Privacy Policy
How Pharma Konsult collects, uses, stores, and protects personal data when you visit our website or engage with our consultancy services.
Last updated: 17 July 2026
1. Introduction
Pharma Konsult respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, disclose and protect personal data when you:
- Visit our website at https://pharmakonsult.com;
- Contact us through our website, email, telephone or other communication channels;
- Request information about our consultancy services;
- Subscribe to newsletters, updates or professional communications;
- Engage with us as a client, prospective client, supplier, contractor, business partner or professional contact.
This Privacy Policy also explains your rights under the General Data Protection Regulation (EU) 2016/679, commonly known as the GDPR, and applicable Cyprus data-protection legislation.
2. Who We Are
For the purposes of applicable data-protection law, the data controller is:
Pharma Konsult
Registered address: Virginia, USA
Email: info@pharmakonsult.com
Telephone: +1 804 305-7107
In this Privacy Policy, “Pharma Konsult”, “we”, “us” and “our” refer to the legal entity identified above.
3. Scope of This Privacy Policy
This Privacy Policy applies to personal data collected through our website and during our professional and commercial interactions.
It does not apply to third-party websites, platforms or services that may be linked to our website. Those third parties operate under their own privacy policies, and we recommend reviewing those policies before providing personal data.
4. Personal Data We May Collect
Depending on how you interact with us, we may collect the following categories of personal data.
4.1 Identity and contact information
This may include:
- Full name;
- Job title;
- Employer or organisation;
- Professional role;
- Business address;
- Email address;
- Telephone number;
- Country or location;
- Professional profile details.
4.2 Enquiry and communication information
This may include:
- Information included in contact forms;
- Email correspondence;
- Telephone or meeting notes;
- Questions about our services;
- Requests for proposals or quotations;
- Feedback and other communications;
- Records of our interactions with you.
4.3 Client and business relationship information
When you engage our services, we may collect:
- Company and professional information;
- Project requirements;
- Contractual records;
- Consultancy instructions;
- Proposal and quotation information;
- Billing and payment records;
- Information required to manage the professional relationship;
- Records relating to meetings, deliverables, project management and support.
4.4 Website and technical information
When you visit our website, certain technical data may be collected automatically, including:
- Internet Protocol address;
- Browser type and version;
- Device type;
- Operating system;
- Time zone and approximate location;
- Referral source;
- Pages viewed;
- Time spent on pages;
- Navigation paths;
- Website interaction and diagnostic data;
- Cookie identifiers and similar online identifiers.
4.5 Marketing and preference information
Where applicable, we may collect:
- Newsletter subscription status;
- Marketing preferences;
- Communication preferences;
- Records of consent;
- Records of unsubscribing or objecting to marketing.
4.6 Information obtained from public or professional sources
We may receive limited professional information from:
- Corporate websites;
- Professional directories;
- Publicly available registers;
- LinkedIn and other professional platforms;
- Conferences and industry events;
- Business partners and referrals.
We will only use such information where permitted by applicable law.
5. Special Categories of Personal Data
Pharma Konsult does not ordinarily seek to collect personal health data, genetic data, biometric data or other special categories of personal data through this website.
Please do not submit:
- Medical records;
- Patient-identifiable information;
- Clinical case information containing personal identifiers;
- Information about an individual’s health;
- Adverse-event information containing unnecessary personal identifiers;
- Confidential clinical-trial participant information;
- Any other sensitive personal data that is not specifically requested through an authorised and secure process.
If you provide special-category data without being asked to do so, we will process it only where legally permitted and may delete or securely restrict it.
Where Pharma Konsult performs services involving clinical, pharmacovigilance, medical, regulatory or other sensitive information, the processing arrangements will be governed by the relevant contract, data-processing agreement, confidentiality terms and applicable regulatory requirements.
6. How We Collect Personal Data
We may collect personal data:
- Directly from you when you contact us;
- When you complete a website form;
- When you subscribe to communications;
- When you request or receive our services;
- Through contracts, meetings and professional correspondence;
- Automatically through cookies, server logs and similar technologies;
- From your employer, organisation or authorised representative;
- From professional referrals or publicly available sources;
- From service providers supporting our operations.
7. Purposes and Legal Bases for Processing
We process personal data only where we have a lawful basis.
7.1 Responding to enquiries
We use your identity, contact and communication information to answer questions, arrange meetings, prepare proposals and discuss potential services.
Our legal basis is:
- Taking steps at your request before entering into a contract;
- Our legitimate interest in responding to business enquiries and developing professional relationships.
7.2 Providing consultancy services
We process client and business information to:
- Deliver agreed services;
- Manage projects;
- Communicate with clients;
- Provide reports, recommendations and deliverables;
- Maintain client records;
- Administer the professional relationship.
Our legal basis is:
- Performance of a contract;
- Compliance with legal obligations;
- Our legitimate interest in managing and improving our services.
7.3 Managing payments and business administration
We may process contact, contractual and financial records to:
- Issue quotations and invoices;
- Process or confirm payments;
- Maintain accounting records;
- Manage suppliers and contractors;
- Conduct audits and internal administration.
Our legal basis is:
- Performance of a contract;
- Compliance with legal and tax obligations;
- Our legitimate interest in properly administering our business.
We do not normally store complete payment-card details. Payments may be processed through third-party financial institutions or payment providers subject to their own privacy terms.
7.4 Operating and protecting our website
We process technical information to:
- Deliver website content;
- Maintain website security;
- Detect misuse, fraud and cyber threats;
- Diagnose technical problems;
- Manage hosting and infrastructure;
- Produce aggregated operational statistics.
Our legal basis is:
- Our legitimate interest in maintaining a secure and functional website;
- Compliance with legal obligations;
- Consent, where a technology legally requires consent.
7.5 Website analytics
Where you provide consent, we may use analytics technologies to understand:
- How visitors reach the website;
- Which pages are viewed;
- How visitors interact with the website;
- How the website can be improved.
Our legal basis is your consent where analytics involve non-essential cookies or similar tracking technologies.
You may withdraw your consent through our cookie-preference tool.
7.6 Marketing and professional updates
Where legally permitted, we may send:
- Company news;
- Professional insights;
- Articles and publications;
- Event information;
- Information about relevant consultancy services.
Our legal basis may be:
- Your consent;
- Our legitimate interest in communicating with existing professional contacts, where permitted by law.
You may unsubscribe or object to direct marketing at any time.
7.7 Legal, regulatory and compliance purposes
We may process personal data to:
- Comply with applicable laws;
- Respond to lawful requests from authorities;
- Establish, exercise or defend legal claims;
- Manage compliance, security and risk;
- Protect our rights, property, personnel and clients;
- Maintain records required by law or professional standards.
Our legal basis is:
- Compliance with a legal obligation;
- Our legitimate interest in protecting our business and legal rights.
7.8 Recruitment
Where recruitment functionality is offered, we may process:
- CVs and application forms;
- Contact information;
- Employment history;
- Qualifications;
- References;
- Interview notes.
Our legal basis is:
- Taking steps before entering into an employment contract;
- Compliance with legal obligations;
- Our legitimate interest in assessing candidates;
- Consent, where specifically required.
A separate recruitment privacy notice may apply.
8. Legitimate Interests
Where we rely on legitimate interests, we consider whether our interests are necessary, proportionate and balanced against your rights and reasonable expectations.
Our legitimate interests may include:
- Operating and developing our consultancy business;
- Responding to professional enquiries;
- Maintaining client and professional relationships;
- Protecting our systems and website;
- Improving our services and website;
- Preventing fraud and misuse;
- Maintaining appropriate business records;
- Establishing or defending legal claims.
You may object to processing based on legitimate interests in certain circumstances.
9. Automated Decision-Making
We do not use personal data collected through this website to make decisions based solely on automated processing that produce legal or similarly significant effects.
Should this change, we will provide the information and safeguards required by applicable law.
10. Disclosure of Personal Data
We may share personal data with carefully selected recipients where necessary, including:
- Website-hosting and infrastructure providers;
- Email, cloud-storage and collaboration providers;
- Customer-relationship and project-management platforms;
- IT support and cybersecurity providers;
- Analytics and cookie-management providers;
- Accountants, auditors, insurers, banks and professional advisers;
- Contractors and consultants engaged to support our services;
- Regulatory, law-enforcement, judicial or government authorities where legally required;
- Prospective buyers, investors or advisers in connection with a legitimate corporate transaction.
These recipients may act as processors, independent controllers or joint controllers, depending on the circumstances.
We require service providers processing personal data on our behalf to protect it, maintain confidentiality and act only on documented instructions, subject to applicable law.
We do not sell personal data.
11. International Data Transfers
Some service providers may process or store personal data outside Cyprus or the European Economic Area.
Where personal data is transferred outside the European Economic Area, we will use an appropriate lawful transfer mechanism where required, such as:
- A European Commission adequacy decision;
- Standard Contractual Clauses;
- Additional contractual, organisational or technical safeguards;
- Another transfer mechanism permitted under the GDPR.
You may contact us for further information about the safeguards relevant to your personal data.
12. Data Retention
We retain personal data only for as long as reasonably necessary for the purpose for which it was collected, including legal, accounting, regulatory, contractual and dispute-resolution requirements.
Retention periods may include:
- General enquiries: normally up to 12–24 months after the final communication;
- Client and contractual records: normally for the duration of the relationship and up to 6–10 years afterwards, subject to applicable legal requirements;
- Financial and accounting records: for the period required by applicable tax and accounting laws;
- Marketing records: until you unsubscribe, withdraw consent or object, subject to maintaining a limited suppression record;
- Recruitment records: normally up to 6–12 months, unless a longer period is agreed or legally required;
- Security logs: for a proportionate period based on operational and security requirements;
- Cookie records: as described in our Cookie Policy and consent-management tool.
We may retain data for longer where necessary to establish, exercise or defend legal claims, comply with regulatory obligations or investigate suspected misconduct.
When personal data is no longer needed, it will be securely deleted, anonymised or restricted.
13. Data Security
We use appropriate technical and organisational measures intended to protect personal data against:
- Unauthorised access;
- Accidental loss;
- Misuse;
- Disclosure;
- Alteration;
- Destruction;
- Other unlawful processing.
Measures may include access controls, secure hosting, encryption where appropriate, backups, system monitoring, confidentiality obligations, staff awareness and vendor-management procedures.
No internet transmission or information-storage system is completely secure. We therefore cannot guarantee absolute security.
14. Your Data-Protection Rights
Subject to applicable law, you may have the right to:
14.1 Access
Request confirmation of whether we process your personal data and receive a copy of that data.
14.2 Rectification
Request correction of inaccurate or incomplete personal data.
14.3 Erasure
Request deletion of personal data in circumstances where there is no lawful reason for continued processing.
14.4 Restriction
Request that processing be restricted in certain circumstances.
14.5 Objection
Object to processing based on legitimate interests.
You have an absolute right to object to the use of your personal data for direct marketing.
14.6 Data portability
Request certain personal data in a structured, commonly used and machine-readable format and, where technically feasible, have it transferred to another controller.
14.7 Withdraw consent
Withdraw consent at any time where processing is based on consent.
Withdrawal does not affect the lawfulness of processing carried out before consent was withdrawn.
14.8 Rights relating to automated decisions
Request safeguards in relation to certain decisions based solely on automated processing, where applicable.
These rights are not absolute and may be subject to legal conditions or exemptions.
15. Exercising Your Rights
To exercise a data-protection right, contact us at:
Email: info@pharmakonsult.com
Postal address: Virginia, USA
Please clearly describe your request.
We may request information reasonably necessary to verify your identity and protect personal data from unauthorised disclosure.
We will respond within the period required by applicable law. In certain cases, that period may be extended where a request is complex or numerous, and we will inform you where an extension applies.
We will not normally charge a fee. However, a reasonable fee may be charged, or a request may be refused, where permitted by law and the request is manifestly unfounded or excessive.
16. Complaints
Please contact us first if you have concerns about our handling of personal data so that we can attempt to resolve the matter.
You also have the right to lodge a complaint with the competent supervisory authority.
For Cyprus, the supervisory authority is:
Office of the Commissioner for Personal Data Protection
Nicosia, Cyprus
Website: www.dataprotection.gov.cy
You may also be entitled to complain to the data-protection authority in the EU or EEA country where you live, work or believe an infringement occurred.
17. Direct Marketing
We may use your professional contact information for marketing only where legally permitted.
Every electronic marketing communication will provide a method of unsubscribing.
You can stop marketing communications at any time by:
- Using the unsubscribe link in the communication; or
- Contacting us at info@pharmakonsult.com.
Unsubscribing from marketing does not prevent us from sending administrative, contractual, security or service-related communications.
18. Cookies and Similar Technologies
Our website may use cookies, pixels, local storage, tags and similar technologies.
Strictly necessary technologies may operate without consent where permitted by law. Analytics, advertising and other non-essential technologies will be activated only after valid consent where required.
Further information is available in our Cookie Policy.
19. Third-Party Links and Embedded Content
Our website may contain:
- Links to external websites;
- Embedded videos;
- Social-media features;
- Maps;
- Third-party publications;
- Other externally hosted content.
Interacting with such content may allow the relevant third party to collect information under its own terms and privacy policy.
Pharma Konsult is not responsible for the privacy or security practices of independent third parties.
20. Children’s Privacy
Our website and consultancy services are intended for businesses, professionals and adult users.
We do not knowingly collect personal data from children through this website.
A parent or guardian who believes that a child has submitted personal data to us should contact info@pharmakonsult.com so that we can investigate and take appropriate action.
21. Confidential and Regulatory Information
Submitting information through a general website form or ordinary email does not automatically create a confidential consultancy relationship.
Do not submit confidential pharmaceutical, clinical, regulatory, intellectual-property, patient or commercially sensitive information unless:
- We have agreed to receive it;
- An appropriate confidentiality agreement is in place where necessary; and
- An approved and suitably secure communication channel is being used.
Nothing on the website should be used to submit urgent safety information, medical emergencies or adverse-event reports unless Pharma Konsult expressly identifies an authorised reporting channel.
22. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes to:
- Our activities;
- Our website;
- Our service providers;
- Legal or regulatory requirements;
- Our data-processing practices.
The updated version will be published on this page with a revised “Last updated” date.
Material changes may also be communicated through another appropriate channel.
23. Contact Us
Questions about this Privacy Policy or our handling of personal data may be directed to:
Pharma Konsult
Address: Virginia, USA
Email: info@pharmakonsult.com
Telephone: +1 804 305-7107