Who are we?
OMAPiX GmbH, headquartered in Raiffeisenstraße 3, 40764 Langenfeld – (Germany) (hereinafter “OMAPiX”), is a company specialized in research,
development, and services related to spatial biology, which is the next frontier in life sciences and beyond. This pioneering field enables the study of the precise cellular architecture of tissues and organs, how cells communicate and cooperate to execute tissue functions, as well as organ development itself. Furthermore, spatial biology allows the interrogation of cells in their native tissue context to disclose important processes in disease, including perturbations in cell-cell interactions. OMAPiX shall use and deploy, by itself or for other parties active in the industry, its expertise, technology, and applications to find and unravel new mechanisms of homeostatic and disease progression to pave the path to novel treatment modalities and precision medicine.
If you have any questions about this Privacy policy, please contact us by sending an e-mail to privacy@theultracare.com.
Preliminary remarks on the privacy policy
Scope. This Privacy Policy (hereafter “the Policy”) applies when OMAPiX processes your personal data as a data controller in accordance with applicable data protection laws and regulations, in particular in the following cases:
• You use our website (accessible via www.omapix.com),
• You use our products or services,
• We conclude a contract with you or your employer, or
• You communicate with us.
In certain cases, OMAPiX may process your personal data in accordance with the instructions of one of our partners, such as pharmaceutical companies, hospitals, etc. Our partners will inform you as data controllers about how they process your personal data or have it processed. If you would like more information about the processing of your personal data by one of our partners, we recommend that you read the privacy policy of the partner concerned or contact them. If you have any questions about this, please contact us by sending an e-mail to privacy@theultracare.com
Changes
OMAPiX may modify this Privacy Policy at any time. In the event of material changes, OMAPiX will use its best efforts, if possible, to notify you in a timely manner through an appropriate communication channel of these changes and when the changes will apply.
Cookies
For further information on the manner in how we process personal data by cookies, you may check our Cookie Policy, available on www.omapix.com/cookie-policy.
The provisions below apply to each user of our website or each data subject of whom we process personal data.
What personal data do we process, for what purpose and on what legal basis?
- We will only process your personal data:
• for the purposes specified in this Privacy Policy; and
• if we have a legal basis to do so. - The legal grounds on which we may rely are as follows:
• Contract – A contract with you that we are required to perform or to take steps to perform before entering into a contract with you.
• Consent – Your free consent where you are informed of what this consent means before you consent.
• Legitimate interest – A legitimate interest that we as an organization pursue, including also to optimize our services.
• Legal obligation – A legal obligation that we must comply with.
3. Below we explain which categories of personal data we process, for what purposes we process your personal data and on what legal basis we do so.
Processing activity | Categories of personal data | Legal basis and purpose |
Products and Services – When you use our products or services, we process: |
Identity Information – The identity information you provide to us, such as your name. Contact Information – The contact information you provide to us, such as your email address and phone number. Billing Information – The billing information you provide to us, such as your VAT number. |
Contract – By using our products or services, you enter into a contract with us. We will only process your personal data for the purposes of performing this contract.
Legal obligation – We are required to process billing information in accordance with applicable legal obligations. |
Website – When you visit our website, we process: | Technical Information – The technical information about the device you are using to visit our website (such as your IP address) so that you can visit our website. Please note that we cannot identify you based on your IP address. | Legitimate interest – We rely on our legitimate interest to process your personal data so that you can visit our website. |
Communications – When you communicate with us through any communication channel (including our contact form), we process: |
Identity Information – The identity information you provide to us, such as your name. Contact Information – The contact information you provide to us, such as your email address and phone number. Professional Information – The professional information you provide to us, such as the organization for which you work. Content of communication – The content of your message, question or complaint. Technical Information – The technical information about your message, question or complaint, such as its date and time or the phone number or email address you used to contact our support. |
Legitimate Interest – We invoke our legitimate interest in responding to and following up on your message, question or complaint. |
Events – When you participate in an event (e.g. webinar or physical event) of ours or if you present your business card to us, we will process: |
Identity Information – The identity information you provide to us when you register for the event, such as your name. Contact Information – The contact information you provide to us, such as your email address and phone number. Professional Information – The professional information you provide to us, such as the organization you work for, your professional title, or your business card. Photo or image – If any photos or images are taken during the event, we will inform you at the time of the event. In any event, we will not distribute your photo or image (where you are identifiable) (e.g. via social media) without your permission. |
Contract – By registering for an event, you are entering into a contract with us. We will only process your personal data for the purposes of performing this contract. Consent – To the extent that the processing of your personal data would not be necessary for the performance of the contract, we will seek your consent. This is the case for the distribution of your photo or image (in which you are recognizable). |
Marketing emails – When you sign up to receive marketing emails (e.g. newsletter) from us, we process: | Contact Details – Your email address. | Consent – We process your email address to send you our marketing emails. You can withdraw your consent at any time by unsubscribing. |
4. We may also process the above categories of personal data to protect our legitimate interests or those of third parties, including fraud detection if you compromise or threaten to compromise the security of our systems or those of third parties. In addition, we may process categories of personal data in the context of business transactions (e.g. an acquisition). For this, we rely on our legitimate interest.
5. We may be legally obliged to process or disclose the above categories of personal data to a competent (judicial) authority or their representatives as a result of their reasonable request or to the police on our own initiative if we have reasonable grounds to believe that your use of our products or services would constitute a criminal offence. We may also be legally obliged to process the above personal data to comply with any other legal obligation incumbent on us, such as accounting obligations.
2. From whom do we receive your personal data?
1. In most cases, we receive your personal data directly from you. In other cases, we receive your personal data from one of our partners, such as pharmaceutical companies, hospitals, or other partners. If we act as a processor for our partner(s), we will only process your personal data in accordance with the instructions of our partner(s).
3. With whom do we share your personal data?
1. We may share your personal data with third parties to process your personal data for the purposes described above, for example:
• To provide you with our products, services, and website (such as a hosting provider); or
• To provide you with our marketing emails (such as a marketing company); or
• To fulfil our contractual obligations towards our partners.
2. These third parties may only process your personal data in accordance with our instructions if they act as a processor, or in accordance with the instructions of our partner if we act as a processor. We also ensure that all such third parties are selected with due care and are committed to maintaining the security and integrity of your personal data.
3. We may be required by law to share your personal data with competent authorities or their agents, judicial authorities, government agencies or bodies, including competent data protection authorities, to comply with a legal obligation as set out above.
4. We do not share your personal data in any identifiable way with third parties other than those mentioned above without your consent. However, we may send anonymised and/or aggregated data to other third parties who may use this data to improve our services and for marketing purposes.
4. Where do we process your personal data?
1. In principle, we process your personal data within the European Economic Area (EEA).
2. In order to process your personal data for the purposes set out above, we may also transfer your personal data to third parties who process it on our behalf outside the EEA. Any entity outside the EEA that processes your personal data is required to adhere to adequate safeguards in relation to the processing of your personal data. Such safeguards may result from:
• an adequacy decision by the European Commission; or
• contractual guarantees.
3. We may transfer anonymised and/or aggregated data to third parties outside the EEA. If such a transfer occurs, we will ensure that safeguards are in place to ensure the security and integrity of your data and any rights relating to your personal data that you might enjoy under applicable law.
5. How long do we process your personal data?
1. Your personal data will only be processed for as long as necessary to achieve the above purposes or, if applicable, until your consent is withdrawn.
2. We will de-identify your personal data when it is no longer needed for the purposes described above, except in the case of:
• an overriding interest of OMAPiX, or another third party, to keep your personal data identifiable; or
• a legal or regulatory obligation or a court or administrative order that prevents us from de-identifying your personal data.
6. How do we secure your personal data?
1. We will take appropriate technical and organizational measures to protect your personal data against unauthorized access or theft, as well as against accidental loss, manipulation or destruction. You understand, however, that the protection of your personal data is a best-efforts obligation. Access to your personal data by our staff or third-party personnel occurs only on a need-to-know basis and is subject to appropriate confidentiality obligations.
7. What are your rights?
1. Based on the General Data Protection Regulation (GDPR), you have the right to access, rectification, deletion, restriction, objection and data portability and under the conditions stipulated in the GDPR.
2. If the processing of your personal data is based on your consent, you can always withdraw your consent.
3. To exercise any of your rights, please email us at privacy@theultracare.com. We will notify you when we have received your request. If it appears that your request has been accepted, we will process your request as soon as reasonably possible and no later than thirty (30) calendar days after receiving it.
8. Contact details and complaints
1. If you have any questions or complaints concerning the processing of your personal data by us, please contact us by sending an e-mail to privacy@theultracare.com or by writing to OMAPiX NV, Technologielaan 3, 3001 Heverlee (Leuven), Belgium.
2. You always have the right to lodge a complaint with the competent data protection authority.
For Belgium:
Gegevensbeschermingsautoriteit
For Belgium:
Drukpersstraat 35, 1000 Brussels
+32 (0)2 274 48 00
+32 (0)2 274 48 35
contact@apd-gba.be
For Germany:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Telefonzentrale: +49 (0)211 / 38424 – 0
poststelle@ldi.nrw.de