GDPR Statement For the Website

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU) and became enforceable from 25 May 2018.

It requires no enabling legislation so automatically became binding and applicable on that date.

The GDPR imposes obligations on organisations that control or process relevant personal data and introduces new rights and protections for EU data subjects.

The GDPR applies to data processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.

We understand and respect the importance of protecting data and staying up to date with the latest compliance responsibilities.

Promega complies with the GDPR as a processor and controller of data.

We have developed a GDPR policy, which all employees have been trained to follow, and which is reviewed regularly.

Promega already has a strict regime with regards to the treatment of data, such as retention and shredding, in order to comply with the Data Protection Act.

No data is retained or obtained unless legitimately required to enable a service, comply with lawful requirements or to enable a payment to be made. All information obtained is treated with integrity and confidentiality at all times. This includes offline and electronically stored data.

Where relevant and related, we will be using all reasonable endeavours to ensure that our third party and suppliers are complying with GDPR.

Our technology platforms are regularly scrutinised and tested to check that their operation has the highest level security.