Privacy Policy

1. Data Controller The data controller is EndoVia Therapeutics d.o.o.
(Ulica škofa Maksimilijana Držečnika 6, 2000 Maribor, Slovenia).
For privacy-related inquiries, contact: info@endovia.eu.

2. Data Collected

The public website collects strictly B2B data:

• Identification Data: Name, job title, institution/company.

• Contact Data: Corporate email address, phone number.

• Technical Data: IP address, cookies, and basic website analytics.

• Critical Exception: This policy does not cover biometric, genomic, or patient medical records. The processing of such data (e.g., in vitro assays, multi-omics data) is governed by strict GDPR/HIPAA protocols under separate Data Processing Agreements (DPAs) with clinical partners.

3. Legal Basis for Processing

• Processing inquiries from partners, researchers, and investors (Legitimate Interest).

• Website security and performance analytics (Consent / Legitimate Interest).

• Fulfilling pre-contractual obligations (Contract).

4. User Rights (GDPR)

Users have the absolute right to access, rectify, erase (Right to be Forgotten), restrict processing, and request data portability.
All legitimate requests will be processed within 30 days.