Privacy policy2019-11-22T12:15:20+00:00

Privacy policy

This policy sets out the basis on which we handle any personal data that we collect about you, or that you or others provide to us. We are the controller in relation to the personal data processed in accordance with this policy (except where this policy explains otherwise).

1. WHAT INFORMATION WE COLLECT AND HOW WE WILL USE IT

1.1. We collect personal data so that we can operate effectively and the information we collect depends on the context of your interactions with us. It also depends on the choices you make, for example the functions you use and your privacy settings.

1.2. The table below summarises what information we collect about you, explains how we intend to use it and what our legal basis is for using it.

Personal data collected Source of personal data Reason for processing Lawful basis for processing
Name, contact details, job title, areas of interest and other biographic details Collected from you through correspondence and interactions with Vernalis personnel. To discuss future collaboration or other opportunities with Vernalis. To pursue our legitimate business interests and, in particular our R&D activities.
Name, contact details, job title, areas of interest and other biographic details including details of patents and your contribution to our work or the work of others in relevant fields Collected from you, identified from public registers, documented in internal or collaboration work. To undertake our own R&D activities, to maintain awareness of the activities of others in the fields in which we operate and/or to discuss future collaboration or other opportunities with Vernalis. To pursue our legitimate business interests, in particular our R&D activities, and in connection with actual or potential future legal claims.
Name, contact details, job title, current employer, professional qualifications and other employment related information Collected from you through a job application, CV or resume or your current and previous employers and referees or from other public sources. For recruitment purposes. To pursue our legitimate business interests.
Device and usage data including IP addresses and device identifiers

Device event information including crash logs, hardware settings, browser type and browser language

Automatically collected and stored in our server logs when you interact with our website. To improve the user experience of our website and to protect the security of our website. To pursue our legitimate interests, in particular to understand how our website is used, to improve the user experience of our website, and to maintain the security of our website.
Cookies and similar technologies A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer, if you agree. Cookies contain information that is transferred to your computer’s hard drive. (See our cookie statement). To administer and improve the website and for internal operations. To pursue our legitimate business interests and, in respect of any personal data, subject to any necessary consent.
Name, contact details, vehicle registration details, entry and exit times, CCTV images, special needs/requests data Collected from you when visiting our premises and/or from our own systems and processes. To assist us with keeping our site secure and complying with our health and safety obligations and to assist with any accommodations or requests made of us. To pursue our legitimate interests in relation to site security, to comply with legal obligations and to prevent crime.
Name, contact details, job title, areas of expertise, products and services offered, payment information, credit/other references, correspondence and associated records. Collected from you or received from relevant third parties. In order for us to enter into contracts for you or us to supply goods and/or services, and if you would like to work with us. To pursue our legitimate business interests and (as applicable) to comply with our legal obligations and/or to perform our contractual obligations and/or to take steps in advance of entry into a contract.
Personal data associated with contracts Present on the contract documents themselves and/or associated documents. Any purpose necessary in connection with performance of the contract and, as necessary, holding the contract and associated documents in archive. As applicable: in relation to our performance of our contractual obligations and securing the benefit(s) of any contracts to which we are party; the establishment, exercise and defence of legal claims; and in connection with our legitimate business activities.
Personal data associated with patents, lab books, other R&D data and documents and any associated correspondence Collected from the individual, provided by third parties and/or generated by Vernalis. In connection with our R&D, commercial and intellectual property strategies and possible/actual legal claims. To pursue our legitimate business interests and/or in connection with the establishment, exercise and defence of legal claims.

Some of the reasons for processing set out in the table above will overlap and there may be more than one legal basis for our use of your personal data. Wherever the legal basis is to pursue our legitimate business interests this is subject to our consideration that these rights are not overridden by your rights.

2. SHARING YOUR INFORMATION

2.1. We may share your personal data with selected third-party service providers and other companies within our group that support us in the performance of the activities set out in the table above or with a regulator or other third parties when required by law. We may also share your personal data where we have another legitimate interest in doing so that is not overridden by your interests and fundamental rights. For example, to protect our business partners or to operate and to maintain the security of our computer systems.

2.2. We may transfer your personal data outside the European Economic Area (EEA) including to our group companies in the USA and as necessary for the performance of any contract that we may have with you. Group company employees may also access personal data from outside the EEA using our IT systems. If we do so we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, including relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

2.3. We may also share your personal data with other third parties, for example with service providers (such as payment services providers, credit reference agencies, IT solution providers and any of our suppliers and sub-contractors who process data on our behalf in order to assist us with our business activities) or in the context of the possible sale or restructuring of the business.

2.4. We require all our third-party service providers and all other companies within our group to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

3. STORING YOUR INFORMATION

3.1. We routinely process and store the personal data that we hold within the EEA.

3.2. Some of our third-party service providers may host or otherwise process personal data on our behalf outside the EEA. Where your information is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, including relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

3.3. We will only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting obligations, and in accordance with our internal records retention and management policies.

4. KEEPING YOUR INFORMATION SECURE

4.1. All information that you provide to us is stored on secure servers. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the information transmitted to our site and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access or inadvertent disclosure.

5. YOUR RIGHTS

5.1. You have the right under certain circumstances:

  • to be provided with a copy of your personal data held by us;
  • to request the rectification or erasure of your personal data held by us;
  • to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • to object to the further processing of your personal data;
  • to request that your provided personal data be moved to a third party; and
  • where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us (see below).

5.2. You can also exercise the rights listed above at any time by contacting us at privacy@vernalis.com.

5.3. The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

6. OTHER WEBSITES

Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.

7. CHANGES TO THIS PRIVACY POLICY

We keep our privacy policy under regular review and will post any updates on this webpage. This privacy policy was last updated in January 2019.

8. CONTACTING US

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

Privacy Officer

Vernalis (R&D) Limited

Granta Park

Great Abington

Cambridge

CB21 6GB

United Kingdom

E-mail: privacy@vernalis.com

Some of the reasons for processing set out in the table above will overlap and there may be more than one legal basis for our use of your personal data. Wherever the legal basis is to pursue our legitimate business interests this is subject to our consideration that these rights are not overridden by your rights.

2. SHARING YOUR INFORMATION

2.1. We may share your personal data with selected third-party service providers and other companies within our group that support us in the performance of the activities set out in the table above or with a regulator or other third parties when required by law. We may also share your personal data where we have another legitimate interest in doing so that is not overridden by your interests and fundamental rights. For example, to protect our business partners or to operate and to maintain the security of our computer systems.

2.2. We may transfer your personal data outside the European Economic Area (EEA) including to our group companies in the USA and as necessary for the performance of any contract that we may have with you. Group company employees may also access personal data from outside the EEA using our IT systems. If we do so we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, including relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

2.3. We may also share your personal data with other third parties, for example with service providers (such as payment services providers, credit reference agencies, IT solution providers and any of our suppliers and sub-contractors who process data on our behalf in order to assist us with our business activities) or in the context of the possible sale or restructuring of the business.

2.4. We require all our third-party service providers and all other companies within our group to take appropriate and stringent security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

3. STORING YOUR INFORMATION

3.1. We routinely process and store the personal data that we hold within the EEA.

3.2. Some of our third-party service providers may host or otherwise process personal data on our behalf outside the EEA. Where your information is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, including relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy.

3.3. We will only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting obligations, and in accordance with our internal records retention and management policies.

4. KEEPING YOUR INFORMATION SECURE

4.1. All information that you provide to us is stored on secure servers. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the information transmitted to our site and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access or inadvertent disclosure.

5. YOUR RIGHTS

5.1. You have the right under certain circumstances:

  • to be provided with a copy of your personal data held by us;
  • to request the rectification or erasure of your personal data held by us;
  • to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • to object to the further processing of your personal data;
  • to request that your provided personal data be moved to a third party; and
  • where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us (see below).

5.2. You can also exercise the rights listed above at any time by contacting us at privacy@vernalis.com.

5.3. The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

6. OTHER WEBSITES

Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.

7. CHANGES TO THIS PRIVACY POLICY

We keep our privacy policy under regular review and will post any updates on this webpage. This privacy policy was last updated in January 2019.

8. CONTACTING US

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

Privacy Officer

Vernalis (R&D) Limited

Granta Park

Great Abington

Cambridge

CB21 6GB

United Kingdom

E-mail: privacy@vernalis.com

Cookies statement

Like other organisations, we use “cookies” on our website to collect information about how the site is used. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use website cookies for the following purposes:

(a) For website functionality – these cookies facilitate technical aspects or special features on our site. They also help us manage your consent to setting cookies. Upon your first access to our website, a banner will appear, asking you to give us your consent to the setting of cookies. If your consent is given, we will place a cookie on your computer and the banner will not appear again as long as your cookie is active. After expiration of the cookie’s lifespan, or if you actively delete the cookie, the banner will reappear upon your next visit to our website and again ask for your consent; and

(b) For website performance – These cookies collect information about how you use our websites. Information collected includes, for example, the Internet browsers and number of visits, average duration of visit, and pages viewed. These cookies do not collect information that personally identifies you and only collect aggregated and anonymous information. We use Google Analytics for this.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Dated: January 2019

This website uses cookies and third party services. Read our Privacy Policy Ok