version 2.0 from 2018/05/22
- Identity of Enamine
- What information do we collect?
- What do we use your information for?
Any of the information we collect from you may be used for one or more of the following purposes:
- To personalize your experience (the information will help Enamine better respond to your individual needs);
- To improve our Sites (Enamine continually strives to improve our Sites offerings based on the information and feedback we receive from our customers);
- To identify you as a contracting party;
- To enable secure login for you into the account on our Sites;
- To establish a primary channel of communication with you;
- To enable Enamine to issue valid VAT invoices and to process transactions;
- To transfer information to others as described in this policy or to satisfy our legal, regulatory, compliance, or auditing requirements, including to disclose information to law enforcement authorities upon validly served legal process or a valid judicial instruction (for example, pursuant to a court order);
- To enable automated handling of the subscriptions;
- To send periodic e-mails (The e-mail address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news (if accepted), updates, related product or service information, etc.)
If at any time you would like to unsubscribe from receiving future e-mails, you can cancel your subscription by following the link in the footer of any email received from us.
- Legal basis
- EU General Data Protection Regulation (GDPR)
- California Online Privacy Protection Act Compliance
- Children’s Online Privacy Protection Act Compliance
The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).
If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information in clause 1.
In order to enter into a contract regarding the purchase of Enamine’s products, you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to sell the products or provide you the quotation.
Because Enamine values your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute any personal information to outside parties without your consent except as stated in clause 7.
As part of the California Online Privacy Protection Act, all users of our Sites may make any changes to their information at any time by logging into their account and navigating to the “profile page”.
Enamine is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.
- How do we protect your information?
Enamine implements the following technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction, loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.
- Personal Data breach notification
To ensure high availability automated daily backup of the Sites database is arranged. The backuped data are stored for 14 days at the same data centre as the main database. All failover mechanisms are fully automated.
System and project files are backuped on a daily basis, backups are stored for 90 days at a Digital Ocean data centre (see “9. Where do we store the information?” for more details).
To ensure integrity, Enamine strives to provide a secure online environment for the transmission of personal information such as credit card details, usernames, and passwords. For Enamine Sites security is provided by Transport Layer Security (TLS/SSL) encryption and verified by security certificate issued by Thawte Consulting Certificate Authority. Encrypted connection can be identified by 'https' prefix in the address bar of your browser; it prevents all the data from being intercepted while transferred between your computer and our Sites.
All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties.
Whenever personal data is accessed by our company or representative companies personnel the access is only possible after password authentification. Access is granted to the personnel whose job functions require it by assigning the appropriate role. The log of roles assignment is maintened and may be accessible on request.
There are additional security measures in place for the personnel with system administrator functions. When accessing the data in a database, the IP number of the person accessing the data, as well as login/password must be pre-authorized to obtain access.
Personal data are never stored on mobile media like USB sticks and DVD’s.
Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. System performance and availability are monitored by qualified personnel.
In the event that your data is compromised, Enamine will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact on your experience using the Sites and Enamine's action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.
- Do we discloase any information to outside parties?
Enamine does not sell, trade or otherwise transfer to outside parties any personally identifiable information.
This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.
- Subcontractors/trusted third parties
- Legally required disclosure
The list of main subcotractors/trusted third parties with whom we share your information is provided below.CategoryCompany nameCountryLegal basis
SIA Swipe (Swipe Gateway)
Google Inc. (Google Analytics)
Consent (by Cookies opt-in)
LinkedIn Ireland Unlimited Company or LinkedIn Corporation (LinkedIn, SlideShare)
Consent (by cookies opt-in)
The Rocket Science Group LLC (MailChimp)
Consent (by cookies opt-in)
Other subcontractors may be engaged in personal data handling based on your consent or in order to fulfil our contractual obligations.
Enamine will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Enamine, Enamine strives to limit the disclosure. Enamine will only release specific data mandated by the relevant legal demand.
If compelled to disclose your data, Enamine will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.
- Third party links
- Where do we store the information?
- Personal data location
- International Data Transfers
All data are stored in databases and file repositories hosted in DigitalOcean cloud owned by DigitalOcean LLC. There are three datacenters located in New York, USA. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Other security features include, but are not limited to: full CCTV coverage externally and internally, biometric readers with two-factor authentication. Technical support staff do not have access to the backend hypervisors where virtual servers reside nor direct access to the NAS/SAN storage systems where snapshots and backup images reside. Only select engineering teams have direct access to the backend hypervisors based on their role. For more information regarding security measures and compliance of DigitalOcean LLC, follow the link: https://www.digitalocean.com/security/
By using our Sites or by interacting with us in other ways, you authorize Enamine to transfer Personal Information outside of the European Economic Area.
- Your rights
- Data retention
- Terms of Service
- Your consent
Enamine is a research-and-production company specialized in fine organic synthesis and providing additional services for drug discovery with the following address:
78 Chervonotkatska Street
Phone: +380 44 5373218
Company registration number 30402329
This company is your data controller and processor.
The address of its representative in the European Union (EU) is as follows:
Vestienas iela 2 B
Tel. +371 66000186
This company is a representative of Enamine in the EU and, depending on the logistics, may be your data processor if you reside in the European Union, Switzerland, Norway, Serbia, Bosnia&Herzegovina, Montenegro, Albania, Macedonia, Kosovo, India, China, Australia.
The address of its representative in the United States of America is as follows:
2940 Glendale Milford Road #410,
Cincinnati, OH 45241
Toll free number: 1 (888) 745-6132
This company is a representative of Enamine and your data processor if you reside in the United States of America, Canada, South and Central America countries. Depending on the logistics, it may be your data processor if you reside in Asia or Africa.
Information we get from your use of the Sites
It is primarily non-personally-identifying information of the sort that web browsers, servers, and services like Google Analytics typically make available, such as the browser type, language preference, referring site, and the time of each visit. Other non-identifying information that we might have access to includes how you use the Sites (e.g. search queries), your approximate location, cookies, etc.
We collect this non-personally-identifying information in order to track visits to our Sites, understand and evaluate the customer experience, improve the content and layout of our Sites and customize the web experience.
When you use the Sites, we also collect potentially personally identifying information in the form of Internet Protocol (IP) addresses.
Enamine will only attempt to link the logs to identifiable individuals if that is necessary for investigating a data security breach, a breach of contract, a violation of Enamine’s policies and procedures, or a contravention of the laws.Information you provide to us directly
Certain visitors to our Sites choose to interact with them in ways that may require them to provide us with personally identifying information.
When you register for an account on our Sites, place an order or subscribe to our newsletter, basic contact details are collected such as the e-mail address and your name, job function, company name, shipping address, billing address, information on contact person for shipping and billing.
We collect information about you from other users of the Sites. For example, when another user provides your contact information when he designates you as a billing or shipping contact when placing the order.
See Enamine’s Cookie Declaration for www.enamine.net -- https://enamine.net/cookies-policy for information on the cookies we use.
Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.
You may also access and update certain information about you stored in your account on the Sites by login in to it (Profile/View Profile on enaminestore.com or by clicking on your name in the upper right corner of enamine.net).
At any time, you can cancel your subscription to our email newsletter by following the link in the footer of any email received from us.
Enamine stores your account information until you request to delete your account.
Some information, needed for complying with our legal obligations, is stored according to legal requirements of the country of business registration and cannot be deleted upon your request.
Marketing information, as email preferences, is stored until you opt-out receiving our email newsletter.
Sites usage data logs with identifiable and non-identifiable personal information (SDS/CoA requests, search requests, add to cart actions) are stored for 60 days and are automatically deleted afterwards.
Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our Sites.
You may at any time lodge a complaint with a supervisory authority regarding Enamine’s collection and processing of your personal data.
You may find the list of competent authorities on the protection of personal data in each EU Member State by following the link: https://ec.europa.eu/digital-single-market/en/news/list-personal-data-protection-competent-authorities.
Enamine LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission.
version 2.0 from 2018/05/22