Close menu

Contact

Our commitment to data protection

Promise Proteomics
global data protection policy

Entry into force: 25 May 2018

PROMISE Proteomics understands the importance of privacy and the protection of personal data and is committed to ensuring adequate protection of personal data with respect to all persons with whom it has relations.

In this context, and for transparency purposes, PROMISE Proteomics has established this global personal data protection policy (“Policy”) which describes the general measures implemented by PROMISE Proteomics to ensure adequate protection of personal data. By “personal data” we mean: any information relating to an identified or identifiable natural person, for all data processing operations carried out in the context of its business relations and activities.

This policy may evolve according to the legal and regulatory context.

 

1.   What processing activities does this Policy cover?

This Policy applies to all personal data processing carried out by PROMISE Proteomics with respect to persons with whom it has relations in the course of its business relations and activities. This includes in particular:

  • Health professionals ;
  • Users of our products and services as well as users of our websites ;
  • Representatives of our contracting partners and business partners ;
  • Candidates in the context of recruitment ;

Specific information notice relating to the processing of your personal data (“Information notice”) and/or consent forms will be provided to you and will explain in more detail, for the processing concerned, how and why your personal data will be used in the context of said processing.

Where applicable, these Information notice and/or consent forms may be supplemented by mandatory information prescribed by local legislation or regulations.

 

2.   What data do we collect from you?

PROMISE Proteomics strives to ensure that it collects only the personal data necessary for the purposes of the processing and uses your personal data only for those purposes.

PROMISE Proteomics will inform you of the Personal Data to be provided in a mandatory manner when performing the service on the one hand and those deliberately provided by you on the other hand.

 

3.   For what purposes do we collect your personal data?

PROMISE Proteomics is committed to collecting and processing your personal data in a fair and lawful manner. The processing operations carried out by PROMISE Proteomics serve explicit, legitimate and determined purposes.

In particular, your personal data may be collected for the following purposes:

  • Establish, maintain and manage our business relationships with our customers and suppliers, verify your financial information
  • Be able to answer your questions or requests for information; be able to inform you about our products/services, including by sending you promotional information about PROMISE Proteomics products and/or services
  • Carry out our activities; keep a record of our interactions and meetings
  • Manage our research and development activities
  • Understand and respond to your needs and preferences, including communicating with you and conducting surveys, research and evaluations
  • Respond to requests from administrative or judicial authorities in accordance with applicable law (e.g. judicial requisition, injunction, etc.)
  • Develop and improve our products and/or services
  • Protect the health, safety and security of PROMISE Proteomics personnel and its premises
  • Manage the administration of our activities (finance, accounting, fraud detection and prevention, legal).

 

4.   On what legal basis is PROMISE Proteomics based ?

Depending on the processing of personal data, PROMISE Proteomics processes your personal data on the basis of one of the following legal basis:

  • Your prior consent. This is the case if you have given your consent to the processing of your personal data by PROMISE Proteomics. In practice, PROMISE Proteomics will ask you to clearly accept or refuse the treatment concerned (e.g. signature of a document; online application procedure (“opt in”), …);
  • A contractual relationship between you and PROMISE Proteomics. This is the case where the processing of your personal data is necessary for the signature and performance of contractual obligations. Consequently, if you do not wish to communicate your personal data as part of a contractual relationship, PROMISE Proteomics may or will be forced to refuse to enter into a contractual relationship with you or will not be able to provide you with the products and/or services covered by the contract;
  • Legal obligations applicable to the activities of PROMISE Proteomics. For example, PROMISE Proteomics may monitor complaints.
  • A “legitimate interest” within the meaning of the applicable legislation on the protection of personal data. PROMISE Proteomics will ensure that your interests and fundamental rights are respected in order to determine whether the processing is legitimate and lawful.

 

PROMISE Proteomics may also, if necessary, rely on other legal bases, such as, for example, the protection of your vital interests insofar as the processing operation justifies it.

The Information notice will specify the legal basis on which PROMISE Proteomics is based.

 

5.   How are personal data transfers managed?

If applicable, in the event of a transfer of your personal data outside the European Union, in countries that do not offer an equivalent level of protection, PROMISE Proteomics ensures that adequate safeguards are implemented (in particular through the implementation of standard contractual clauses of the European Commission).

 

6.   What security measures are in place?

In order to ensure the protection of your personal data, PROMISE Proteomics has put in place technical and organisational measures.

  • For example, we store your personal data on servers on which various types of technical and physical access control are installed, which may include, for example, monitoring and controlling access by badge to the premises, raising staff awareness of security and respect for personal data, login/password authentication, and restricting access to applications based on predefined roles, Restriction of access to applications according to predefined roles, supervision of equipment by various software solutions, multiple antivirus protections (workstation, messaging, APT, anti-spam), use of firewalls and security rules, multiple solutions for traceability, log collection and analysis, backup solutions, data duplication and restoration, VLAN isolation, encrypted data transfers (HTTPS, VPN).

These measures take into account the purposes of the data processing, the sensitivity of the data and the risk to the rights and freedoms of the data subjects as well as the state of the art and the implementation costs.

 

7.   How long does PROMISE Proteomics keep your personal data?

Your personal data will be kept for the duration necessary for the purposes of the processing concerned in accordance with applicable regulations.

 

8.   What are your rights?

In accordance with applicable legislation, PROMISE Proteomics informs you that you have the right:

  • To access to your personal data
  • To request the rectification of your personal data
  • To request the deletion of your personal data (“Right to forget”)
  • To withdraw your consent when the processing is based on your consent
  • To oppose the processing of your data when your data have been processed on the basis of a legitimate interest of PROMISE Proteomics
  • To request a limitation of processing in cases listed by applicable law
  • To request the portability of personal data to the third party of your choice when it is technically possible
  • If necessary, to organise the fate of your personal data after your death

You can exercise these rights by sending the PERSONAL DATA RIGHTS FORM to contact@promise-proteomics.com, or failing that, to our Data Protection Officer: personaldata@aguettant.fr.

You can also file a complaint with a competent supervisory authority, in particular in the event of a breach of the rules governing the protection of your personal data.

 

9.   Personal data of minors

We do not process personal data of minors without the consent of the parents or guardian. In the event that a parent or guardian becomes aware that their child has provided us with personal data, we invite them to contact us. We will take the necessary steps to delete this information from our database in accordance with applicable legal requirements.

 

10. Contact

For any questions, you can send your requests via our Contact form.

 

__________________________________________________________________

Validated by our Data Protection Officer.

This policy may evolve according to the legal and regulatory context.