Recently Updated: January 28, 2025
SciSparc Ltd., together with its subsidiaries and affiliated companies (collectively “Company“, “SciSparc“, “we“, “us” or “our“) respects your privacy and recognizes that your privacy is important. SciSparc is a clinical-stage drug discovery and development company that specializes in therapeutics that mitigate the adverse symptoms associated with CNS disorders.
This privacy policy (“Privacy Policy“) explains the Company’s practices regarding the collection, processing, usage, and transfer of certain data, including Personal Data (as defined below), from:
- Individuals who visit our informative website available at: https://scisparc.com/ (“website”) or otherwise (“Visitors”).
- Individuals who visit our webpage for investors available at our website at https://investor.scisparc.com/, subscribing to email alerts, or otherwise (“Investors”).
Visitors and Investors may by individually or collectively referred herein as “you” or “your”.
In the event you enroll in one of SciSparc’s sponsored studies (i.e., clinical trials) (“Study Subject“), we may collect and process additional information about you than what is listed in this Policy, which will be described in detail in the Informed Consent Form (“ICF”) that you will receive and review before you officially enroll in the study (“Study Subject Information“). Please contact your physician and the principal investigator of the applicable study for more information. As a Study Subject, you may be entitled to certain rights under applicable data protection laws which will also be explained in the ICF. This Policy does not apply to the processing of such Study Subject Information.
In the event you are engaged in one of SciSparc’s sponsored studies as an investigator, researcher, supporting staff, or other personnel involved in the study (“Study Staff“), we may collect and process additional information about you than what is listed in this Policy, which will be described in detail in the Privacy Notice for Study Staff that you will receive and review before you officially engaged in the study (“Study Staff Information“).
This Privacy Policy is an integral part of our website Terms of Use or any other agreement referencing this Privacy Policy.
Note you are not required by law to provide us with any Personal Data Information. Sharing any data with us is entirely voluntary. However, certain features will not be available to you if you do not provide such information.
This Privacy Policy applies to all individuals world-wide, however, certain jurisdictions require that applicable disclosures will be provided in a certain way and format, and therefore additional notices may apply as follows:
- Policy Amendments
We reserve the right to amend this Privacy Policy from time to time, at our sole discretion. The most recent version of this Privacy Policy will always be posted on the website and reflected in the “Recently Updated” heading. Any amendments to the Privacy Policy will become effective immediately, unless we notify otherwise. We recommend you review this Privacy Policy periodically to ensure that you understand our most updated privacy practices.
- Data Controller Details
SciSparc Ltd., incorporated under the laws of the State of Israel, is the “Data Controller” (as such term is defined under the GDPR or equivalent data protection legislation) of the Personal Data collected from you detailed herein below.
If you have any question, inquiry, request or concern related to this Privacy Policy or the processing of your Personal Data, you may contact us, and our privacy team as follows:
- By Email: IR@Scisparc.com; or
- By Mail: SciSparc Ltd., 20 Raoul Wallenberg str. Building A, 2nd Fl., Tel-Aviv, Israel.
- The Data Sets We Collect
We may collect two types of information from you, depending on your interaction with us:
The first type of information is non-identifiable and anonymous information (“Non-Personal Data”). We are not aware of the identity of the individual from who we have collected the Non-Personal Data. Non-Personal Data consists of technical information, and may contain, among other things, the type of operating system and type of browser, type of device, session duration, etc.
The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data” as defined under the applicable data protection law).
For the avoidance of doubt, any Non-Personal Data connected or linked to Personal Data shall be deemed as Personal Data if such connection or linkage exists. However, this Privacy Policy does not apply to any data insofar as it is held, processed, disclosed or published in a form which cannot be linked to an individual (such as anonymized or aggregated data which cannot directly or indirectly be used to identify you or to obtain information about you (“Anonymized and Aggregated Data“). We may generate or extract Anonymized and Aggregated Data out of any databases containing your Personal Data and we may make use of any such Anonymized and Aggregated Data for our purposes as we see fit.
Please see below the Personal Data we collect depending on your interaction with us, how and for which purposes we process and use your Personal Data and our lawful basis for processing (subject to the GDPR, if applicable):
| Type of Data | Purposes and Operation | Lawful Basis (where the GDPR applies) |
| Visitors, Investors | ||
| Online Identifiers: When you interact with the website, we may collect online identifiers associated with your browser or device such as your Internet Protocol address (“IP“), and generate and assign to your device additional identifiers allowing us to individually identify you, such as a Cookie ID (“Online Identifiers“). Online Identifiers are collected through our use of tools such as cookies and similar technologies. | Online Identifiers are used: 1. To operate the website and enable its proper functionality (for example, in order to automatically recognize you by the next time you enter the website), 2. for security and fraud prevention purposes (for example, to confirm you are a real person), 3. for debugging and to resolve technical problems. 4. to measure effectiveness of the website. | Online Identifiers which are collected through cookies we implement, are strictly necessary for the proper and basic operation of the website or fraud prevention and will be processed in our legitimate interest. |
| Contact Information: If you voluntarily contact us for support or other inquiries, you will be required to provide us with certain information such as your name, telephone number, email address, country, etc. In addition, you can choose to provide us with additional information as part of your correspondence with us (“Contact Information“). | Contact information is used: 1. to provide you the required support or to respond to your inquiry. 2. For direct marketing purposes When you contact us, we may use your email address in order to send you service communications and marketing promotions, such as new features, additional offerings, special opportunities or any other information we think you will find valuable (“Direct Marketing“) 3. To keep a suppression list (for instance, when you request to opt-out to ensure we comply with such preference and choice) | We process the Contact Information in order to provide you the requested support or respond to your inquiry, subject to our legitimate interest. When we process your email address in order to send you Direct Marketing, we do so based on our legitimate interest. You can opt-out at any time through the “unsubscribe” link within the email or by contacting us directly. We will keep you email address for purpose of maintaining a suppression list based on our legitimate interest. |
| Investors | ||
| When you interact with our website and register to receive email alerts designated to our investors, you will be required to provide us with your email address. | If you registered to receive email alerts, we would use your email in order to provide you with the requested communications. | When we process your email to send you our email alerts, we do so based on your consent which can be withdrawn at any time using the “unsubscribe” link within the communications we sent you or by unsubscribing from the mailing list at https://investor.scisparc.com/ir-alerts/. |
Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. The transfer of Personal Data to third countries as further detailed in Section 7 “Cross-Border Data Transfer” below is based on the same lawful basis as stipulated in the table above.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the website and services and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
As mentioned above, we may also aggregate all personally identifying characteristics from any data we collect and may share that aggregated, anonymized data with third parties or publish it. These data do not personally identify you and helps us to measure the success of the services and its features and to improve your experience. We reserve the right to make use of any such aggregated data as we see fit.
- How We Collect Information
Depending on the nature of your interaction with us, we may collect information as follows:
- Automatically– certain Personal Data such as Online Identifiers and Usage Data is generated automatically and collected through the use of cookies and similar tracking technologies (such as pixels, tags, agent, etc.). For more information on the cookies we use and how to opt out of third-party collection of this information (if relevant), please see our Section 5 below “Cookies and Similar Tracking Technologies”.
- Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through contact us form available on the website.
- Cookies and Similar Tracking Technologies
When you access to or use the website or some of our products and services, we use “cookies” or similar tracking technologies, which store certain information on your device (i.e., locally stored). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are used by us for allowing you to navigate between pages efficiently. You can find more information about our use of cookies here: www.allaboutcookies.org.
Most browsers will allow you to erase cookies from your device, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Please note that once you choose to opt out or disable cookies, some features of the website may not operate properly, and your online experience may be limited.
- Data Sharing – Categories of Recipients with Whom We Share Personal Data
We share your Personal Data with third parties, including with trusted partners or service providers that help us to manage our business operation, website, etc. You can find here information about the categories of such third-party recipients.
| CATEGORY OF RECIPIENT | DATA THAT WILL BE SHARED | PURPOSE OF SHARING |
| Service providers and business Partners | All types of Personal Data depending on the applicable service provider or business partner, and your interaction with us | We may share Personal Data about you with third-party business partners and service providers that perform services on our behalf in connection with our services, such as cloud service provider, analytics and marketing service providers, our CRM provider, etc. Where your Personal Data is shared with such third parties, we ensure that the third party will deal with your information only on our behalf and on our instructions and solely for the benefit of our business (and not for its own benefit). |
| Affiliated companies | All types of Personal Data, as strictly necessary and on a case-by-case basis. | We may share certain information with our affiliated companies, which will provide us with certain required services and, for internal compliance and measurement. In addition, certain information may also be shared with potential affiliated companies in the event of a potential business re-organization while we undergo certain due diligence processes. In such event, those potential affiliated companies are bound by robust confidentiality obligations. |
| Necessary disclosures | All types of Personal Data as strictly necessary and on a case-by-case basis. | To the extent permitted or required by applicable law, we may disclose information about you to third parties to: (i) enforce or apply our terms of use or any applicable service agreement; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our clients or others; violation of our applicable policies and agreements; or as otherwise required by law. |
- Cross-Border Data Transfer
Due to our global business operation, your Personal Data may be transferred to, and processed in countries other than the country in which you reside. These countries may have data protection laws that are different to the laws of your country. However, in all cases, we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer.
Specifically, if and where Personal Data collected within the EU is transferred outside the EU, to countries which were not granted with an adequacy decision by the European Commission and therefore do not provide an adequate level of protection to your Personal Data while it is transferred to such third-country, such transfer is subject to and made pursuant with the standard contractual clauses.
Additionally, if and where Personal Data collected within the UK is transferred outside the UK, to countries which were not granted with an adequacy decision by the UK Information Commissioner Office (‘ICO’) and therefore do not provide an adequate level of protection to your Personal Data while it is transferred to such third-country, such transfer is subject to and made pursuant with the UK standard contractual clauses.
- Data Retention
We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges; or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.
- Privacy Rights
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
In the table below you can review your rights depending on your interaction with us, how you can exercise them, and appeal a decision we take in this regard, any specification per geo-location or territory are available below the table:
| Your Rights | Description |
| Right to be informed | You have the right to be provided with information regarding our Personal Data collection and privacy practices. All is detailed under this Privacy Policy. |
| Right to know; access rights | You have the right to confirm whether we collect Personal Data about you, know which Personal Data we specifically hold about you, and receive a copy of such or access it. If you wish to receive a copy of the Personal Data, please submit a DSR form as available here. |
| Right to correction/ rectification | You have the right to correct inaccuracies in your Personal Data, taking into account the nature and purposes of each processing activity. Please submit a DSR form as available here. |
| Right to be forgotten; Right to deletion | In certain circumstances, you have the right to delete the Personal Data we hold about you. For specifications regarding this right and its exclusions, or if you wish to ask to exercise this right, please submit a DSR form as available here. |
| Right to portability | You have the right to obtain the Personal Data in a portable, and to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. We will select the format in which we provide your copy. If you wish to exercise this right, please submit our DSR form as available here. |
| Right to opt out | If we use your email address in order to send Direct Marketing as such term is defined in Section 3, you have the right to opt out from receiving Direct Marketing by clicking the “unsubscribe” link within the e-communication we sent you. You can further contact us at: · send us a DSR form as available here; · or contact us directly at: IR@Scisparc.com We currently do not use cookies or targeted advertising campaigns, or share of personal information for analytic or marketing purposes. |
| Right to appeal or lodge a complaint | If we decline to take action on your request, we shall so inform you without undue delay as required under applicable laws. The notification will include a justification for declining to take action and instructions on how you may appeal, if applicable. Under the EU you have the right to lodge a complaint with the supervisor authority or the Information Commissioner in the UK. |
- Security
We take great care in implementing and maintaining the security of your Personal Data. We employ industry standard procedures and policies to ensure the safety of individuals’ information and prevent unauthorized use of any such.
We have implemented technical, physical and administrative security measures to protect the Personal Data we process. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our website, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.
Please contact us at: IR@Scisparc.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
- Children’s Data
The website is not intended for children under the age of 18. We do not, knowingly, or intentionally, collect personal data about children who are under 18 years of age.
If you are under the age of 18 you may not use the website, unless parental or guardian consent is provided.
If you believe that we may have any personal data from or about a person under the age of 18, please contact IR@Scisparc.com.
Privacy Notice for Study Staff
Recently Updated: January 28, 2025
SciSparc Ltd., together with its subsidiaries and affiliated companies (collectively “Company“, “SciSparc“, “Sponsor“, “we“, “us” or “our“) respects your privacy and recognizes that your privacy is important. SciSparc is a clinical-stage drug discovery and development company that specializes in therapeutics that mitigate the adverse symptoms associated with CNS disorders.
This privacy notice (“Notice“) governs the Company’s practices regarding the collection, processing, usage, and transfer of certain data, including Personal Data of Study Staff (as defined below), related to a clinical trial (“Study“) sponsored by the Company and conducted by third party investigators and medical institutions.
For the purpose of this Notice:
- “Personal Data” shall have the meaning given to it under the EU General Data Protection Regulation (“GDPR”) or Israeli Privacy Protection Law (“IPPL”), as applicable, such Personal Data may include your name, email address, phone number, employment status, etc.
- “Study Staff” shall include the institution employees, investigators and supporting staff or other personnel involved in the Study.
Please note, this Notice is provided to you as part of the Study Staff and sets out the means by which SciSparc will collect, process and retain your Personal Data.
- Personal Data collected by SciSparc: contact details, such as your full name, phone number and email address, your employer identity and your job title.
- Purposes of use of Personal Data and Processing Operations:
- the conduct and interpretation of the Study;
- review by governmental or regulatory agencies and SciSparc;
- satisfying legal or regulatory requirements;
- publication on clinicaltrials.gov and other websites and databases that serve a comparable purpose;
- upon request of individual patients and doctors, provision of information regarding the Study to individual patients and doctors who may be interested in participating in the clinical study at institution;
- storage in our databases for use in selecting sites in future clinical studies.
- Your rights: You may be entitled under the GDPR and IPPL to request to review, amend, erase or restrict the processing of your Personal Data. You may do so by filling out a DSR form as applicable here and sending it to IR@Scisparc.com.
You further have the right to file a complaint with the appropriate supervisory authority in connection with concerns you may have with regards to your privacy.
- Sharing Personal Data with third parties. SciSparc may share Personal Data with the following third parties:
- trusted partners and service providers who assist in operating the Study, such as our contract research organization (CRO);
- SciSparc’s affiliates and connected companies, such as subsidiaries and parent companies;
- if necessary to comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; to protect our rights, reputation, safety or property, or that of our users or others; to protect against legal liability; to establish or exercise our rights to defend against legal claims; or to investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of others; violation of our applicable policies and agreements; or as otherwise required by law.
- Data retention: SciSparc retains the Personal Data collected solely for as long as required to fulfill the purposes for which it was initially collected as specified above, or for longer periods in the event are required by law or to comply with legal requirements. In addition, we will retain information we believe is needed in order to protect SciSparc’s rights and interests in accordance with applicable laws.
- Security measures: We employ security measures to protect personal data from unauthorized access, use, disclose or accidental loss and destruction. Note that, 100% security can never be provided, thus we will not be responsible for unauthorized acts that are beyond our control. In the event of a data incident that relates to Personal Data, we will take reasonable efforts to provide notification to users implicated (in the event such notification is required under applicable laws).
- International transfers of data: SciSparc implemented appropriate safeguards to protect data transferred internationally, if and to the extent applicable. The information will be processed in Azure cloud environment and accessed from an adequate country.
- If you have any questions or requests regarding the processing of your Personal Data, please send SciSparc an email to: IR@Scisparc.com or fill out a DSR form as applicable here and send it to the specified email address.
