BioMonde is dedicated to protecting the confidentiality and privacy of information entrusted to us. We comply with the EU General Data Protection Act (“GDPR”) and the UK Data Protection Act 2018.
Data Protection Officer
You have the right to complain to the Information Commissioners Office (“ICO”) (www.ico.org.uk) if you have a problem with the way we are handling your data. However, we would appreciate the chance to deal with your concerns before you approach the ICO, so please feel free to contact us in the first instance.
Non-personal identification information
We may collect non-personal identification information about users whenever they interact with our website. Non-personal identification information may include the browser name, the type of computer and technical information about users means of connection to our website, such as the operating system and the Internet service providers utilized and other similar information.
What we collect
Personal data means any information about an individual from which that person can be identified. We may process different kinds of data about you as follows:
- Identity data including your name, email address and title.
- Contact data including your billing address, delivery address, email address and telephone number(s).
- Transaction data including details of products purchased and the date.
- Technical data relating to information we collect through use of our website where you voluntarily submit personal data to us.
We also collect and use Aggregated Data from usage of our website such as statistical or demographic data. This data is not personally identifiable and thus is not considered as personal data in law.
Personal data security
We have put appropriate technical and organisational security policies in place to protect personal data from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to personal data are required to maintain the confidentiality of such information. We may apply anonymisation techniques in efforts to further protect personal data.
Web browser cookies
Who we share the information with
We do not share personal data with third parties except where:
- Required by our professional advisors (acting as controllers or processors) such as auditors, pension advisors or insurance brokers;
- We are required to do so to comply with our legal obligations.
We do not collect Sensitive Data.
We do not collect Children’s Data.
Retention and Destruction
We maintain personal data for as long as necessary for the purposes that we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. The exact length of time that we hold your personal data for varies depending upon the individual circumstances, but in determining the appropriate retention period for personal data, we consider the amount, nature and sensitivity of personal data and the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Our email data servers are based in Europe. The replication and back up storage for these data servers by our service providers are outside of Europe. Whenever personal data is transferred out of Europe, we ensure that a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented.
Updates to this policy
Under the GDPR, your rights are as follows:
- The right to be informed;
- The right of access
- The right to rectification;
- The right to erasure
- The right to restrict processing
- The right to data portability;
- The right to object;
- The right not to be subject to automated decision making including profiling.
You can read more about your rights in detail at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights.
This document was last updated on May 24th, 2018.