The European Union General Data Protection Regulation (GDPR) is effective from May 25th 2018. The GDPR replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. The GDPR is important because it improves the protection of EU data subject’s rights and also sets clear expectations and obligations for how companies safeguard these rights.

When you contact and/or partner with Equal1 we understand that you expect us to ensure your data protection rights are respected. We understand how important it is to obtain your consent and provide full transparency in how we use and protect your data. We are also committed to providing you with options to access, modify or delete your data when requested.

Maintaining the trust and respecting the rights of our customers and all data subject’s personal data is a priority for Equal1 and we are fully committed to complying with all aspects of the regulation. This Policy applies to all personal information processed by our Company, including that collected through our Platform. It also applies to our employees, contractors, and third-party service providers. It’s purpose is to help you understand the following:

• What information we collect
• How we use your information
• Our Legal Basis for processing your data
• How you may provide and withdraw your data consent
• How long we keep your information
• How you can access, modify or delete your data when required
• How we keep your data secure
• Who we share your data with

If at any time you require further information then please contact us at info@equal1.com

For the purpose of the GDPR, the Data Controller is:

Equal1 Laboratories Ireland Limited

Belfield

Dublin

D04 V2N9

Information We Collect

Personal data refers to any information relating to an identified or identifiable natural person (Data Subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular, in reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

The type of personal data that we may process about you will depend on our relationship.

Equal1 maintains the same privacy practices with respect to data that is collected off-line and on-line, and this notice also covers both those methods of data collection and use.

How We Use the Information

Equal1 collects information from individuals so we can manage our relationship with them. The categories of information we collect is limited, such as Name, Address, Email & Phone number.

Should any individual apply to work at Equal1, we collect personal information from them such as; Name, Contact Details, CV’s education and employment history.

Special categories of personal data

We do not process any special category data for the purposes of our business, we ask that you do not provide any sensitive personal data (eg, gender, height, weight, medical information, religion, philosophical or political beliefs, financial data) in job applications.

We ask you to provide only the information that is necessary to submit a query to our website.

Why are We Processing Your Data? Our Legal Basis

We are required to determine the legal basis for which we process different categories of your personal information, and to notify you of the basis for each category.

Most of the personal information we process is provided to us directly by you for one of the following reasons:

Information we process because we have a contractual obligation with you

In order to carry out our obligations under that contract we must process the information you give us. Some of this information may be personal information.

​

We may use it in order to manage your requests or set up a file based on our relationship with each other.

Information we process for the purposes of legitimate interests

We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.

Where we process your information on this basis, we do so after having given careful consideration

to:

• Whether the same objective could be achieved through other means
• Whether processing (or not processing) might cause you harm
• Whether you would expect us to process your data, and whether you would consider it reasonable to do so

For example, we may process your data on this basis for the purpose of necessary administration of our business, or use it for recruitment purposes such as interview notes.

Information we process because we have your consent

Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide with more information about our business, including job opportunities, our products and services, you provide your consent to us to process information that may be personal information.

Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to our use of cookies. You may also consent to have your data used in order to receive information on a new service offering.

We continue to process your information on this basis until you withdraw your consent, or it can be reasonably assumed that your consent no longer exists.

You may withdraw your consent at any time by instructing us at info@equal1.com.

​

Information we process because we have a legal obligation

We may be required to give information to legal and regulatory authorities if they so request and subject to the correct authorisation.

We may use this information to verify your identity for security purposes or keep our website safe and secure.

Transparency and Choice

All individuals are entitled to access what information our company holds on them and why. You are also entitled to request this information to be modified or deleted. These requests may also be submitted to info@equal1.com.

Other data subject rights are as follows:

​

• Your right to rectification – You have the right to ask us to rectify information you think is inaccurate.  You also have the right to ask us to complete information you think is incomplete.
• Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances
• Your right to object – You have the right to ask us to stop processing your personal data for profiling or direct marketing
• Your right to restriction of processing – You have the right to object to the processing of your personal data in certain circumstances
• Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Exemptions may apply if the information requested is considered excessive or repetitive.

How Long We Keep Your Information

Equal1 will only retain your information for as long as it is required to fulfil the purpose for which your personal data was provided. You can request to have your information modified or deleted by submitting a request to info@equal1.com as outlined above. For more information on how our retention timelines please email info@equal1.com.

Keeping Your Information Secure

Equal1 adopts international best practice and adheres to current legal requirements around the security of your personal data. This also includes the training of our staff, the implementation of policies and processes around the handling of personal data and the completion of regular audits to ensure we remain compliant with our obligations to protect and secure your data.

Sharing Your Information

Equal1 uses the services of a number of trusted SaaS service providers for our normal business operations and may be required to share your personal information with these companies. Equal1 will only share and allow the process of this information based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. A full list of these service providers is available on request.

Data Transfers

In some circumstances it may be necessary for us to transfer your data outside the European Economic Area (EEA).  We will only transfer data to receivers that are in countries approved by the EU Commission, or where there are the appropriate safeguards in place to protect your personal data. For further information on these appropriate safeguards, please email info@equal1.com.

California Consumer Privacy Act

This privacy notice supplements the Equal1 privacy notice and applies solely to California consumers who visit www.equal1.com. Any terms defined in the California Consumer Privacy Act of 2018 (“CCPA”) have the same meaning when used in this privacy notice.

Sale of personal information

We do not sell consumer personal information.

​

Your rights and choices

You have the right to request that Equal1 disclose to you certain information about our collection and use of your personal information in the past 12 months. Once we receive and confirm your verifiable consumer request (see the Exercising Your Access and Deletion Rights section below), we will disclose to you:

• The categories of personal information we collected about you;
• The categories of sources from which we collected personal information about you;
• Our business or commercial purpose for collecting or selling personal information;
• The categories of third parties with whom we share personal information;
• The specific pieces of personal information we have collected about you (also called a data portability request); and
• If we disclosed your personal information for a business purpose, the categories of personal information that we disclosed and that each category of third party received.

Deletion request rights

You have the right to request that we delete any of your personal information that we collected and retained, subject to certain exceptions. Once we have received and confirmed your verifiable consumer request, we will delete, and direct any of our service providers to delete, your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
• Debug products to identify and repair errors that impair existing intended functionality;
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when deletion of the information is likely to render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
• Comply with a legal obligation; or
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising your access and deletion rights

To exercise your access and deletion rights described above, please email us at info@equal1.com.

You may only make a verifiable consumer request for access twice within a 12-month period. The verifiable consumer request must:

• Provide enough information for us to reasonably verify you are the person about whom we collected personal information or an authorised representative; and
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. You are not required to make an account with us to make a verifiable consumer request. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

​

Response timing and format

We endeavour to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically or by mail, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-discrimination

You have the right to not be discriminated against in pricing and services because you exercise any of your CCPA rights. Unless permitted by the CCPA, we will not use whether or not you have exercised your CCPA rights to:

• Deny you goods or services;
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of goods or services; or
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Cookies Policy

The Equal1 website uses cookies to help provide you with the best experience possible.  Cookies are small text files that are placed on your computer when you browse websites.  We use cookies to save you having to re-enter passwords repeatedly, improve our website content, improve the security and speed of our website, and improve our marketing.

You can usually switch cookies off by adjusting your browser settings to stop it accepting cookies, however doing so will likely mean that our website will not work for you as you would expect. Equal1 does not use cookies to gather any personal data on our systems. The user can delete the cookie and the information that it collects at any time using the settings on their web browser.

Enquiries

If you have any questions about this privacy statement, please feel free to contact us at info@equal1.com.

How to Complain

In the event that you wish to make a complaint about how your personal data is being processed by Equal1 or how your complaint has been handled, you have the right to lodge a complaint directly with the data supervisory authority and /or our Data Privacy Manager, Equal1 -  info@equal1.com.

Link below to the complaints section of the Data Commissioner website;

https://www.dataprotection.ie/docs/Making-a-Complaint-to-the-Data-Protection-Commissioner/r/18.htm

Or email Data Protection Commissioner to info@dataprotection.ie.