Privacy Policy

1. Introduction

1.1.   With this privacy notice, we wish to inform you on how and why we Process your Personal Data and other local laws on Privacy and the Processing of Personal Data (« Applicable Laws »).

1.2.   You will see defined terms in this privacy notice. If not defined within this privacy notice, these terms have the meaning provided for in the Applicable Laws.

2. Processing of Personal Data

2.1.   As part of our activities, we may Process[1] Personal Data[2] about you, your employees, directors, agents or other representatives (« Data Subject(s) » or « you ») in the manner described below.

2.2.   We are committed to protecting your privacy and your Personal Data and to respecting your rights. This notice explains how we Process your Data, in accordance with the Applicable Laws.

2.3.   If you are an entity, please inform your employees, directors, agents and other representatives of our Processing of their Personal Data. Every time you transfer Personal Data to us in the context of our business relationship, you guarantee to us that it is lawful for you to do so, that you have appropriately informed the respective individual of such Processing and that no transfer of Personal Data to us will put us in breach of the Applicable Laws.

3. Data Controller

3.1.   Within the HOLVES, each entity will, for their respective activities with or towards you as well as for their respective contacts with you, as described further below, qualify as the Data Controller for their Processing of your Personal Data, which means that they determine why and how your Data is Processed.

The details of the concerned Data Controller (herein also “we” or “us”), responsible to make sure your Data is Processed in a lawful, transparent, and secure manner are as follows:

Beijing Holves Biotechnology Co.,LTD with registered office in Beijing(China)
http://www.bjholves.com/
info@holves.com.

4. How and Why We Process Your Data

4.1.   We may Process your Personal Data for various purposes. Below, we describe for each purpose, the type of activities we perform, the categories of Data Subjects to whom such Processing relates to, the categories of Personal Data we Process, as well as the applicable legal basis and retention period.

Client Management
Type of Activities Category of Personal Data Legal Basis
Sales & Customer Management Identification data; Professional data; Business contact data Legitimate interest (Customer service and customer retention)
Marketing & Communication to existing customers (e.g. promotion of similar offerings, satisfaction reviews, information on events) Identification data; Professional data; Business contact data; Marketing data Legitimate interest (Customer service and customer retention)
Supplier Management
Type of Activities Category of Personal Data Legal Basis
Supply Chain Management
Procurement
Planning
Logistics
Identification data; Professional data; Business contact data Legitimate interest (Supply Chain Management)
Management of Disputes
Type of Activities Category of Personal Data Legal Basis
Management of litigation and disputes (*) Identification data; Professional data; Business contact data; Data relevant to the dispute at hand; Possibly criminal or sensitive data exchanged in the context of a dispute Legitimate interest (Legal defense)
Necessity for the Establishment, Exercise or Defense of legal claims
Security
Type of Activities Category of Personal Data Legal Basis
Video surveillance (in so far access would be granted to labs)
Badging system management (in so far a badge would be granted)
Image data; Badge logs / location data; Identification data Our legitimate interest (Security)
Protecting the interests of our company and organization (including our financial and legal interests, our compliance with applicable legal requirements, the continuity and growth of our business, etc.)
Type of Activities Category of Personal Data Legal Basis
Business development (*), including:
– marketing intelligence & analysis
– licensing
Identification data; Professional data; Business contact data; Education/qualification data; Legitimate Interest (Business growth and continuity)
Merger & Acquisitions (*) Identification data; Professional data; Business contact data; Education/qualification data; Legitimate Interest (Business growth and continuity)
Legal Services, including Corporate Legal Support and Management of IP and other Assets (*) Identification data; Professional data; Business contact data; Education/qualification data; Legitimate Interest (Business growth and continuity / Protection of the Organization and safeguarding its interest).
Finance, including
– Accounting & Audit
– FP&A & Corporate Finance
– Cost Controlling
Identification data; Professional data; Business contact data Legitimate interest (Finance)
Quality & R&D
Type of Activities Category of Personal Data Legal Basis
Quality Services / R&D for biomedical research excluding clinical trials or processing of patient data (*) Identification data; Professional data; Business contact data; Private contact data; Education/qualification data; Performance data Necessity to comply with our legal obligations (quality requirement)
or
Our legitimate interest (Quality management & control / Growth of Business and Business Continuity)
Direct Marketing
Type of Activities Category of Personal Data Legal Basis
Marketing & Communication towards prospects Identification data; Professional data; Business contact data; Marketing data Consent
Analytics and performance management (through cookies) Cookie data Consent (except essential technical cookies) as further described in the Cookie Notice on our Websites

4.2.   We may also Process your Personal Data (e.g. as a contractor, consultant or partner) in the context of our HR management, which activities are described in a separate (HR) notice and which will, when applicable, be provided to you.

4.3.   In addition to the Data categories listed above, we may use other types of Data relating to you that you may have voluntarily provided to us, that were provided to us in the context of our business relations or that we have deducted or generated from Data that were already in our possession.

5. We May Collect Your Data in Different Ways

5.1.   We may collect Data that you have voluntarily provided to us (for by applying or registering for an event, visiting our booth at a congress, attending a meeting with one of our team members, by giving us your business card, responding to a survey or participating in a Website feature) or through the company or organisation you work for.

5.2.   It may also be possible that we receive or indirectly collect Data about you, for example, from our business partners or from public sources such as social networks or public websites.

6. Sharing Your Personal Data with Others

6.1.   We restrict access to your data to employees and any person acting under our authority on a need-to-know basis, who respect our confidentiality rules and comply with our instructions.

6.2.   Any person having access to your Personal Data (e.g. our Marketing & Communication team, our Sales team, our Procurement team, our IT team) and acting under our authority Processes your Data in respect of the instructions that we have given them and has committed him or herself to respect our confidentiality rules.

6.3.   We may call on intragroup or external Processors for the Processing of your Personal Data (e.g. intragroup service providers, external IT service providers, external mailing providers). In this case, we only call on Processors providing sufficient guarantees on the lawfulness, transparency and the security of the Processing of your Data.

6.4.   We may also need to transfer your Data to other Recipients (both intragroup and external) if we believe in good faith that this is necessary, at all times taking into account our obligations under the Applicable Laws. We could transfer your Data to, for example:

  • Attorneys or courts to safeguard the rights and interests of our organization, our people, our customers, and partners, or the public in general;
  • Public or enforcement authorities to comply with a legal obligation or procedure;
  • External or internal service providers;
  • Potential investors or counsels in the context of a reorganization or an M&A transaction;
  • Our (statutory) auditors to perform an audit.

6.5.   We may also share your Data with authorized distributors, business partners to communicate with you or to respond to your queries.

7. Minimizing and Securing Your Personal Data – Data Retention & Deletion

7.1.   At all times we aim to minimize the Personal Data we process, to make sure we only use your Data when and in so far, we need it. Where possible we also pseudonymise or key-code your Data so that you cannot be directly identified.

7.2.   We only keep your data where and in so far as we need it, in line with the mandatory retention terms and the provisions of our Data Retention Policy. Once we are no longer required to keep your Personal Data or have an appropriate basis to continue the Processing, we will either delete or anonymise your Data.

8. We Respect Your Rights

8.1.   We have implemented reasonable, risk-based technical and organisational measures to ensure that your Data is protected from loss or disclosure, unauthorised use, modification or destruction.

8.2.   Under the Applicable laws You have certain rights in relation to the Personal Data we hold about you, including:

  • the right of information about and access to your Personal Data;
  • the right to rectify or erase certain Personal Data; 
  • the right to restrict or to object to certain processing;
  • the right to data portability;
  • the right to withdraw your consent, where the processing is based on consent.

8.3.   You can request the exercise of your rights by contacting us using the contact details below.

8.4.   In order to guarantee the security of your Data and to avoid any misuse, before responding to your request, we will ask you to provide us with an acceptable proof of your identity and will verify the legitimacy of your request and whether all the conditions have been satisfied.

9. Contact us

9.1.   If you have any questions or concerns about the way we collect, store and use your Data, do not hesitate to direct them to our privacy point of contact:Wendy@holves.com

9.2.   We will deploy our best efforts to find a quick and fair solution to any concern that you may submit to us.

9.3.   In addition, if you have reasons to believe that the Processing of your Personal Data by us infringes the Applicable Laws, you have the right, at all times, to lodge a complaint with a supervisory authority.

[1] “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

[2] “Personal Data” or “Data” means the information that identifies you or allows you to be identified either on its own or in combination with other information.

Contact

MyDreamPlus 4/F, Changying Future Building, Chaoyang District, Beijing – China

+86 (10) 64 919 358
Contact us

Twitter Facebook Wechat

Our website uses cookie to improve usability. By clicking “Accept”, you consent to the use of ALL the cookie. For more information, please click here.

Confirm Close