Privacy Statement

§ 1 Information about the collection of personal data
(1) In the following we inform you about the collection of personal data when using the Galapagos S.A. website. Personal data refers to all data that can be linked to a person such as name, address, e-mail addresses and user behaviour.
(2) The person responsible pursuant to Art. 4 Para. 7 EU Data Protection Basic Regulation (DS-GVO) is Galapagos S.A., rue Albert Borschette 2c, 1246 Luxembourg, e-mail address (see our imprint).You can reach our data protection officer at info@galapagos-investor-relations.com or by post by adding "Data Protection Officer" to the correspondence.
(3) When contacting us via e-mail or the contact form, we save the data that you provide (your e-mail address as well as, potentially, your name and telephone number) so that we are able to answer your questions. We delete the data that we collect within this framework as soon as it is no longer necessary for use to save it or we restrict the processing of it if there are legal obligations for us to retain it.
(4) If we use an external service provider in order to process your enquiry or use your data for advertising purposes, we will inform you below in detail about the respective processes. We will also specify the criteria for the storage period.

§ 2 Your rights
(1) You have the following rights against us with regard to the personal data concerning you:
-Right to information,
•Right to correction or deletion
•Right to processing restriction
•Right to opposition of processing
•Right to data transmissibility
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
§ 3 Collection of personal data when you visit our website
(1) If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. f DS-GVO):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the aforementioned data, cookies are saved on your computer when using our website. Cookies are small text files that are saved on your hard disk through which certain information is forwarded to the party who has placed the cookie (in this case, us). Cookies cannot execute programs or transmit any viruses to your computer. Their purpose is to make the website generally more user-friendly and effective.
(3) Use of cookies:
a) This website uses the following types of cookies, the scope and function of which are described below:
- Transient Cookies (see b)
- Persistent cookies (see c).
b) Transient cookies are deleted automatically when you close the browser. In particular, this includes session cookies. These cookies save a "session ID" which can be used to allocate various requests from your browser from the joint session. As a result, your computer can be identified when you return to the website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a predetermined period which can vary depending on the cookie. You can delete the cookies via the security settings of your browser at any time.
d) Accepting cookies is not a prerequisite for using the portal. You can prevent cookies from being placed via your browser settings. However, we would like to point out that the use of your portal may become restricted as a result.
e) The Flash cookies used are not captured by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are filed on your end device. These objects store the required data irrespective of your used browser and do not have an automatic expiry date. If you do not agree to the processing of flash cookies, you must install a respective add-on. You can prevent the use of HTML5 storage objects by using your browser in private mode. We also recommend regularly deleting your cookies and browser history.