Privacy Notice
How BioNavis Ltd uses customer data and marketing-related personal data

This is a privacy notice for the purposes of the EU General Data Protection Regulation (the ”GDPR”). Last amended on May 23rd 2018.

1. Data Controller

BioNavis Ltd, Hermiankatu 6-8H, 337 20 Tampere, Finland, www.bionavis.com

2. Contact details for issues concerning personal data

Ms. Nadia Kuisma, info@bionavis.com, +358 10 271 5030

3. The purpose and legal basis for processing personal data

The purpose of processing personal data in connection hereto is to maintain customer contacts and to market BioNavis’ products and services. The legal basis for processing the personal data is the performance of the customer agreement, or the customer’s request to take preparatory steps therefor (Article 6(1)(b) GDPR) and BioNavis’ legitimate interest to market its products to its contacts (Article 6(1)(f) GDPR).

Specific examples of use include for instance:

  • Sales activities to provide information concerning our products
  • Service activities to run experiments, provide maintenance, training or support
  • Introduction of technologies or know-how, supplying solutions for research and development, quality control

The information is not used for automated decision-making or profiling.

If you follow a link from our website to another site, this Privacy Policy will no longer apply there. We are not responsible for the information handling practices of third party sites or services and we encourage you to read the privacy policies for those sites.

4. Data collection

BioNavis collects information during phone calls, from e-mails, in business meetings, during networking events, through such social media as LinkedIn, XING, ResearchGate and additionally when you complete any forms on our website www.bionavis.com. We may also be given your name and basic contact information as a referral from someone in your network or in our network.

5. Scope of data collected

BioNavis processes such personal data as the data subject may give to BioNavis. Such information includes name, title, company, billing information both for the data subject and the company, and, e.g., the names of the data subject’s or his/her company’s social media profiles, as well as information given on, e.g., business cards or in email footers. Additionally, BioNavis will process information concerning its customers, orders, order changes and the like. Most of the collected information is available in the public domain.

In addition to information obtained directly from the data subject, BioNavis may also record information, e.g., the IP address used by the data subject, use of the BioNavis website as well as content, likes and similar from social media accounts.

6. Storage periods

The data is stored for the duration of any customer relationship and for two years thereafter. Should BioNavis during this time have a reasonable belief that the data may be needed longer, e.g., for a potential dispute, the data may be kept until the relevant statute of limitations period has expired.

Marketing data that are not connected to a customer relationship are kept for two years or until the affected party asks that it be removed.

To the extent any customer’s or marketing contact’s personal data would be processed based on the consent of the data subject, the data subject may withdraw the consent at any time. Withdrawing consent does not affect the legality of any already undertaken data processing measures, however.

7. Regular disclosures of personal data; transfers outside the EU/EEA

Personal data may be transferred to data processors such as an external company sending a newsletter on behalf of the company, e.g., MailChimp. Information may also be disclosed to BioNavis’ distributors and sales agents, some of which are located outside the EU. Full list of such subjects is available at: http://www.bionavis.com/en/contact-bionavis. BioNavis has entered into data processing agreements pursuant to Article 28 of the GDPR with these entities. In respect of those distributors and sales agents located outside the EU or the EEA, BioNavis also entered into an agreement including the standard contract clauses referred to in 46(2)(c) of the GDPR to ensure the safe processing of personal data outside the EU/EEA also.

BioNavis also uses external analytics services, such as Google Analytics, that may operate both inside and outside the EU.

Data may be published only if this has been agreed-on with the customer.

8. Information security

The data that we collect is stored at locations within European Economic Area (“EEA”). Appropriate care will be used in the processing of personal data and any data processed via IT systems adequately protected. When data is stored on Internet servers, the devices’ physical and digital information security is ensured. BioNavis will ensure that the save data, server access rights, and information critical to the safe storage of the data are dealt with confidentially and only by those members of staff for whose job functions it is necessary. The data that we collect is stored at locations within European Economic Area (“EEA”).

9. The right to inspect data and have incorrect data rectified

All data subjects have the right to inspect personal data BioNavis holds about them and to require that incorrect or lacking information be updated. Should the data subject wish to inspect his or her personal data, or ask that they be corrected, a written request can be sent to BioNavis using the contact details provided above. BioNavis may ask the requesting person to identify him- or herself, where necessary.

BioNavis will respond to the data subject without undue delay and in any event within a month.

10. Other rights in connection to personal data

The data subject also has the right to object to his or her personal data being processed and to ask that information concerning him or her be removed from the register. The data subject also has all other rights provided for in the EU General Data Protection Regulation, such as the right to have the processing of personal data restricted in certain cases. Requests should be sent to BioNavis in writing using the contact details provided above. BioNavis may ask the requesting person to identify him- or herself, where necessary. BioNavis will respond to the data subject without undue delay an in any event within a month. Should the data subject consider that BioNavis has processed his or her data unlawfully, the data subject may file a complaint with the data protection supervisor of his or her place of residence or work. In Finland, the data protection supervisor is the Data Protection Ombudsman (see tietosuoja.fi).

11. Cookies

This website uses cookies. Cookies do not contain information personally identifying a user. Cookies do not cause damage to your computer and do not contain viruses. Cookies are small text files stored by your browser on your browsing device. They are sent by the web server to a web browser and are stored by the browser. The identifying string of text file is then sent back to the server each time the browser requests a page from the server. Majority of cookies that we use are ’’session cookies’’ and are deleted automatically after the end of your visit to our website. “Persistent cookies” remain on your device until their set expiry date or unless deleted by the user. Those cookies enable recognition of your browser on your next visit. You can adjust your browser to inform you about cookies before their acceptance, to individually accept or decline cookies or to decline cookies by default.

Our service providers, such as Google Analytics, use cookies to help us analyze the use of our website. The data is then shown in the form of reports and graphs. Google’s privacy policy is available at: https://www.google.com/policies/privacy/. You can opt-out of Google Analytics across all websites. Blocking cookies has a negative impact on the user experience and usability of many websites.
By using our website, you agree that these cookies can be placed on your device.