Website privacy notice
This Privacy Notice applies to the processing of personal data related to the use of the website https://www.mcmbv.eu/(hereinafter "the Website").
MCM Vaccine, as the Data Controller (hereinafter as “MCM”), “we” or “us”, of the personal data, is committed to comply with:
- The General Data Protection Regulation N°EU 2016/679 (hereinafter, the "GDPR");
- The General Data Protection Regulation as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 (hereinafter the "UK GDPR") and the UK Data Protection Act 2018 (amended 2020) (hereinafter the "Data Protection Act");
- The Australian Federal Privacy Act of 1988 (No. 119, 1988) (“APA”), The Swiss revised Federal Act on Data Protection 2020 ("FADP"), whereby any reference to the FADP herein always includes a reference to the Swiss revised Ordinance on Data Protection 2022 (“FODP”).
Collectively referred to as "Data Protection Laws".
With this privacy notice, MCM wants to ensure that you understand what personal information is collected about you, how it is used, and how it is kept safe.
General warning and use of social media
Access to the Website implies the user’s full and unreserved acceptance of this privacy notice (hereinafter the “Notice”), as well as its general terms of use and the Cookies Notice. The User acknowledges having read the information below.
The Notice is valid for all pages hosted on the Website. It is not valid for the pages hosted by third parties to which MCM may refer and whose privacy notices may differ. MCM cannot therefore be held responsible for any personal data processed on these websites or by them. This Notice also applies to any other website that MCM may operate, including our company pages on LinkedIn.
Please note that, for the use of social media, MCM will be Joint-Controller with LinkedIn for the following activities: accessing and processing statistical aggregate data provided by LinkedIn. For any other processing on the platform, social media platform shall be considered as the sole Data Controller.
LinkedIn has created an "addendum" to their user agreements for company pages for the processing for which they are Joint-Controllers with us.
1. Why, how and for how long do we collect your personal data?
Depending on the purpose for which we process your personal data, we may need to process different types of personal data. We will keep them for no longer than necessary to fulfill the purposes for which it was collected, including any legal requirements.
Depending on each case, the processing will therefore be as follows:
| Purposes | Types of personal data | Legal basis | Retention period |
|---|---|---|---|
| For statistical purposes | Aggregate statistical data (e.g., company page on LinkedIn). | We consider that we have legitimate interest to understand the way our page is consulted (e.g., how many times our page is consulted, from which country,…). | Statistical information is stored by LinkedIn, and consequently subject to their retention policy. We may export statistical reports, but we guarantee that this is only in an anonymous form. |
| Use of cookies for the functioning, managing of our website and monitoring its performance (i.e., Google Analytics) | In certain circumstances, cookies may store personal data which may include: IP addresses, browser type, location, operating system,… | Please, see our Cookies Notice for more information. | Please, see our Cookies Notice |
2. Data sharing
We do not sell or trade your personal data to outside parties. Nevertheless, MCM has contracted with an EU based third party for hosting services which may have access to your personal data for the performance of hosting services.
Using your personal data as explained above may involve a transfer of personal data to countries outside the European Economic Area (EEA), or the United Kingdom, Switzerland and Australia. MCM is therefore committed to complying with the transfer rules under applicable Data Protection Laws and will therefore ensure implementation of adequate safeguards (i.e., adequacy decision issued by a competent data protection authority and/or applicable standard contractual clauses, certification as the US Data Privacy Framework).
You can contact our Data Protection Officer (DPO) (see contact details below), if you want to have more details about the mechanism supporting personal data transfer.
3. How do we protect your information?
MCM treats your personal data in a confidential manner and provides a sufficient and adequate level of protection.
Your personal data is stored behind secured networks and are only accessible by a limited number of people who have special access rights to such systems and are required to keep the information confidential.
4. Your rights
According to the Data Protection Laws, you have the following rights subject to limitation as set forth by the said laws:
- Access. You have the right to obtain confirmation as to whether personal data concerning you are being processed, and, where that is the case, information related to the processing of data and a copy of the data being processed.
- Rectification. You have the right to require rectification of inaccurate or incomplete personal data about you.
- Right to be forgotten. To obtain the deletion of your personal data under certain specified circumstances.
- Restrict processing. You have the right to restrict processing of personal data under certain specified circumstances.
- Data portability. You have the right to request for the receipt or the transfer to another organization, in a machine-readable form, of your personal data.
- Object to processing. You have the right to object, on grounds relating to your situation, at any time to the processing of your personal data.
- Right to withdraw consent. When you have given your explicit consent for the processing of your data, you can withdraw it at any time without any cost nor justification.
Please note that all these rights are not absolute and will be assessed on a case-by-case basis by our DPO.
If you would like to exercise your rights, please let us know by contacting our DPO, mcm.dpo@mydata-trust.info
Where applicable, You also have the right to lodge a complaint if you consider that your personal data is not processed in accordance with the Data Protection Laws.
If you are an EEA resident: You have the right to lodge a complaint with the Supervisory Authority in the Member State of the European Union of your habitual residence, place of work or place of the alleged infringement.
If you are a UK resident: you may file a complaint with the Information Commissioner’s Office ("ICO"), the Supervisory Authority of the UK, following the instructions available within the service channel.
If you are a Swiss resident: you may lodge a civil claim in case of personality rights infringements regarding the exercise of your rights of access, rectification and object but also regarding infringements related to data privacy principles. The competent Supervisory Authority in Switzerland is the FDPIC.
5. Changes to this Notice
This Notice is effective as of the date stated at the top of this page. We may change this Notice from time to time. Please refer to this Notice regularly.
6. Contacts
- MCM Vaccine acting as Controller
Robert Boyleweg 4, 2333 CG Leiden (NL)
- Data Protection Officer
mcm.dpo@mydata-trust.info
Last Edited on 2025-10-23