Privacy & GDPR Compliance

 

This Statement of Privacy applies to the AquaBioTech Group website and governs data collection and usage. By using the AquaBioTech Group website, you consent to the data practices described in this statement.

 

The AquaBioTech Group does not disclose Customers` or clients information to third parties and all AquaBioTech Group staff and personnel are bound by strict client confidentiality agreements.

 

Links to external websites

 

The website may provide links to third-party websites for your convenience and information. If you access those links, you will leave the AquaBioTech Group website. AquaBioTech Group does not control those sites or their privacy practices, which may differ from our practices. We do not endorse or make any representations about third-party websites. The personal data you choose to provide to or that is collected by these third parties is not covered by the AquaBioTech Group Privacy Statement. We encourage you to review the privacy policy of any company before submitting your personal information.

 

Collection of your Personal Information

 

To serve you better and understand your needs and interests, AquaBioTech Group collects, exports, and uses personal information with adequate notice and consent. This information may include personally identifiable information, such as your e-mail address, name, home or work address or telephone number. AquaBioTech Group also collects anonymous demographic information, which is not unique to you, such as your ZIP code, age, gender, preferences, interests and favorites. This data will be collected and used only with your permision.

 

In addition to the information you provide, we may also collect other information during your visit to the AquaBioTech Group website, such as your browser type and language, access times, and the address of the website from which you arrived at the AquaBioTech Group website.

 

We encourage you to review the privacy statement so that you can understand how out website collects, uses and shares your information. AquaBioTech Group is not responsible for the privacy statements or other content on Web sites outside of the AquaBioTech Group and AquaBioTech Group family of Web sites.

 

Use of your Personal Information

 

We do not use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.

 

AquaBioTech Group keeps track of the Web sites and pages our customers visit within AquaBioTech Group, in order to determine what services are the most popular. This data is used to deliver customized content and advertising within AquaBioTech Group to customers whose behavior indicates that they are interested in a particular subject area.

 

Our websites will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on AquaBioTech Group or the site; (b) protect and defend the rights or property of AquaBioTech Group; and, (c) act under exigent circumstances to protect the personal safety of our users, or the public.

 

Security of your Personal Information

 

AquaBioTech Group secures your personal information from unauthorized access, use or disclosure. Our company secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure.

 

Changes to this Statement

 

This Statement of Privacy is occasionally being updated to reflect company and customer feedback. We encourage you to periodically review this Statement to be informed of how your information is protected.

 

GDPR Compliance

 

EU's General Data Protection Regulation (GDPR) is a game changer in data protection and privacy laws. The EU has realized that while technology has evolved drastically in the last few decades, privacy laws have not. A new data protection law was adopted by the EU in April 2016, intended to bolster data privacy protections for EU residents, coming into force on 25th May 2018 for all Companies, government agencies and non-profit organisations who interact with personal identifiable data of EU citizens.

 

What are Key Practical Changes?

 

- Details of their purpose and legal basis for processing and gathering data

- How long data will be retained

- Individuals can complain to local regulatory bodies if they are dissatisfied with how their data is handled

 

Who are the key stakeholders?

 

- Data subject - A natural person residing in the EU who is the subject of the data

- Data controller - Determines the purpose and means of processing the data

- Data processor - Processes data on the instructions of the controller

- Supervisory authorities - Public authorities who monitor the application of the regulation

 

What is personal data or Personally Identifiable Information (PII)?

 

- Any information relating to an identified or identifiable natural person. The identifiers are classified into two types: direct (e.g., name, email, phone number, id number etc.) and indirect (e.g., date of birth, gender, online identifier, etc.).

 

What are the key changes from the previous regulations?

 

This law gives an individual the right to exercise complete authority over their personal data. Some of the rights highlighted in the regulation are:

- Explicit consent : Data subjects must be informed about how their personal data will be processed. Organizations must make it as easy for data subjects to withdraw their consent as it is to grant it.

- Right to access : At any point in time, the data subject can ask the controller what personal data is being stored or retained about him/her.

- Right to be forgotten : The data subject can request the controller to remove their personal information from the controller's systems.

- Data portability : The controller must be able to provide data subjects with a copy of their personal data in machine readable format. If possible, they must be able to transfer the data to another controller.

 

What steps did we took as AquaBioTech Group

 

- Identify the type of personal data in our organisation

- Perform risk assessment and threat analysis

- Appoint internal DPO

- Implement policies to manage how personal data is accessed/managed

- Updated newsletter and marketing database’s with new opt-in

- We reviewed all contracts with our Data Processors.

- Prevent unauthorised staff from accessing personal data

- Maintain records of organisational security

- Train internal staff – awareness

- Establish breach communication procedures to authorities (72 hrs)

- Keep updated with regulations amendments

- Update organisational privacy policies

 

How to contact AquaBioTech Group regarding your personal data?

 

AquaBioTech Group welcomes your comments regarding this Statement of Privacy. If you believe that our company has not adhered to this Statement, please contact AquaBioTech Group at privacy [at] aquabt.com . We will use commercially reasonable efforts to promptly determine and remedy the problem.