Milestone Pharma (hereinafter referred to as "Milestone", "we", "us", and "our") deeply understands the importance of privacy to you and will respect your privacy. Before submitting personal data to Milestone, please read and understand this Privacy Policy (hereinafter referred to as "this Policy"). This Policy applies to websites owned and operated by the Milestone Group. This Policy describes the information practices of Milestone's websites, including what information is collected, how such information is used, with whom it is shared, and how it is protected.
This Policy sets forth how your personal data is handled, but this Policy may not cover all possible data processing scenarios. Milestone's websites may contain links to other websites. Milestone assumes no responsibility for the privacy practices or content of such other websites.
We have developed this Policy to help you understand the following:
1. How Milestone Collects and Uses Your Personal Data
2. How Milestone Uses Cookies and Similar Technologies
3. How Milestone Discloses Your Personal Data
4. How to Access or Modify Your Personal Data
5. How Milestone Protects Your Personal Data
6. How Milestone Handles Children's Personal Data
7. Third-Party Providers and Their Services
8. How Your Personal Data Is Transferred Globally
9. How This Policy Is Updated
10. How to Contact Milestone
1. How Milestone Collects and Uses Your Personal Data
Personal data means data that, when used alone or in combination with other information, can identify an individual. Such data is submitted directly by you when you use our websites, products, or services, and when you interact with us—for example, when you create a Milestone account or contact us for support; or it is obtained by recording how you interact with our websites, products, or services, for example, through technologies such as cookies, or by receiving usage data from software running on your device. Where permitted by law, we may also obtain relevant data from public and commercial third-party sources. The data we collect depends on how you interact with Milestone, including the websites you visit or the products and services you use, and may include name, gender, company name, position, address, email address, phone number, login information (account and password), photos, identification information, etc. We also collect information you provide to us and the content of messages you send us, such as search queries or questions or information you provide for customer support. When you use Milestone's products or services, you may be required to provide your personal data. In some cases, you may choose not to provide personal data to Milestone, but if you choose not to, Milestone may not be able to provide you with the relevant products or services, nor respond to or resolve issues you encounter.
We may use your personal data for the following purposes:
(a) Creating an account.
(b) Fulfilling your transactions or service requests, including order fulfillment; delivery, activation, or verification of products or services; providing training and certification and managing and processing training and certification results; participating in online or offline events; making changes as requested by you or providing information you request (such as marketing materials for products or services, white papers); and providing technical support.
(c) With your consent, contacting you; sending you information about products and services that may be of interest to you; inviting you to participate in Milestone events, market research, or satisfaction surveys; or sending you marketing communications. If you do not wish to receive such information, you may unsubscribe at any time.
(d) Sending you important notices, such as notifications of operating system or application updates and installations.
(e) Providing you with personalized user experiences and personalized content.
(f) Authenticating and managing suppliers and business partners, and communicating or conducting business with suppliers and business partners.
(g) Conducting internal audits, data analysis, and research to improve our products and services.
(h) Analyzing business operational efficiency and measuring market share.
(i) Troubleshooting errors when you choose to send us error details.
(j) Synchronizing, sharing, and storing data you upload or download, as well as data necessary for performing uploads and downloads.
(k) Protecting the security of our products, services, customers, or users, and implementing and improving our loss prevention and anti-fraud plans.
(l) Complying with and enforcing applicable legal requirements, relevant industry standards, or our policies.
Milestone may also collect and use non-identifiable data. Non-identifiable data is data that cannot be used to identify an individual. For example, Milestone collects aggregated statistics such as website traffic. Milestone collects this data to understand how users use its websites, products, and services, thereby improving its services and better meeting customer needs. Milestone may, at its discretion, collect, use, process, transfer, or disclose non-identifiable data for other purposes. We will make efforts to isolate your personal data from non-identifiable data and use these two types of data separately. If personal data is combined with non-identifiable data, it will still be treated as personal data.
When Milestone processes your personal data, we will comply with applicable legal requirements and process it on an appropriate lawful basis, including:
- Processing your personal data for the performance of a contract when responding to your transactions or service requests;
- Processing your personal data based on your consent;
- When contacting you, conducting marketing or market research, improving our products and services, and implementing and improving our loss prevention and anti-fraud plans, we will process your personal data based on our or a third party's legitimate interests. These legitimate interests include enabling us to more effectively manage and operate our business and provide our products and services; protecting the security of our business, systems, products, services, and customers; internal management, complying with internal policies and procedures; and other legitimate interests described in this Policy;
- We may also process your personal data based on compliance with and enforcement of legal obligations.
2. How Milestone Uses Cookies and Similar Technologies
2.1 Cookies
To ensure the proper functioning of our websites, we sometimes store small data files called cookies on your computer or mobile device. A cookie is a plain text file stored on your computer or mobile device by a web server. The content of a cookie can only be retrieved or read by the server that created it. Each cookie is unique to your web browser or mobile application. Cookies usually contain identifiers, site names, and some numbers and characters. Through cookies, websites can store user preferences and other data to better serve users. Milestone enables cookies for the same purpose as most websites or internet service providers—to improve user experience. Through cookies, websites can remember a user's single visit (using session cookies) or multiple visits (using persistent cookies). Through cookies, websites can save settings such as language, font size, and other browsing preferences on your computer or mobile device. This means users do not need to reconfigure their preferences each time they visit. If a website does not use cookies, it will treat each page load as a new visit. For example, if you log in to a website and then go to another page, the website will not recognize you and you will be logged out again. Milestone does not use cookies for any purposes other than those described in this Policy. You can manage or delete cookies according to your preferences. For more information about cookies, please see AboutCookies.org.
In addition, we may also use local storage objects (LSOs) such as Flash cookies and HTML5 to store content information and preferences. Suppliers and partners who provide certain features or display advertisements on our websites based on your web browsing activities may also use LSOs such as HTML5 to collect and store information. Various browsers may provide their own management tools to delete HTML5 LSOs.
You can clear all cookies stored on your computer, and most web browsers have a feature to block cookies. However, if you do so, you will need to manually change your user settings each time you visit our website.
3. How Milestone Discloses Your Personal Data
Where certain services are provided by Milestone's authorized partners, Milestone will share your personal data with such partners as described in this Policy. For example, when you purchase Milestone products online, Milestone must share your personal data with logistics service providers to arrange delivery or to arrange for partners to provide services. In addition, as an international company, we may share personal data across Milestone's other language sites.
Milestone may also disclose your personal data to relevant law enforcement agencies or other government authorities where required by applicable law or in response to legal processes. Milestone may also disclose your data where there is a reasonable need, such as for the performance of contracts, and where we believe disclosure is necessary and appropriate to prevent physical harm or property damage, or to investigate possible or actual illegal conduct.
4. How to Access or Modify Your Personal Data
You should ensure that all personal data submitted is accurate. Milestone will make reasonable efforts to maintain the accuracy and completeness of personal data and to update such data in a timely manner.
Where required by applicable law, you may have the right to access and obtain specific personal data we hold about you; request that we update or correct your inaccurate personal data; object to or restrict our use of your personal data; and request that we delete your personal data. If you wish to exercise relevant rights, please click here to provide feedback to us online. For security reasons, you may be required to provide a written request. We may refuse to process requests if we have reasonable grounds to believe they are fraudulent, unworkable, or would infringe upon the privacy of others.
Where required by applicable law, when Milestone processes your personal data based on your consent, you also have the right to withdraw your consent at any time. However, withdrawing consent will not affect the lawfulness and validity of our processing of your personal data based on your consent prior to the withdrawal, nor will it affect our processing of your personal data based on other appropriate lawful bases.
If you believe that our processing of your personal information does not comply with applicable data protection laws, you may contact the competent data protection authority. Contact details for data protection authorities in the EU region can be found at: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
5. How Milestone Protects and Retains Your Personal Data
Milestone takes the security of personal data seriously. We use appropriate physical, managerial, and technical safeguards to protect your personal data from unauthorized access, disclosure, use, modification, damage, or loss. For example, we use encryption technology to ensure data confidentiality; we use protection mechanisms to prevent data from malicious attacks; we deploy access control mechanisms to ensure that only authorized personnel can access personal data; and we hold security and privacy protection training sessions to enhance employees' awareness of the importance of protecting personal data. We will make reasonable efforts to protect your personal data; however, please be aware that no data transmitted over the internet can be guaranteed to be 100% secure. Therefore, while we will take appropriate measures to protect your personal information, Milestone cannot determine or guarantee the security of information you provide to us or obtain from our websites, and you use our websites at your own risk. For information on how to report security issues, incidents, or possible events to Milestone and the Milestone Information Security Team, please contact us at any time at **[xxx@domain.com]**. In the event of a personal information security incident, we will notify you in a timely manner and report to regulatory authorities in accordance with legal requirements.
We will retain your personal data for the period necessary to achieve the purposes described in this Policy, unless an extended retention period is required or permitted by law. Because storage periods may vary depending on different scenarios, products, and services, the criteria we use to determine retention periods include: the time required to retain personal data to complete the business purpose, including providing products and services, maintaining corresponding transaction and business records, controlling and improving product and service performance and quality, ensuring the security of systems, products, and services, addressing possible user inquiries or complaints, problem identification, etc.; whether the user has consented to a longer retention period; and whether laws, contracts, etc., have special requirements for data retention. As long as your account is necessary to provide you with services, we will retain your registration information. You may also choose to delete your account. Upon deletion, we will cease providing products and services based on that account and, unless otherwise required by law, delete your corresponding personal data.
6. How Milestone Handles Children's Personal Data
Our products, websites, and services are primarily intended for adults. Without parental or guardian consent, children should not create their own user accounts. For cases where children's personal data is collected with parental consent, we will only use or disclose such data to the extent permitted by law, with explicit parental or guardian consent, or as necessary for the protection of the child. If Milestone discovers that it has collected a child's personal data without verifiable prior parental consent, it will take steps to delete such data as soon as possible.
7. Third-Party Providers and Their Services
To ensure a smooth browsing experience, you may receive content or web links from third parties external to Milestone and its partners (hereinafter referred to as "third parties"). Milestone has no control over such third parties. You may choose whether to access links, content, products, and services provided by third parties.
Milestone cannot control the privacy and data protection policies of third parties, and such third parties are not bound by this Policy. Before submitting personal information to third parties, please review the privacy protection policies of those third parties.
8. How Your Personal Data Is Transferred Globally
Milestone is a global company. To the extent permitted by law, we may share your personal information within Milestone (including subsidiaries, affiliates, and parent companies) or with our suppliers and business partners, and may transfer the information to other countries or regions where we conduct business. In addition, since we may not have a data storage center in your country, your personal data may also be transferred to data centers located outside your country for storage. In such cases, Milestone will take steps to ensure that the data we collect is processed in accordance with this Policy and applicable laws, including when personal data of data subjects located in the EU is transferred to countries or regions not recognized by the EU as providing an adequate level of data protection. Milestone will use various legal mechanisms, such as signing standard contractual clauses approved by the European Commission, or requesting your consent for cross-border transfer of personal data, or implementing security measures such as data anonymization before cross-border data transfer.
9. How This Policy Is Updated
Milestone reserves the right to update or modify this Policy from time to time. If our privacy policy changes, we will post the latest version of the privacy policy here. If we make material changes to the privacy policy, we may also notify you through various channels, such as posting a notice on our website or sending an email (to the email address specified in your account). Where required by applicable data protection laws, we will also seek your consent for any material changes that affect how we use your personal information. We recommend that you periodically review this page for the latest information on our privacy practices.
10. How to Contact Milestone
If you have any questions, comments, or suggestions, please contact us. We will respond within thirty days. If you are not satisfied, you may also lodge a complaint through the following channel: [Marketing@mstonepharma.com].
When Milestone processes your personal data in accordance with this Privacy Policy, the Milestone entity that responds to your requests, contacts you, provides products or services to you, or has entered or will enter into a contract with you is the controller of the relevant personal data. Contact information for each Milestone entity can be found by clicking here.