Avillion Life Sciences Ltd. (“Avillion”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal information. Please read this Privacy Policy carefully, as it contains important information on how and why we collect and process your personal information through your use of this website.
Avillion is the Controller of the personal data and is committed to complying with all applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. What personal data do we collect?
1.1 Information you provide directly:
Through our website contact form or other voluntary interactions, we collect:
- Your name
- Your email address
- Any additional personal information you choose to provide in your message or enquiry
We only collect the information you voluntarily provide directly.
1.2 Information collected automatically:
When you use our website, we may automatically collect certain information through the use of cookies and similar technologies. This may include:
- IP address
- Browser type and version
- Operating system
- Date and time of your visit
- Pages you viewed
- Time spent on pages
- Referring website addresses
This information is primarily collected for analytics purposes and to improve our website’s performance and user experience. For more detailed information about the cookies we use and the data they collect, please refer to our Cookie Policy.
2. Why do we use your personal data?
We use your personal data for the following purposes:
- To administer the website (lawful basis: legitimate interest)
- To respond to your requests or enquiries made via the contact form (lawful basis: legitimate interest). We believe this is necessary for maintaining business relationships and responding to prospective clients.
- To comply with our legal obligations (lawful basis: legal obligation).
If you are entering into a contract or potential contract with us, processing may also be necessary for that contract.
3. How long will we keep your personal information?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including meeting any legal, accounting, or reporting requirements. Typically, we retain contact form data for 2 years after the last communication, unless a longer retention period is required by law.
4. Data sharing
We may transfer your personal data to our associated entities and service providers (e.g. IT services, system administrators) to the extent necessary to achieve the purpose we collected the data for.
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not sell, trade, or rent your personal data to third parties.
Some of our associated entities and service providers may be located outside the UK. In such cases, we ensure that one of the following safeguards is implemented:
- The country has been deemed to provide an adequate level of protection for personal data by the UK government.
- We have entered into specific contracts (such as standard contractual clauses) approved by the UK government, which give personal data the same protection it has in the UK.
5. How do we protect your data?
Avillion has in place appropriate technical and organisational security measures to ensure the security and integrity of your personal information and treats your personal data in a confidential manner.
We limit access to your personal information to those individuals who have a business need to access it.
We regularly monitor our systems for possible vulnerabilities and attacks. We will notify you and the Information Commissioner’s Office (ICO) of a suspected data security breach where we are legally required to do so, within 72 hours of becoming aware of it.
6. Your rights
Under the UK GDPR, you have several rights in relation to your personal data, which you can exercise free of charge. You have the right to:
- Request access to, or copies of, the personal information we hold about you.
- Request rectification of any mistakes in your personal information.
- Request erasure of your personal data in certain circumstances.
- Request the restriction of processing of your personal data.
- Object to the processing of your personal data in certain circumstances.
- Request the transfer of your personal data to you or a third party (data portability).
- Withdraw consent at any time, where we are relying on consent to process your personal data.
For further information on these rights or to exercise them, please contact us (see contact section below).
7. Data Minimisation and Risk Management
We are committed to collecting only the personal data that is necessary for the specified purposes. We implement privacy by design principles in our systems and processes to ensure that privacy considerations are embedded from the start.
Where processing is likely to result in a high risk to your rights and freedoms, we conduct Data Protection Impact Assessments (DPIAs) to identify and minimise data protection risks.
8. Special Category Data
We do not routinely collect or process special category data through our website. If this changes, we will update this privacy policy and ensure we have appropriate legal bases and safeguards in place.
9. Social Media Features and External Links
Our website may include social media features or links to external websites. These features may collect your IP address and which page you are visiting on our website and may set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policy of the company providing them.
We are not responsible for the privacy practices or the content of external websites. Please review the privacy policies of those sites before providing them with personal information.
10. Cookies
Our website uses cookies to distinguish you from other users of our website and to provide analytics information. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
We primarily use analytics cookies to understand how visitors use our website. These cookies collect information in a way that does not directly identify anyone.
For detailed information on the specific cookies we use, their purposes, and how you can control them, please see our Cookie Policy.
You can access our Cookie Policy at any time through this link or through the link in the footer of our website.
You can also manage or refuse cookies through your browser settings.
11. Children’s Privacy
Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, please do not provide any information on this website.
12. Automated Decision-Making
We do not use automated decision-making or profiling in processing your personal data.
13. Role of the Data Protection Officer
Our Data Protection Officer (DPO) is responsible for overseeing questions in relation to this privacy policy and our approach to privacy. The DPO also monitors compliance with data protection laws and our data protection policies, including managing internal data protection activities, advising on data protection impact assessments, conducting internal audits, and providing the required training to staff members.
14. Changes to This Privacy Policy
We keep our privacy policy under regular review. This privacy policy was last updated on 10 October 2024. We will notify you of any significant changes by posting the new privacy policy on this page.
15. Contacts
If you have any questions or concerns regarding the processing of your personal data, please contact us at:
Avillion Life Sciences
Spaces Victoria, 25 Wilton Road, London, SW1V 1LW (UK)
+44 (0)20 3764 9530
contact@avillionls.com
Avillion has appointed a Data Protection Officer responsible for overseeing Avillion’s compliance with UK data protection law, who can be contacted at dpo@avillionls.com
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO),
the UK supervisory authority for data protection issues: