Global Biotech Revolution Privacy Policy

Overview

The Global Biotech Revolution C.I.C. (herein “GBR”, “we”, “ our”, “us”) data privacy policy (“Policy”) outlines our commitment to treat the information you provide to us with due ethical and legal consideration.

We will only ever collect, use, store and transfer (“process”) your information in accordance with applicable data protection legislation (“applicable law”), including but not limited to EU General Data Protection Regulation (2016/679) (“GDPR”). GBR will seek to maintain your data securely, and will not sell or share your data with third parties. We respect your rights to obtain, rectify and delete your data, and to provide you with options to manage how your data is used, including how we use your data to communicate with you.

GBR commits to take reasonable and appropriate technical and organisational measures to protect the information you provide from loss, misuse, and unauthorised access, disclosure, alteration, or destruction.

When and what data do we collect?

For the purposes of this Policy, personal information is considered any information relating to an individual from which that person may be identified, hereafter referred to as “data”.
This includes: name, date of birth, gender, email address, physical address, country of origin or residence, IP address, device IDs, preferences, and survey responses.

Data you provide:
We process data from you when you voluntarily provide such information, such as when you register your interest to receive communication about our organisation and events, or begin and/or complete an application to attend our events.

Other data .e.g. Cookies:
Some data may be collected automatically when you interact with GBR via its website or other forms of communication, such as IP addresses, which may be stored in databases owned and maintained by services we employ to deliver these communications. GBR uses Cookies to analyze traffic and for advertising and marketing purposes. These help us to develop and improve. For example, they allow us to count visits, identify traffic sources and see which parts of the site are most popular.

A “cookie” is a piece of information that is stored on your computer’s hard drive and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. “Session cookies” are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page but they do not collect any personal data from your computer. We use “persistent cookies” for Google Analytics, which are stored as a file on your computer and it remain there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.

It is possible to opt-out of our Cookies by making changes to your browser’s configuration.

How we use your data?

GBR events are by invitation only via a competitive application process. We collect a range of data in the application process, and details of how we will use this data is provided in the application terms and conditions.

GBR also promotes our events, opportunities, resources and news to you. We do this in the following ways:
● Emailing members of our community that consent to our email marketing.
● Promoting our events to our ‘followers’ across social media platforms.

You can unsubscribe from our communications at any time by contacting us at [email protected] or by clicking the “Unsubscribe” option at the bottom of any email.

We may also process data to analyse and improve our operations and services, e.g. the use of statistical and/or anonymised data from web or social media analytics to improve our online content, or the development of our event programmes.

We process data on the following bases.

Consent:
We may process your information on the basis of your implied or expressed consent.

Legitimate interest:
We may process personal data on the ground that it furthers our legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the affected individuals.

Legal compliance:
We may need to use and disclose personal data in certain ways to comply with our legal obligations.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Change of purpose:
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.

Data retention and minimization
GBR retains personal data for so long as it may be relevant to the purposes identified above.
We will delete all data that is no longer necessary for the specified purpose. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps.

We may anonymize your data to keep it for the purposes of statistical analysis. We may also keep your data for longer if required for legal or regulatory reasons.

Data disclosure:
We will not disclose or transfer any data we have stored to third parties unless required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect the personal safety of other persons, or (iii) protect against legal liability.

Rights as a data subject:
Individuals of the European Economic Area and certain other jurisdictions have certain legal rights to the control of their data, including but not limited to:
● the right to be informed about the collection and use of your data;
● the right to access your data;
● the right to rectify your data;
● the right to object to our processing of data;
● the right to restrict to our processing of data;
● the right to erasure of your data;
● the right to data portability;

If you would like to make a subject access request, amend the data we have stored, or otherwise exercise the rights outlined above please contact us at [email protected] with the subject heading “Data Rights Request”, along with an explanation of what data subject right you are seeking to exercise.

We will provide responses to subject access requests within 30 days. While we do not normally charge for such requests, please note that requests deemed as ‘excessive’ can be denied or charged for.

If you believe your data has been compromised in some manner, you should contact GBR without delay. You may also wish to contact the UK Information Commissioner’s Office.

Children:
GBR events and communications are not intended for children, and we do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian of a child under the age of 16 and believe he or she has disclosed personal information to us please contact us at [email protected]

If we learn that we are engaged in processing of data from such users, we will halt such processing and will take reasonable measures to promptly remove applicable information from our records.

Data policy updates:
This Policy may change from time to time.