Surrey Technology Centre, 40 Occam Road, Guildford, GU2 7YG   |   01483 685540

  • DNASTREAM LinkedIn page

©Copyright 2020 DNASTREAM Limited. All Rights Reserved.


Revision 3.4- December 2019


1. Introduction and objectives

This privacy policy ("Privacy Policy") has been prepared by DNASTREAM Limited, a company registered in England and Wales under company number 5887312 with registered address at Surrey Technology Centre, 40 Occam Road, The Surrey Research Park, Guildford, Surrey, GU2 7YG, United Kingdom (referred to as “DNASTREAM”, “we”, “us” or “our”).


DNASTREAM takes your privacy extremely seriously and we want you to be confident that any information you provide to us, or that we collect about you, when using any of our public websites (“Websites”) is safe and secure.


This Privacy Policy is effective from 20th December 2019 and explains how and why we may collect your personal information, how we use it, your rights and choices when it comes to these details, and the steps we take to keep it secure and confidential.

Please read this Privacy Policy carefully as once you use our Websites you will be deemed to have read and accepted this Privacy Policy. This Privacy Policy forms part of the Conditions of Use included on our Websites.

2. Scope of this Privacy Policy

This Privacy Policy covers our information practices, including how we collect, use, share and protect the personal information you provide to us through our Websites or by other means. By accessing our Websites, you are agreeing with this Privacy Policy. If you do not agree with this Privacy Policy, you must not access our Websites.

We may provide links to third party websites from our Websites for your convenience and information. If you access any third party website from our Websites, you will be directed to a third party website. We do not control such third party websites, or the privacy practices of the respective website provider, and we do not endorse or make any representations about or accept any responsibility for such third party websites or the privacy practices of the respective website provider. The personal information you choose to provide to, or that is collected by, these third party websites including any social media websites featured on our Websites, is not covered by this Privacy Policy. We recommend that you to review the terms of use and privacy policy of any third party website before submitting your personal information to it.

We may provide social media features on our Websites that enable you to share information about DNASTREAM or your use of our products or services with your social networks and to interact with us and other parties on various social media platforms. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We recommend that you review the privacy policy and your account settings on the social media platforms that you use to make sure you understand how the information provided by you could be used or shared by the providers of those platforms.

We may modify or update this Privacy Policy from time to time. If we change this Privacy Policy, we will publish it on our Websites. Where we reasonably consider that any changes will have a fundamental impact on the nature of the processing of your personal information or will otherwise have a substantial impact on you, we will give you reasonable notice so that you can exercise any rights you may have (e.g. to object to the processing) by posting a notice of such changes on our Websites and also by notifying you directly via email (if we hold this information about you).

3. How we collect your personal information

These are the main ways we collect your personal information through our Websites:

  • If you use our Websites to register for events, subscribe to our newsletters or request information about us or our products or services

  • If you access any of our products or services that are available via our Websites

We may also collect your personal information by means other than through our Websites, which may include:

  • If you purchase or use any of our products or services

  • If you reply to our marketing campaigns (e.g. by filling out a response form)

  • If your personal information is shared with us by our business partners, service providers or other third parties, where you have provided your consent

  • From other public sources, such as social media platforms, where you have provided your personal information

  • If you interact with us in writing, by email, by other means of electronic communication or by telephone

  • If you are employed by us or work for us or on our behalf as a contractor or enter into a business relationship with us, or if you make an application for employment with us

You may engage with us via features on our Websites that integrate with social media platforms. When you engage with us through social media platforms, you may allow us to have access to certain information from your social media profile based upon your privacy preference settings on such platforms. We recommend that you review the settings of your social media profile on the social media platforms that you use, to ensure that you understand what information may be collected about you.

If you provide information to us on behalf of someone else, you must ensure that you have that person’s permission and that they have been given this Privacy Policy beforehand.

Our Websites have been created for business purposes and are not intended for use by children. We do not knowingly collect any personal information about children.

Please help us to keep your personal information up to date by informing us of any changes to your personal information or privacy preferences. You may do this either by using the features available on our Websites or by contacting us using the details provided in this Privacy Policy.

4. What personal information we may collect

We may collect the following types of personal information about you:

  • Identity data including your name, date of birth, gender, marital status, employer's name and job title

  • Contact data including your home address, employer's address, correspondence address, email addresses and telephone numbers

  • Topics of interest you may express regarding our products and services

  • How you use our Websites and whether you open or forward our communications, including information collected through cookies or other tracking technology (please refer to the section ‘Cookies and other technologies’ in this Privacy Policy)

  • Information relating to your purchases of our products or services, including the necessary information for us to bill you for their usage such as billing address

  • Information relating to your use of our products or services

  • If you are a customer, information relating to your business relationship with us that is necessary for us to administer this relationship including information provided by credit reference agencies (e.g. credit rating)

  • If you are an employee or contractor, information relating to your employment or business relationship with us that is necessary for us to administer this relationship including your identification documents (e.g. passport, driving license, utility bills), proof of your right to work in the UK, employment history, evidence of skills and qualifications, bank account details, information provided by background checking/vetting agencies (e.g. criminal convictions) and (for employees) disciplinary record

We do not collect Sensitive Data about you without your express consent and then only in accordance with data privacy laws. "Sensitive Data" refers to the various categories of personal information identified by the relevant UK data privacy laws as requiring special treatment such as racial or ethnic origin, political opinions, biometric and genetic data, criminal records, religious beliefs and physical or mental health data.

5. How we use your personal information

The personal information we collect may be used to:

  • Manage and administer events that you have registered for, and to follow up on events that you have attended

  • Publicise future events that we believe you may find of legitimate business interest based on your registration for previous events or the topics of interest you have expressed

  • Issue newsletters or other similar communications that you have subscribed to

  • Provide information about our products or services as requested by you, or relevant to the topics of interest you have expressed

  • Assess the performance of our Websites and analyse how they are used to help us make improvements

  • Maintain leads in our sales processes and run marketing or promotional campaigns to create awareness of our brand, products and services

  • Process requests to purchase any of our products or services

  • Provide access to our products and enable your effective use of the features of our products

  • Administer the relationship with our customers including general communications, account management, product or service delivery, support, contract management, credit management, billing and accounts receivable

  • Administer the relationship with our contractors including general communications, account management, contract management, assignment management, invoice management and accounts payable

  • Administer the relationship with our employees including contracts of employment, general staff management, staff communications, matters relating to tax and national insurance, management of sickness and absence, management of staff assignments and disciplinary matters 

  • Manage our contractual obligations and enforce our contractual and legal rights

Your personal information may be used for other purposes for which you give your consent or, in limited circumstances, when required by law or where permitted under the relevant UK data privacy laws.

The use of your personal information set out above is permitted under the relevant UK data privacy laws based on these principal legal grounds:

  • Where you have consented to its use for the purposes we have stated (in which case you will have been presented with a consent form or some other method to give your consent in relation to such use), which you may withdraw at any time by using the features available on our Websites or by contacting us using the details provided in this Privacy Policy

  • Where it is necessary for us to enter into or perform our contractual obligations with you

  • Where we need to use it to comply with our legal obligations

  • Where we use it to achieve a legitimate business interest and our reasons for using it outweigh any prejudice to your data protection rights (our legitimate interests include performing our business activities, promoting our business and tailoring news or offers to your profile, research and development of products or services, providing you with products or services and managing our business relationship with you)

6. How we keep your personal information safe

We use technical and organisational security measures including authentication tools to protect your personal information against unauthorised access, loss, manipulation or destruction.

Although data transmission over the Internet cannot be guaranteed to be secure, we and our business partners maintain physical, electronic and procedural safeguards to protect your information in accordance with applicable data protection requirements. Our main security measures include:

  • Tightly restricted access to your personal information on a “need to know” basis and for the communicated purposes only

  • Use of encryption or password-protection when sharing personal information with other parties

  • Use of encryption (in transit and at rest) for our IT systems as far as is possible within the capabilities of the respective system

  • Use of individual, password-protected user accounts for our IT systems with assigned permissions to ensure access is only permitted to specific information according to the job role of the user

  • Provision of facilities to set up individual, password-protected user accounts for users of our products with assigned permissions to ensure access is only permitted to specific features of the respective product and/or data relating to that user’s assigned role

  • Use of firewalls for our IT systems to prohibit unauthorised access

  • Physically recorded information (i.e. paper documents) stored in locked cabinets in a locked office location

  • Enforcement of strict company policies relating to information security, control of access to our IT systems and the permitted uses of our IT systems, our other IT assets and our products, which form part of our employee handbook and the contractual obligations of our contractors and business partners

  • Use of binding contracts with our customers regarding the permitted uses of our products

7. How long we keep your personal information

We retain your personal information only for as long as is necessary and only for the purposes for which it has been collected. Our retention periods are based on our legitimate business needs or our legal obligations, and once no longer needed your personal information is either irreversibly anonymised or securely destroyed. The retention period applicable to your personal information will be determined according to its use, as follows:

  • Use for providing features within a product: we retain your personal information for the duration of the contract that provides for your use of the product including any subsequent period to facilitate off-boarding activities as set out in the respective contract

  • Use for marketing purposes: we retain your personal information for as long as is necessary and in accordance with your privacy preferences, but only for the purposes for which it was collected – for example, if you have expressed an interest about our products or services we will retain your personal information for the purposes of marketing such products or services unless you update your privacy preferences to withdraw your consent

  • Use for performing a contract: we retain your personal information for the duration of the contract and for a period of six years after the contract expiration or termination date to deal with queries or claims thereafter, or for such longer period as required in law

  • Use for managing a business partnership: we retain your personal information for the duration of the partnership and for a period of up to six years thereafter

  • Where claims are contemplated: in relation to any personal information where we reasonably believe it will be necessary to defend or prosecute or make a claim, we may retain that information for a long as that claim could be pursued

8. Who we share your personal information with

Personal information that we collect about you may be transferred to other parties or accessed by other parties on our behalf, with your consent where necessary.

The types of parties we may transfer your personal information to are as follows:

  • Business partners and contractors that work with us or on our behalf to provide or support our Websites, products or services, or support us in our business activities

  • Event companies that run or manage events on our behalf

  • IT services, technology or application providers that provide us with the applications, systems, products or services we use to operate or support our business activities

  • Credit reference and background checking agencies

  • Law firms and other professional advisors that provide advice to us

Where we share your personal information, this is done in a secure manner. When we share this information with other parties, we ensure that the other parties are required to use it only for the purpose for which it was collected and require such parties to enter into a binding confidentiality and/or contractual agreement with us.

We may also share your personal information without your consent if it is in relation to a legitimate business interest or where we have a contractual or legal obligation to do so, such as:

  • When required by law to share information with statutory authorities, government institutions or other authorized bodies

  • When required to use the information to respond to a summons, court order or other legal process, or to establish or exercise our legal rights or defend against legal claims

  • Where we believe it is necessary to investigate, prevent or take actions against any illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law

  • Where we believe it is necessary to protect or enforce our rights, usage terms, intellectual or physical property or for the safety of DNASTREAM or that our customers, business partners, contractors or other associated parties

  • In the event DNASTREAM is acquired by or merged with another company or acquires another company or undergoes a reorganisation

While performing our business activities, your personal information may be accessed by our staff, agents or contractors from a country outside of the European Economic Area (EEA) for any of the purposes set out in this Privacy Policy. These countries may have in place data protection laws that may be of a lower standard than in the EEA.  We will take reasonable steps to ensure that any of your personal information that is accessible outside of the EEA is handled subject to appropriate safeguards.

Certain countries outside the EEA, such as Canada and Switzerland, have been approved by the European Commission as providing essentially equivalent protection to EEA data protection laws and therefore no additional legal safeguards are required. In countries that have not had such approval, we will either ask for your consent to transfer the data or transfer it subject to European Commission approved contractual terms that impose equivalent data protection obligations directly on the recipient unless we are permitted under applicable data protection law to make such transfers without such formalities.

9. Cookies and other technologies

What is a cookie?

A cookie is a small text file that stores Internet settings. Almost every website uses cookie technology. The cookie is downloaded by your Internet browser the first time you visit a website. The next time you visit that website from the same device, the cookie and the information in it are either sent back to the originating website (first-party cookies) or to another website to which it belongs (third party cookies). By that process, the website can detect that it has already been opened using this browser and, in some cases, it will then vary the content it shows.

Our Websites use cookies for many important reasons, such as:

  • Providing you with a great user experience and improving the experience when you return to the website using the same device and the same web browser as before, such as remembering your preferences and adapting the content that is shown to be relevant your personal interests

  • To identify you as a registered member of our Websites

  • To monitor and analyse the performance, operation and effectiveness of our Websites and the underlying platforms that provide our Websites

  • To ensure our Websites and the underlying platforms are secure and safe to use

Use of cookies on our Websites and within our products

Our Websites and products accessed via a web browser may use cookies of different types.

Strictly necessary cookies: these enable features without which you would not be able to use the Websites or product as intended. These cookies are used exclusively by DNASTREAM and are therefore known as first-party cookies. They are only saved on your computer while you are actually browsing the Websites. Strictly necessary cookies do not require approval and cannot be disabled using the features of the Websites.


Performance cookies: these gather information about how a feature of the Websites or product is used for example, which pages a visitor opens most often, and whether the user receives error messages from some pages. These cookies do not save information that would allow the user to be identified. The collected information is aggregated and therefore anonymous. These cookies are used exclusively to improve the performance of the Websites or product, and with it the user experience.

Functional cookies: these enable the Websites or product to save information which has already been entered (such as usernames and language choices), so that it can offer you improved and more personalized functions. For example, the Websites can offer content in your local language if it uses a cookie to remember your preferred language. These cookies collect anonymous information and cannot track your movements on other websites.

Marketing cookies: these are used to deliver adverts and other communications more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns. They remember whether you have visited the Websites or not, and this information can be shared with other organizations such as advertisers (this includes advertising technologies on websites such as Facebook, LinkedIn and Twitter). Cookies for improving group targeting and advertising will often be linked to site functionality provided by other organizations.


You will be notified of the use of cookies on your first visit to each of our Websites and given advice about how to change your preferences (and our Websites may attempt to set a cookie to record your preference for future visits). Web browsers may be set to automatically accept cookies, but you may change these settings to decline all cookies if you prefer. You can manage cookies through your browser settings. The 'Help' feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire.

Our Websites use the following cookies.

If you set your browser to decline all cookies or certain cookies, our Websites or products may not function correctly, and you may not be able to use all the features of the Websites or products.

We may also use web beacons or tracking pixels in our emails and on web pages that help us to monitor whether you have opened any newsletters or other communications we may have sent to you. A web beacon is one of various techniques used on web pages or email to unobtrusively (usually invisibly) allow checking that a user has accessed some content. Common uses are email tracking and page tagging for web analytics and marketing analytics. We use this information in conjunction with the topics of interest you have expressed, to deliver you a personalized experience by ensuring we send you information that we believe you will find interesting, based on the content we know you have engaged with previously.

Our Websites may include functionality to interact with social media websites where you may have accounts, such as Facebook, Twitter and LinkedIn. You should be aware that these social media websites may set cookies while you are using them and use of these features may result in the collection or sharing of information about you.

We may disclose aggregated information about your use of our Websites to our social media, advertising or analytics partners who may combine it with other information that they hold. We will not disclose information to such parties that identifies you or that contains your personal information.

10. Your rights and how to change your privacy preferences

You can make individual changes to your privacy preferences using the features included on our Websites, where available. You may also use the “unsubscribe” features included in our marketing communications and e-newsletters to stop receiving these communications.

You can also contact us using the details provided in this Privacy Policy to change your privacy preferences, withdraw your consent in relation to how we use your personal information, or request information about the personal information we hold about you as well as requesting the correction, deletion or restriction of your personal data for analytics and/or marketing use.

Subject to certain conditions you have the right to require us to:

  • Provide you with further details on the use we make of your information

  • Provide you with a copy of the information we hold about you

  • Update any inaccuracies in the information we hold about you

  • Delete any information about you that we no longer have a lawful ground to use

  • Remove you from any direct marketing lists when you object or withdraw your consent

  • Provide you with your personal information in a usable electronic format and transmit it to a third party (right to data portability)

  • Restrict our use of your personal information

  • Cease carrying out certain processing activities based on the grounds of having a legitimate business interest unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime), our interests (e.g. the maintenance of legal privilege) and the rights of third parties. In certain circumstances, where you exercise these rights you may no longer be able to access or use our Websites.

In limited circumstances we may charge a reasonable fee for certain requests you make to us, which we will advise you of in advance.

11. How to contact us

You can contact us in the following ways:

  • By sending an email to and providing us with your full name and email address, together with details of the changes you wish to make

  • By writing to us at DNASTREAM Limited, Surrey Technology Centre, 40 Occam Road, The Surrey Research Park, Guildford, Surrey, GU2 7YG

  • By telephoning us on 01483 685540 and asking to speak to a member of our staff

If you are dissatisfied with our use of your personal information or our response to any exercise of your rights, you have the right to complain to the Information Commissioner’s Office (ICO), which regulates the processing of personal information in the United Kingdom. More information can be found on the ICO website at

12. Review

This policy will be reviewed at least annually or when required by changes in circumstances.