Contract Genetica Ltd is committed to protecting your privacy.
The reason for this notice
individuals who have no contract with us but whose data we are handling; and, where different;
visitors to our website; or
individuals who receive marketing information from us.
Your data privacy rights
Personal data is information which identifies a living person, whether directly or indirectly. A reference to ‘you’ and ‘your’ in this notice is to individuals whose personal data we are processing.
You have the right to access personal data that we hold for you and can find out more about your rights under the DP legislation at http://www.ico.org.uk. Your rights depend on the basis upon which we are processing your data and are difficult to summarise in a general document.
If you have any requests concerning your personal information or any queries with regard to our processing, please contact us at firstname.lastname@example.org and your enquiry will be forwarded to the correct person. We will respond to your enquiry within 30 days unless the query is complex. We will advise you if this is the case.
You will not have to pay a fee to access your personal information (or to exercise any other right as a data subject). However, we may charge a reasonable fee, if your request is clearly unfounded or excessive. You have the right to lodge a complaint with the Information Commissioner in respect of our processing of your personal data. Further details are available at http://www.ico.org.uk.
How we collect personal data
We collect personal data in the course of our business from or about a number of different categories of people both directly and indirectly. This includes:
people with whom we, or our staff, have a business relationship e.g. when you give us a business card; or refer work to us and/or
other third parties who visit our website, request information or receive marketing services (updates, events and seminars).
What we collect
We collect personal information which can include one or more of the following:
basic information such as your name, title or position, and related information such as the company you work for;
contact options e.g. phone, email or post;
identification information collected as part of our client inception and credit checking process;
financial information such as payment related information;
information to help us help you, inviting you to events of interest to you and, when you attend those events, information such as access or dietary requirements; and/or
any other information relating to you from public sources and/or provided to us by you.
From time to time this information may include special category data (which the DP legislation requires us to treat with extra care). Special category data can include information about your health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation. Where personal information has been supplied to us indirectly, e.g. by a customer, we respect any specific requirements they may make about our use of that data but will process the data as data controllers in our own right.
What we do with your information
We process personal information for the purpose of providing services to our customers and also for our own business purposes including:
to provide information requested by you;
to tell you about our services including details of events, seminars and publications (as permitted by you or by law);
disclosures to our auditors, our own legal or professional advisors, our insurers and insurance brokers;
to provide our website and improve its use including monitoring and auditing;
fraud prevention (including money laundering and bribery) and for the prevention or detection of crime.
What is the basis for processing your data?
We will only process your personal data where we have a lawful basis for doing so. This is set out in the DP legislation. The lawful basis will be one or more of the following, that the process is necessary for:
compliance with our legal and regulatory obligations;
to pursue our legitimate business interests;
establishing, exercising or defending legal claims; and/or
to perform a contract to which you are a party or taking steps prior to entering into such a contract.
This notice can only be a general summary. You may at any time request to see and, if appropriate, amend, your personal data. Details are given under ‘Your data privacy rights’.
Transfer of personal data
We may need to process your information outside the location where it was given to us. This may involve the transfer of your information outside the European Economic Area (the EEA), or vice versa. The level of data privacy protection in countries outside the EEA may be less than offered within the EEA. We take all reasonable steps to ensure that personal data is protected and secure.
At the foot of every marketing mailing we send out, we offer recipients the opportunity to opt out of any future mailings of that type, or indeed, request to be completely removed from our contacts database. You may also request to be removed from this database at any time by contacting email@example.com, or by writing to us at our UK registered company office.
We are committed to safeguarding the privacy of visitors to our website. You are not required to provide any personal information on the public areas of our website. However, you may choose to do so by completing the contact forms on various sections of our website. If you do, your personal information will be treated as set out in this notice.
We use up-to-date data storage and security techniques to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. Our employees and any third parties we engage to process personal information are required to respect its confidentiality.
Storage and disposal of personal data
We hold personal data and other information for different periods reflecting both good data protection practice and our regulatory, statutory and contractual requirements. These periods are set out in our data retention policy, which is revised from time to time. Please contact us if you would like to know the retention period for your own data.
Personal data supplied for the purpose of due diligence checks is used only for that purpose and destroyed five years after the termination of the business relationship between us.
Changes to this notice
We reserve the right to update this privacy notice at any time. Operative from 1 June 2019. Version: 1.0.0