Privacy Notice

Based on Sections 10 and 24 of the Personal Data Act (523/1999).

Controller

Name: XEMA Oy

The line of business: Biotech 

Description of the line of business

XEMA Corporate Group offers IVDD (EIA and Rapid tests) for Clinical Diagnostics, Food and Environmental control, Veterinary Diagnostics, Forensic Tests as well as key components for their development and manufacturing – monoclonal and polyclonal antibodies, purified antigens, HRPO and Biotin conjugates, Ag-Ab pairs, etc.

Data file used in the operations

XEMA Corporate Group customer data file contains the contact data of the company’s customers and also potential customers. The customers are private, public or third sector organizations. The data subjects are employees or responsible persons of these companies.

Purpose of processing of personal data

The data is processed for providing the requested products and services to the customer as well as for Emailing our newsletter to our subscribers. The data is also used for statistical purposes. Customer identification data in communications are only used with the customer’s consent. The customer has the right to prohibit direct marketing targeted to them.

Data content of the data file

Customer information: Title, first name and surname of the contact person Name of the company Contact telephone number (optional) Contact email address Direct marketing prohibitions and consents Customer history (e.g. communication with the customer) Service contract details Details concerning invoicing and collection

Data protection and disclosure

Data are stored electronically and available for authorized persons only. No data from the data file are disclosed to outsiders.

Rights of the data subject

Each data subject has the right to inspect the data concerning them in the register. The related request must be submitted in writing to this email address: dataprotection@xemagroup.com. The data subjects are informed of the processing of data by making this privacy notice available at the company’s premises and on its website. The controller shall, at its own initiative or upon request, erase, rectify or supplement any personal data without undue delay. The related request must be submitted in writing to this email address: dataprotection@xemagroup.com.

Disclosure of data outside the EU and EEA

No data is disclosed from the data file. In case any data is transferred outside the European Union or the European Economic Area, the transfer requires that the destination country ensures an adequate level of data protection or the controller provides, with contractual clauses or by other means, sufficient guarantees to protect the privacy and rights of individuals or the data subject has given their explicit consent to the transfer

Do we update this policy?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws. If you have questions or comments about this policy, you may email us at: export@xema.fi