1. About Our Policy
2. Information We Process
In line with the definitions provided by art. 4 GDPR, we collect and process information re- lating to an identified or identifiable natural person such as given and family names, e-mail addresses, phone numbers, IP addresses or other technological means of data subject’s main localization, date and time of access to our App or to our website, job position, pub- licly available information related to the field of academic research and publications, and any other similar information. We do not collect and process special categories of data, such as racial or ethnic origin, sexual orientation, religious beliefs, data concerning health, and all the other special cate- gories highlighted by art. 9 GDPR. However, such categories of information may be pro- cessed upon data subjects’ explicit consent; when manifestly made public by data sub- jects; and for achieving purposes in the scientific research or statistic purposes in accor- dance with art. 89 (1) GDPR, the latter applying to Deepli. In any case our data processing infringes upon data subjects’ fundamental rights. We might collect other information – not falling within personal information and special categories – upon the visitors’ explicit consent, when given through our newsletter sub- scription or whenever explicitly agreed. We might save users’ individual searches in an anonymized format as to provide our customers the best experience in fully enjoying our services.
3. How We Collect Information
We collect data and information in accordance with the principles of the GDPR. We process information fairly and in a transparent manner, ensuring customers and visitors to know how their information are processed. Data will be processed accurately and kept up- to-date. We have different methods of collecting information:
b) We collect information from open and publicly available sources. We will in no man- ner manipulate and/or overuse publicly available information we may find on the web, and we do not make any infringement to data subjects’ rights who voluntarily disclosed their information and made it public on the web. Therefore, we do not ac- cept any responsibility and liability, as publicly available information infringing upon data subjects’ rights are exclusive responsibility of the sources we gather informa- tion from. Collected personal data will exclusively serve as a database for cus- tomers to fully enjoy the experience our services provides.
c) We automatically detect and collect information whenever visitors download our app, without necessarily subscribing to our newsletter, including but not limited to geo-localization, IP addresses, details about search queries, type of browsers used, or similar technologies. This information is used for the sole purpose of improving our services, and they may be stored in our databases as long as necessary for the purposes mentioned in the next paragraphs.
We wish to ensure our customers and visitors that in cases b) and c), our collection of in- formation is protected under the legitimate interest we pursue, that is, providing our cus- tomers a clear picture of the scientific and statistical available market in the field of acad- emic life science labs, and which, in any case, will never override customers’ and visitors’ interests in the safeguard of their fundamental rights and freedoms. We will provide the data subjects with all the information needed, according to art. 14 GDPR, every time the provision of such information would not imply a disproportionate effort for us, especially those cases in which we collect data from publicly available sources. In such cases, pro- viding information to data subjects would render impossible or would seriously impair the achievement of our legitimate interest, under article 14, paragraph 5, GDPR, and thus it is not an obligation for us to communicate information to data subjects. Nevertheless, we guarantee to take appropriate measures to protect data subjects’ rights, freedoms and le- gitimate interests.
4. Our Purpose of Processing
Personal data and information we collect and process may serve a double scope. We use such information in order to better understand how to develop our functionalities and our services; how to improve our App; how to expand our services; how to improve our design, and similar. Furthermore, we use such information to create a database which will be used for academic research purposes, aggregating such information and making them more easily available and accessible to our customers and visitors; to facilitate match-making operations; for statistical purposes in terms of geo-localization, fields of expertise, and sim- ilar. As such, our information processing is adequate and limited to what is necessary for the purposes for which they are processed, in plain accordance with the principle of mini- mization. If our users are registered, we might use their information to send them e-mails for market- ing and/or scientific purposes; interact with them with the most recent news and service updates; process their registration to our services and make sure their user account will work in the most effective manner, and similar. Our services provide a moderate usage of such information, and in no case their overuse, in line with the purposes for which the pro- cessing is made. If necessary, we will contact our customers and visitors directly, in all those cases we will have to communicate that the purposes of processing differ from the initial purposes as hereby stated.
5. Third Parties
Our services include the transfer to third parties of our databases, composed of aggregat- ed data collected especially through, but not limited to, open and publicly available sources as well as information automatically detected. Transfer of data, as allowed under GDPR, serves our mission of providing our customers a complete overview of the market in the field of academic life science labs, and as such our transfers are moved by legiti- mated interests of improving the market, especially for the interests of EU laws-protected Small and Medium Enterprises, as well as for scientific and/or academic research purpos- es. As such, we may disclose information as name, e-mail address, phone number, title, publicly available information related to the sector of the services; we may transfer infor- mation for business purposes, to customers which, in accepting our terms and conditions of service, will pursue interests not differing from our services. All such third party proces- sors in such cases become unique owners and controllers of such information and are, therefore, contractually bound to keep information they receive by us as confidential and for their exclusive use. Our services are provided on the data within Europe, and as such the territorial scope of the GDPR is fully compliant. Nevertheless, whether in a potential and unforeseeable future we will have to disclose information to third parties outside the EU, for the same purposes for which information are processed, we guarantee that the country in which our potential customer operates fall within the adequacy decisions of the European Commission (art. 13, paragraph 1(f) GDPR) or, in every case, we take all adequate measures to be legally compliant.
6. Period of Data Storage
7. Users Rights
a) Access: obtaining confirmation as to whether or not data is being processed; the purpose of processing; third parties disclosures, where applicable; period of stor- age, or the criteria for determining such period; lodge a complaint with a competent supervisory authority; information about the source of collection, when data are not collected directly from data subjects. To access your information you can contact us as specified in paragraph 1.
b) Rectification: asking to correct any erroneous information or personal data, which will be promptly done; asking to complete personal data that are incomplete.
c) Erasure: cancelling your data and information from our database without undue de- lay, whether such data are no longer necessary for our initial purposes of collection (see above); withdrawal of consent whether processing is based on consent, and other reasons specified in article 17 GDPR. However, we still have the right to refuse cancelation in those circumstances specifically highlighted by the GDPR.
d) Restriction of processing: process and usage of data may be restricted when such data are deemed to be inaccurate; processing is deemed to be unlawful, and other reasons specified by the GDPR.
e) Data portability: where applicable, personal information and data may be given back to the data subject, and/or transmitted to another controller upon data subject’s specific request.
f) Object: pose objections on information processing when we rely on a legitimate interest. We have the right to examine such objections and evaluate them, assessing whether our legitimate interest overrides the interests, rights and freedoms of the data subject. The present applies as well to data processing for marketing purpos- es.
8. Prohibit against website advertisement using unsolicited messages
Unsolicited messages including emails that do not comply with CAN-Spam Act are considered as spam. The uncontrolled use of data or the request that is not relevant, can not be relevant or does not fit in any state or can be irritative to a recipient is prohibited. In each activity including cold outreach we ensure the relevancy of a message including email that acts in the best interests of the recipient. The relevancy of each message should be explained in the body so the recipient has a background and can decide.
9.1. Security: we make use of all electronic, technologic, physical and procedural methods, as well as encryption where possible, to ensure that all information stored are secured. Unfortunately, we are all aware that data breaches and unlawful accesses are possible: in such cases, we are not responsible for inevitable breaches occurring to our website and App. Your account is protected by an installation key we generate when the App is opened for the first time, and we are not responsible for breaches. When breaches occur, we will provide notification to data subjects whose data have been breached, and will address to the competent national supervising authority.
9.2. Sensitive Information: customers and visitors should not transfer us sensitive informa- tion (document numbers, health information, and other information provided under art. 9 GDPR).
9.3. Other Websites: when our web page and App provides link to other websites, we do not hold any responsibility, liability or control, for and on the privacy policies of such web- sites customers and visitors will be redirected to. Therefore, it is customers’ and visitors’ interest to visit linked websites’ privacy policies before accepting them.
9.4. Changes to this Policy: the present policy will be constantly kept updated with relevant provision of legal nature. Changes will be explicitly indicated with the date of the modifica- tion.
10. Applicable Law and Jurisdiction