Tetris Logo

Privacy policy

Introduction & Purpose

This privacy policy is issued on behalf of the Arecor Group which includes different legal entities. When we reference “Company”, “we”, “us” or “our” we are referring to the relevant company responsible for processing your data.

In this privacy policy we set out how we look after your data when you visit our website.

Contact details

If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer (DPO) in the following ways:

  • Full name of legal entity: Arecor Therapeutics plc
  • Email address: dataofficer@arecor.com
  • ostal address: Chesterford Research Park, Little Chesterford, Saffron Walden, CB10 1XL, UK
  • Telephone number: +44 1223 426060

We will aim to address your concerns or questions promptly.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk).

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.

We do not control these third-party websites and are not responsible for their privacy statements.

Data we collect

Personal Data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of Personal Data which we have grouped together as follows:

  • Identity Data includes (first name, last name, username or similar identifier, title).
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website.
  • Marketing and Communications Data includes preferences about receiving marketing from us including press releases and your communication preferences.

We do not collect, use or share Aggregated Data such as statistical or demographic data.

How we use your personal data?

We have set out below, a description of the ways we may use Personal Data, and the legal bases we rely on to do so. We have also defined legitimate interests.

Purpose/ActivityType of dataLawful basis for processing including basis of legitimate interest
Notifying you about changes to our terms or privacy policy(a) Identity (b) Contact (c) Profile (d) CommunicationsNecessary for legitimate business interests (to keep our records updated and to understand how visitors use our website).
To administer and protect this website.(a) Identity (b) Contact (c) TechnicalNecessary for our legitimate business interests (provision of administration and IT services, network security, to prevent fraud. Necessary to comply with a legal obligation.
To deliver relevant website content(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) TechnicalNecessary for legitimate business interests (understand how visitors use our website).
To use data analytics to improve our website.(a) Technical (b) UsageNecessary for legitimate business interests (to keep our website updated and relevant).
To use data analytics to improve our website.(a) Technical
(b) Usage
Necessary for legitimate business interests (to keep our website updated and relevant).

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please read Cookie Policy.

Change of purpose

We will only use Personal Data for the purposes for which it has been collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Please note that we may process your data without your knowledge or consent, in compliance with the above rules, if this is required by law.

International transfers

We do not transfer Personal Data outside the UK. We do store names and email addresses on MailChimp, further details can be found here.

Data security

We have security measures to prevent Personal Data from being lost, used, accessed in an unauthorised way, altered or disclosed.

We limit access to Personal Data to those employees, agents, contractors and other third parties who process data on our instructions and are subject to a duty of confidentiality.

We have procedures which deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as we are legally required to do so.

Data retention

We retain Personal Data for as long as reasonably necessary to fulfil the purpose for which it was collected, including satisfying any legal, regulatory, tax, accounting or reporting requirements.

We may retain Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

Your legal rights

You have rights under data protection laws in relation to your personal data. Please click on the links below to find out more about these rights:

  • Request access to your personal data
  • Request correction of your personal data
  • Request erasure of your personal data
  • Object to processing of your personal data
  • Request restriction of processing your personal data
  • Request transfer of your personal data
  • Right to withdraw consent

If you wish to exercise any of the rights set out above, please contact the DPO at dataofficer@arecor.com.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

Information we may need from you

Specific information to confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made multiple requests. In this case, we will notify you and keep you updated.

Internal Third Parties

Arecor Limited and Tetris Pharma Ltd as other companies in the Arecor Group, are based in the UK and wholly owned by Arecor Therapeutics plc.

External Third Parties

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
  • HM Revenue & Customs, regulators and other authorities acting as processors based in the United Kingdom who require reporting of processing activities in certain circumstances.