Privacy Policy

Who are we?

We are DIANA Biotechnologies, a.s., a company registered in the Czech Republic, Company ID: 072 81 218, seated at Průmyslová 596, 252 50 Vestec, Czech Republic, registered in the Commercial Register maintained by the Municipal Court in Prague, file No. B 28366 (“we”). We focus on developing and manufacturing innovative biotechnology solutions, including diagnostic products for healthcare (mainly PCR diagnostics). Besides, we operate the website <dianabiotech.com> ("Website”), through which you can contact us and request for order our products.


Privacy Policy.

We carefully safeguard and protect your personal data. To inform you about how we process your personal data, we have prepared these data processing guidelines (“Privacy Policy”), with us acting as the data controller and you as our customer or visitor of our Website (“you”). Please, read this Privacy Policy carefully as you will find out which personal data we process, how we obtain them, why do we process them and for how long we will do so.


Do you have any questions?

Feel free to ask us. You can reach us via email at [email protected]. We are here for you and ready to help.


GDPR

We always process your personal data in compliance with effective legal regulations. The main one is Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, "GDPR").


Do we really need your personal data?

We always strive to process your personal data to the minimum extent necessary. However, sometimes processing is essential, such as when we want to answer your questions or to enter into a contract, for which personal data is required. Without the personal data, our communication and fulfillment of the contract is impossible.


We can assure you that we will not process personal data using automated individual decision-making that would have legal effects on data subjects or significantly affect them in a similar manner.


How do we process your personal data?

To process personal data, we need a legal basis. This means that we must find a legal foundation for each instance of data processing. The specific data we process, the legal basis for doing so, and the duration of processing depend on the reason for processing. We have detailed each reason in the following points:


A. If you ask for a free sample kit or order our products


Identification details. These help us identify you, for instance, when entering into a contract with us. These include mainly your name, surname, company or organization identification, and any other identification details you provide.


Contact details. We use these to reach out to you if necessary. These include mainly your phone number and email address.


Information from our communication. This mainly includes information in emails, written records of our meetings, details provided in order forms. In short, the content of our communication.


Information contained in the contract. This includes information about the goods you ordered (including free samples) from us, as well as other details related to the contract—such as information about complaints, contract termination, etc.


Billing and banking details. These are used for identifying and processing payments. These include details found on invoices, bank account information, and information about received and sent payments.


We process this data for the following purposes and for this duration:

What is the legal basis for processing under GDPR?

Why do we process your data?

How long will we process it?

What personal data do we process for this purpose?

LEGITIMATE INTEREST

It is in our legitimate interest

Article 6 (1) (f) GDPR

To protect our legal interests (for example, to demonstrate that we have fulfilled our obligations properly and on time)

For up to 16 years, which corresponds to the longest statute of limitations under legal regulations (15 years) plus 1 extra year to allow us to potentially react to your court or other filings

  • Identification details
  • Information from our communication
  • Information contained in the contract
  • Billing and banking details

LEGITIMATE INTEREST

It is in our legitimate interest

Article 6 (1) (f) GDPR

To send you interesting news about what is new at our company or what new products and events we are planning (newsletter) to your e-mail address once in a while

For up to 3 years since the moment we entered into our last contract to date, unless you refuse to obtain these communications earlier in any way, for example, by sending an e-mail to us or by clicking on the unsubscribe link in the e-mail

  • Contact details
  • Information contained in the contract

LEGITIMATE INTEREST

It is in our legitimate interest

Article 6 (1) (f) GDPR

To enable us to communicate with you and maintain records to improve our services

For up to 3 years since the communication in question

  • Contact details
  • Information from our communication
  • Information contained in the contract

CONTRACT

It is necessary for the performance of a contract or in order to take steps prior to entering into a contract (pre-contractual negotiations)

Article 6 (1) (b) GDPR

When you negotiate or enter into a contract with us, we need to process your personal data to properly fulfill our contractual obligations, such as sending you a free sample kit you requested or the products you ordered

For the duration of the contract

  • Identification details
  • Contact details
  • Information from our communication
  • Information contained in the contract
  • Billing and banking details

LEGAL OBLIGATION

It is necessary for compliance with a legal obligation to which we are subject

Article 6 (1) (c) GDPR

Sometimes we must process personal data when required by law. This primarily concerns accounting and tax regulations

For the duration required by the applicable legal regulations (usually 10 years from the end of the accounting year in which a significant event occurred from the perspective of taxes/accounting)

  • Identification details
  • Contact details
  • Information from our communication
  • Information contained in the contract
  • Billing and banking details

B. If you contact us through a contact form or just visit our Website


Identification details. This includes your name, surname, company or organization information, and any other details you provide.


Contact details. We use these to reach out to you and answer your questions or provide information you require. This includes your phone number and email address.


Information from our communication. This mainly includes information you provide us in the contact form and following communication.


Information about your use of the website. This mainly includes your IP address.


Cookies.


We process this data for the following purposes and for this duration:

What is the legal basis for processing under GDPR?

Why do we process your data?

How long will we process it?

What specific personal data do we process for this purpose?

CONTRACT

It is in order to take steps prior to entering into a contract (pre-contractual negotiations)

Article 6 (1) (b) GDPR

To answer your questions and provide the necessary information, primarily for the purpose of entering into a contract

If we do not engage in further collaboration, we will process your data for up to 3 months from our last communication

  • Identification details
  • Contact details
  • Information from our communication

LEGITIMATE INTEREST

It is in our legitimate interest

Article 6 (1) (f) GDPR

To protect our Website from attacks, spam or other abuse, we may process some information (so-called “logs”) about your use of the Website to be able to prevent such abuse (e.g. block your access to the Website)

For 1 month from each visit of the Website.

  • IP address

VARIOUS

To keep track of how you use our Website, where you come from, and which of our products interest you the most

More information can be found in the section of this Privacy Policy related to cookies

  • Cookies

C. If you wish to become a member of our team and send us your CV and cover letter


Identification details. This includes your name, surname, and any other identification details you provide us.


Contact details. We use these to reach out to you for example to schedule an interview. This includes your phone number and email address.


Information from CV, cover letter and our communication. This mainly includes information in emails, details provided in contact form and your CV and cover letter that you send us.


Please do not include any sensitive data (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, health-related data, data related to sexual orientation) in your CV and cover letter. If you do so anyway, we will not process this data unless you provide us your explicit consent.


We process this data for the following purposes and for this duration (it depends on whether you're responding to a specific job advertisement or sending your CV and cover letter without reference to a specific job offer).

What is the legal basis for processing under GDPR?

Why do we process your data?

How long will we process it?

What specific personal data do we process for this purpose?

CONTRACT

It is necessary for the performance of a contract or in order to take steps prior to entering into a contract (pre-contractual negotiations)

Article 6 (1) (b) GDPR

If you respond to a specific job advertisement and send us your CV, we process your personal data for the purposes of the recruitment and selection process – to assess whether you are a good fit for us and, for example, to invite you for an interview

For the duration of the recruitment and selection process

  • Identification details
  • Contact details
  • Information from CV, cover letter and our communication

LEGITIMATE INTEREST

It is in our legitimate interest

Article 6 (1) (f) GDPR

If you were not selected, we will keep your CV so we can contact you with another job offer.

For up to one year after the end of the recruitment and selection process

  • Identification details
  • Contact details
  • Information from CV, cover letter and our communication

CONSENT

We process data based on your consent.

Article 6 (1) (a) GDPR

If you send us your CV without responding to a specific job offer, we process your personal data to assess if, based on your cover letter and CV, you would be a good fit for our team and to let you know when a position becomes available

For the duration of the consent, for a maximum period of three years.

You can withdraw your consent at any time, for example, via email. However, even if you withdraw your consent or the consent period expires, it does not mean we are required to delete all your data that we processed based on that consent. We may continue to process data for which we have another legal basis. Withdrawal of consent does not affect the lawfulness of data processing carried out prior to the withdrawal.


  • Identification details
  • Contact details
  • Information from CV, cover letter and our communication

Who do we share your personal data with?


Data Sharing. We may share your data with other entities to ensure our efficient operation. Our service providers become processors of your personal data but are only authorized to process your data to the extent we have agreed upon with them.


Public authorities. We may also exceptionally share your personal data with public authorities if it is in our interest or if requested in accordance with legal regulations.


Who do we share your personal data with? Specifically, we share your personal data with the following entities:


Sale Management: Company Salesforce.com manages our sales system to help us manage interactions and relationships with current and potential customers. You can find information on how they process personal data here.


Entreprise Resouce Planning: Microsoft Corporation provides us with and manages our enterprise resource planning (ERP) system (Microsoft Dynamics Business Center). You can find information on how they process personal data here.


Recruitment Software: Company recruitis.io s.r.o. who provides us job applicant tracking system. You can find information on how they process personal data here.


Marketing: Entities providing and managing marketing tools such as Google Analytics, Ecomail and Smartlook. You can find information on how they process personal data here (Google), here (Ecomail) and here (Smartlook).


Shipping Companies: Entities who ship our products or samples to your address. You can find information on how they process personal data here (Cargo-partner), here (DHL), here (Fedex) and here (PPL).


Hosting and Website Management: Providers who manage and maintain our web hosting services and manage and update our Website. You can find information on how they process personal data here (Digital Ocean) and here (edgy.digital).


We are ready to provide you with an up-to-date list of specific entities to which we transfer your personal data. Just send as a request via email or contact us in any other way.


Where will we transfer your personal data?


We do not transfer your personal data outside the EU. If we decide to transfer it outside the EU in the future, we will do so only in compliance with GDPR, to countries or entities that ensure adequate protection of personal data.


What rights do you have in relation to the processing of your personal data?


In relation to the processing of personal data, you have the following rights:


Right to Access. You have the right to obtain confirmation from us as to whether your personal data is being processed. If it is, you have the right to access this data and information about what personal data is being processed.


Right to Correction. You can request the correction of inaccurate personal data or the completion of incomplete personal data.


Right to Erasure and Restriction. Under certain conditions, we are also obligated to erase your personal data or restrict its processing if you request it. You also have the right to transfer your personal data to another data controller under certain conditions.


Right to Lodge a Complaint. If you suspect that your personal data is being processed unlawfully, you have the right to lodge a complaint with the Office for Personal Data Protection (Úřad pro ochranu osobních údajů) at www.uoou.gov.cz, located at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic.


In addition, you have the right to object if we process your personal data for the purposes of the legitimate interests pursued by us. You can submit this objection by sending it to our contact address or email. We will evaluate it within one month of receiving it.


How do cookies work?


For the proper functioning of our Website, we and our partners, such as Google, use cookies. Cookies are small text files that the Website sends to your browser. They allow us to record information about your visit, such as the selected language, and similar preferences. This makes your next visit to the Website easier and more enjoyable.


Cookies are important because, without them, browsing the internet would be much more complicated. Cookies allow for better use of our Website and customization of its content to meet your needs. Almost every website in the world uses cookies. They are useful because they enhance the user-friendliness of a repeatedly visited site.


We categorize cookies as necessary, analytical, and marketing cookies.

Necessary cookies are required for the Website to function properly. We do not need your consent to use these cookies. It is in our legitimate interest to ensure that the Website runs smoothly. You cannot refuse their use in the cookie settings on our Website. However, if you block these cookies in your browser settings, the Website may not display correctly, and browsing it may not be the experience you're used to.


Analytical cookies help us and our partners compile statistics and reports. They allow us to track the Website´s traffic and where visitors come from. We need your consent to use them. You can set this consent when you first visit the Website via the cookie banner or here.


Marketing cookies enable us and our partners to offer our products through targeted advertising that is relevant to you. We do this through our partners, who operate advertising tools such as Google Analytics. If you consent to marketing cookies, we may share your personal data with these partners for cookie storage, inclusion in remarketing audiences, personalized advertising targeting, or linking with data you provide to these partners. However, we need your consent for this.



This Privacy Policy is effective from 8.10.2024.

Let’s take your PCR to the next level!