Last Updated: 27.8.2025
In accordance with Amendment 13 to the Privacy Protection Law, 5784–2024


Who We Are

Bioavenir Ltd. (“we”) operates the website www.bioavenir.com and provides pharmaceutical products.

This document explains what data we collect, the legal basis for processing, why we use it, with whom it is shared, and what your rights are under the Privacy Protection Law (Amendment 13), 5784–2024.

Data Controller: Bioavenir Ltd., C.N. 513108910, Address: 1 David HaMelech St., Herzliya

Privacy Officers: Sharon Ovel Maran / Hagit Mina

Privacy Contact: sharon@bioavenir.co.il / hagit@bioavenir.co.il


Scope of This Policy

This policy applies to the use of the website, contact forms, and communication with us (email/phone/WhatsApp/social networks). Use of the site constitutes acceptance of this policy.


What Data We Collect

a. Data you provide
Examples: name, email, phone, company/position, inquiry/project details, uploaded files, preferences (such as consent to receive newsletters).

b. Data collected automatically
IP address, browser and operating system, pages viewed, referral source, visit time, and other technical details.

c. Data from third parties
Analytics/advertising providers, social platforms, or CRM/ERP systems we use.

d. For e-commerce sites
Order and payment details via external payment providers (we do not store credit card details on the website).


Purposes and Legal Basis for Processing

We use the data for the following purposes, according to the legal bases established under the Privacy Protection Law:

  • Responding to inquiries and providing quotes/services – our legitimate interest in delivering quality service.

  • Website operation, security, improving user experience and performance (including analytics) – our legitimate interest, subject to consent for non-essential cookies.

  • Ongoing communication on projects/invoices/support – legitimate interest / contractual obligation.

  • Marketing communications and updates – only with explicit opt-in consent, with the ability to unsubscribe at any time.

  • Compliance with legal requirements (accounting/fraud prevention/regulatory reporting) – legal obligation.

  • Service improvement and development – legitimate interest in improving and developing our services.

Voluntary Submission and Consequences of Non-Submission

Providing information is voluntary. Certain fields may be required for us to respond to you or provide the requested service. Without this information, we may not be able to provide full service/response.


Sharing Data with Third Parties

We do not “sell” personal data. We only share it with processors/service providers that support us, such as: hosting and CDN, email/CRM, analytics/advertising, payment/invoicing, legal/accounting services – solely for service purposes and under appropriate agreements.

International Transfers
Data may be transferred outside Israel. Where the destination country has not been declared by the Privacy Protection Authority as having adequate protection, we will ensure appropriate contractual safeguards (such as Standard Contractual Clauses or approved transfer agreements).


Cookies and Similar Technologies

We use Cookies/LocalStorage/tracking tags:

  • Essential cookies – required for site operation and security (always active, cannot be disabled).

  • Analytics/marketing cookies – activated only after consent via the cookie banner. Preferences can be changed at any time.

  • Functional cookies – to save preferences and improve user experience.


Data Retention

We keep data only as long as necessary for the purposes described above, in line with the principle of data minimization:

  • Inquiries/leads: up to [12–24] months from last interaction.

  • Accounting documents/contracts: [7] years (as required by law).

  • Analytics data: according to provider/tool settings (typically 14–26 months).

  • CVs and job applications: up to 12 months or until consent is withdrawn.

Data is deleted when no longer needed or upon your request.


Data Security

We take reasonable measures to protect information, including: encrypted traffic (SSL/TLS), encryption of sensitive data at rest, access and permission controls, log monitoring, encrypted backups, and compliance with recognized information security standards (such as ISO 27001, where applicable).



Breach Notification
If a security breach occurs that may affect you, we will notify you as soon as possible and inform the relevant authorities as required by law. No system is completely secure, but we will act in line with the highest applicable standards.


Marketing and Communications

We send marketing communications only with your explicit consent and in accordance with the law. Each marketing message includes an immediate unsubscribe option. Operational communications (such as project updates/invoices/security) are not marketing and are necessary for service operation.


Your Rights

Under the Privacy Protection Law (Amendment 13), you have the following rights:

Processing Rights

  • Right of access – to know what data is collected about you and receive a copy.

  • Right of rectification – to correct incorrect or inaccurate data.

  • Right of erasure (“right to be forgotten”) – in relevant cases, subject to legal obligations.

  • Right to object – to processing for direct marketing or based on legitimate interests.

  • Right to data portability – to receive your data in a structured, machine-readable format (subject to applicable law).

  • Right to restrict processing – in certain cases, limit the use of your data.

New Rights under Amendment 13

  • Right to withdraw consent – cancel previously given consent at any time.

  • Right to compensation – claim compensation without proof of damage in certain cases.

Exercising Rights
To exercise these rights, contact us at the address below. We will respond within 30 days and carry out reasonable identity verification. If our response is unsatisfactory, you may file a complaint with the Privacy Protection Authority in Israel.


Minors

The service is not intended for minors under [16]. If we learn that a minor’s details were provided without parental/guardian consent, we will delete them immediately.


External Links and Integrations

The site may include links to external sites or integrations with third-party services (such as maps, videos, social networks) that are not under our control. Their use is subject to the policies and terms of those providers.


Changes to This Policy

We may update this policy from time to time in line with changes in legislation, services, or business practices. The update date appears at the top of the page. Material changes will be highlighted on the site and/or sent to registered users. Continued use of the site after publication of updates constitutes acceptance of the updated policy.


Contact

For questions/requests regarding privacy:

Response time: up to 30 days from request.

Privacy Protection Authority: www.gov.il/he/departments/the_privacy_protection_authority