Leading the way in de-risking clinical development with Al
Leading the way in de-risking clinical development with Al
We, at Intelligencia, Inc. (“Intelligencia”, “Company”, “we”, “us”, “our”), prioritize the privacy of our employees, and take serious steps to protect it. We have developed this Privacy Notice to inform you about our practices concerning the collection, use, and sharing of your personal data.
In our capacity as controller, we adhere to the principles laid out by Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) to ensure your data is managed with care and transparency, and that all your rights are fully respected.
By applying for a job at, or working for, our Company regardless of contract type (including, for instance, employees, temporary workers, independent service providers, in any jurisdiction), you signify your acknowledgement of this Privacy Notice unless another specific policy or agreement applies between you and us. If you do not accept the terms set forth in this Privacy Notice, we kindly ask you to talk with your line manager or contact us at compliance@intelligencia.ai to discuss your concerns.
The various terms used in this Privacy Notice are defined as per their meanings in the GDPR.
We collect, use, and retain the following types of personal data you provide to us:
(a) family name, first name, father’s / mother’s name, date of birth, place of birth, contact details (home address, private / business email address, telephone number), compensation details (salary, allowances, bonuses), stock options, pension programs or similar benefits;
(b) ID / passport numbers, tax / social security registration numbers, payroll records, bank account details;
(c) education level, family status, number of children;
(d) emergency contact details;
(e) vaccination status for COVID-19 or other information regarding similar public health emergencies;
(f) job title, workplace location, internal career history;
(g) performance, assessment reports, training, absence, leave and similar management records;
(h) details of compliance-related matters, including any complaints, concerns or incidents you have raised with us or that involve you; your granting or withdrawal of consent to the processing of your personal data, where applicable; your exercise of data subject rights; your acknowledgment of receipt of Company policies, including those related to privacy and policies of third-party suppliers, or partners;
(i) content, profile data, voice, image, video, call history, diagnostic and usage data, gathered or recorded, as the case may be, in the context of onsite, remote or hybrid meetings, workshops, briefings, or relevant sessions;
(j) event and marketing-related photographs, videos, and sound recordings featuring you, either alone or with other individuals;
(k) limited information regarding your logins to the Company’s systems and devices, as well as your login to the business email service;
(l) recruitment information (see in detail below under 1.2.1).
We may also collect, use, and retain the following types of personal data from third parties:
(m) information about your status on and use of third-party services to the extent they form part of your employment package, from such third parties (e.g., ticket restaurant suppliers);
(n) recruitment information, from third sources (see in detail below under 1.2.2);
(o) information regarding your participation and feedback in staff surveys or training programs, provided by human resources experts and consultants.
We collect, use, and retain the following types of personal data provided by you or by third parties you may have engaged (e.g., a head-hunter, a recruitment agency acting on your behalf):
(a) family name, first name, father’s / mother’s name, date of birth, contact details (address, private / business email address, telephone number);
(b) job application, CV, details of your employment history, your references, supporting documents (e.g., transcripts of degrees, certificates);
(c) interview notes and materials, and assessment reports from the hiring process.
We also collect, use, and retain the following types of personal data from third parties:
(d) information about your suitability for the role, from your nominated referees;
(e) information about your profile obtained from recruitment agencies acting on our behalf;
(f) public information about your professional background, from social media platforms you use for this purpose, particularly LinkedIn or similar platforms.
We process your personal information only to the extent necessary for executives, the finance team, and human resources to perform their daily duties and manage your employment, including for payroll, maintaining personnel files, and administration purposes, as further explained below.
In particular, we use your information for the following purposes, which are necessary for the performance of your employment contract:
(a) to carry out our basic functions as an employer, including providing you with a workplace, or a remote workplace as applicable, necessary infrastructure, and tasks;
(b) to process your salary and reimburse business expenses;
(c) to manage your attendance, including tracking annual leave, sick leave, parental leave, or other special leave;
(d) to conduct work and performance reviews (including through performance appraisals and, where necessary, in disciplinary and/or grievance procedures) and manage your career development;
(e) to provide access to our IT systems and hardware, such as assigning an email address, user account, and appropriate access rights;
(f) to set up access to any employee benefits you opt to receive from us.
We may also collect, use, and retain the following types of personal data from third parties:
We also process your personal information to fulfil our legal obligations. This includes managing tax calculations, salary and payment administration, adherence to health and safety regulations, preparing and dispatching statutory reports, and other duties that arise not only from your employment contract but also from mandatory employment, tax, public health, and social security laws.
Concerning the processing of information related to public health emergencies (such as COVID-19) and the use of your emergency contacts, we rely on multiple grounds, as well. These include our legal obligations under the applicable health and safety regulations, the vital interests of you and the rest of our staff, as well as reasons of public interest as stipulated in applicable laws.
We process your personal information when necessary, in alignment with our legitimate interests, unless they are overridden by your interests, fundamental rights, or freedoms. This includes, but is not limited to:
(g) Organizing and distributing work and resources effectively.
(h) Monitoring and proving compliance with the Company’s various policies, such as IT system use, privacy, premises security, anti-corruption regulations, and other frameworks regulating our business and operations.
(i) Protecting the Company’s rights and advancing its interests, for example by compiling an internal knowledge library of recorded workshops, staff meetings, or relevant sessions.
(j) Pursuing our business and corporate goals, including disclosing limited employee information in transactions like mergers and acquisitions or in the context of pitches.
(k) Serving internal administrative purposes.
(l) Defending our legal positions or pursuing claims in court or other bodies in the context of disputes or litigation involving the Company and its employees.
In certain, limited circumstances, we will seek your consent to process your personal information. This will occur only in situations where your refusal to grant or later withdrawal of consent would not affect the employment relationship. This primarily includes:
(m) Administering non-mandatory perks, such as corporate discount programs.
(n) Organizing events, for instance, birthday celebrations.
(o) Publishing photos, videos, or sound recordings on the Company’s website, social media accounts, and newsletters.
We will process your personal data solely as required for the administration of our selection and recruitment processes, specifically:
(a) To undertake necessary steps in response to your job application, such as deciding whether to invite you for an interview, offer you a job, and determine the terms of any offer.
(b) To comply with our legal obligations, including verifying your right to work and, where relevant to your role, conducting other necessary checks.
(c) In connection with our legitimate interests, provided they are not overridden by your own interests, fundamental rights, or freedoms. This includes ensuring your suitability for the role you have applied for, assessing your working capacity, and in relation to any legal proceedings or to establish, exercise, or defend our legal rights.
We will obtain your prior consent before retaining your personal data to create a talent pool for potential future job opportunities within our Company.
In situations where processing your personal data is based on either contractual or statutory obligations, as applicable, your failure to provide the necessary data would hinder our ability to fulfill our obligations and duties under the employment contract or to offer employment, depending on the situation. Consequently, this could negatively affect the employment relationship or the recruitment process.
Conversely, in situations where the processing of your personal data relies solely on your consent, you are always free to withdraw that consent. Processing will cease once you withdraw your consent and your personal information will be either erased or securely de-identified. Our Company assures you that this will not adversely impact your employment. Please note that any withdrawal of consent will not affect the lawfulness of processing based on your consent prior to its withdrawal.
For the purposes outlined in this Privacy Notice and only when necessary, we disclose your personal information, on a ‘need-to-do’ and ‘need-to-know’ basis, in accordance with the conditions set out in the GDPR, to:
(a) Authorized personnel within our Company, including those at headquarters or branch locations, primarily involving the HR function, Executive team, and IT department.
(b) Our professional advisors, such as accounting, immigration, and legal advisors, HR consultants and recruiters, or similar, when they require the information to provide advice to us.
(c) Any regulatory authority, in compliance with our legal obligations.
(d) Current or any potential future entities within our corporate group, for the purposes of setting up IT systems access and other internal administrative purposes, in the event that such entities be established.
(e) Our service providers, including those for pensions, benefits (e.g., private medical insurance, ticket restaurant supplier), payroll, occupational health, travel bookings (for work-related travel), and those supporting our management, IT and data storage systems (e.g., cloud services providers, HR tools providers).
(f) Third parties, in the context of pitches or operations management, such as in mergers or acquisitions, where sharing limited information may be in our legitimate interests or justified on other legal grounds.
(g) Third parties, including businesses we occasionally collaborate with, involved in the preparation or management of projects, negotiations, meetings, or visits, when using your personal data is necessary for their successful execution.
(h) Third parties such as legal counsel, advisors, and investigators, when necessary to comply with legal obligations, protect our claims and property, or enforce our rights against unlawful activities.
3.2. GDPR roles of recipients
Persons acting under the direct authority of our Company (i.e. our staff and directors) are our representatives in the processing of your personal data.
Where recipients of your personal information are external to our Company they may:
Or act as controllers in their own right (e.g., providers of private medical insurance, ticket restaurant suppliers) . In these cases, it is their responsibility to provide you with the necessary information regarding their data processing practices. However, we will take steps to remind you of the involvement of a third-party controller and direct your attention to their privacy notices.
Your personal data is regularly updated and retained for the time necessary to fulfil the purposes outlined in this Privacy Notice, typically for the duration of the employment relationship. We will periodically request that you update or verify your personal information, such as emergency contacts and addresses, using the dedicated HR tool or platform.
Following the termination of your employment relationship, we retain only:
(a) family name, first name, father’s / mother’s name, career history within our Company;
(b) subsequent employer or occupation;
(c) information related to alumni’s stock options or similar benefits;
(d) contact details (home address, private / business email address, telephone number);
(e) information necessary to comply with our legal obligations or for other legal reasons, such as defending our Company in court;
(f) for a limited period of time, IT-related information, such as your mailbox and system logs data;
(g) information so integrated into the Company’s resources that its removal or deidentification would be impossible or require a disproportionate effort. For instance, this includes recorded workshops stored in the Company’s knowledge library, which are essential for its business operations.
The specific retention periods for each category of personal data are detailed in our data processing records.
Your personal data is retained for a maximum of one year following the completion of the selection and recruitment process, unless you have consented to its longer retention in our talent pool. The one-year retention period enables us to effectively track and audit the recruitment process, verify the implementation of, and compliance with our recruitment policies, and address any concerns raised by applicants.
If you are successfully hired, the data collected during your recruitment will be transferred to your personnel file, as detailed in section 1.1.1(l).
Following the expiration of the specified time limits your personal information will be either erased or securely de-identified, unless another legal basis for processing is applicable or an exemption under the GDPR is relevant. This includes cases where processing is necessary for the establishment, exercise, or defence of legal claims.
5.1. You are entitled to exercise any of the following rights concerning your personal data that we process, subject to conditions set forth by the GDPR:
The right to be informed about the processing of your personal data and to access it.
The right to rectify or erase your personal data.
The right to restrict the processing of your personal data.
The right to object to processing of your personal data.
The right to data portability.
The right to withdraw your consent at any time in instances where data processing is based on such consent. As explained in section 2.3.2, withdrawing your consent will not affect the lawfulness of processing that occurred prior to your notification of withdrawal.
The right to lodge a complaint with a supervisory authority and seek a judicial remedy.
5.2 To exercise your rights, you may contact us through any method you prefer, such as phone or post, using the contact details provided in Section 9. Nevertheless, we highly recommend reaching out to us via email at compliance@intelligencia.ai to ensure a swift response to your request.
6.1 We implement appropriate technical and organizational measures to ensure a level of security that matches the risk of processing your personal data. We strive to prevent any loss, misuse, or alteration of your information.
6.2 Please be aware, however, that certain data operations, such as transmission over the internet, inherently carry risks. We cannot be held liable for incidents that are beyond our control.
7.1 As a general practice, your personal data is processed solely by our Company and is therefore subject to the GDPR, regardless of whether processing takes place at our headquarters or at our branch locations.
7.2 If your personal data is disclosed to entities outside of the European Economic Area (EEA) — that is, beyond the 27 Member States of the European Union, plus Iceland, Liechtenstein, and Norway — this will only occur only if the recipient entities are in jurisdictions recognized by the European Commission as providing adequate personal data protection, or if the transfer is enabled by appropriate or suitable safeguards or derogations consistent with the GDPR. Should you wish to obtain a copy of the safeguards pertaining to any data transfers that may occur or may have occurred, please contact us at compliance@intelligencia.ai.
8.1 While this Privacy Notice is guided by the GDPR and the concepts of European Union law, it is also designed to align with applicable US legislation for US residents. This ensures that US residents are afforded protection under their local laws without any diminishment of rights.
8.2 Please be assured that we do not sell or otherwise disclose your personal information, except as specified in section 3. Any such disclosure is strictly limited to third-party service providers we engage to help deliver our website features. These activities are conducted under stringent confidentiality agreements in line with the purposes set out in this Privacy Notice.
8.3 For any questions regarding your rights under US legislation, feel free to contact us at compliance@intelligencia.ai.
9.1 For any issues related to this Privacy Notice, or your rights, please contact us as follows:
Postal mail: INTELLIGENCIA INC. | Greek branch
Attn. Privacy Program Manager
80-88, Andrea Syngrou Avenue
Athens 11741, Greece
Phone: +30 2109213944
Email: compliance@intelligencia.ai
9.2 We highly recommend reaching out to us via email at the dedicated address provided above for a prompt response.
9.3 Please rest assured that your inquiries will be directed to our privacy-focused team as well as our Data Protection Officer, where such a position is established.
10.1 Please visit our dedicated intranet section for other policies that apply to your employment relation.
This Privacy Policy was most recently updated on 2 February 2024.
© Intelligencia AI. All rights reserved.
