Privacy Policy

Effective date: 24 August 2025

Hoffra (“Hoffra,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, awareness hub, forms, and related online services (collectively, the “Site”).

Not medical advice / no PHI: Content on the Site is educational only and not a substitute for professional medical advice. Please do not submit protected health information (PHI) or sensitive personal data via Site forms. If a program requires patient data, we handle it under a separate agreement and secure channels.

1) Information We Collect

1.1 Personal information you provide

When you interact with the Site (e.g., contact forms, newsletter sign-ups, partnership inquiries), we may collect:

• Name and contact details (email, phone)

• Organization, role, country/region

• Message content and attachments you choose to send

• Preferences (e.g., topics of interest, newsletter opt-ins)

1.2 Automatically collected (non-identifying) data

When you visit the Site, we may automatically collect:

• IP address, device and browser type/version

• Operating system, language, time zone

• Referring/exit pages, URLs visited, time on page

• General location (derived from IP), date/time stamps

• Cookies, pixels, and similar technologies (see §4)

1.3 Sensitive categories

We do not intentionally collect special category data (e.g., health, genetics/biometrics, race/ethnicity, religious or political beliefs) through the Site. Please avoid sending such data. If you believe you’ve shared sensitive information in error, contact us (see §11).

2) How We Use Your Information

We use information to:

• Provide, operate, secure, and improve the Site

• Respond to inquiries and provide requested materials (e.g., catalogue, compliance pack)

• Personalize content (e.g., region-specific availability)

• Perform analytics to enhance usability and performance

• Send administrative messages and—if you opt in—occasional newsletter updates (unsubscribe anytime)

• Comply with legal obligations and enforce our terms

Legal bases (EEA/UK visitors): consent, contract performance, legitimate interests (e.g., Site security, analytics, service improvement), and legal obligation.

3) How We Share Information

We do not sell your personal information. We may share it as follows:

• Service Providers: Trusted vendors that host our Site, provide analytics, email delivery, customer support, or form processing—under confidentiality and data-protection terms.

• Legal/Compliance: If required by law, to protect rights or safety, or to investigate fraud/security incidents.

• Business Changes: If we undergo a reorganization, merger, or asset transfer, your information may be transferred to the successor, subject to this Policy.

4) Cookies & Similar Technologies

We use cookies/pixels to operate the Site, remember preferences, and understand usage. You can manage cookies in your browser; blocking some cookies may impact Site functionality. Where required, we request consent before setting non-essential cookies.
Cookie preferences: You can update choices anytime via the cookie banner or settings link (where available).

5) International Transfers

We operate with partners in multiple regions. If information is transferred across borders, we use appropriate safeguards (e.g., Standard Contractual Clauses for EEA/UK) and limit access on a need-to-know basis.

6) Data Retention

We retain personal information only as long as necessary for the purposes described or as required by law. Typical periods:

• Contact and inquiry records: up to 24 months after last interaction

• Newsletter data: until you unsubscribe or request deletion

• Contractual/transactional records: as required by applicable law (e.g., 6–10 years)

7) Security

We use technical and organizational measures (encryption in transit, access controls, least-privilege, vendor due diligence) to protect your data. No online method is 100% secure; you share information at your own risk. We maintain incident-response procedures consistent with applicable laws.

8) Third-Party Links

The Site may link to third-party websites or resources. Their practices are governed by their privacy policies. We are not responsible for their content or handling of data.

9) Your Rights & Choices

Depending on your jurisdiction, you may have rights to:

• Access the personal information we hold about you

• Correct inaccurate data and delete certain data

• Restrict or object to processing in some cases

• Withdraw consent where processing is based on consent

• Portability (receive a copy in a structured, commonly used format)

• Marketing controls: unsubscribe or change preferences anytime

California/US state privacy: You may have rights to know, correct, delete, and opt-out of certain data “sales” or “sharing.” Hoffra does not sell personal information and does not knowingly process “sensitive personal information” for inferring characteristics. You may designate an authorized agent as permitted by law.

How to exercise rights: Email support@hoffra.com (or use the Site form). We may need to verify your identity. We aim to respond within 30 days (or the timeframe required by law).

10) Children’s Privacy

The Site is not directed to children under 16 (or the age defined by local law). We do not knowingly collect personal information from children. If you believe a child has provided data, contact us to delete it.

11) Contact Us

Data Controller: Hoffra
Postal address: [Hoffra, Attention: Privacy, PO Box/Street, City, Country]
Email: support@hoffra.com

If you are in the EEA/UK, you also have the right to lodge a complaint with your local supervisory authority.

12) Changes to this Policy

We may update this Policy from time to time. We will post the revised version with an updated “Effective date.” Your continued use of the Site after updates constitutes acceptance.

13) Additional Notices for Partners & Clinicians

For programs that require regulated product documentation or training, we may process limited professional data (e.g., license/registration numbers) to verify eligibility and comply with distribution laws. Any processing of patient data occurs only under separate agreements, secure systems, and applicable regulations.

14) Email Practices

We keep communications minimal and useful. No spam—ever. You can unsubscribe from newsletters at any time via the link in our emails or by contacting us (see §11).

15) Do Not Track & Automated Decisions

We do not respond to “Do Not Track” signals because a consistent industry standard has not been adopted. We do not use automated decision-making or profiling that produces legal or similarly significant effects.