Epista Life Science (“Epista”) has adopted this privacy policy to inform you about how your personal data is processed.
Epista is the data controller and bears responsibility that your personal data is processed in concordance with existing laws.
Contact information at Epista Life Science:
Lovisa Odén
Email: lod@epista.com
Tel.: +46 700505092
Address: Slotsmarken 17, 2970 Hørsholm, Denmark
CVR number: 32 14 10 64
Tel.: +45 48 25 45 00
Email: info@epista.com
Website: www.epista.com
When Epista requests your personal data, you are informed as to which data is being used and to what specific purpose. This information is made available to you at the time of the collection of your personal data. May the original purpose of the collection change; Epista will then seek new consent for the new processing purpose.
If Epista obtains your personal data from other providers such as a public authority or business partner, you will be informed hereof no later than 10 days from the collection of the data. Epista shall provide the purposes of the processing for which of the personal data are intended as well as the legal basis for the processing.
The personal information that we collect may include standard information, such as your name, the company you work for, position, contact information, personal information generated in the course of us providing services, financial information, including payment and account details, and any type of information you may provide to us in order for us to provide our services.
May Epista receive any other type of personal data, willingly transferred by a data subject, then Epista may also process it for the purposes provided here above.
We use that personal information that we collect in order for us to provide our services, provide information or services requested by you, to keep you informed about our services and events, to manage and administer our relationship with you and to provide and improve our website.
The information is stored with us for the allowed period of time only and is deleted when the personal data is no longer required by Epista. The duration of the time period depends on the type of the information and the reason for the storing.
Epista may transmit personal data to a third party only in compliance with regulations stated in this privacy policy.
Epista may transmit or share personal data in order to abide by a judicial obligation. Transmission of data may also occur following directions by a court or any other public authority for trademark protection, privileges or property rights. This includes the exchange of data with other companies and organizations if required in order to avoid fraud.
Epista uses service providers and data processors acting on its behalf. Their services include hosting and system maintenance, email service etc. Those service providers and data processors have access to our data to the extent necessary to do their job and deliver requested services. Epista’s service providers and data processors are contractually obligated to handle data in absolute confidentiality and are not authorized to use data for any purpose other than those contractually stated by Epista. Epista supervises that its service providers and data processors meet their commitments in this regard.
Should Epista in exceptional cases transmit personal data to a service provider or data processor located outside of the EU, then Epista guarantees that this data transmission will happen in accordance with legal requirements.
Epista protects your personal data and has adopted internal data security policies containing guidelines and precautionary measures to protect your personal data from destruction, loss, alteration or unauthorized disclosure and to prevent from any unauthorized access to the data. Epista has also implemented organizational and technical measures, to reinforce this protection, such as firewalls on computers, restricted access and alarm system in its premises, etc. alarm system in its premises, etc.
Epista has set procedures for assignment of security levels for employees processing personal data containing information on personal interests and habits. To prevent loss of data, Epista makes ongoing backup copies of the personal data and protects data confidentiality and authenticity by use of encryption.
In the event of a data security breach implicating a reasonable risk of possible discrimination, identity theft, economic loss, and damage to reputation or other significant downside, Epista must inform you without undue delay.
General provisions regarding the exercise of your rights.
To exercise your rights, as regards to the personal data that Epista is collecting from you, and hereafter described, you are invited to contact Epista (contact information stated at top of page).
Your request will be handled with the shortest deadlines and no later than a month after receipt of your request.
Information about your personal data
If so requested, Epista must inform you which of your data are being processed, how, where, from whom it has been collected and how it is being used. You also have the right to be informed as to how long your personal data will be stored and who has access to your data in case of data transmission.
You can always request access to your personal data within Epista (using the contact information specified hereabove), but this access might be restricted or limited if it endangers other people´s privacy, trade secrets or intellectual property rights. In that case, Epista will notify these restrictions to you.
Correction or deletion of data
You have the right to have inaccuracies in your personal data corrected. A request must be made to Epista stating the inaccuracies as well as your corrections to the data.
You may request the cancellation of your personal data in the cases provided for by current legislation. Once your request has been received and examined and if it is legitimate, Epista will delete your personal data.
You may also contact us for clarification, if you believe your personal data is being processed against any legal obligation.
If a request for correction/deletion has been made to Epista, and there is no valid reason for this latter to oppose or postpone it, then it will be executed in the shortest deadlines. Epista will inform you in case your request cannot be handled immediately.
Objection to data storage, processing and transmitting
You have the right to object to the processing and storage of your personal data. You may also object to Epista transmitting your data for sales promotion purposes. If Epista has no valid reason to oppose your request, then Epista will execute it within the shortest deadlines and stop processing, storing or transmitting your personal data.
You are entitled to receive your personal data collected either directly or indirectly by Epista. If the data is stored by Epista as a part of a contractual relationship between you and Epista, you may request to receive your information. You also have the right to transfer these personal data to another service provider (“data portability”).
This privacy policy has been modified on 20 September 2021.