Data Privacy Policy

Your privacy is our priority. This policy explains how we collect, use, and protect your personal data when you use our website. By continuing to use this site, you accept this policy.

1. Data we collect

Depending on how you interact with our site, we may collect the following categories of personal data:

  • Identity: name, email, phone
  • Professional: company, job title
  • Technical: IP address, location (country)
  • Behavioural: pages visited, click flow, time on page
  • Cookie data: see the cookies section below

2. How we use your data

We collect personal data only when you actively provide it or when your browser transmits it automatically. We apply strict data minimisation: we only collect what is necessary for each stated purpose, and we never repurpose your data for incompatible uses. Here are the three main scenarios:

  • Contact requests — your name, company, email, and phone are used to respond to your inquiry and follow up where relevant. Legal basis: our legitimate interest in managing pre- and post-sale communications.
  • Newsletter and resources: your name and email are used to send communications you have subscribed to (newsletters, webinar access, e-books). Legal basis: your consent. You may withdraw it at any time.
  • Website browsing: server logs and cookies are processed to ensure security, detect anomalies, and measure audience. Legal basis: our legitimate interest in operating the site securely and evaluating its performance.

3. Cookies

Cookies are small files placed on your device that allow the site to recognise your browser, remember preferences, and measure usage. We use three types:

  • Performance cookies: collect technical data (browser type, IP address, pages visited) to maintain service quality and produce aggregate usage statistics. May be linked to identifying information.
  • Commercial (retargeting) cookies: used with Google (AdWords, Analytics, Display, DoubleClick) and Meta (Facebook, Instagram) to show you relevant ads on other sites. These cookies contain no personal data.
  • Web beacons (email): tiny images embedded in our HTML emails that tell us whether an email was opened, helping us measure campaign effectiveness. Linked to your contact record.

How to opt out: refuse or delete cookies at any time via your browser settings. To stop email tracking, withdraw your consent and we will stop sending emails.

4. Who receives your data

We do not sell or share your data with third parties for their own purposes. Your data may be accessed only by:

  • Subcontractors acting on our behalf, under contract, with access limited to what is strictly required for their task. We require them to apply equivalent technical and organisational security measures.
  • A successor entity in the event of a merger, acquisition, or group restructuring. The same policy obligations will apply.
  • Competent authorities where we are legally obliged to disclose data (e.g., suspected misuse of the site or a legal order).

5. International data transfer outside the EEA

Some of our subcontractors operate outside the European Economic Area (EEA). Where data is transferred outside the EEA, we ensure adequate protection through the European Commission's Standard Contractual Clauses (SCCs) or equivalent mechanisms, in full compliance with the GDPR. To request details of our transfer safeguards or a copy of the applicable mechanisms, contact us at dataprivacy@symbio.one.

6. Data retention

We retain your personal data only for as long as necessary for the purpose for which it was collected, or as required by applicable law. Specifically:

  • Newsletter and resource subscribers: until you withdraw your consent.
  • Contact and enquiry data: for as long as is needed to manage and follow up the request, consistent with our legitimate interests.
  • Server logs and browsing data: retained only as long as required for security and anomaly-detection purposes.

7. Your rights under the GDPR

As a data subject, you have the following rights under current data protection law. Some rights are subject to legal conditions and can only be exercised in specific circumstances:

  • Right of access
  • Right of rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object

To exercise any of these rights, or to file a complaint (Article 77 GDPR), contact us at dataprivacy@symbio.one or reach your national supervisory authority directly.