Public Privacy Statement
e-therapeutics plc (the “company”) is committed to protecting the privacy and security of your personal information.
e therapeutics plc is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.
This Privacy Statement covers personal information we collect:
- via our website (https://www.etherapeutics.co.uk/) (the “website”)
- in relation to our business development activities
- as a result of your communications or transactions with the company
A separate privacy statement regarding our collection of personal information in relation to employees, workers and contractors is distributed internally and detailed in the Staff Handbook.
The company cannot control the contents of other sites for which there are links on our website. We have no responsibility for any part of their content. We accept no responsibility for the data collection methods employed by such other sites.
We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
Information collected via our website – subscription services
You can sign up to our subscription service by providing your e-mail address. Your e-mail address will be used to provide you with company news and other financial information. It will not be used for any other purpose.
You can voluntarily provide your name, company, country, or profession. This information will only be used in aggregate for analysis and will contain no information to identify you personally.
By signing up to our subscription services you are providing consent for us to contact you for this purpose, as clearly stated during the opt-in sign-up process.
Information collected via our website - cookies
Information collected in relation to business development activities
We hold contact details (such as name, email address and telephone number) and professional details (such as job title and company) where there is a legitimate interest to our business and where the processing of this data is not overridden by your data protection interests or fundamental rights and freedoms. We collect such personal information, where appropriate and in accordance with laws and requirements, from sources including: (i) directly from the data subject; (ii) by analysing online and offline media; (iii) from attendee lists at relevant events; and (iv) from other limited sources.
We will use these contact details to contact subjects that we believe will be interested in a potential collaboration in line with our corporate strategy and for no other purposes.
Information collected during transactions with the company
Information may be collected from you or our advisors if you are involved in any communication or transaction with the company. This information will only be collected where there is a legitimate interest or legal obligation.
Information collected during recorded meetings
We may, from time to time, record meetings for the purposes of security, monitoring and training. These recordings may contain contact details (such as name, email address, telephone number), audio recordings and video recordings of you, as well as transcripts of your spoken words during the meeting. These recordings will only occur with your consent.
How we share your data
We may share your information with any competent law enforcement body, regulatory or government agency, court or other third party where we believe disclosure is necessary as a matter of applicable law or regulation; to exercise, establish, or defend our legal rights; or to protect your vital interests or those of any other person.
We may disclose your personal information to any member of our group.
We may also share your information with third party service providers, where necessary for processing your data in accordance with the lawful purpose for which we collected it or where we have another legitimate interest for doing so. This includes external consultants and professional advisors, a list of which can be found at https://www.etherapeutics.co.uk/investors/advisors/
We will not sell, distribute, or lease your information to third and we will not use your personal information to send you promotional information about third parties. Please be assured that we do not sell your information to third parties or use the information for purposes that are incompatible with those set forth in this Privacy Statement.
We may, with your express content, share video and audio content from meeting recordings, interviews, and other sources publicly on the Internet.
Legal basis for processing personal information (if you are a resident in the EEA)
The lawful basis for collecting your personal information will depend on the personal information concerned and the specific context in which we collect it. Unless otherwise stated, we will normally collect personal information from you where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.
In some limited cases, it may be necessary for us to process personal information and, where appropriate and in accordance with local laws and requirements, sensitive information, in connection with exercising or defending legal claims.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Your data protection rights
If you wish to access, correct, update or request deletion of your personal interest, you can do so at any time.
If you are a resident of the EEA, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
If we have collected your personal information with your consent, then you can withdraw your consent at any time.
We have appointed a data protection officer (“DPO”) who has responsibility to oversee compliance with this Privacy Statement. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at the contact details below. You have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”), the UK supervisory authority for data protection issues.
How Long Do We Keep Your Personal Information?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will retain information we collect from you where we have an ongoing legitimate business need to do so.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
How we keep your data secure
We do all that we can to secure your privacy including the use of encryption for the transmission of information. The very nature of transmissions over the internet is such that there can be no absolute guarantee of security. Information can be accessed and used in ways which the company cannot foresee or protect you from with 100% security. Information that you submit is, to that extent, at your own risk.
However, we have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We have put in place procedures to deal with any suspected Personal Data Breach and will notify Data Subjects or any applicable regulator where we are legally required to do so. If you know or suspect that a Personal Data Breach has occurred, do not attempt to investigate the matter yourself. Immediately contact the DPO. You should preserve all evidence relating to the potential Personal Data Breach.
If you have any questions regarding this Privacy Statement, please email firstname.lastname@example.org
Alternatively you can write to us at:
17 Blenheim Office Park
Our Data Protection Officer (“DPO”) is Sarah Clare.
Note that this Privacy Statement may be updated from time to time.
Last updated: 12 October 2020