Effective date: June 10, 2019
Neobiomics AB (EU VAT nb SE559072218601, Hälsingegatan 45, 11331 Stockholm, Sweden) (“us”, “we”, or “our”) operates the https://neobiomics.eu website (hereinafter referred to as the “Service”), and is Personal Data Controller for handling of any collected personal data, according to the EU General Data Protection Regulation (GDPR).
This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service and the choices you have associated with that data.
Service is the https://neobiomics.eu website operated by Neobiomics AB.
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession), for example name, email address, delivery and invoice address, and purchase history.
Processing of Personal Data
Processing of Personal Data is defined as everything Neobiomics AB does with the Personal Data. Every task performed with/through Personal Data is defined as processing, independent if it is an automatic or manual task. Common examples of data processing are collection, registration, organization, structuring, storing, transferring and deletion.
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small files stored on your device (computer or mobile device).
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
Data Processors (or Service Providers)
Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.
We may use the services of various Service Providers in order to process your data more effectively.
Data Subject (or User)
Data Subject is any living individual who is using our Service and is the subject of Personal Data (see definition of Personal Data above).
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
When you visit our web site, we automatically collect data on your browser behavior through your IP-address, i.e. the digital trace you leave on the web site. Persons that may process such data are primarily working with marketing and potential collaboration partners (Service Providers). In case a collaboration partner process data, we sign agreements with that partner about processing of data. See the section” Service Providers” below about this.
The purpose of data collection is to optimize your experience as user and develop the web site functionality and user interface.
Processing of Personal Data is necessary for us to analyze, develop and improve your experience of our services. This entitled interest forms the legal basis to process your Personal Data. We assess our entitled interest to develop our services to outweight your personal interest to protect your Personal Data as user of our web site and services in this case.
We record your data during a period of 12 months from the last visit on the web site.
Types of Data Collected
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or the instructions provided in any email we send.
We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking Cookies Data
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
- Electronic Newsletter – we use Sendinblue.com for our electronic Newsletter. When you subscribe to the Newsletter using the subscription form on the web site, your email and IP address is recorded on Sendinblue.com. At subscription, we specifically inform that an un-subscription option will be readily available in each newsletter. In each newsletter there is a clearly marked opt-out-link (“Unsubscribe”) included.For details around the Sendinblue Terms and Policies, visit the following links:
- Purchase of our product – when you place an order, we record provided data on the order form, such as name, email, organization/company, delivery and invoice address, and VAT number. The personal data is recorded in our customer database with the purpose to administrate the delivery of the product, post the invoice, and communicate about the product with you. Persons that may process such data are primarily working with purchase and potential collaboration partners (Service Providers). In case a collaboration partner process data, we sign agreements with that partner about processing of data. See the section “Service Providers” below about this. The process of your personal data is necessary for us to fulfill the purchase agreement with you. The contract constitutes a lawful ground for us to process your personal data. Information is kept on paper and in a digital database during a period of ten years.
Disclosure for Law Enforcement
Under certain circumstances, Neobiomics AB may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). This legal obligation constitutes a lawful ground for us to process your personal data. The personal data is kept during the time that is required by law or for the time that is necessary for us to respond to a court of a government agency.
Neobiomics AB may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of Neobiomics AB
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Use of Data
Neobiomics AB uses the collected data for various purposes:
- To provide and maintain our Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Service
- To monitor the usage of our Service
- To detect, prevent and address technical issues
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
Legal Basis for Processing Personal Data under the General Data Protection Regulation (GDPR)
Neobiomics AB may process your Personal Data because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it is not overridden by your rights
- For payment processing purposes
- To comply with the law
Retention of Data
Neobiomics AB will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
Transfer of Data
Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside Sweden and choose to provide information to us, please note that the data, including Personal Data, is transferred to Sweden and processed there. Customers ordering products will have their delivery address transferred to our logistics partner in Austria, to enable delivery.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Neobiomics AB aims to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data.
You have the right be informed about what Personal Data we hold about you. The information will be provided to you free of charge in easily accessible, written form (which may be in electronic form) If you want to have information about what Personal Data we hold about you, please contact us on firstname.lastname@example.org.
In certain circumstances, you have the following data protection rights:
The right to delete the information we have on you. Whenever data is no longer needed for the purpose for which data is collected; if the consent to handle data is re-called; if you object against our interest to use data and your argument is stronger than ours; if you object against direct marketing; if data is handled in an illegal way; if deletion of data is required to comply to a legal duty/action.
The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data (see above) directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data. This right includes that you can object to all handling of Personal Data based on the lawful ground weighing of interest to use data, including direct marketing.
The right of restriction. You have the right to request that we restrict the processing of your personal information.
The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
The right to not be subject to automated decision-making. You have the right to not be the subject of a decision that is only based on some form of automated decision-making, including profiling, if the decision can have legal consequences for you or in a similar way affects you to a considerable degree. This right is over-ridden if handling of data is needed for completion of signed agreements, if such handling is in accordance with laws or if the legal ground is personal consent of handling of data.
The right to withdraw consent. You also have the right to withdraw your consent at any time where Neobiomics AB relied on your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact the Swedish Data Protection Authority (Swe. Datainspektionen), telephone +46- 08-657 61 00; email email@example.com (For other contact channels, please visihttps://www.datainspektionen.se/kontakta-oss/).
We may employ other companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used. In such cases we will have written agreement with all the Processors that guarantees the security of the Personal Data including that the Personal Data is handled according to international laws regulating transfer of Personal Data.
These parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyse the use of our Service.
- Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en
Direct marketing through the electronic Newsletter
Neobiomics AB uses Sendinblue.com for direct marketing through an electronic Newsletter. When you subscribe to the Newsletter using the subscription form on the web site, your email and IP address is recorded on Sendinblue.com. At subscription, we specifically inform that an unsubscription option will be readily available in each newsletter. In each newsletter there is a clearly marked opt-out-link (“Unsubscribe”) included.
For details around the Sendinblue Terms and Policies, visit the following links:
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
The payment processors we work with are:
- PayPal / Braintree
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us by email to firstname.lastname@example.org. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
- By email: email@example.com
- By mail: Neobiomics AB, Hälsingegatan 45, 113 31 Stockholm