Gnosys Privacy Statement
This is a privacy statement by Gnosys Global Ltd (Gnosys), which is a research and development company located at 17-18 Frederick Sanger Road, Surrey Research Park, Guildford, GU2 7YD in the UK.
Gnosys is fully committed to compliance with the requirements of the EU General Data Protection Regulation (GDPR). Gnosys will therefore follow procedures which aim to ensure that all personal data is held and processed fairly and securely in accordance with the GDPR.
Data that Gnosys collects
Gnosys needs to collect and use information about people with whom it works in order to operate and carry out its functions.
This information includes:
- Email address
- Telephone number
- Company name
- Any other information that has been shared with us in the normal course of business
Use of Data
Gnosys uses personal data:
- To maintain relationships with its business associates
- To maintain client and supplier accounts
- To support on-going collaborative projects
- When recruiting staff
- For internal reporting and project tracking
- To keep make contacts aware of company news, services and products
- To investigate (potential) complaints
Legal Basis for Processing
Gnosys is required to have a legal basis for processing your data. This basis will be one or more of the following:
- To fulfil contractual obligations to you or because you have asked us to do something before entering into a contract
- To fulfil our legal obligations including retention of financial records
- You have consented for us to process your data for a specified purpose
- There is a legitimate interest for us process your data, such as when you pass us a business card
Handling personal/sensitive data
Gnosys will, through management and use of appropriate controls, monitoring and review:
- Strive to collect and process only the data or information which is needed
- Use personal data for such purposes as are described at the point of collection, and for purposes which are legally permitted
- Strive to ensure information is accurate
- Not keep information for longer than is necessary
- Securely destroy data which is no longer needed
- Take appropriate technical and organisational security measures to safeguard information
- Ensure that information is not transferred abroad without suitable safeguards
- Ensure that the rights of people about whom information is held can be fully exercised under the GDPR
These rights include:
- The right to be informed – you have the right to be informed about the collection and use of your personal data
- The right of access – you have the right to access your personal data
- The right to rectification – you have the right to have inaccurate personal data rectified, or completed if it is incomplete
- The right to erasure – you have the right to have personal data erased (the right to be forgotten)
- The right to restrict processing – you have the right to request the restriction or suppression of your personal data
- The right to data portability – you have the right to obtain and reuse your personal data for your own purposes across different services
- The right to object – you have the right to object to the processing of your personal data in certain circumstances
- Rights in relation to automated decision making and profiling
Sharing of Data
Gnosys does not sell personal data to any third parties.
Gnosys may share your personal data with third parties where there is a business processing requirement and only once your consent has been obtained.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
The cookies used by this website gather anonymous information about how the website is being used. Including statistics such as number of visits to the site, geographic region of site visitors, etc. We use this information as an aid to improving the website.
We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from unauthorised access, improper use and disclosure, unauthorised destruction or accidental loss.