Privacy Charter

Laboratoires Brothier (“Brothier”), a simplified joint-stock company with a share capital of €2,646,000, registered with the RCS of Nanterre under number B 572 156 305, headquartered at 41, rue de Neuilly – 92000 Nanterre, France (SIRET: 57215630500045), is responsible for processing your personal data. It determines the purposes, technical means, and legal frameworks for such processing.

Brothier is committed to implementing all necessary technical and organisational measures to ensure secure processing that complies with the European Regulation of 26 April 2016 concerning the protection of natural persons with respect to the processing of personal data and the free movement of such data (hereinafter referred to as the GDPR).

Personal data includes all information relating to an identified or identifiable natural person. This could include a name, first name, email address, customer number, phone number, or any other information related to an individual.

Data collected directly from you

These are data you provide us with:

1. Via our website:

• When using the contact form, we use this data to respond to your specific request and provide information related to your query (based on consent).
• During professional registration for the website and “professional area” to manage registrations and access (based on consent).
• When professionals subscribe to the newsletter (based on consent).
• When you apply for a job via our contact form (based on consent).

Users can withdraw their consent at any time by emailing: desinscription@brothier.com.

2. When you contact us via phone, mail, email, or text:

We use your data to process your request, provide requested information (documentation), or send requested samples. If you contact our Customer Service (or vice versa), we use data like your contact history to address your query and deliver the best possible service (contract performance or pre-contractual measures).

3. For similar products and services:

We may contact you regarding products or services similar to those you enquired about or sampled, provide updates on our activities, and invite you to events or training (legitimate interest of the data controller).

4. For events:

When you register for or participate in events or training we organise, we use your data to ensure the event runs smoothly. We may later contact you to evaluate and improve our products and services (e.g., through satisfaction surveys) (legitimate interest of the data controller).

5. To comply with legal obligations, including:

• Transparency requirements under Law No. 93-121 of 27 January 1993 concerning Social Order Measures (DMOS, also known as the “anti-gift” law).
• Sample tracking to ensure batch traceability and the ability to contact relevant stakeholders.

6. For business relationships:

When you contact us as a supplier or within the context of tenders, we process data related to individuals involved in the business relationship (contract performance or pre-contractual measures).

7. For photos or videos:

• During events, non-targeted and non-identified photos or films may be taken to illustrate Brothier’s activities on marketing platforms (publications, website, social media, etc.) (legitimate interest of the data controller).
• Individuals wishing to oppose the use of such photos or videos may contact us at: dpo@brothier.com.

8. For individual or targeted photos:

• Consent is required for using photos or videos of identifiable individuals (e.g., as speakers at events) for publications or invitations.

Brothier only processes your data to the extent necessary for the purposes for which it was obtained.

We retain your data only for the duration necessary to complete the operations for which it was collected and in compliance with applicable laws.

Your data may be shared with other Brothier companies for the aforementioned purposes.
Additionally, we may subcontract certain tasks, entirely or partially, to operational or technical service providers under contract. For instance, MedOK handles the authentication of healthcare professionals.

Brothier requires subcontractors to adhere to data protection laws and implement sufficient safeguards to ensure appropriate technical and organisational measures, in compliance with applicable legal frameworks.

We do not sell or disclose your data to third parties under any circumstances.

For interactions with social networks (e.g., Facebook, Twitter), any activity on our site or applications may also be accessible on your social media profile, depending on your privacy settings. To avoid such transfers, log out of your social media accounts before accessing our sites or modify your privacy settings accordingly.

We do not intend to transfer “personal data” to countries that do not provide an adequate level of protection as defined by the GDPR.

1. Right of Access

You have the right to access your data at any time and free of charge by emailing dpo@brothier.com or sending a letter to Brothier’s headquarters at: 41, rue de Neuilly – 92000 Nanterre, France.

2. Right to Rectification

You have the right to request the correction of incorrect data or the deletion of inappropriate or unnecessary data by emailing dpo@brothier.com or sending a written request to the same address.

Please note that you are responsible for ensuring the accuracy of the data you provide to us.

3. Right to Erasure (“Right to be Forgotten”)

If you no longer wish for your data to be processed and you meet the conditions for requesting deletion, we will remove your data from our database.

4. Right to Data Portability

Where applicable, you have the right to request the transfer of your data in accordance with relevant data protection laws.

5. Right to Object

You have the right to object to the use of your data for direct marketing purposes. You can exercise this right via the automated processes provided in our emails or by emailing dpo@brothier.com.

6. Right to Restriction of Processing

You have the right to request the restriction of processing your data in accordance with applicable data protection laws.

7. Image Rights

In the context of its activities, Brothier may produce photos, videos, and audio recordings. These are carried out by the Brothier communication team or external service providers, adhering to privacy and image rights.

• Individuals are informed about image or video captures and can opt out.
• Express consent is required for identifiable individual or small group images (up to three recognisable individuals).
• Written authorisation is obtained for publishing images or recordings of identified persons, detailing the intended purposes and usage duration.

We have implemented technical and organisational security measures to prevent destruction, loss, alteration, unauthorised access, accidental disclosure to third parties, and other unauthorised processing of your data.

Brothier’s liability is limited to direct damages, excluding indirect damages such as data loss, financial or commercial damages, profit loss, increased overheads, or planning disruptions.

Brothier cannot be held responsible for damages caused by unlawful third-party actions (e.g., data theft, viruses, phishing). Additionally, Brothier is not responsible for content on third-party websites linked from its own.

If you believe we are not meeting our legal or contractual obligations, you are encouraged to contact us. We will address your concerns promptly.

Brothier has appointed a DPO to oversee the implementation of internal data protection policies and collaborate with the French Data Protection Authority (CNIL)

To contact the DPO:

• By mail: DPO, 41, rue de Neuilly – 92000 Nanterre, France.
• By email: dpo@brothier.com.

If our response is unsatisfactory, you have the right to file a complaint with CNIL: https://www.cnil.fr/fr/agir

This policy is governed, interpreted, and executed in accordance with French law, the only applicable law in the event of a dispute.

In the event of a dispute concerning the validity, execution, or interpretation of this policy, the courts of Paris have exclusive jurisdiction.

This policy was created and became effective on 16/05/2019.
We reserve the right to modify, amend, or update this policy at any time.