Overview

This privacy notice describes how Genomics plc (“we”, “us”, “our”) as a data controller collect and use personal data about you if you use www.genomicsplc.com (our “site“). It applies to all users of our site.

WHAT PERSONAL DATA DO WE USE?

We need to collect, store, and use the following categories of personal data about users of our site:

Technical Data
This includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our site.

Usage Data
This includes information about which pages you visit on our site.

We also collect, use, and share “Aggregated Data” such as statistical or demographic data. Aggregated Data may be derived from your Technical Data or Usage Data but is not considered personal data in law as it does not directly or indirectly reveal your identity.

For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature of our site. However, if we combine or connect Aggregated Data with Technical Data or Usage Data so that it can directly or indirectly identify you, we will treat the combined data as personal data which will be used in accordance with this privacy notice.

HOW WE WILL USE PERSONAL DATA

We will use your Technical Data to administer and protect our business and the site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data). This is necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise) and thus also necessary to comply with a legal obligation.

We will use your Technical Data and Usage Data for data analytics to improve our site. This is necessary for our legitimate interests (to keep our site updated and relevant, and to develop our business).

We will only use personal data for the following purposes:

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

To fulfil legal or regulatory requirements if necessary.

HOW IS YOUR PERSONAL DATA COLLECTED?

As you interact with our site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see our cookie policy for further details.

AUTOMATED DECISION-MAKING

No decisions will be taken about you using automated means.

WHAT ABOUT THIRD PARTIES?

We may disclose Technical Data or Usage Data to our service providers who operate elements of our site and/or process Technical Data or Usage Data on our behalf. Where such disclosures are made, this will be under contractual arrangements with us and carried out in accordance with the requirements of data protection law. Our hosting provider is Mythic Beasts Ltd (link). We may also need to share your personal data with a regulator or to otherwise comply with the law.

TRANSFERRING INFORMATION OUTSIDE THE EU

We will not transfer the Technical Data or Usage Data that we collect outside the EU.

DATA SECURITY

We have appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data only to those involved in the maintenance of our site. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

HOW LONG WILL YOU USE MY PERSONAL DATA FOR?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Our policy is to retain Technical Data or Usage Data for 12 months.

CHANGES

It is important that the Technical Data or Usage Data we hold about you is accurate and current, and we will take reasonable steps to ensure that this is the case.

YOUR RIGHTS

Under certain circumstances, by law you have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.

Request the transfer of your personal data to another party.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). We may charge a reasonable fee or we may refuse to comply if your request for access is clearly unfounded or excessive.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is an appropriate security measure to ensure that personal data is not disclosed to anyone who has no right to receive it.

Who do I ask if I have any questions?

Our Data Protection Officer is Liam Curren. His contact details are:

e: dpo@genomicsplc.com or t: +44 01865 981600.

Who do I contact if I have a complaint?

The Information Commissioner’s Office is the official regulator of personal data in the UK. You can find its contact details here: https://ico.org.uk/

We may update this privacy notice from time to time. (Last updated: 5 December 2018)