Privacy policy

Privacy Policy

PolyPeptide Group AG, together with its consolidated subsidiaries, (“PolyPeptide” or the “Group”) is committed to fully complying with all applicable laws and regulations related to the protection of Personal Data (as defined below). In furtherance of this, PolyPeptide is committed to respecting your privacy and duly protects your Personal Data provided to the Group. All processing of Personal Data is made in line with the requirements of the General Data Protection Regulation (GDPR) and other laws and regulations as applicable. The purpose of this Privacy Policy (the “Policy”) is to provide information on how PolyPeptide may collect, process, store and share your Personal Data in connection with your interaction with us as a visitor to our website, customer, supplier, or representative of a business partner or other third party (“Data Subjects”).

Controller and Contact details

PolyPeptide Group is the controller of the Personal Data processed, unless stated otherwise. If you have questions regarding this Policy or about how we protect your personal data, please contact us at: [email protected]

Contact details of the controller and in the EU:

PolyPeptide Group AG
Neuhofstrasse 24
6340 Baar
Tel: +41 435 020 580
Email: [email protected]

Polypeptide Laboratories Holding (PPL) AB
Limhamnsvägen 108, PO Box 30089
200 61 Limhamn
Tel: +46 40 366 200
Email: [email protected]

Details of the relevant Group companies are available here.


Processing Personal Data must be lawful and fair. We aim to ensure that all Processing of Personal Data is transparent, and that Data Subjects understand (i) which Personal Data concerning them is collected, used, consulted, or otherwise processed and (ii) to what extent their Personal Data might be processed, and (iii) for which purposes. The amount of Personal Data Processed is limited to what is needed for the purpose and kept no longer than necessary. Also, Personal Data must be protected from unauthorized or unlawful Processing and accidental loss, destruction, or damage. The PolyPeptide privacy framework adheres to these principles.

What is Personal Data and what Data do we collect?

Any information that is directly or indirectly linked to an identifiable or identified natural person. Examples of direct personal data are name and social security number, contact data (address, e-mail address, phone number), but also location data such as IP address.
Some categories of Personal Data are more sensitive and fall under additional safeguarding rules, such as health data, information on religious beliefs or trade union membership.
We collect and use business contact information that you chose to give us when you, for example, download a document, register for an event, or contact a sales or other company representative. We also collect and store business contact information when you engage, either in person or remotely and online, through email correspondence or meetings with our employees within the different functions at PolyPeptide. The business contact information that we collect is used to engage with you and manage the relevant business relationship.

What Are Purposes and Legal Bases For Processing Your Personal Data?

When we process your personal data, we do so on one of the following legal bases:

Performance of a contract: The use of your personal data may be necessary to perform the contract that you are about to enter into or have with one of our companies, for instance as it relates to your potential employment or engagement.

Legal obligation: In certain cases, we may need to process your data to handle and resolve legal disputes, for regulatory investigations and compliance, or to comply with lawful requests from law enforcement or other official authorities.

Legitimate interest: We may, where we already hold your personal data and there is an existing or potential relationship between PolyPeptide and your company, process your personal data in the legitimate interests of PolyPeptide and your company, and your interests and fundamental rights do not override those interests. This could be because you have already indicated an interest in hearing about existing or new products/or services, or we are obligated to fulfill our contractual obligations toward your company (e.g., in the provision of support or services).

Consent: Where we rely on your consent, we may process your personal data for specifically expressed reasons. You can withdraw your consent at any time if there are no legal obligations for us to continue processing the data.

Information Sharing and Transfers

PolyPeptide Group is the sole owner of any information collected on this web site. We will share your Personal Data with companies within the Group as applicable to you for operational purposes, reporting and to enable providing services on an intercompany basis. Where Personal Data is transferred outside the EU or countries deemed not to have the same adequate level of data protection, it is done based on existing appropriate safeguards for such cross-border transfers including standard contractual clauses adopted by the European Commission.
We will not sell, share, or rent this information to others unless (i) where permitted by law, (ii) where it is necessary to administer the working relationship with you or (iii) where we have another legitimate interest in doing so.

For how long do we keep your Personal Data?

We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for Personal Data, we consider (i) the amount, nature, and sensitivity of the Personal Data, (ii) the potential risk of harm from unauthorized use or disclosure of your Personal Data, (iii) the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and (iv) the applicable legal requirements.

Your rights

We intend to give you as much control as reasonably possible over your personal information. In general, you can visit without telling us who you are or revealing any information about yourself.
We respect your rights to request access, modification, restriction of processing, deletion and portability of your personal data.
You have the right to object to our processing of your personal data in certain circumstances, for example when it is related to direct marketing purposes.
Where our processing is based on consent, you have the right to withdraw your consent at any time.
In some instances, your rights are subject to limitations e.g., where we are unable to delete your personal data due to regulatory requirements.
You have the right to make a complaint to the competent supervisory authority.

Notice of surveillance cameras

For the safety and security of our premises and all individuals within, our sites are equipped with video surveillance cameras operated in compliance with the GDPR. Data captured by the cameras is securely stored and may be shared with our trusted security services partners for monitoring purposes only. Access to this data is strictly controlled and is only used for the prevention and detection of crime.

Updates to this Policy

We will update this page from time to time. By using our Web site, you agree to the terms of the Privacy Policy in effect at that time.