This webpage sets out when and how we use your personal information that you or others provide to us.
Who we are
We are PepGen, a Limited Company (registered with number 11170794).
Our registered address is BioEscalator, Innovation Building, University of Oxford Old Road Campus, Roosevelt Dr, Oxford, United Kingdom, OX3 7FZ.
How do you use my data?
When you have expressed an interest in PepGen:
This section applies if you have contacted us through the form available on this website, or directly via phone or email.
We will handle your personal information (such as your name, email address, postal address and telephone number) in order to communicate with you on the subject you have contacted PepGen about.
You can tell us that you do not want your personal information to be processed in this way at any time by contacting us at firstname.lastname@example.org.
If our business is sold:
We will transfer your personal information to a third party:
- if we sell or buy any business or assets, we will provide your personal information to the buyer (but only to the extent we need to, and always in accordance with data protection legislation); or
- if PepGen or the majority of its assets are acquired by somebody else, in which case the personal information held by PepGen will be transferred to the buyer.
We process your personal information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.
In some circumstances we may also need to share your personal information if we are under a duty to disclose or share it to comply with a legal obligation.
What about technical information and analytics?
Information we collect about you:
When you visit our site we will automatically collect the following information via the Google Analytics service:
- technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, screen resolution, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators, clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. We only use (and store) non-essential cookies on your computer’s browser or hard drive if you provide your consent. The Google Analytics cookies in place on our site cannot be used by anyone except Google.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
You may also opt-out by completing Google Analytics’ opt-out form accessible through this link: https://tools.google.com/dlpage/gaoptout.
Except for essential cookies, all cookies will expire after 2 years.
Where is my data stored?
Google are based outside the European Economic Area (EEA) so their processing of your personal information will involve a transfer of data outside of the EEA.
Whenever we transfer your personal information outside of the EEA, we ensure it is protected by making sure at least one of the following safeguards is in place:
- by transferring your personal information to a country that has been deemed to provide an adequate level of protection by the European Commission;
- by using specific contracts approved by the European Commission which give your personal information the same protection it has within the EEA; and
- where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
All information you provide to us is stored on our secure servers or those of our third party data storage providers.
How long do we retain your data for?
Where you have communicated directly with PepGen, we will retain your data for a period of two years, to ensure that we are able to assist you should you have any questions, feedback or issues in connection with your communication with PepGen or if any legal issues arise.
In some circumstances we may anonymise your personal data so that it can no longer be associated with you for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
What are my rights under data protection laws?
Request access to your data (commonly known as a “subject access request”). This enables you to receive a copy of the data we hold about you and to check that we are lawfully processing it.
Request correction of the data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your data. This enables you to ask us to delete or remove data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your data where you have exercised your right to object to processing (see below).
Object to processing of your data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your data for direct marketing purposes, research or statistical purposes.
Request the restriction of processing of your data. This enables you to ask us to suspend the processing of data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your data to another party.
Privacy law is often complicated, and whether these rights are available to you sometimes depends on the types of data we are handling, as well as why we are handling it. If you would like to exercise any of these rights, please contact us using the details at the bottom of this notice. You always have the right to lodge a complaint with us or the Information Commissioner’s Office, the supervisory authority for data protection issues in England and Wales.
What about websites we link to?
Our site may, from time to time, contain links to and from the websites of our partner networks and affiliates.
Our site connects you to different websites. If you follow a link to any of these websites or use our services, please note that you have left our site and these websites have their own privacy policies.
We do not accept any responsibility or liability for these policies or websites. Please check their policies before you submit any personal information to these websites.
How do I contact you with feedback?