top of page

Privacy / GDPR Policy

Our Privacy Policy – your rights, your information and how we use it

Avata Biosciences Holdings Ltd (“Avata”) is committed to protecting your personal information in accordance with the General Data Protection Regulation (GDPR) and any successor Data Protection laws and regulations as applicable in the United Kingdom, in line with the highest standards of ethical conduct.

 

This policy sets forth important information about the expected behaviours of Avata Employees and Third Parties in relation to the consent, collection, use, retention, transfer, disclosure, and destruction of any Personal Data belonging to any Avata client (i.e. the Data Subject). Avata, as a Data Controller, i.e. any organisation that handles Personal Data, is responsible for ensuring compliance with the Data Protection requirements outlined in this policy. This version of our Privacy Policy was last updated 15th August 2024.

 

Who we are

Avata Biosciences Holdings Ltd and Avata Biosciences, Inc. are part of the Avata group.

This Privacy Policy applies to Avata Biosciences Holdings Ltd and Avata Biosciences Ltd. and Avata Biosciences, Inc.

 

How to contact us

If you have any questions about our Privacy Policy or the information we collect or use about you, please contact:

FAO Data Protection Officer

Avata Biosciences Holdings Ltd

6 Stratton Street, London W1J 8DU, United Kingdom

Email: info@avatabio.com

Information we collect and use

Information about you that we collect and use includes:

  • Information about who you are e.g. your name and contact details, should you contact us

What are cookies?

A cookie is a small file – it’s saved onto your computer or other devices when you visit our website. Cookies store small pieces of information. For example – they will remember you’ve visited our website or performed a certain action. We use cookies to help us improve your experience when you visit our website. For example, a cookie might store information so you don’t have to keep entering it. Cookies also let us know which pages of our website you visited; they help us develop and market our products and services. They also help us track sales.

  • Persistent cookies – these stay valid, and will work until their expiry date (unless you delete them before they expire)

  • Session cookies – these expire when you close your web browser

Avata may operate various different platforms, websites, and microsites, where we use, store and process your information in a way that is specific to that application. Therefore, we have cookie policies and these can be accessed by clicking on the ‘Privacy Policy’ link at the foot of each webpage. There is a consistency across all our cookie policies and as such, you can find more detail on our website at Avatabio.com – Cookies policy.

 

Where we collect your information

We may collect your personal information directly from you, from a variety of sources, including:

  • emails or letters you send to us

  • meetings with one of our team

  • our online services such as websites, social media

 

What we collect and use your information for

We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only where:
 

  • you have given us your permission (consent) to send you information about products and services offered by members of the Avata group

 

If you do not wish us to collect and use your personal information as above, it may mean that we will be unable to provide you with our services.

Who we may share your information with

We may share your information with third parties for the reasons outlined in ‘What we collect and use your information for.’

These third parties include:

  • Companies within the Avata Group

  • Third parties you have instructed us to share information with

  • Companies we have chosen to support us in the delivery of the products and services we offer to you and other clients e.g. fund administrators

  • Our regulators and Supervisory Authority from time to time e.g. the Information Commissioner’s Office for the UK (the ICO)

  • Law enforcement, credit, and identity check agencies for the prevention and detection of crime

We will never sell your personal information to someone else. Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.

 

Where your information is processed

We process your personal information in the UK. Where information is processed by our fund administrator, we will ensure your information is protected under UK / EEA data privacy laws

 

How we protect your information

We take information and system security very seriously and we will aim to comply with our obligations always. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other medium, will have appropriate safeguards applied in line with our data protection obligations.

Your personal information is protected by systems and controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and are subject to ongoing training and monitoring to ensure these standards are maintained.

Our security controls are aligned with current industry standards and guidelines and are constantly under review; providing a controlled environment that effectively manages risks to the confidentiality, integrity, and availability of your information.

 

How long we keep your information

We keep your personal information for the duration you are a client of ours in order that we may provide you with our services.  In the event you are no longer a client, we may also keep your information after this period but only where we are required to meet our legal and or regulatory obligations.

 

Your individual rights

Under the GDPR you have several rights in relation to how Avata uses your personal information. They are:

Right to be informed

You have the right to be informed about the collection and use of your personal data. This will include the purpose of processing your personal data, retention periods for that personal data, and who it will be shared with. We call this ‘privacy information’. We will provide you with this privacy information at the time we collect your personal data from you.

Right of access

You have the right to access your personal data and supplementary information, we hold on you. This right of access allows you to be aware of and verify the lawfulness of the processing of the personal data we hold for you, you may make a data subject access request (DSAR).

Right to rectification

If the personal information we hold on you is incorrect or inaccurate you have the right to have your personal data rectified or completed if it is incomplete. You may make this request for rectification verbally or in writing.

Right to request erasure

You can ask for your information to be deleted or removed if there is not a compelling reason for Avata to continue to have it.

Right to erasure

Subject to our regulatory and legal obligations you have a right to have personal data erased. This right is also known as ‘the right to be forgotten’ you can make this request verbally or in writing.

Right to restrict processing

You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances. When processing is restricted, we are permitted to store your personal data, but not use it contrary to your instruction. You can make a request for restriction verbally or in writing.

Right to data portability

You have the right to data portability this allows you to obtain and reuse your personal data for your own purposes across different services. The right allows you to move, copy or transfer your personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. The right only applies to information you have provided to the data controller.

Right to object

You have the right to object to the processing of your personal data on the following grounds: where it is based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); for direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

Avata can confirm that it will not process your personal data under any of the above grounds.

Rights related to automatic decision making including profiling

You have the right to ask for information about the processing of your personal information and request our intervention or challenge a decision where processing is done solely by automated processes and carry out regular checks to make sure that where automated decision making and profiling processes are used are working as they should.

Avata can confirm that it does not use automated individual decision-making (making a decision solely by automated means without any human involvement); and profiling (automated processing of personal data to evaluate certain things about an individual) as part of its decision-making process.

How to make a complaint

We will always strive to collect, use and safeguard your personal information in line with data protection laws. If you do not believe we have handled your information as set out in our Privacy Policy, please contact the Data controller at Avata and we will endeavour to resolve your concern.

If you are still unhappy, you can report your concerns to the Information Commissioner’s Office. You can report your concerns at:

https://ico.org.uk/concerns/

NB this policy is constantly under review, so please check our website for the most recent version.

bottom of page