive a copy of it.
  • Right to Rectification. You have the right to ask us to rectify inaccurate personal data concerning you and to have incomplete personal data completed.
  • Right to Data Portability. You have a right to receive the personal data that you provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit this data to a third party. Where technically feasible, you have the right that your personal data be transmitted directly from us to a third party that you designated.
  • Right to Withdraw Consent. You have the right to withdraw your consent for processing your personal data at any time. If you do that, we will not collect any further personal data, but we will further process the data we already collected for reasons described in this Policy. Withdrawing your consent will not affect the lawfulness of data processing we carried out based on your consent before such withdrawal.
  • Right to Object. If you previously agreed that your personal data may be used for other purposes other than registering and/or placing an order, you may have a right to object to the use of your personal data for such additional purposes.
  • Right to Restrict. You have the right to restrict processing of your Personal Data (except for storing it) if you contest the accuracy of your Personal Data, for a period enabling us to verify its accuracy; if you believe that the processing is unlawful and you oppose the erasure of the Personal Data and request instead to restrict its use; if we no longer need the Personal Data for the purposes outlined in this Policy, but they are required by you to establish, exercise or defense relating to legal claims, or if you object to processing, pending the verification whether our legitimate grounds for processing override yours.
  • Right to be Forgotten. Under certain circumstances, such as when you withdraw your consent, you have the right to ask us to erase your Personal Data. However, we may still process your Personal Data if it is necessary to comply with a legal obligation we are subject to under the laws in EU Member States.

Please note that the above list contains a summary of the main rights you may have under the GDPR. Under no circumstances shall the above be deemed as an exhaustive list, nor should you rely on it in terms of fully understanding all of your rights under the GDPR.

Additional Information for users entitled to rights under GDPR:

EU Representative. Our European representative, for the purposes of this Privacy Policy, is Pluri GmbH. If you are within the European Economic Area, you may contact our European representative at the following address: Brentanoweg 9, 14469 Potsdam, Germany, or by email address: dataprotection@Pluri.com

If you believe your right have been infringed, you can lodge a complaint with a supervisory authority operating under the GDPR. For a list of supervisory authorities in the EU, click here.

  1. Children

This website is directed towards and designed for use by persons aged 18 and older. We do not solicit or knowingly collect Personal Data from children under the age of 18. If we nevertheless receive Personal Data from an individual who indicates that he or she is, or whom we otherwise have reason to believe is, under the age of 18, we will delete such information from our systems.

  1. Links to Third Party Websites

The website may contain links to other websites. While we try to link only to websites that share our respect for privacy, please be aware that Pluri is not responsible for the privacy practices or the content of other websites. Websites that are accessible by hyperlinks from our website may use cookies. We encourage you to read the privacy statements provided by other websites before you provide personally identifiable information to them.

  1. Changes to this Privacy Policy

This Privacy Policy may change over time as we modify or expand our service. If we decide to change our Privacy Policy, we will prominently post those changes on this page. Your continued use of this website after we post such notice constitutes your agreement to any such changes.

  1. Contacting Us

If you have any questions about this Privacy Policy, or in the event that you wish to exercise certain rights you are eligible for with respect to your Personal Data, please contact us via the below online contact form. We welcome your questions and suggestions about our Privacy Policy.

Contact Information:

By mail: info@pluri-biotech.comdataprotection@pluri-biotech.com

(Kindly state the nature of your inquiry at the subject line of the email)

Physical address:

Pluri Biotech Ltd.

Attention: General Counsel and DPO

Matam Park, Building 05

Haifa, 3508409, Israel