Privacy Policy

Privacy Policy

Your personal information.

Revision date: June 2023

Arriello is dedicated to protecting your personal information. This Privacy Notice summarizes the types of personal information Arriello may collect; how Arriello may collect, use, or share your personal information; steps Arriello takes to protect your personal data; and choices you are provided with respect to the use of your personal information.

General information.

Arriello Ireland Ltd (No. 51, Bracken Road, Sandyford, Dublin 18, Ireland, registration number 490379) and Arriello s. r. o. (Olivova 2096/4, 110 00 Prague 1, Czech Republic, registration number 28225503) referred jointly as “Arriello,” are the joint controllers of your personal data.

“Personal Data” for the purpose of this Privacy Notice means any information by which you can be individually identified both directly and indirectly, including, but not limited to, your name, address, e-mail address, and telephone number.

Our site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites, and we advise you to check the privacy statements of any such websites before providing any data to them.

Data protection principles.

Arriello complies with applicable data protection law, which means that your personal data will be:

  • Used legally, fairly, and transparently.
  • Collected only for the legitimate purposes described below and not processed in a manner that is incompatible with those purposes.
  • For relevant purposes and limited to those purposes only.
  • Accurate and, where necessary, kept up to date.
  • Kept only for as long as it is strictly necessary for those purposes.
  • Processed in such a way that ensures adequate security.


This website is not designed or intended for use by children under the age of 16. We do not knowingly collect any Personal Data on this website from anyone under the age of 16 without prior, verifiable parental consent. Such a parent or guardian may have the right, upon request, to view the information provided by the child and require that it be deleted. Moreover, all minors should seek their parent’s or guardian’s permission prior to using or disclosing any Personal Data on this website or online resource.

Contact information.

If you have any questions about this privacy notice, want to exercise your rights related to the protection of your personal data, or want to know how we handle your personal information, please contact our DPO by e-mail at or by mail at Arriello Ireland Ltd, No. 51, Bracken Road, Sandyford, Dublin 18, Ireland, or Arriello s. r. o., Na Poříčí 1053/44, 110 00 Prague 1, Czech Republic.

How and why we process your Personal Data.

On this website, we may request Personal Data about you. Examples of Personal Data that we may collect that directly identifies you include your name, surname, phone, e-mail address, company,  and other information combined with these identifiers. We may also collect cookies and certain Personal Data that do not directly identify you by name but could be used to identify that a specific computer or device has accessed our website. In addition, we will process information provided to us by our Clients in conjunction with the Services we provide.

Some places on our website require Personal Data if you choose to use them. Arriello and its business partners (such as service providers or other third parties who provide certain services to Arriello) collect this information about you only if you voluntarily provide it to us. Please be aware that certain features of this site may not be available to you if you choose not to provide certain Personal Data. Any Personal Data you provide to us on our website will be used in accordance with this Privacy Notice.

More Information on our Processing Activities.

This table outlines each processing activity in greater detail and provides information on the categories of information collected for each activity as well as the legal basis of processing for each of these activities, if and to the extent the data processing is subject to GDPR.

Data CollectedPurposes/activityLegal basis for processing
Company name, address, contact details (e-mail address, telephone), IP address and any other information you provide to us from these interactions.Responding to requests or inquiries you provide to us via webforms, calls and chat systems.Your consent: Articles 6(1)(a).
Company details, contact details (e-mail address, telephone).To contact/respond to clients or prospects regarding business services and opportunities.Your consent: Article 6(1)(a).
For our legitimate business interests to develop business opportunities and source potential opportunities: Article 6(1)(f).
Name, contact details (e-mail address, telephone).To send you marketing communications about our products and services.Your consent: Article 6(1)(a).
Information about your contact and product preferences, languages, marketing preferences, demographic data, and how you have interacted with us in the past.To personalize your experience.
We may also combine Personal Data collected through our website and online resources with Arriello’s offline records and information provided to us by third parties.
Your consent: Article 6(1)(a)
We may also process this information for our legitimate business interests to understand your interest in our products and services so that we can best serve you. Article 6(1)(f).
IP address, browser type, geographic location, resources you have accessed on the website, etc.To run and maintain our website.
To secure our websites, network systems, and other assets.
We collect this information automatically for our legitimate business interests to run, maintain, and secure our websites: Article 6(1)(f).
Cookies, pixels.To carry out website analytics and tracking.Strictly necessary cookies based on legitimate business interests: Article 6(1)(f).
All other cookies with your consent: Article 6(1)(a).
Company name, address, contact details (e-mail address, telephone), health data (this may include adverse event reports, medical history, and drug-related data).To collect, process and evaluate adverse events information and other pharmacovigilance-related activities.If reporting is required, we may process your data to comply with our legal obligations: Article 6(1)(c).

Data Processed in Connection with the Delivery of Client Services.

Data CollectedPurposes/activityLegal basis for processing
Company details, contact name, contact details, commercial information.To manage our client relationships, including communications, meetings, administration, client service and billing, sending required notices, and sending you news and information about our services and operations.Necessary for the performance of a contract: Article 6(1)(b).
Company details, contact name, contact details, records relating to the service delivery, and health data (this may include adverse event reports, medical history, and drug-related data).To provide consulting services to our clients, including training and communications regarding adverse events, drug safety updates, or other important pharmacovigilance-related matters.Necessary for the performance of a contract: Article 6(1)(b).
Contact details and health data (this may include adverse event reports, medical history, and drug-related data).Compliance: to comply with contractual, legal and regulatory obligations related to pharmacovigilance and drug safety.Necessary for the performance of a contract: Article 6(1)(b).
To comply with our legal obligations: Article 6(1)(c).
Company name, contact details, contact person.To manage key accounts and our CRM systems.
To consolidate and progress with commercial partnerships/cross-sell/ upsell for prospective and existing clients.
For our legitimate business interests to manage our client database, cross-sell our services and product offering: Article 6(1)(f).
Company details, contact name, contact details, commercial information.To generate aggregate and anonymous reporting for internal purposes.For our legitimate business interests to analyze and improve our services. Article 6(1)(f).

Cookies and Other Web Trackers.

On our website, we drop strictly necessary cookies automatically for our legitimate business interests to ensure our website can function properly. Otherwise, we ask for your consent for other cookies before collecting this information, in which case you will be presented with the choice to accept the collection and use of this type of information. Please see our Cookie Policy and banner for more information.

Use of Data for Marketing.

We do not sell or transfer your Personal Data to any non-affiliated entity for their own direct marketing use unless we provide clear notice to you and obtain your explicit consent. We use third-party advertising companies to place ads on other websites. These companies may use data about your visits to this and other websites to measure advertising effectiveness and to provide advertisements about our goods and services that may be of interest to you. If you would like more information about this practice and your choice to opt out of having this information used by these companies, see our Cookie Notice.

Information on how we process your Personal Data during the recruitment process.

For processing your application for employment with our company, there are full details of how we process your personal data available here.

Information on how we may share your Personal Data.

We may share your personal data with our affiliated companies or other companies within our corporate group. This allows us to provide you with a seamless experience, improve our services, and offer you a wider range of products and offerings.

We may also share your Personal Data with third parties, such as our service providers, for the following purposes:

  • To help fulfill Arriello business transactions.
  • To conduct technical maintenance of our websites and other web platforms.
  • To facilitate a merger, consolidation, transfer of control or other corporate reorganization in which Arriello participates or pursuant to a financial arrangement undertaken by Arriello.
  • To respond to appropriate requests of legitimate government authorities or where required by applicable laws, court orders, or government regulations.
  • Where needed for corporate audits or to investigate or respond to a complaint or security threat.

International Transfers of Your Personal Data.

The Personal Data you provide us through your use of this website or our Services may be transferred to or stored in a geographic region that imposes different privacy obligations than your country of origin. This means that your Personal Data may be sent to a country with less restrictive data protection laws than your own. Any such transfer will be conducted in compliance with applicable laws.

If your Personal Data is covered by the GDPR: For transfers of Personal Data to a third country outside the European Union (EU), European Economic Area (EEA) or in the absence of an adequacy, within the Arriello, business partners and service providers we establish the contracts following EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (C/2021/3972).

Retention and storage period of your Personal Data.

We only retain your Personal Data for as long as reasonably necessary to fulfill the purpose we collected it for, as outlined in this Privacy Notice. The length of time in which we will keep your Personal Data will differ. For example,  we will keep the data for up to seven years when it relates to client records.

We may, however, maintain your data for a longer period if we are obliged by law to maintain your data. For example, reports related to pharmacovigilance are kept for a minimum of 10 years after the withdrawal of the product in the last country where the product is marketed.

Data security.

Arriello and its service providers and collaboration partners implement a variety of technological and organizational measures to ensure the integrity and confidentiality of the Personal Data we access or receive from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.

Personal data security is essential to us, and to protect personal data, we take the following measures:

  • limiting access to your personal data to those employees and third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality.
  • procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, your personal data), including notifying you and/or the Irish Data Protection Commission (DPC) when legally required to do so.

Nevertheless, Arriello makes no guarantee as to the security of your Personal Data and disclaims, to the fullest extent permitted by law, all liability and damages caused by loss, misuse, and unauthorized access, disclosure, alteration, or destruction. We recommend that you take any available precautions to protect Personal Data you submit on this website.

Information about your rights regarding your Personal Data.

If your Personal Data are covered by the GDPR (that is, if you are an individual within the European Economic Area), you have the following rights with respect to your Personal Data:

  • The right to request access to the Personal Data that Arriello has about you.
  • The right to rectify or correct any Personal Data that is inaccurate or incomplete.
  • The right to request a copy of your Personal Data in electronic format so that you can transmit the data to third parties, or to request that Arriello directly transfer your Personal Data to one more third parties.
  • The right to object to processing your Personal Data for marketing and other purposes.
  • The right to the erasure of your Personal Data when it is no longer needed for the purposes for which you provided it, as well as the right to restriction of processing of your Personal Data to certain limited purposes where erasure is not possible.
  • To exercise any of these rights, please contact us using the information provided above.

Please note that these rights are not absolute. If the data processing is based on your consent, you have the right to withdraw your consent at any time, but the withdrawal of your consent does not affect the lawfulness of any processing based on consent before its withdrawal. In the event of an erasure request, we may retain a copy of your Personal Data for our record-keeping purposes and to avoid entering your personal data into our systems after your request.

In the event that you believe or have the impression that our data processing does not comply with the GDPR, you are entitled to lodge a complaint with the Irish Data Protection Commission:

Updates to this Privacy Notice.

This Privacy Notice may be modified by Arriello from time to time. Any such changes to this Privacy Notice will be reflected on this page. Arriello recommends that you review this Privacy Notice regularly for any changes. The date on which this notice was last revised is located at the top of this notice.