top of page

PRIVACY POLICY

Last updated: February 13, 2026

​

Symbiotica Therapeutics S.r.l. (“Symbiotica”, “we”, “us”, “our”) operates the website www.symbioticatherapeutics.org (the “Website”) and provides its related information and services (the “Services”).

​

This Privacy Policy describes how we collect, use, and disclose your personal data when you visit the Website, contact us, or otherwise interact with us.

By accessing or using the Website, you acknowledge that you have read and understood this Privacy Policy.

 

1. Data Controller

 

The Data Controller is:

Symbiotica Therapeutics S.r.l.
Via Capiteta 22, 56121 Pisa (PI), Italy
P.IVA: 02532080500
Email: info-symbioticatherapeutics@mypec.eu

For any privacy-related request, you may contact us at the email address above.

 

2. Personal Data We Collect

 

“Personal Data” means any information that identifies or can reasonably be linked to an identifiable individual.

Depending on how you interact with the Website, we may collect the following categories of data:

 

a) Data provided directly by you

​

  • Name and surname

  • Email address

  • Company/organization (if provided)

  • Any information included in messages sent via contact forms or email

 

b) Data collected automatically

​

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and navigation data

  • Date and time of access

 

The Website uses only technical cookies strictly necessary for its operation, security, and performance.
These cookies do not require user consent pursuant to applicable data protection regulations.

The Website does not use profiling, marketing, or third-party tracking cookies.

​

3. Purposes and Legal Bases of Processing

 

We process Personal Data for the following purposes:

 

a) Responding to inquiries

 

To reply to requests sent through the contact form or via email.
Legal basis: Art. 6(1)(f) GDPR – Legitimate interest of the Data Controller in responding to communications received.


Where the request concerns pre-contractual activities, the legal basis may also be Art. 6(1)(b) GDPR.

 

b) Website functionality and security

 

To ensure proper functioning, maintenance, and security of the Website.
Legal basis: Art. 6(1)(f) GDPR – legitimate interest in ensuring security and operational continuity.

 

c) Legal compliance

 

To comply with applicable laws and regulatory obligations.
Legal basis: Art. 6(1)(c) GDPR – legal obligation.

 

d) Analytics


At present, the Website does not use analytics tools that require consent (such as Google Analytics) and does not perform tracking for marketing purposes.
If such tools are enabled in the future, we will update this Privacy Policy and implement any required consent mechanism.

​

e) Mandatory or voluntary nature of data provision

 

The provision of personal data through the contact form is voluntary. However, failure to provide the required data (such as name and email address) may prevent us from responding to your request.

 

4. Data Retention

 

We retain Personal Data only for as long as necessary for the purposes described above:

​

  • Contact requests: typically up to 12 months from the last communication

  • Technical/log data: according to security and system requirements

  • Legal obligations: as required by applicable law

 

After the retention period, data will be deleted or anonymized.

 

5. Disclosure of Personal Data

We may disclose Personal Data to:

​

  • IT service providers and hosting providers

  • Technical consultants supporting Website operation

  • Professional advisors (legal, accounting) where necessary

  • Public authorities where required by law

​

All service providers process data under appropriate data processing agreements pursuant to Art. 28 GDPR.

We do not sell personal data.

 

6. International Transfers

 

If Personal Data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

​

  • European Commission Standard Contractual Clauses

  • Transfers to countries with an adequacy decision

 

7. Data Security

 

We implement appropriate technical and organizational measures to protect Personal Data against unauthorized access, loss, misuse, or alteration.

However, no transmission over the internet can be guaranteed to be completely secure.

 

8. Your Rights Under GDPR

 

If you are located in the European Economic Area or the United Kingdom, you have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent at any time (where processing is based on consent)

​

You have the right to lodge a complaint with the Italian supervisory authority, the Garante per la Protezione dei Dati Personali, or with the supervisory authority in your country of residence.

​

Requests can be sent to:
info-symbioticatherapeutics@mypec.eu

We may request proof of identity before responding to your request.

 

9. Children’s Data

 

The Website is not intended for individuals under 18 years of age.
We do not knowingly collect personal data from minors.

 

10. Third-Party Links

 

The Website may contain links to third-party websites.
We are not responsible for the privacy practices of such websites. Users are encouraged to review their respective privacy policies.

 

11. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes.
The updated version will be published on this page with a revised “Last updated” date.

bottom of page