Privacy Policy

 This Privacy Policy describes the privacy practices and procedures of Sitala Bio Ltd and its subsidiaries and affiliates (collectively, “Sitala”, “we”, “us”, or “our”) in connection with the personal data we collect when you use our website at www.sitala.com, and in connection with our interaction with you (collectively, the “Service”). 

Personal Data We Collect 

Data you provide to us. Personal data you provide to us though the Service, or otherwise, may include: 

  • Contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name. 
  • Correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online. 

Information we obtain from third parties.
We may receive personal data about you from third parties. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our activities. We may obtain your personal data from other third parties, such as from publicly-available sources, or from social media platform providers, when you contact us on pages we maintain on those platforms. 

Information Collected by Automated Means 
We, our service providers, and our business partners may automatically collect personal data about you, your computer, or mobile device, and activity occurring on or through the Service, such as: 

  • Device data, including your device operating system, type, version number, manufacturer and model, screen resolution, general location information, your device’s internet protocol address (e.g. IP address), browser type, and browser version, unique device identifiers, and other diagnostic data. 
  • Online activity data, including the website you visited before browsing to our website, the pages of our Service that you visit, navigation paths between pages, the time and date of your visit, the time spent on those pages. Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications. 

On our Service, this information is collected using cookies and similar technologies. See the “Tracking Technologies and Cookies” section below for more information. 

Tracking Technologies and Cookies 

We use Cookies and similar tracking technologies on our Service. The technologies we use may include: 

  • Cookies or Browser Cookies. A cookie is a small text file placed on your device to uniquely identify the visitor’s browser or to store information or settings in the browser to allow us distinguish you from other users of our Service for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, or helping us understand activity and patterns. 
  • Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Sitala, for example, to count users who have visited those pages or opened an email and for other related website integrity). 

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser. 

We use both Session and Persistent Cookies for the purposes set out below: 

Necessary / Essential Cookies 
Type: Session Cookies 
Purpose: These Cookies are essential to provide you with the Service and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services. If you block these cookies, some parts of the Service will not work. 

Functionality Cookies 
Type: Persistent Cookies 
Purpose: These Cookies allow us to remember choices you make when you use the Service, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the website. 

Analytics Cookies 
Type: Persistent Cookies 
Purpose: We use analytics services, such as Google Analytics, to help us understand how users access and use the Service. The cookies used by these providers collect information about how visitors use our Service, for instance which pages visitors go to most often, and if they get error messages from web pages, so we can measure and improve the performance of our Service. 

You will be presented with a cookie banner or other tool to provide permissions prior to non-Strictly Necessary cookies being set. In this case, we only set these non-Strictly Necessary cookies with your consent. 

You can also limit online tracking by: 

  • Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. Use the following links to learn more about how to control cookies and online tracking through your browser:

How we Use Your Personal Data 

We may use Personal Data for the following purposes:

  • To provide and maintain our Service. It is in our legitimate business interests to use personal data to operate, maintain, and provide our Service. If we have entered into a contract with you, we will use your personal data as required for us to perform our contractual obligations under the relevant contract. 
  • To communicate with you . To perform our contractual obligations to you, or when it is in our legitimate interests to do so, we will use your personal data to respond to your requests, provide support, and communicate with you about or in the context of our Service, including to provide you with information about our activities. 
  • Improve, monitor, personalize, and protect our Service. It is in our legitimate business interests to improve and maintain the quality of our Service, which includes providing support and maintenance.
  • For compliance and protection. We may use your personal data to comply with our legal obligations and to defend us against legal claims or disputes where it is in our legitimate business interests to do so, including to:
    • Comply with applicable laws, lawful requests, and legal process, such as to respond to requests from government authorities; 
    • Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); 
    • Audit our internal processes for compliance with legal and contractual requirements and internal policies; 
    • Enforce the terms and conditions that govern the Service; and 
    • Protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. 
  • To create anonymous, aggregated or de-identified data. It is in our legitimate business interests to create anonymous, aggregated or de-identified data from your personal data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data for our lawful business purposes, including to analyze and improve the Service. 

How We Share Your Personal Data 

We may share your personal data in the following situations: 

  • With Service Providers: We may share your personal data with third-party companies and individuals that provide services on our behalf or help us operate the Service. These third parties may use your personal data only as directed or authorized by us and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose. 
  • For business transfers: We may share or transfer your personal data in connection with, or during negotiations for, a business transaction, such as a merger, sale of assets, financing, reorganization or sale of assets, bankruptcy or insolvency, or acquisition of all or a portion of our business to another company. 
  • With business partners: We may share your personal data with our business partners or enable partners to collect information directly via our Service, but only for the purposes of providing you with the Service. 
  • Professional advisors. We may disclose your personal data to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us. 
  • For compliance, fraud prevention and safety. We may share your personal data for the compliance, fraud prevention and safety purposes described above. 

Retention of Your Personal Data 

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy, including to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), our accounting and reporting requirements, to resolve disputes, enforce our legal agreements and policies, and for fraud prevention purposes. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of personal data, the purposes for which we use personal data and whether we can achieve those purposes through other means, any permissions you give us with regards to your personal data, and the applicable legal and regulatory requirements. 

Transfer of Your Personal Data 

We are headquartered in the United Kingdom and have service providers in other countries. Your personal data may be transferred to locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country. 

Where there are cross border transfers of your personal data, we will take all steps reasonably necessary to ensure that relevant safeguards are in place to afford adequate protection for your personal data , and we will comply with applicable data protection laws by relying on an adequacy decision by the UK Government, or on pre-approved contractual protections for the transfer of your personal data. For more information about how we transfer personal data internationally, please contact us as set out in the “How to Contact Us” section below. 

Your Rights and Choices 

Personal data requests. Subject to legal limitations, you may request the following in relation to your personal data: 

  • Access. To provide you with information about our processing of your personal data and give you access to your personal data
  • Correction. To update or correct inaccuracies in your personal data. 
  • Deletion. To request that we delete the personal data that we have collected about you. 
  • Transfer. To transfer a machine-readable copy of your personal data to you or a third party of your choice. 
  • Restriction. To restrict the processing of your personal data. 
  • Objection. To object to our reliance on our legitimate interests as the basis of our processing of your personal data that impacts your rights. 

You may submit these requests by contacting us as set out in the “How to Contact Us” section below. We may request specific information from you to help us confirm your identity and process your request. If you would like to submit a complaint about our use of your personal data or our response to your requests regarding your personal data, you may contact us or you have the right to complain to a data protection regulator where you live or work, or where you feel a violation has occurred . 

Security of your Personal Data 

The security of your personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. 

Children’s Privacy 

As a general rule, children are not allowed to use the Service, and we do not collect personal data from them. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from aa child without the consent of the parent or guardian, we will take steps to remove that information from our servers. 

Links to Other Websites 

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, You will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. 

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. 

Changes to this Privacy Policy 

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you. 

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. 

Contact Us 

Sitala is a controller of your personal data under this Privacy Policy. If you have any questions about this Privacy Policy, You can contact us as follows: 

By email: 
dpo@sitala.com 

By post: 

Data Protection Officer
Sitala Bio Limited
Unit D8 
Grain House Mill Court 
Cambridge 
CB22 5LD