1. INTRODUCTION The Diaceutics Group website, www.diaceutics.com, (the "Website") is operated by the Diaceutics group of companies (the "Diaceutics Group", "our", "we" and "us"). The Diaceutics Group respects your right to privacy and this Privacy Statement (this "Statement") sets out the basis on which we use, process, store and/or disclose any personal data detailed below ("Personal Data") that we collect from you or that you provide to us through the Website. This Statement, together with our Cookies Policy, applies to your use of the Website.
2. OVERVIEW OF THIS STATEMENT We collect and process your Personal Data when you use the Website and when you engage with us. We process your Personal Data mainly for the purpose of pursuing our legitimate interests. You may also provide us with additional Personal Data via email or via forms on the Website which we will process for the purposes of responding to you. We may also share your Personal Data with third parties and in certain circumstances with law enforcement agencies or other bodies if we are required to do so by law.
3. THE PERSONAL DATA WE PROCESS We will collect and process the following Personal Data when you use the Website:
You can choose to provide us with the following Personal Data:
We may obtain the following Personal Data about you from other third parties:
|Third Party Information||We may receive information about you from social media platforms, such as Facebook, Twitter, LinkedIn and YouTube, when you make contact with us via such platforms. This is limited to information which you decide to provide such as your name and contact details, email address or telephone number.|
4. HOW AND WHY WE USE YOUR PERSONAL DATA The following table details the legal bases for (the "Legal Basis") and the reasons why ("Purposes") we process your Personal Data:
|Legal Basis||Purpose(s)||Personal Data Processed|
|Legitimate Interests It is in our legitimate interests to provide you with access to our Website and to collect and process your Personal Data for the purposes of improving and monitoring Website efficiency and enhancing your use of the Website. It is also necessary for the purposes of our legitimate interests to process your Personal Data to respond to any queries or requests submitted by you to us. When we process your Personal Data based on our legitimate interests, we make sure to consider any potential impact on you and your data protection rights. We will not process your Personal Data for activities where our interests are overridden by the impact on you.||Access to the Website |
|Compliance with a Legal Obligation We may process your Personal Data where it is necessary to comply with legal obligations to which we are subject.|
|To Defend, Establish or be a Party to Legal Claims We may process your Personal Data as necessary in order for us to establish, investigate, exercise or defend a legal claim to which you are a party.|
5. WHO WE SHARE YOUR PERSONAL DATA WITH We will disclose your personal information to third parties including in the following circumstances:
6. SECURITY, STORING AND TRANSFERS OF YOUR PERSONAL DATA We store and process your Personal Data on servers located within the European Economic Area (the "EEA"). However, we may transfer your Personal Data outside the EEA to both internal and external recipients, for example within the Diaceutics Group. We only transfer your personal data outside the EEA where the European Commission has decided that the third country in question ensures an adequate level of protection in line with EEA data protection standards or there are appropriate safeguards in place to protect your Personal Data. If you would like to find out more about the appropriate safeguards that we have in place to govern the transfer of your Personal Data you can contact us at [email protected]. Although we take reasonable steps to protect the Personal Data you provide us through the Website, the transmission of information via the internet is not completely secure and we cannot guarantee the security of any information you transmit to us. Any transmission is at your own risk. Once we have received your information, we use strictly maintained physical, electronic and procedural safeguards to prevent unauthorised access.
7. LINKED WEBSITES The Website contains links to other websites ("Linked Websites"). The Diaceutics Group is not responsible for the privacy statements or practices on Linked Websites. This Statement governs only information collected on the Website. When accessing Linked Websites, you should read the privacy statement published on the relevant Linked Website. The terms of our Statement do not apply to Linked Websites. Please check these statements before you submit any Personal Data to Linked Websites. The Website contains links to other websites and resources provided by third parties for your convenience and information only. We accept no liability in connection with any Linked Website, or any contract entered into with any third party on or through a Linked Website. We have no control over the content of those websites or resources and accept no responsibility for them or for any loss or damage that may arise from your use of Linked Websites.
8. HOW LONG WE KEEP YOUR PERSONAL DATA FOR We will keep your Personal Data for as long as is necessary for the purposes for which it was obtained from the date of collection or, where you enter into a contractual agreement with us, following the end of the performance of our contract (which may be up to 7 years in some cases). Please note that in certain circumstances, we may hold your Personal Data for a longer period, for example, if we are processing an ongoing claim or believe in good faith that the law or a relevant regulator may reasonably in our view expect or require us to preserve your Personal Data.
9. YOUR RIGHTS AND HOW TO EXERCISE THEM The table below sets out the rights that you have to address any concerns or queries with us about our processing of your Personal Data:
|Right to be Informed|
|Right of Access|
|Right to Rectification|
|Right to Erasure|
|Right to Restriction of Processing|
|Right to Erasure|
|Right to Restriction of Processing|
|Right to Data Portability|
|Right to Object|
You can exercise any of these rights by submitting a request to our Legal Department at [email protected]. We will provide you with information on any action taken upon your request in relation to any of these rights without undue delay and at the latest within one month of receiving your request. We may extend this by up to two months if necessary, however we will inform you if this arises. Please note that we may ask you to verify your identity when you seek to exercise any of your data protection rights. You have the right to lodge a complaint with the Data Protection Commission with regards to our processing of your Personal Data.
10. CHANGES TO THIS STATEMENT AND QUESTIONS If we amend this Statement, in whole or part, any changes will be posted on our page and, where appropriate, notified to you by email or when you use the Website. The new Statement may be displayed on-screen and you may be required to read and accept it to continue your use of the Website. If at any time we decide to use your Personal Data in a manner significantly different from that stated in this Statement, or otherwise disclosed to you at the time it was collected, we will notify you and you will have a choice as to whether or not we use your Personal Data in the new manner. If you have any questions, comments and requests regarding the way your Personal Data is used or processed by the Diaceutics Group, please contact our Legal Department at [email protected]
11. IMPORTANT ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline. Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. It does not include publicly available data as defined by the CCPA. Since the CCPA requires that we disclose specific information about how we handle certain personal information collected about all California consumers, the scope of this section is different than the overall scope of our privacy statement as explained above.
Categories of Personal Information that We Collect, Disclose, and Sell
The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, sell, and disclose to others for a business purpose. We collect these categories of personal information from the sources and for the purposes explained in the section above. Our collection use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident.
|Categories of personal information||Do we collect?||Do we disclose for a business purpose(s)||Do we sell?|
|Name, Contact Info and other Identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.||Yes||Yes||No|
|Customer Records: paper and electronic customer records containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.||Yes||Yes||No|
|Protected Classifications: characteristics of protected classifications under California or federal law such as race, colour, sex, age, religion, national origin, disability, citizenship status, and genetic information.||No||No||No|
|Purchase History and Tendencies: commercial information including records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.||No||No||No|
|Biometric Information: physiological, biological or behavioural characteristics that can be used alone or in combination with each other to establish individual identity, including DNA, imagery of the iris, retina, fingerprint, faceprint, hand, palm, vein patterns, and voice recordings, keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.||No||No||No|
|Usage Data: internet or other electronic network activity information, including, but not limited to, browsing history, clickstream data, search history, and information regarding a resident’s interaction with an internet website, application, or advertisement, as well access logs and other activity information related to your use of any company websites, applications or other online services.||No||No||No|
|Geolocation Data: precise geographic location information about a particular individual or device.||No||No||No|
|Audio, Video and other Electronic Data: audio, electronic, visual, thermal, olfactory, or similar information such as, CCTV footage, photographs, and call recordings and other audio recording (e.g., recorded meetings and webinars).||Yes||Yes||No|
|Employment History: professional or employment-related information.||Yes||Yes||No|
|Education Information: information about education history or background that is not publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).||No||No||No|
|Profiles and Inferences: inferences drawn from any of the information identified above to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes.||No||No||No|
California Residents’ Rights California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.
Notice at Collection. At or before the point of collection, notice must be provided to California residents of the categories of personal information collected and the purposes for which such information is used.
Verifiable Requests to Delete and Requests to Know. Subject to certain exceptions, California residents have the right to make the following requests, at no charge:
Request to Delete: California residents have the right to request deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies.
Request to Know: California residents have the right to request and, subject to certain exemptions, receive a copy of the specific pieces of personal information that we have collected about them in the prior 12 months and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. California residents also have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the:
- categories of personal information collected;
- categories of sources of personal information;
- business and/or commercial purposes for collecting and selling their personal information;
- categories of third parties/with whom we have disclosed or shared their personal information;
- categories of personal information that we have disclosed or shared with a third party for a business purpose; and
- categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party.
California residents may make Requests to Know up to twice every 12 months.
Submitting Requests. Requests to Know, and Request to Delete may be submitted by emailing us at [email protected] or by mail marked for the attention of Legal to: Titanic Suites, Enterprise House, 55-59 Adelaide Street, Belfast, Antrim BT2 8FE. We will respond to verifiable requests received from California consumers as required by law.
Right to Non-Discrimination. The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA.