Effective and Last Updated: March 4, 2019
WuXi Biologics Ltd. (Cayman), with a Registered Office of PO Box 309, Ugland House, Grand Cayman, KY1-1104, Cayman Islands and its affiliates (“Wuxi Biologics”, “we”, “us”, “our”) are committed to protecting the privacy of our visitors while they interact with the content, products, and services on this site (the “Site”).
(1) What Types of Information We Collect About You
- We may collect a variety of information about you, including your contact information (e.g., name, employer and email address)
- Information about how you use our products or services
- Information about how you use this Site, including information about your IP address or domain name, the length of your visit to the website, which parts of the website you visited and what information you accessed
This Site is directed at an adult audience. We do not knowingly collect any personally identifiable information from any persons under the age of 13.
(2) How We Collect Information About You
We collect personal information from you in three ways:
- Information that you voluntarily provide to us (e.g., contact information and other information obtained through client support services)
- Information that we obtain from your use of certain features of the Site, (e.g., project tracking)
- Information that is derived through automated tracking mechanisms (e.g., cookies). Please see Section 6 (Cookies) below, for further information
(3) Where We Store the Data?
The data will be stored at third party services such as our web hosting services, email marketing services and Customer Relationship Management (CRM) systems. We are committed to the privacy laws & regulations which applies to the security of your information, and we maintain a high standard for data protection as defined in the Section: Data Security Technical Measures.
(4) How We Use Your Information
We will use your personal information for the following purposes:
- To help us identify and provide information that may be of interest to you
- To support and enhance your use of the Site and the Site’s and our products’ and services’ features and performance – if you are in the EEA/UK, we have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient
- To provide support and respond to your requests and queries – if you are in the EEA/UK, we have a legitimate interest to respond to your requests and enquiries for ongoing business administration
- To provide project tracking and other client support services – if you are in the EEA/UK, we have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient
- To protect, enforce or defend our rights and interests (including, in relation to a violation of our terms and conditions), ourselves or through third parties to whom we delegate such responsibilities – if you are in the EEA/UK, we have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are effective and efficient
- To share or transfer information with or to third parties in connection with a proposed or actual merger, reorganization, acquisition, sale (including any transfers made as part of an insolvency or bankruptcy proceeding) involving all or part of our business or assets, or as part of a corporate reorganization, stock sale or other change in control – if you are in the EEA/UK, we have a legitimate interest to manage our business
Individuals in the EEA/UK: Please note that you have a right to object to processing of your personal information where that processing (including profiling) is carried out for our legitimate interest or for direct marketing.
We use non-identifying and aggregated information to better design our Site and for business and administrative purposes. We may also use or share with third parties for any purpose aggregated data that contains no personal information. If you are in the EEA/UK, the aggregation of the personal information is carried out where in our legitimate interests for the management of our business.
(5) Third Parties with Whom We May Share Personal Information
We share personal information with a variety of third parties. For instance:
- Our affiliates
- Parties that provide services for us, including tracking usage and analyzing data, such as the source address that a page request is coming from, your IP address or domain name, the date and time of the page request, the referring website and other parameters in the URL, and career pages powered by iCIMS, and that have legal obligations to refrain from disclosure and use unauthorized by us
- Third parties to host the Site, operate various features available on the Site, provide information security services, send emails, analyze data, and provide search results and links, such as iCIMS, who have legal obligations to refrain from disclosure and use unauthorized by us
- Competent authorities, courts, third-parties, and bodies in response to a court order, summons or subpoena, lawful discovery requests, regulatory requests, or as permitted or required by law, including when we reasonably believe it is necessary or appropriate to investigate, prevent or take action against illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person
- Third-parties to whom we need to disclose the information to protect our rights or property
- Any third party that acquires, or is interested in acquiring, all or part of our assets or shares; that we acquire in whole or in part; with which we merge; or that succeeds us in carrying on all or part of our business; in each case, who has a legal obligation to refrain from disclosure and use unauthorized by us
What is a Cookie
A “Cookie” (or plural “Cookies”) is a small piece of text or data stored as a file and sent by your web browser from a website you visit. A Cookie file is stored in your web browser and allows the Service or a third-party to recognize you, save website registration or login information, user preferences and track webpage visits in an effort to make your next visit easier, more customized and the Service more useful to you.
A Cookie can be a “persistent” or “session” Cookie. A persistent Cookie will remain in your web browser or on your personal computer or mobile device when you go offline; while a session Cookie is deleted as soon as you close your web browser.
- To enable certain functions of the Service
- To identify you or store your registration or login information, user preferences information or other stored user-provided information
- To track web pages visited and time spent on web pages
- We may use different types of Cookies to run the Service and thus we may use both session and persistent Cookies on the Service
- We may use persistent or session “Essential” Cookies. Essential Cookies authenticate users and prevent fraudulent use of user accounts
- We may use the information obtained from Cookies to make your next visit easier, more useful and to customize and improve your experience using the Service
What are your choices regarding Cookies
You can manage the placement of Cookies on your computer through the features found in most web browsers. For example, you may set browsers to notify you if you receive a Cookie, or you may choose to block or delete Cookies with your browser.
Some countries provide certain individual rights with regard to Cookie use (such as the GDPR guidelines in EU countries). Please go to your government website for more information.
(7) Do Not Track
Our Site does not respond to “do not track” signals. But we do not track your activities online across third-party websites. We also do not permit third parties to track your online activity over time across websites.
(8) How We Protect Your Information
Data Security Technical Measures
We adopt industry-standard security protection measures, including establishing reasonable system specifications and security technologies to prevent your personal information from being accessed, used, modified, and damaged or lost. We perform personal information security audit using automatic code security inspection and data access log analysis technology.
- Other security measures to protect personal information include but not limited to: an established data classification and grading system, data security management specifications, and data security development specifications to manage and regulate the storage and use of personal information.
- An established data security committee and full-time data protection department and an information security emergency response organization to promote and ensure the security of personal information.
- Comprehensive security control of data through information contact confidentiality agreements, monitoring and auditing mechanisms.
The Internet is not an absolute secure environment, and thus we recommend that you use secure means to communicate with us and make use of complex usernames and passwords when using any web-based, IM, social software or email communication tools to protect your personal information.
(9) Email Choice/Opt-out
You can opt-out from receiving marketing communications from us by following the unsubscribe instructions in the emails we send you. Alternatively, you may send an email to firstname.lastname@example.org. We will make commercially reasonable efforts to implement your opt-out requests promptly and in any event within a month of receipt of the request, but you may still receive communications from us for up to ten business days as we process your request.
(10) Additional Information for Individuals in the EEA or the UK
For the purposes of European data protection laws, we are the controller of your personal information.
Your Data Protection Rights: If you are in the EEA/UK, you have various rights in relation to your personal information, including the:
- right to request access to and rectification or erasure of your personal information;
- right to obtain restriction of processing or to object to processing (including profiling) of your personal information where based on legitimate business interests or for direct marketing;
- right to ask for a copy of your personal information to be provided to you or a third party;
- right to withdraw your consent at any time, but withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal, and
- right to ask not to be subject to automated decision-making if the decision produces legal or other significant effects on you
We will respond to your request as soon as practicable and in any event within one month after receipt of your request. In exceptional cases, we may extend this period by two months and we will tell you why. We may request proof of identification to verify your request. For more details in relation to your rights, including how to exercise them, please contact us using the contact information in Section (17) below.
You also have the right to lodge a complaint about the processing of your personal information with the supervisory authority.
Transfers outside of the EEA/UK: We are located in China, so personal information you submit via our Site may be transferred to China. By providing us with your personal information, you explicitly consent to this transfer to China, which your country may not consider to provide for adequate privacy protections. You may withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If you require more information on the possible risks involved in data processing in China, please contact us at email@example.com prior to providing us with your personal data.
(11) Your California Privacy Rights
California law entitles California residents to request certain information concerning a businesses’ disclosure of certain categories of Personal Information to third parties for their direct marketing purposes. If you are a California resident, you can request a copy of this information by sending an email to firstname.lastname@example.org or a letter addressed to:
Office of the CEO
C/O: Privacy Rights Administrator
WuXi Biologics (Hong Kong) Limited
Flat/RM826, 8/F Ocean Centre Harbour City
5 Canton Road TST, Hong Kong
(12) Retention of Personal Information
We retain personal information as long as it is necessary and relevant for our business. The criteria used to determine the retention periods include:
- how long the personal information is needed to provide the services and operate the business;
- the type of personal information collected;
- whether we are subject to a legal, contractual or similar obligations to retain the personal information (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation); and
- whether we need to retain the personal information for the purposes of pending or impending litigation or dispute
(13) Disclaimer to Security
You understand that no data transmission over the Internet is completely secure. We cannot guarantee or warrant the security of any information you provide to us. You transmit such information to us at your own risk.
(14) Links to Other Websites
(15) Transfers Outside of China
We provide products and services through resources all over the world, and may have a business need to share your personal information with third parties located outside of China. By providing us with your personal information, you consent to this transfer of your personal information outside of China. We will take appropriate measures as required by applicable laws and regulations in China to protect your personal information before the cross-border transfer. You may withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
(16) Notification of Changes
(17) Contact Information