We are DIANA Biotechnologies, a.s., a company registered in the Czech Republic, Company ID: 072 81 218, seated at Průmyslová 596, 252 50 Vestec, Czech Republic, registered in the Commercial Register maintained by the Municipal Court in Prague, file No. B 28366 (“we”). We focus on developing and manufacturing innovative biotechnology solutions, including diagnostic products for healthcare (mainly PCR diagnostics). Besides, we operate the website <dianabiotech.com> ("Website”), through which you can contact us and request for order our products.
We carefully safeguard and protect your personal data. To inform you about how we process your personal data, we have prepared these data processing guidelines (“Privacy Policy”), with us acting as the data controller and you as our customer or visitor of our Website (“you”). Please, read this Privacy Policy carefully as you will find out which personal data we process, how we obtain them, why do we process them and for how long we will do so.
Feel free to ask us. You can reach us via email at [email protected]. We are here for you and ready to help.
We always process your personal data in compliance with effective legal regulations. The main one is Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, "GDPR").
We always strive to process your personal data to the minimum extent necessary. However, sometimes processing is essential, such as when we want to answer your questions or to enter into a contract, for which personal data is required. Without the personal data, our communication and fulfillment of the contract is impossible.
We can assure you that we will not process personal data using automated individual decision-making that would have legal effects on data subjects or significantly affect them in a similar manner.
To process personal data, we need a legal basis. This means that we must find a legal foundation for each instance of data processing. The specific data we process, the legal basis for doing so, and the duration of processing depend on the reason for processing. We have detailed each reason in the following points:
Identification details. These help us identify you, for instance, when entering into a contract with us. These include mainly your name, surname, company or organization identification, and any other identification details you provide.
Contact details. We use these to reach out to you if necessary. These include mainly your phone number and email address.
Information from our communication. This mainly includes information in emails, written records of our meetings, details provided in order forms. In short, the content of our communication.
Information contained in the contract. This includes information about the goods you ordered (including free samples) from us, as well as other details related to the contract—such as information about complaints, contract termination, etc.
Billing and banking details. These are used for identifying and processing payments. These include details found on invoices, bank account information, and information about received and sent payments.
We process this data for the following purposes and for this duration:
What is the legal basis for processing under GDPR? | Why do we process your data? | How long will we process it? | What personal data do we process for this purpose? |
---|---|---|---|
LEGITIMATE INTEREST It is in our legitimate interest Article 6 (1) (f) GDPR | To protect our legal interests (for example, to demonstrate that we have fulfilled our obligations properly and on time) | For up to 16 years, which corresponds to the longest statute of limitations under legal regulations (15 years) plus 1 extra year to allow us to potentially react to your court or other filings |
|
LEGITIMATE INTEREST It is in our legitimate interest Article 6 (1) (f) GDPR | To send you interesting news about what is new at our company or what new products and events we are planning (newsletter) to your e-mail address once in a while | For up to 3 years since the moment we entered into our last contract to date, unless you refuse to obtain these communications earlier in any way, for example, by sending an e-mail to us or by clicking on the unsubscribe link in the e-mail |
|
LEGITIMATE INTEREST It is in our legitimate interest Article 6 (1) (f) GDPR | To enable us to communicate with you and maintain records to improve our services | For up to 3 years since the communication in question |
|
CONTRACT It is necessary for the performance of a contract or in order to take steps prior to entering into a contract (pre-contractual negotiations) Article 6 (1) (b) GDPR | When you negotiate or enter into a contract with us, we need to process your personal data to properly fulfill our contractual obligations, such as sending you a free sample kit you requested or the products you ordered | For the duration of the contract |
|
LEGAL OBLIGATION It is necessary for compliance with a legal obligation to which we are subject Article 6 (1) (c) GDPR | Sometimes we must process personal data when required by law. This primarily concerns accounting and tax regulations | For the duration required by the applicable legal regulations (usually 10 years from the end of the accounting year in which a significant event occurred from the perspective of taxes/accounting) |
|
Identification details. This includes your name, surname, company or organization information, and any other details you provide.
Contact details. We use these to reach out to you and answer your questions or provide information you require. This includes your phone number and email address.
Information from our communication. This mainly includes information you provide us in the contact form and following communication.
Information about your use of the website. This mainly includes your IP address.
Cookies.
We process this data for the following purposes and for this duration:
What is the legal basis for processing under GDPR? | Why do we process your data? | How long will we process it? | What specific personal data do we process for this purpose? |
---|---|---|---|
CONTRACT It is in order to take steps prior to entering into a contract (pre-contractual negotiations) Article 6 (1) (b) GDPR | To answer your questions and provide the necessary information, primarily for the purpose of entering into a contract | If we do not engage in further collaboration, we will process your data for up to 3 months from our last communication |
|
LEGITIMATE INTEREST It is in our legitimate interest Article 6 (1) (f) GDPR | To protect our Website from attacks, spam or other abuse, we may process some information (so-called “logs”) about your use of the Website to be able to prevent such abuse (e.g. block your access to the Website) | For 1 month from each visit of the Website. |
|
VARIOUS | To keep track of how you use our Website, where you come from, and which of our products interest you the most | More information can be found in the section of this Privacy Policy related to cookies |
|
Identification details. This includes your name, surname, and any other identification details you provide us.
Contact details. We use these to reach out to you for example to schedule an interview. This includes your phone number and email address.
Information from CV, cover letter and our communication. This mainly includes information in emails, details provided in contact form and your CV and cover letter that you send us.
Please do not include any sensitive data (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, health-related data, data related to sexual orientation) in your CV and cover letter. If you do so anyway, we will not process this data unless you provide us your explicit consent.
We process this data for the following purposes and for this duration (it depends on whether you're responding to a specific job advertisement or sending your CV and cover letter without reference to a specific job offer).
What is the legal basis for processing under GDPR? | Why do we process your data? | How long will we process it? | What specific personal data do we process for this purpose? |
---|---|---|---|
CONTRACT It is necessary for the performance of a contract or in order to take steps prior to entering into a contract (pre-contractual negotiations) Article 6 (1) (b) GDPR | If you respond to a specific job advertisement and send us your CV, we process your personal data for the purposes of the recruitment and selection process – to assess whether you are a good fit for us and, for example, to invite you for an interview | For the duration of the recruitment and selection process |
|
LEGITIMATE INTEREST It is in our legitimate interest Article 6 (1) (f) GDPR | If you were not selected, we will keep your CV so we can contact you with another job offer. | For up to one year after the end of the recruitment and selection process |
|
CONSENT We process data based on your consent. Article 6 (1) (a) GDPR | If you send us your CV without responding to a specific job offer, we process your personal data to assess if, based on your cover letter and CV, you would be a good fit for our team and to let you know when a position becomes available | For the duration of the consent, for a maximum period of three years. You can withdraw your consent at any time, for example, via email. However, even if you withdraw your consent or the consent period expires, it does not mean we are required to delete all your data that we processed based on that consent. We may continue to process data for which we have another legal basis. Withdrawal of consent does not affect the lawfulness of data processing carried out prior to the withdrawal. |
|
Data Sharing. We may share your data with other entities to ensure our efficient operation. Our service providers become processors of your personal data but are only authorized to process your data to the extent we have agreed upon with them.
Public authorities. We may also exceptionally share your personal data with public authorities if it is in our interest or if requested in accordance with legal regulations.
Who do we share your personal data with? Specifically, we share your personal data with the following entities:
Sale Management: Company Salesforce.com manages our sales system to help us manage interactions and relationships with current and potential customers. You can find information on how they process personal data here.
Entreprise Resouce Planning: Microsoft Corporation provides us with and manages our enterprise resource planning (ERP) system (Microsoft Dynamics Business Center). You can find information on how they process personal data here.
Recruitment Software: Company recruitis.io s.r.o. who provides us job applicant tracking system. You can find information on how they process personal data here.
Marketing: Entities providing and managing marketing tools such as Google Analytics, Ecomail and Smartlook. You can find information on how they process personal data here (Google), here (Ecomail) and here (Smartlook).
Shipping Companies: Entities who ship our products or samples to your address. You can find information on how they process personal data here (Cargo-partner), here (DHL), here (Fedex) and here (PPL).
Hosting and Website Management: Providers who manage and maintain our web hosting services and manage and update our Website. You can find information on how they process personal data here (Digital Ocean) and here (edgy.digital).
We are ready to provide you with an up-to-date list of specific entities to which we transfer your personal data. Just send as a request via email or contact us in any other way.
We do not transfer your personal data outside the EU. If we decide to transfer it outside the EU in the future, we will do so only in compliance with GDPR, to countries or entities that ensure adequate protection of personal data.
In relation to the processing of personal data, you have the following rights:
Right to Access. You have the right to obtain confirmation from us as to whether your personal data is being processed. If it is, you have the right to access this data and information about what personal data is being processed.
Right to Correction. You can request the correction of inaccurate personal data or the completion of incomplete personal data.
Right to Erasure and Restriction. Under certain conditions, we are also obligated to erase your personal data or restrict its processing if you request it. You also have the right to transfer your personal data to another data controller under certain conditions.
Right to Lodge a Complaint. If you suspect that your personal data is being processed unlawfully, you have the right to lodge a complaint with the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) at www.uoou.gov.cz, located at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic.
In addition, you have the right to object if we process your personal data for the purposes of the legitimate interests pursued by us. You can submit this objection by sending it to our contact address or email. We will evaluate it within one month of receiving it.
For the proper functioning of our Website, we and our partners, such as Google, use cookies. Cookies are small text files that the Website sends to your browser. They allow us to record information about your visit, such as the selected language, and similar preferences. This makes your next visit to the Website easier and more enjoyable.
Cookies are important because, without them, browsing the internet would be much more complicated. Cookies allow for better use of our Website and customization of its content to meet your needs. Almost every website in the world uses cookies. They are useful because they enhance the user-friendliness of a repeatedly visited site.
We categorize cookies as necessary, analytical, and marketing cookies.
Necessary cookies are required for the Website to function properly. We do not need your consent to use these cookies. It is in our legitimate interest to ensure that the Website runs smoothly. You cannot refuse their use in the cookie settings on our Website. However, if you block these cookies in your browser settings, the Website may not display correctly, and browsing it may not be the experience you're used to.
Analytical cookies help us and our partners compile statistics and reports. They allow us to track the Website´s traffic and where visitors come from. We need your consent to use them. You can set this consent when you first visit the Website via the cookie banner or here.
Marketing cookies enable us and our partners to offer our products through targeted advertising that is relevant to you. We do this through our partners, who operate advertising tools such as Google Analytics. If you consent to marketing cookies, we may share your personal data with these partners for cookie storage, inclusion in remarketing audiences, personalized advertising targeting, or linking with data you provide to these partners. However, we need your consent for this.
This Privacy Policy is effective from 8.10.2024.