More

Privacy policy

version 2.1 from 2020/07/07

Enamine ltd (“Enamine”) respects the privacy of visitors to our Sites (www.enamine.net, www.enaminestore.com). Your personal information is collected, used, stored, transfered and disclosed by Enamine only in accordance with this privacy policy.

  1. Identity of Enamine

    Enamine is a research-and-production company specialized in fine organic synthesis and providing additional services for drug discovery with the following address:

    ENAMINE Ltd.

    78 Chervonotkatska Street
    02094 Kyiv
    Ukraine

    Phone: +380 44 5373218
    E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Company registration number 30402329

    This company is your data controller and processor.

    The address of its representative in the European Union (EU) is as follows:

    SIA "ENAMINE"
    Vestienas iela 2 B
    LV-1035 Riga
    Latvia

    Tel. +371 66000186
    VAT: LV40103730175

    This company is a representative of Enamine in the EU and, depending on the logistics, may be your data processor if you reside in the European Union, Switzerland, Norway, Serbia, Bosnia&Herzegovina, Montenegro, Albania, Macedonia, Kosovo, India, China, Australia.

    The address of its representative in the United States of America is as follows:

    Enamine LLC

    2940 Glendale Milford Road #410,
    Cincinnati, OH 45241
    USA

    Toll free number: 1 (888) 745-6132

    This company is a representative of Enamine and your data processor if you reside in the United States of America, Canada, South and Central America countries. Depending on the logistics, it may be your data processor if you reside in Asia or Africa.

  2. What information do we collect?

    Information we get from your use of the Sites

    It is primarily non-personally-identifying information of the sort that web browsers, servers, and services like Google Analytics typically make available, such as the browser type, language preference, referring site, and the time of each visit. Other non-identifying information that we might have access to includes how you use the Sites (e.g. search queries), your approximate location, cookies, etc.

    We collect this non-personally-identifying information in order to track visits to our Sites, understand and evaluate the customer experience, improve the content and layout of our Sites and customize the web experience.

    When you use the Sites, we also collect potentially personally identifying information in the form of Internet Protocol (IP) addresses.

    Enamine will only attempt to link the logs to identifiable individuals if that is necessary for investigating a data security breach, a breach of contract, a violation of Enamine’s policies and procedures, or a contravention of the laws.

    Information you provide to us directly

    Certain visitors to our Sites choose to interact with them in ways that may require them to provide us with personally identifying information.

    When you register for an account on our Sites, place an order or subscribe to our newsletter, basic contact details are collected such as the e-mail address and your name, job function, company name, shipping address, billing address, information on contact person for shipping and billing.

    You may also want to provide credit card information to pay for products. We never store this information and all credit card information goes through our Sites to the authorized third party payment processor service – First Data (for payments in US dollars) and Swype (for payments in EUR) without being stored locally. So the controllers of this data are the corresponding companies. Please refer to their privacy policy for more information (https://www.firstdata.com/en_gb/privacy.html and https://swipegateway.com/terms/).

    Information provided by other sources

    We collect information about you from other users of the Sites. For example, when another user provides your contact information when he designates you as a billing or shipping contact when placing the order.

  3. What do we use your information for?

    Any of the information we collect from you may be used for one or more of the following purposes:

    1. To personalize your experience (the information will help Enamine better respond to your individual needs);
    2. To improve our Sites (Enamine continually strives to improve our Sites offerings based on the information and feedback we receive from our customers);
    3. To identify you as a contracting party;
    4. To enable secure login for you into the account on our Sites;
    5. To establish a primary channel of communication with you;
    6. To enable Enamine to issue valid VAT invoices and to process transactions;
    7. To transfer information to others as described in this policy or to satisfy our legal, regulatory, compliance, or auditing requirements, including to disclose information to law enforcement authorities upon validly served legal process or a valid judicial instruction (for example, pursuant to a court order);
    8. To enable automated handling of the subscriptions;
    9. To send periodic e-mails (The e-mail address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news (if accepted), updates, related product or service information, etc.)
    10. If at any time you would like to unsubscribe from receiving future e-mails, you can cancel your subscription by following the link in the footer of any email received from us.

  4. Legal basis

    1. EU General Data Protection Regulation (GDPR)

      The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).

      If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information in clause 1.

      In order to enter into a contract regarding the purchase of Enamine’s products, you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to sell the products or provide you the quotation.

    2. California Online Privacy Protection Act Compliance

      Because Enamine values your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute any personal information to outside parties without your consent except as stated in clause 7.

      As part of the California Online Privacy Protection Act, all users of our Sites may make any changes to their information at any time by logging into their account and navigating to the “profile page”.

    3. Children’s Online Privacy Protection Act Compliance

      Enamine is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.

  5. How do we protect your information?

    Enamine implements the following technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction, loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.

    1. Availability

      To ensure high availability automated daily backup of the Sites database is arranged. The backuped data are stored for 14 days at the same data centre as the main database. All failover mechanisms are fully automated.

      System and project files are backuped on a daily basis, backups are stored for 90 days at a Digital Ocean data centre (see “9. Where do we store the information?” for more details).

    2. Integrity

      To ensure integrity, Enamine strives to provide a secure online environment for the transmission of personal information such as credit card details, usernames, and passwords. For Enamine Sites security is provided by Transport Layer Security (TLS/SSL) encryption and verified by security certificate issued by Thawte Consulting Certificate Authority. Encrypted connection can be identified by 'https' prefix in the address bar of your browser; it prevents all the data from being intercepted while transferred between your computer and our Sites.

    3. Confidentiality

      All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties.

      Whenever personal data is accessed by our company or representative companies personnel the access is only possible after password authentification. Access is granted to the personnel whose job functions require it by assigning the appropriate role. The log of roles assignment is maintened and may be accessible on request.

      There are additional security measures in place for the personnel with system administrator functions. When accessing the data in a database, the IP number of the person accessing the data, as well as login/password must be pre-authorized to obtain access.

      Personal data are never stored on mobile media like USB sticks and DVD’s.

    4. Monitoring

      Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. System performance and availability are monitored by qualified personnel.

    5. Personal Data breach notification

      In the event that your data is compromised, Enamine will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact on your experience using the Sites and Enamine's action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

  6. How we use cookies

    This website uses cookies. We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic. We also share information about your use of our site with our social media, advertising, and analytics partners. They may combine it with other information that you've provided to them or that they've collected from your use of their services.

    Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.

    You can, at any time, change or withdraw your consent from the Cookie Declaration on our website.

    There are four categories of cookies used: essential, performance, advertising, and content cookies, and web beacons.

    • Essential cookies, web beacons, and other tracking technologies are necessary for the operation of the website. These tracking technologies enable you to move around on the site and use the website's features. You may not opt-out of these types of cookies because they are required to operate the website.
    • Performance cookies, web beacons, and other tracking technologies collect information about how you have used the website. We use performance cookies, web beacons, and other tracking technologies to improve the user experience with our website.
    • Advertising cookies, web beacons, and other tracking technologies are used by our third-party service providers to deliver advertising to you on other third-party websites as well as help measure the effectiveness of our advertising campaigns. We also use these types of cookies to analyze website visits and ad conversions from third websites. Content cookies enable us to display content most relevant to the audience.

    The table below lists the types of cookies and third-party service providers currently used but may not include all cookies or third-party service providers. In addition, the below list of cookies and third-party service providers is subject to change at any time.

     
    Cookie Type
    Who serves it
    What it does
    More information

    Item

    1

    Cookie Type

    Performance

    Who serves it

    Google Analytics

    What it does

    We use Google Analytics to analyze the use of our website.

    More information

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

    Item

    2

    Cookie Type

    Performance

    Who serves it

    Amplitude

    What it does

    We use Amplitude to analyze the use of our website.

    More information

    For more information about Amplitude’s privacy practices, see https://amplitude.com/privacy.

    Item

    3

    Cookie Type

    Performance

    Who serves it

    Hotjar

    What it does

    We use Hotjar to analyze the use of our website.

    More information

    For more information about Hotjar’s privacy practices, see https://www.hotjar.com/legal/policies/privacy/.

    Item

    4

    Cookie Type

    Advertising

    Who serves it

    LinkedIn

    What it does

    We use LinkedIn to share presentations and track conversions and website visits from our advertisements displayed on LinkedIn.

    More information

    For more information about LinkedIn’s privacy practices, please see https://www.linkedin.com/legal/privacy-policy.

    Item

    5

    Cookie Type

    Content

    Who serves it

    Google Maps

    What it does

    We use Google Maps to provide our locations

    More information

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

    Item

    6

    Cookie Type

    Content

    Who serves it

    Youtube

    What it does

    We use Youtube to share our videos

    More information

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

  7. Do we discloase any information to outside parties?

    Enamine does not sell, trade or otherwise transfer to outside parties any personally identifiable information.

    This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.

    We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

    1. Subcontractors/trusted third parties

      The list of main subcotractors/trusted third parties with whom we share your information is provided below.

       
      Category
      Company name
      Country
      Legal basis

      Item

      1

      Category

      Logistics

      Company name

      SIA Enamine

      Country

      Latvia, EU

      Legal basis

      Contract

      Item

      2

      Category

      Logistics

      Company name

      Enamine LLC

      Country

      USA

      Legal basis

      Contract

      Item

      3

      Category

      Data storage

      Company name

      DigitalOcean LLC

      Country

      USA

      Legal basis

      Consent (by agreeing to the Privacy Policy)

      Item

      4

      Category

      Card processing

      Company name

      FirstData

      Country

      USA

      Legal basis

      Consent (Terms of Use)

      Item

      5

      Category

      Card processing

      Company name

      SIA Swipe (Swipe Gateway)

      Country

      Latvia, EU

      Legal basis

      Consent (Terms of Use)

      Item

      6

      Category

      Analytics&Marketing

      Company name

      Google Inc. (Google Analytics)

      Country

      USA

      Legal basis

      Consent
      (by Cookies opt-in)

      Item

      7

      Category

      Analytics&Marketing

      Company name

      LinkedIn Ireland Unlimited Company or LinkedIn Corporation (LinkedIn, SlideShare)

      Country

      USA

      Legal basis

      Consent
      (by cookies opt-in)

      Item

      8

      Category

      Analytics&Marketing

      Company name

      The Rocket Science Group LLC (MailChimp)

      Country

      USA

      Legal basis

      Consent
      (by cookies opt-in)

      Other subcontractors may be engaged in personal data handling based on your consent or in order to fulfil our contractual obligations.

    2. Legally required disclosure

      Enamine will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Enamine, Enamine strives to limit the disclosure. Enamine will only release specific data mandated by the relevant legal demand.

      If compelled to disclose your data, Enamine will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

  8. Third party links

    Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.

  9. Where do we store the information?

    1. Personal data location

      All data are stored in databases and file repositories hosted in DigitalOcean cloud owned by DigitalOcean LLC. There are three datacenters located in New York, USA. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Other security features include, but are not limited to: full CCTV coverage externally and internally, biometric readers with two-factor authentication. Technical support staff do not have access to the backend hypervisors where virtual servers reside nor direct access to the NAS/SAN storage systems where snapshots and backup images reside. Only select engineering teams have direct access to the backend hypervisors based on their role. For more information regarding security measures and compliance of DigitalOcean LLC, follow the link: https://www.digitalocean.com/security/

    2. International Data Transfers

      By using our Sites or by interacting with us in other ways, you authorize Enamine to transfer Personal Information outside of the European Economic Area.

  10. Your rights

    Your rights according to the GDPR are the right to information about the processing (provided to you here, in this Privacy Policy); the right to access personal data relating to you; the right to have such data rectified, erased or restricted from processing; the right to object to our processing of personal data; as well as the right to not be subject to automatic decisions and the right to data portability. To exercise your rights please contact us via This email address is being protected from spambots. You need JavaScript enabled to view it.. If you want to know more about this, or have concerns about your rights, please do not hesitate to contact us.

    You may also access and update certain information about you stored in your account on the Sites by login in to it (Profile/View Profile on enaminestore.com or by clicking on your name in the upper right corner of enamine.net).

    At any time, you can cancel your subscription to our email newsletter by following the link in the footer of any email received from us.

  11. Data retention

    Enamine stores your account information until you request to delete your account.

    Some information, needed for complying with our legal obligations, is stored according to legal requirements of the country of business registration and cannot be deleted upon your request.

    Marketing information, as email preferences, is stored until you opt-out receiving our email newsletter.

    Sites usage data logs with identifiable and non-identifiable personal information (SDS/CoA requests, search requests, add to cart actions) are stored for 60 days and are automatically deleted afterwards.

  12. Terms of Service

    Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our Sites.

  13. Your consent

    By using our Sites, you consent to this Privacy Policy.

  14. Changes to our Privacy Policy

    If we decide to change our Privacy Policy, we will post the amended Privacy Policy on the Sites and update the Privacy Policy modification date and version.

  15. Complaint

    You may at any time lodge a complaint with a supervisory authority regarding Enamine’s collection and processing of your personal data.

    You may find the list of competent authorities on the protection of personal data in each EU Member State by following the link: https://ec.europa.eu/digital-single-market/en/news/list-personal-data-protection-competent-authorities.

    Enamine LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission.

version 2.1 from 2020/07/07

FOLLOW US