Privacy Policy

INTRODUCTION
      In this Privacy Policy:
      • references to we, us or our means AXISBIOTIX LIMITED, a company incorporated and registered in England and Wales (No. 12276227), whose registered office is The Core, Newcastle Helix, Newcastle upon Tyne NE4 5TF. We are part of a group of companies (SkinBioTherapeutics Group) and we operate from the address shown in the ‘How to contact us’ section below. Your personal information will be held by AXISBIOTIX Limited;
      • references to you or your means any individual who uses the Website (as defined below); and
      • references to Website means the website available at www.axisbiotix.com.
      PRIVACY POLICY
        • This Privacy Policy (together with any other documents referred to on it) sets out the basis on which we collect and use personal information about you through the Website.
        • This Privacy Policy describes in detail who is responsible for the personal information that we collect about you, the nature of the personal information we collect and how we will use it. We will also set out who we disclose it to and your rights and choices in relation to your personal information.
        • In this Privacy Policy where we use the words personal information we use these words to describe information that is about you and which identifies you.
        • We are subject to both the EU General Data Protection Regulation in relation to our use of personal information about individuals in the European Union when we offer our services directly to you in the European Union and the UK General Data Protection Regulation in relation to our use of personal information about individuals in the UK.  The UK General Data Protection Regulation is a version of the EU General Data Protection Regulation that has been incorporated into UK law.   This Privacy Policy is intended to satisfy our obligations to tell you about how we use your personal information under both the EU and UK General Data Protection Regulation.
        • You have the right to object to our use of your personal information in certain circumstances. Please see the Your rightssection below for a summary of your right to object (along with your other rights under data protection law) and the details of who to contact if you want to exercise them.  Please see the How to contact us section if you need to get in touch.
        WHO IS RESPONSIBLE FOR THE PERSONAL INFORMATION THAT WE COLLECT?
        • We are the controller for the purpose of data protection law, in respect of your personal information collected and used through your use of the Website.
        • This is because we dictate the purpose for which your personal information is used and how we use your personal information.
        WHAT PERSONAL INFORMATION DO WE HOLD ABOUT YOU?
        • We collect and use personal information about you in the course of you using the Website. You will also provide us with your personal information. We may also collect certain personal information from you via the Website when you choose to interact with us.  The personal information we collect is described in the table below.
        • Information you provide to us
          The information you provide to us may include:  

          Type of Personal Information

          Examples

          Website account information

          Contact information.

          Name, email address, billing address, delivery address and telephone numbers.

          Profile information.

          Username and password to access your user account on the Website, purchases or orders made by you, your interests, preferences, feedback and survey responses.

          Purchase information

          Financial information.

          Payment card details.

          Transaction history information.

          Details about payments to and from you and other details of products and services you have purchased from us.

          Website usage

          Usage information.

          Information about how you use our Website, products and services.

          Other

          Technical information.

          Technical Information from any device you use to access our Website, such as your network information which is information from your device such as your IP addresses, internet service providers, location information and device information.

          Through our use of cookies on the Website (to the extent that any information collected constitutes personal information).

          Cookies are pieces of information stored directly on the device you are using. Cookies allow us to recognise your device and to collect information such as internet browser type, time spent using the App and pages visited.

          Please see our Cookies Policy which can be accessed here https://axisbiotix.com/cookies/ for further details on how we use cookies on our App.

          Marketing

          Marketing and Communications information.

          Your preferences in receiving marketing from us and your communication preferences.

           

          This includes information you provide:

          a) when you register for a user account on the Website;

          b) when you make a purchase of products on the Website;

          c) information on forms you complete; and

          d) in communications between us, including e-mails, letters and agreements.

          Information we collect from you

          a) technical information and, to the extent that they constitute personal information, the IP address you use to connect your device to the internet and the browser type and version you use on your device; and

          b) information contained in and records of communications between you and us, including emails and letters.

          Information we receive from other sources and or publicly available sources such as:

          a) analytics providers such as those that provide cookies or similar technologies on the Website based inside and outside the European Economic Area and UK (as applicable);

          b) We collect identity and contact information about you from the above, and any other available sources (as updated from time to time).

          HOW DO WE USE THE PERSONAL INFORMATION WE COLLECT ABOUT YOU?

          We use your personal information in connection with your use of the Website. Under data protection law we can only use your personal information if we have a proper reason to do so (this is also known as a legal basis). Examples of where we have a legal basis include when:

          • we have your consent;
          • it is necessary to enter into or perform a contract with you (or to take steps at your request prior to entering into that contract);
          • it is necessary to comply with a legal obligation;
          • it is necessary in order to protect your vital interests; or
          • it is in our legitimate interests.
          Where we rely on our legitimate interests we mean our:
          • pursuit of our commercial activities and objectives, or those of a third party;
          • compliance with applicable legal and regulatory obligations and any codes of conduct;
          • improvement and development of our business operations and service offering, or those of a third party; or
          • protection of our business, shareholders, employees and customers, or those of a third party.

          We have set out our reasons for using your personal information in the table below under the heading Legal Basis. Where we rely on our legitimate interests, we have set out those interests in the table below. 

          You have the right to object to our use of your personal information at any time. Please see the Your rights section below for a summary of your right to object and the details of who to contact if you want to exercise them.   Please see the How to contact us section if you need to get in touch.

            Purpose

            Legal Basis

            To create your user account.

             

            Legitimate interests. We require your personal information in order to enable us to manage and carry out our operations as a business.

            To process and deliver orders you place (including to manage payments, fees and charges and to collect and recover money owed to us).

            Necessary to enter into or perform a contract we have with you.

            To provide you with information about the products and services we offer (including newsletters, details of any events, promotions and new products and services we can offer and which we believe may be of interest to you) in accordance with any specified preferences.

            Legitimate interests. We require your personal information in order to enable us to manage and carry out our operations as a business.

            Consent.

            To manage our relationship with you (including handling complaints and queries) and to notify you of changes to the Website or any services delivered via the Website.

            Legitimate interests. We require your personal information in order to enable us to manage and carry out our operations as a business.

            Necessary to enter into or perform a contract we have with you.

            To link details of your purchases of products via our Website with feedback you have provided on our App to assess how our products/services and the Website have been used and can be improved.  Your linked information may also be aggregated and anonymised and used for further analytical purposes.  We will not collect any special categories of data about you on our Website.

            Legitimate interests. It is in our legitimate interests to improve the goods/services we offer and develop our business.

             

            Consent. Where this involves us using special categories of personal data (such as information relating to your health) collected on our app we will use that information only if we have your consent and such consent will have been sought when you registered for our app.

            To improve the quality of the Website and your experience using the Website.

            Legitimate interests. We require your personal information to enhance, modify and personalise the Website and your general experience for your benefit or the benefit of the other users.

            To comply with any legal or regulatory obligations (including in connection with a court order).

            Necessary for compliance with a legal obligation to which we are subject.

            To analyse and improve our products and services and to evaluate and develop our business.

            Legitimate interests. We require your personal information in order to enable us to manage and carry out our operations as a business.

            To undertake security monitoring to detect, investigate and resolve security threats.

            Legitimate interests. We process your personal information in order to enable us to protect our business operations.

             

            Where we process your personal information on the legal basis of our legitimate interests (as set out in the table above), we have carefully considered and assessed your rights and freedoms which require protection of your personal information in respect of each specific purpose. Having undertaken this assessment, we have determined that our legitimate interests are not overridden by your rights under data protection laws.  If you would like further information about how we have balanced your rights and freedoms against our legitimate interests, please get in touch using the details at the How to contact us section below.

            We may be required to obtain your personal information to comply with our legal requirements, to enable us to fulfil the terms of our contract with you or in preparation of us entering into a contract with you. If you do not provide the relevant personal information to us, we will not be able to provide the products or services to you, or to arrange payments.

            If you wish to change your marketing preferences and you do not wish to hear from us, please let us know by contacting us on the details provided in paragraph 13.1 below.

            WHO MAY WE DISCLOSE YOUR PERSONAL INFORMATION TO?

            For the purposes set out above, we may share your personal information with:

              Type of third party

              Examples

              General

              Our group companies.

              Other companies and entities that are part of the SkinBioTherapeutics Group.

              Our service providers.

              Our business partners, suppliers and sub-contractors for the performance of any contract we enter into with you including:

              ·       our Website developer;

              ·       IT/data storage providers

              ·       our e-commerce platform provider;

              ·       data analysis service provider; and

              ·       order fulfilment and delivery providers.

              A current list of these third party service providers with whom we share your personal information can be provided to you on request using the details at paragraph 13 below.

              Our professional advisers.

              Including accountants, lawyers and other professional advisers that assist us in carrying out our business activities, a current list of these third parties can be provided to you on request using the details at paragraph 13 below.

              Regulatory authorities, government agencies or law enforcement bodies.

              We may disclose your personal information where these bodies have jurisdiction over our activities.

               

              We may share your personal information with other third parties, for example:

              • in the event that we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets;
              • if we or substantially all of our assets are acquired by a third party (or are subject to a reorganisation within our corporate group), personal information held by us will be one of the transferred assets; and
              • if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our legal rights under any contract we have with you.


              SHARING WITH THIRD PARTIES AND COMPANIES WITHIN THE SKINBIOTHERAPEUTICS GROUP

              Where we act as an independent controller of your personal information we will use your personal information for our own purposes. Sometimes third parties and other companies in the SkinBioTherapeutics Group will act as controllers of your personal information that we collect.  This is where they determine the purposes and means of processing your personal information. They will use your personal information for their own legitimate purposes as described in this Privacy Policy.  

                WHERE WILL WE TRANSFER YOUR PERSONAL INFORMATION?

                Whenever we transfer your personal data out of the UK or EEA (as applicable), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

                • we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data; or
                • where we use certain service providers, we may use specific contracts approved for use in the UK/EEA which give personal data the same protection it has in the UK/EEA.
                Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to us and any transmission is at your own risk.  Once we have received your personal information, we will use strict procedures and security features to try to prevent unauthorised access.
                  HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION FOR?
                  • We will retain your personal information for no longer than is necessary for the purposes for which the personal information are processed. The length of time we hold on to your personal information will vary according to what that information is and the reason for which it is being processed.
                  • To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means. We also consider any applicable legal, regulatory, tax, accounting or other requirements which may specify how long we should retain your personal information for.
                  • Subject to the above, we will securely delete your personal information when you have not used your user account on the Website for a period of 5 years, except where we have to keep basic information about our customers (including contact information and transaction history information) for six years after they cease being customers for tax purposes.
                  • For further information about how long we keep your Personal Information, please get in touch using the details at the How to contact us section below.
                  YOUR RIGHTS

                    You have certain rights with respect to your personal information.  The rights will only apply in certain circumstances and are subject to certain exemptions.  Please see the table below for a summary of your rights and who to contact to exercise them. 

                     

                     

                    Summary of your rights

                    Right of access to your personal information

                    You have the right to receive a copy of your personal information that we hold about you and information about how we use it, subject to certain exemptions. 

                    Right to rectify your personal information

                    You have the right to ask us to correct your personal information that we hold where it is incorrect or incomplete.

                    Right to erasure of your personal information

                    You have the right to ask that your personal information be deleted in certain circumstances.  For example:

                    Ÿ    where your personal information is no longer necessary in relation to the purposes for which they were collected or otherwise used;

                    Ÿ    if you withdraw your consent and there is no other legal ground for which we rely on for the continued use of your personal information;

                    Ÿ    if you object to the use of your personal information (as set out below);

                    Ÿ    if we have used your personal information unlawfully; or

                    Ÿ    if your personal information needs to be erased to comply with a legal obligation.

                    Right to restrict the use of your personal information

                    You have the right to suspend our use of your personal information in certain circumstances.  For example:

                    Ÿ    where you think your personal information is inaccurate but only for so long as is required for us to verify the accuracy of your personal information;

                    Ÿ    the use of your personal information is unlawful and you oppose the erasure of your personal information and request that it is suspended instead;

                    Ÿ    we no longer need your personal information, but your personal information is required by you for the establishment, exercise or defence of legal claims; or

                    Ÿ    you have objected to the use of your personal information and we are verifying whether our grounds for the use of your personal information override your objection.

                    Right to data portability

                    You have the right to obtain your personal information in a structured, commonly used and machine-readable format and for it to be transferred to another organisation, where it is technically feasible.

                    The right only applies:

                    Ÿ    to personal information you provided to us;

                    Ÿ    where we rely on the following legal bases:

                    Ÿ     consent; or

                    Ÿ     for the performance of a contract; and

                    Ÿ    when the use of your personal information is carried out by automated (i.e. electronic) means.

                    Right to object to the use of your personal information (including to object to direct marketing, automated decision making and profiling)

                    You have the right to object to the use of your personal information in certain circumstances and subject to certain exemptions. For example:

                    Ÿ    where you have grounds relating to your particular situation and we use your personal information for our legitimate interests (or those of a third party);  and

                    Ÿ    if you object to the use of your personal information for direct marketing purposes.  

                    Right to withdraw consent

                    You have the right to withdraw your consent at any time where we rely on consent to use your personal information.

                    Right to complain to the relevant data protection authority

                    If you think that we have processed your personal information in a manner that is not in accordance with data protection law, you can make a complaint to the data protection regulator.  In the UK this is the Information Commissioner's Office (ICO) and they can be contacted on 0303 123 1113 or please see www.ico.org.uk. If you live or work in an EEA member state, you may complain to the regulator in that state.

                     

                    HOW TO COMPLAIN

                    • If you think there is a problem with how your personal information is being handled, please contact us by using the contact details below.
                    • You also have the right to complain to the Information Commissioner's Office who can be contacted on 0303 123 1113. Please also see ico.org.uk. If you live or work in an EEA member state, you may complain to the regulator in that state.
                    CHANGES TO OUR PRIVACY POLICY
                    • Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, we will give you reasonable notice of any changes.
                    HOW TO CONTACT US
                    • If you have any questions regarding this Privacy Policy or the way we use your personal information, you can contact us by:
                      • telephone on +44 (0) 191 495 7325;
                      • email at info@axisbiotix.com; or
                      • post at The Core, Newcastle Helix, Newcastle upon Tyne NE4 5TF.

                      This Privacy Policy was last updated on 22nd October 2021.