Privacy Policy

This website is operated by Sachs Associates Switzerland AG (Aeschenvorstadt 4, Basel, CH-4051, Switzerland) and Sachs Associates Ltd. (3rd floor, 89-90 Paul Street, London, EC2A 4NE, United Kingdom), collectively referred to as "Sachs Associates", "we", "us", or "our".

Sachs Associates organises investor conferences and networking events in the life sciences and healthcare sectors. This policy explains how we collect, use, and protect your personal data when you use our website and services.

For any privacy-related enquiries, please contact us at [email protected].

We collect the following categories of personal data:

• Account information — first name, last name, email address, and password (hashed) when you register for an account.
• Professional information — job title, company name, and biography where provided for speaker or attendee profiles.
• Event participation data — event registrations, agenda bookmarks, and meeting requests.
• Technical data — IP address, browser type, and device information collected automatically through server logs and essential cookies.

We process your personal data for the following purposes:

• Providing our services — managing your account, processing event registrations, and enabling networking features. (Legal basis: contractual necessity)
• Communications — sending account verification emails, password resets, and event-related notifications. (Legal basis: contractual necessity)
• Website operation — ensuring security, preventing fraud, and maintaining site functionality. (Legal basis: legitimate interest)

We do not sell your personal data to third parties. We do not use your data for automated decision-making or profiling.

We use the following cookies and similar technologies on this website:

Strictly necessary (always active):

• sachs_session — maintains your authenticated session while you use the site.
• XSRF-TOKEN — protects against cross-site request forgery attacks.
• cf_clearance — set by Cloudflare to verify that requests are coming from a legitimate browser and to protect the site from abuse.

Optional — loaded only with your consent:

• Live chat (Tawk.to) — we embed a live-chat widget provided by Tawk.to so you can speak with our team. When enabled, Tawk.to sets cookies (such as twk_uuid_* and TawkConnectionTime) and may collect your IP address, browser information, and chat content. The widget loads only after you accept on our cookie banner; you can withdraw consent at any time by clicking "Decline" on the banner or clearing the cookie_consent_v1 entry from your browser's storage. See Tawk.to's privacy policy. (Legal basis: consent.)

We do not use analytics cookies, advertising cookies, or any other third-party tracking cookies.

We share personal data with the following categories of service providers, who process data on our behalf under appropriate data processing agreements:

• Cloud hosting and storage — for hosting the website and storing uploaded files.
• Image hosting — for processing and delivering profile photos and event images.
• Email delivery — for sending transactional emails such as account verification and password resets.
• Error monitoring (Sentry) — we use Sentry (operated by Functional Software, Inc., based in the United States) to detect and diagnose technical errors and performance issues on the platform. Sentry automatically receives your IP address, browser and device information, the URL you were viewing, and limited request metadata (such as headers and query parameters) at the moment an error occurs. When you are signed in, your user ID and email address may also be attached to error reports to help us correlate incidents. Sentry retains this data for a maximum of 90 days. See Sentry's privacy policy for further details. (Legal basis: legitimate interest in maintaining a secure and reliable service.)

All service providers are contractually obligated to process your data only as instructed by us and to maintain appropriate security measures.

We retain your personal data for as long as your account is active or as needed to provide you with our services. If you request deletion of your account, we will erase your personal data within 30 days, except where we are required by law to retain it for longer.

Under the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (nFADP), you have the following rights:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate or incomplete data.
• Erasure — request deletion of your personal data.
• Data portability — request your data in a structured, machine-readable format.
• Restriction — request that we limit the processing of your data.
• Objection — object to processing based on legitimate interest.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), the United Kingdom, or Switzerland where our service providers operate. In particular, our error-monitoring provider Sentry processes data in the United States. Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Addendum, or equivalent measures under Swiss law.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encrypted passwords, HTTPS encryption for all data in transit, and access controls limiting data access to authorised personnel.

Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the relevant supervisory authority:

• Switzerland — Federal Data Protection and Information Commissioner (FDPIC).
• United Kingdom — Information Commissioner's Office (ICO).
• EU — the data protection authority in your country of residence.