Privacy Policy

close up of samples.

1. INTRODUCTION & SCOPE

At Scymaris Ltd, and Scymaris Group (together referred to in this Privacy Notice as “Scymaris”, “we” or “us”) we take your privacy seriously. We see it as our duty of care to keep personal data safe and to ensure that all personal data is used and stored in accordance with applicable data protection laws. Our culture of respect means we do not misuse personal data in our possession.

We appreciate the interest you have shown in us, our products and services by visiting us at scymaris.com (the “Website”) or by reading any of our online communications through channels such as our social media pages (collectively the “Online Channels”).

This Privacy Notice explains what kind of personal data is collected and how it is used by Scymaris when you interact with us, such as through visiting our website, your use or purchase of our or services, your contact with customer support, your subscription to our newsletters, your participation in our webinars or any other interaction with Scymaris, including without limitation all online and offline collection of personal data, and your rights in respect of your personal data.

This Privacy Notice does not apply to personal information for job candidates obtained through our Careers, which is subject to the Scymaris Recruitment Privacy Notice.

This Privacy Notice may be changed over time. The most up to date Privacy Notice is published on our website and we encourage you to periodically review the website for changes to this Privacy Notice.

2. WHO WE ARE

Scymaris Ltd is based at the Brixham Environmental Laboratory site located in Devon, England where specialized laboratory services have been provided to the Chemical and Pharmaceutical industries for over 65 years. We provide high quality and cost-effective ecotoxicology, environmental fate, plant metabolism and analytical chemistry services to the global agrochemical, pharmaceutical, animal health, cosmetic and chemical industries. Our goal is to help our clients understand the lifecycle of chemicals in our environment and the impact this has on the ecosystem. The Company is led by an experienced management and operations team.

3. WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA?

Scymaris Ltd, based and headquartered at Freshwater Quarry, Brixham, Devon TQ5 8BA United Kingdom.

Scymaris Ltd is the controller for the processing of personal that falls within the scope of this Privacy Notice.

If you have any questions about this Privacy Notice, your use of the website, our services, solutions, events or your dealings with us, in relation to our use of your personal data or your rights in relation to your personal data, you can contact us via email at GDPR- enquiries email address : hello@scymaris.com.

4. FOR WHICH PURPOSES DO WE PROCESS YOUR PERSONAL DATA?

4.1 FOR ANSWERING YOUR QUESTIONS AND FOLLOWING UP ON YOUR REQUESTS

What does this purpose entail?

If you get in touch with us at hello@scymaris.com or via the contact form on our Website, we will respond to your enquiry using your personal data.

On what lawful basis do we process personal data?

We process your personal data on the basis of our legitimate interest in managing our relationship with existing and potential customers, suppliers, vendors and business partners.

Which personal data do we process for this purpose?

For this purpose, we process your name, contact details, your correspondence with Scymaris and any other personal data necessary for answering your question.

4.2 FOR PROCESSING YOUR STUDY, PAYMENTS AND FOR DELIVERING CUSTOMER SERVICE

What does this purpose entail?

We use your personal data to process your study request, report on study status and to contact you about the transaction (for instance, where the transaction fails), as well as for providing customer services.

On what lawful basis do we process personal data?

We process your personal data on the basis that it is necessary for performing a contract between you and us. If you fail to provide the requested information, Scymaris will be unable to process your order and/or provide customer services to you.

Which personal data do we process for this purpose?

For this purpose, we process your name and contact details, details about your request for our services, your acceptance of our applicable terms and conditions and your correspondence with Scymaris.

4.3 FOR THE DEVELOPMENT AND IMPROVEMENT OF PRODUCTS AND/OR SERVICES

What does this purpose entail?

We process your personal data in order to assess and improve our products and services. We convert your personal data into statistical or aggregated data to analyse customer behaviour and to adjust our customer offerings. We also, on an aggregate basis (i.e. in a way that does not personally identify you), perform market trend research through statistical analysis to evaluate and adapt our products and marketing to new developments.

For this purpose, we analyse how often you read our newsletters and visit our website, which pages you click on and what services you requested through our website. Based on this information, we may make adjustments to our offerings, our newsletters or the website as well as adapt our promotions.

On what lawful basis do we process your personal data?

We process your personal data on the basis of our legitimate interest in developing and improving our offerings to our customers in view of customer needs and wider market trends and developments.

Which personal data do we process for this purpose?

For this purpose, we process your contact details, personal details (such as name and company), your demographic data (such as your country and preferred language), and your correspondence with us. We also process data generated from your usage of the website such as IP address, web pages visited, your click-and-surf behaviour and the length of your session.

4.4 TO DELIVER YOU OUR WEBSITE’S FUNCTIONALITIES AND FOR ITS TECHNICAL AND FUNCTIONAL MANAGEMENT

What does this purpose entail?

We process your technical data to offer you our website’s functionalities and to allow our website administrators to manage and improve our website’s performance. If you enter data in our websites (such as service preference or your location) to receive relevant information or functionalities, Scymaris processes this data to provide you with the requested information or functionalities.

On what lawful basis do we process your personal data?

We process your personal data on the basis of our legitimate interest in maintaining our website’s functionality.

Which personal data do we process for this purpose?

For this purpose, we process the personal data you have entered into our website or that is generated from the functionalities you have used on the website and the technical data from your device such as your IP address, the internet browser you use, pages visited on the website, your click-and-surf behaviour and the length of your session.

4.5 WHERE APPLICABLE, TO OPEN AND ADMINISTER YOUR ACCOUNT AND TO MAINTAIN ITS CONFIDENTIALITY

What does this purpose entail?

You need to provide us with your personal data if you choose to register and open an account with us.

On what lawful basis do we process your personal data?

We process this on the basis of our legitimate interest in (i) managing our customer relationships through effective account management and (ii) protecting the confidentiality and integrity of our information networks, including the website accounts.

4.6 FOR CUSTOMER RELATIONSHIP MANAGEMENT

What does this purpose entail?

Scymaris will send communications to you for the purpose of performing relationship and account management as well as communicating recalls where necessary.

On what lawful basis do we process your personal data?

We process this on the basis of our legitimate interest in establishing and maintaining ongoing customer relationships.

Which personal data do we process for this purpose?

For this purpose, we process your name and contact details, personal details such as your contact preferences, payment information and transaction data, whether or not you opt to receive our newsletter and your correspondence with us.

4.7 FOR DIRECT MARKETING PURPOSES

What does this purpose entail?

Our range of services and solutions is constantly evolving to match the increasingly sophisticated markets in which we operate. For this purpose, we may provide you with information about the same or similar services, solutions, promotions and offers to those which you have received or about which you have enquired and which may be of interest to you.

We may also invite you to take part in market research or request feedback on our events, services and solutions.

On what lawful basis do we process your personal data?

We usually process your personal data on the basis of your consent, which you may withdraw by opting out of receiving marketing messages at any time and free of charge. We may, however, in limited cases, send you marketing messages without your consent being required if deemed important and crucial such as price increases.

You will always have the option to opt out of receiving these communications by following the instructions included in each communication. Should you wish to opt out, we will no longer send you direct marketing.

Which personal data do we process for this purpose?

We process your name and contact details and data generated from market surveys.

4.8 FOR ORGANISATIONAL ANALYSIS, MANAGEMENT REPORTING, ACQUISITION AND DIVESTITURES AND FOR THE EXECUTION OF BUSINESS PROCESSES AND INTERNAL MANAGEMENT

What does this purpose entail?

At Scymaris, we process your personal data in the preparation and performance of management reporting and analysis using aggregated personal data. We also conduct customer, supplier and business partner surveys to learn more about your views and opinions as part of the reporting process. Additionally, your personal data may be processed in the context of mergers, acquisitions and divestitures, and in order to manage such transactions.

We process your personal data in the general performance and internal administration of our business, including in relation to asset and order management. Furthermore, your personal data may be used when we conduct audits and investigations to comply with applicable legal obligations and/or Scyamris’s internal policies, implement business controls, and for managing our customer, supplier and business partner.

We also process your personal data for finance and accounting, archiving and insurance purposes, legal and business accounting and in the context of dispute resolution.

On what lawful basis do we process your personal data?

We process your personal data in order to satisfy our legitimate interest in operating the day-to-day business of Scymaris and to develop and implement plans for strategic growth.

Which personal data do we process for this purpose?

For this purpose, we may process your contact details, personal details (such as your name and company), your response to our surveys, data stored on Scymaris’s IT systems, data generated during the performance of your agreement with Scymaris and your correspondence with Scymaris.

4.9 TO COMPLY WITH THE LAW

What does this purpose entail?

Scymaris processes your personal data to comply with laws and regulations (such as tax and business conduct-related and due diligence obligations including know your customer requirements) and this may involve disclosing your personal data to government or other supervisory authorities.

On what lawful basis do we process your personal data?

We process your personal data to comply with any legal or regulatory obligations to which we may be subject.

Which personal data do we process for this purpose?

For this purpose, we process your contact details, such as your address and email address, personal details, such as your name and contact details, and your chamber of commerce and tax details, and any other information requested by the relevant government or supervisory authority.

4.10 TO PROTECT HEALTH, SAFETY, SECURITY AND TO ENSURE INTEGRITY

What does this purpose entail?

Where you are invited to Scymaris premises, we process your personal data in order to safeguard our employees, customers, suppliers and business partners as well as their assets. As such, we authenticate your access rights to our premises and may screen your personal data against publicly available government and/or law enforcement agency sanctions lists.

On what lawful basis do we process your personal data?

We process your personal data in line with our legitimate interest in safeguarding the health and safety of others, as well as in authenticating third party status and access rights whilst on our premises.

Which personal data do we process for this purpose?

For this purpose, we process your name the purpose of your visit, and your visiting history to our premises.

5. FOR HOW LONG DO WE RETAIN YOUR PERSONAL DATA?

We will retain your personal data for as long as necessary for the purposes set out above and as communicated to you at the time of collecting your personal data.

The criteria we use to determine data retention periods include the following:

  • Retention in case of queries: we may retain your personal data for a reasonable period after you have enquired about events, products, services or solutions, in cases of follow up queries from you.

  • Retention in accordance with legal and regulatory requirements: we will consider whether we need to retain your personal data after the period of retention in case of queries (above) due to legal or regulatory requirements which may be subject to some or all of these criteria may be relevant to retention of your personal data collected from you in connection with our events, products, services, solutions and/or your use of our website.

  • Retention permitted under applicable law: we will continue to retain your personal data where necessary to provide our services to you and the retention of such personal data is necessary for pursuing our legitimate interests or where it is necessary for public interest purposes.

6. COOKIES

We also collect information through the use of cookies. Cookies are small files of information which save and retrieve information about your visit to our website – for instance, your internet service provider’s domain name, pages you accessed and when. We may process data we collect to give you a more seamless, consistent and personalised experience such as providing you with personalised recommendations based on your use of the website.

Read more about how we use cookies and how you can disable them in our Cookie Notice and browser, instructions of which can be found at the bottom of this notice.

7. WHO HAS ACCESS TO YOUR PERSONAL DATA?

7.1 ACCESS TO YOUR PERSONAL DATA WITHIN Scymaris Ltd.

Your personal data will be available within Scymaris to only those who need access to the data and only to the extent necessary to meet the purposes specified in section 4 “For which purposes do we process your personal data?” (above). We will take appropriate measures to ensure that your personal data is appropriately safeguarded.

7.2 ACCESS TO YOUR PERSONAL DATA BY THIRD PARTIES

The following third parties have access to your personal data, where relevant:

  • Affiliates, distributors or agents, for instance, if we deem this necessary for offering you a complete solution for the business needs presented by you, or with our agents for servicing the products you purchased

  • Banks

  • Insurance companies

  • IT suppliers, including website administrators

  • Accountants and forensic specialists

  • Governmental and regulatory bodies and other third parties to whom we must disclose information under applicable law, such as to comply with a court order or a request from a regulator or similar legal process, or otherwise where necessary to comply with a legal obligation or for the administration of justice

  • Third parties concerned or their professional advisers, in the event of a merger, acquisition or any form of sale of some or all of our assets.

Where third parties are given access to your personal data, Scymaris will take the required contractual, technical and organisational measures to ensure that your personal data are only processed to the extent that such processing is necessary. If your personal data is transferred to a recipient in a country that does not provide an adequate level of protection for personal data, Scymaris will conclude agreements with the relevant third parties involved, limiting the purposes for which your personal data can be used and disclosed, and requiring your personal data to be appropriately safeguarded.

7.3 PERSONAL DATA OBTAINED FROM THIRD PARTIES

We work closely with third parties (including business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics and search information providers) and may receive personal data about you from them. Such data obtained from third parties will be kept in accordance with the same duty of care as described in this Privacy Notice, and with any additional restrictions imposed by the third party that shared your personal data.

8. HOW IS YOUR PERSONAL DATA SECURED?

Scymaris has taken adequate safeguards to ensure the confidentiality and security of your personal data. Scymaris has implemented appropriate technical, physical and organisational measures to protect personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access as well as all other forms of unlawful processing (including, but not limited to, unnecessary collection) or further processing.

We use the industry-standard security protocol Secure Sockets Layer (SSL) to encode more sensitive information. We employ the latest encryption technology in all areas of the website, which require you to provide personal or account information. This means that the information you send is encrypted by your computer, and then decrypted again on our side, which limits the risk of others from accessing your private information when in transfer.

You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “https” at the beginning of the address of the web page.

While we use encryption to protect personal information, please be aware that no method of transmission over the Internet is 100% secure. Although we take reasonable security measures to protect your personal data when we receive it, you also need to ensure you take appropriate steps to protect your personal data.

9. LINKS TO OTHER WEBSITES

Our online channels may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over the other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and look at the privacy notice applicable to the website in question.

10. YOUR RIGHTS

You have a number of rights under applicable data protection law in respect of our processing of your personal data. These include:

  • the right to request access to your personal data;

  • the right to request rectification of any personal data that we hold;

Subject to certain conditions:

  • the right to request erasure of your personal data;

  • the right to request restriction of processing of your personal data;

  • the right to have your personal data transferred to another controller;

  • where we rely on your consent for processing, the right to withdraw such consent; and

  • the right to lodge a complaint with a data protection authority (in the United Kingdom this is The Information Commissioner’s Office).

Should you wish to exercise your rights, please send an email (including any supporting documents) to the Data Protection Manager: hello@scymaris.com. Note that, in order for us to respond to your request, we may require you to verify your identity.

Please be aware that some (or all) of these rights may not be available to you in your jurisdiction. Furthermore, we may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).