Data Protection Policy
LBIC is committed to ensuring your privacy is protected. Any data we ask you to provide by which you can be identified will only be used in accordance with this privacy statement.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that website. Therefore, we cannot be responsible for the protection and privacy of any information you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
LBIC may change this policy from time to time by updating this page. You should regularly check this page to ensure you are happy with any changes.
This policy is effective from 25th May 2018
1.1. The London BioScience Innovation Centre (LBIC) holds and processes information about employees, client companies, and other data subjects for administrative and commercial purposes. All staff handling such information must comply with principles of GDPR.
In summary, these state that personal data shall:
· be processed fairly and lawfully and in a transparent manner
· be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with the purpose
· be adequate, relevant and limited to what is necessary for the purpose for which they are processed
· be accurate and kept up-to-date
· not be kept for longer than necessary for the purposes for which the personal data are processed
· be processed in a manner that ensures appropriate security of the personal data
· be kept safe from unauthorised processing, and accidental loss, damage or destruction,
· “Staff”, “client companies” and “other data subjects” may include past, present and potential members of those groups.
· “Other data subjects” and “third parties” may include contractors, suppliers, contacts, referees, friends or family members.
· “Processing” refers to any action involving personal information, including obtaining, viewing, copying, amending, adding, deleting, extracting, storing, disclosing or destroying information.
2. Notification of Data Held
2.1. We may collect and process the following data about you:
· Information that you provide by filling in forms on our site. This includes information relating to your business requirements and requests for services provided by us.
· We may keep a record of all correspondence, especially in relation to requests for services.
· Details of your visit to the website including, but not limited to, traffic data, location data, browser usage and other communication data. Please refer to our Cookies Policy for further details
3. Rights to Access Information
3.1. Staff, client companies and other data subjects in LBIC have the right to access any personal data that is being kept about them either on computer or in structured and accessible manual files.
3.2. To request details of personal information which we hold on you please write to Data Controller, The London BioScience Innovation Centre, 2 Royal College Street, London NW1 0NH
3.3. If you believe that any information we are holding on you is incorrect or incomplete, please write to us as soon as possible at the above address or email firstname.lastname@example.org. We will promptly correct any information found to be incorrect.
3.4. LBIC aims to comply with requests for access to personal information as quickly as possible, and will ensure that it is provided within one month of receipt, unless there is good reason for delay. In such cases, the reason for the delay will be explained in writing by the designated data controller to the data subject making the request and the extension to the deadline will not be more than two months.
4. Subject Consent – Your Rights
4.1. You have the right to ask us not to process your personal data at any time by contacting us at Data Controller, The London BioScience Innovation Centre, 2 Royal College Street, London NW1 0NH
4.2. We will not sell, distribute or lease your personal information to third parties unless we have your permission or we are required by law to do so
5. The Data Controller and the Designated Data Controllers
5.1. LBIC is the Data Controller. Responsibility for day-to-day matters will be delegated to the Operations Manager as the appointed Data Protection Officer. Information and advice about the holding and processing of personal information can be gained from the Data Protection Officer.
6. Retention of Data
6.1. LBIC may keep your data on file for up to five years for operational reasons and provision of services
6.2. Any personal data no longer required will be securely deleted from all databases following regular review processes.