Grant Applicants Data Privacy Notice

 

Controller

Biocodex Oy

Metsänneidonkuja 8, PL 52, 02101 Espoo

+358 9 329 59100

info@biocodex.fi

(hereafter ”we” or ”Biocodex”)

 

Contact person for register matters 

Data Privacy Coordinator

Metsänneidonkuja 8, P.O Box 52, FI-02101 Espoo

+358  9 329 59100

dataprivacy@biocodex.fi

 

name of register

Grant Applicants’ data register

 

What is the legal basis for and purpose of the processing of personal data?

The basis for processing personal data is to fulfil the Biocodex business purpose, e.g. the legitimate interest of the company based on customer relationship or other connection or; the performance of a contract.

The purpose of the processing of personal data is to collect personal details from Grant Applicants, managing the application process and to fulfil contractual obligations.

 

what data do we process?

We process the following personal data of the Grant Applicants in connection with the Grant Applicants’ register:

 

·        basic information of the data subject such as name, birth date, social security number, bank account number, username and/or other identifier;

·        contact information of the data subject such as email address, phone number, home address;

·        information regarding the research institute and its contact persons, such as names and contact information;

·        curriculum vitae and research plan of the data subject, such as affiliation, publication record, estimated budget and schedule of the project and research group’s details  

·        other possible information collected based on the consent of the data subject.

 

from where do we receive information?

We receive all data for the Grant Applicants’ data register from the data subjects directly and handle all information as confidential.

 

To whom do we disclose data and do we transfer data outside of EU or EEA?

Biocodex has business partners and third-party service partners within the European Economic Area (the “EEA”). We may transfer personal data to our partners in the EU/EEA countries but not outside.

 

How do we protect the data and how Long do we store them?

Only those of our employees, who on behalf of their work are entitled to process customer data, are entitled to use a system containing personal data. Each user has a personal username and password to the systems. The information is collected into databases that are protected by firewalls, passwords and other technical measures.

The databases and the backup copies of them are in locked premises and can be accessed only by certain pre-designated persons.

We store the personal data for as long as is necessary considering the purpose of the processing.

We regularly assess the need for data retention in light of the applicable legislation. In addition, we take reasonable measures to ensure that the personal data in the register is not incompatible, obsolete or inaccurate considering the purpose of the processing. We rectify or delete such information without delay.

 

what are your rights as a data subject?

As a data subject you have a right to inspect the personal data concerning yourself, which is stored in the register, and a right to require rectification or erasure of the data, provided that the request has a legal basis. You also have a right to withdraw or change your consent.

As a data subject, you have a right, according to EU’s General Data Protection Regulation (applied from 25.5.2018) to object processing or request restricting the processing and lodge a complaint with a supervisory authority responsible for processing personal data.

 

who can you be in contact with?

All contacts and requests concerning this privacy notice must be submitted in writing or in person to the person mentioned in section “Contact person for register matters”.

changes in the privacy notice

Should we make amendments to this privacy notice we will place the amended statement on our website, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you regularly visit our webpage and notice possible amendments to this privacy notice. Review these privacy protection principles from time to time to ensure you are aware of any amendments made.