WELCOME TO THE AMRIS PRIVACY POLICY
At AMRIS, we respect your privacy and are dedicated to safeguarding your personal data. This privacy policy outlines how we protect your personal information when you visit our website, no matter where you access it from. It also explains your privacy rights and how the law supports you.
For clarity on specific terms used in this privacy policy, please refer to the Glossary section.

1. IMPORTANT INFORMATION AND WHO WE ARE – AMRIS Privacy Policy Overview
This privacy policy explains how AMRIS INTERNATIONAL LTD collects and processes your personal data when you interact with our website. This includes any data you provide when signing up for our newsletter, downloading brochures, or completing forms for assistance.
Our website is not intended for use by children, and we do not knowingly collect data related to children.
We encourage you to read this privacy policy in conjunction with any other privacy notices or fair processing policies we may provide on specific occasions when collecting or processing your personal data. This ensures you are fully informed about how and why we are using your data. Please note that this privacy policy is intended to supplement, not override, other notices and privacy policies.

CONTROLLER
AMRIS INTERNATIONAL LTD is a company registered with Companies House under the number 15777063, with its registered office located at 56 Aldworth Road, London, England, E15 4DL.
This privacy policy is issued on behalf of AMRIS INTERNATIONAL LTD, so when we refer to “AMRIS,” “we,” “us,” or “our” in this privacy policy, we are referring to our company, which is the controller responsible for this website.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing any questions related to this privacy policy. If you have any inquiries about this privacy policy or wish to exercise your legal rights, please contact the DPO using the details provided below.
CONTACT DETAILS
If you have any questions about this privacy policy or our privacy practices, please contact our DPO in the following ways:
Full name of legal entity: AMRIS INTERNATIONAL LTD
Email address: office@amrisinternational.com
Postal address: 56 Aldworth Road, London, England, E15 4DL
Telephone number: +447441428853
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection matters (www.ico.org.uk), at any time. However, we encourage you to reach out to us first so we can address any concerns you may have directly. We would appreciate the opportunity to resolve any issues before you approach the ICO.

CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
We keep our privacy policy under regular review. This version was last updated on 15 July 2024.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs.
Any revisions will be posted on this website with an updated effective date. It is your responsibility to review this Privacy Policy periodically to stay informed of any changes.

MAINTAINING ACCURATE PERSONAL DATA
It is crucial that the personal data we hold about you remains accurate and up-to-date. Please inform us of any changes to your personal information during your relationship with us, so we can ensure that our records are current and correct.

THIRD-PARTY LINKS
Our website may include links to other websites operated by trusted third parties to provide you with additional services. Please be aware that these third-party websites may collect information about you in accordance with their own privacy policies. For details on how these third parties handle your personal data, please review their respective privacy policies.

2. THE DATA WE COLLECT ABOUT YOU
At AMRIS, we value your privacy and want to be transparent about the personal data we collect and how we use it. Personal data refers to any information that can identify an individual. This does not include data where the identity has been removed (anonymous data).
Here’s a breakdown of the types of personal data that we may collect use, store, and transfer:
Identity Data: this includes your name, maiden name, last name, username or similar identifiers, marital status, title, date of birth, and gender. This information helps us to identify you and personalize our interactions.
Contact Data: we collect your billing and delivery addresses, email address, and phone numbers to manage our communications with you effectively and ensure that we can provide our services smoothly.
Technical Data: to improve your experience on our site, we track details such as your IP address, login data, browser type and version, time zone settings, and the technology you use to access our website.
Usage Data: this includes information about how you use our website, products, and services. It helps us understand what interests you and how we can enhance our offerings.
Marketing and Communications Data: we may gather information about your preferences for receiving marketing materials and communications from us and our partners. This allows us to tailor our outreach to suit your interests.

We may also collect, use, and share Aggregated Data such as statistical or demographic data for various purposes. Aggregated Data is derived from your personal data but does not directly or indirectly reveal your identity. For example, we might aggregate Usage Data to calculate the percentage of users accessing a specific feature on our website. However, if we combine or connect Aggregated Data with your personal data, such data will be treated as personal data and used in accordance with this privacy policy.

We do not collect any Special Categories of Personal Data, which include details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health information, or genetic and biometric data. We also do not collect information about criminal convictions and offenses.

What Happens if You Don’t Provide Personal Data
If there’s a legal requirement or a contractual necessity for us to collect certain personal data and you choose not to provide it, we may not be able to deliver the services or products you’ve requested. In such cases, we might need to cancel the service or product and will let you know if this happens.
If you have any questions or need more information about how we handle your personal data, please don’t hesitate to reach out to us. We’re here to help!

3. HOW IS YOUR PERSONAL DATA COLLECTED?
At AMRIS, we use various methods to gather information about you. Here’s a clear overview of how we collect your data:
Direct Interactions: When you interact with us directly, we may collect your Identity and Contact information. This happens when you:
o Apply for our services
o Subscribe to our newsletters or publications
o Request to receive marketing materials
o Provide feedback or reach out to us via post, phone, email, or other methods.
Automated Technologies: as you navigate our website, we automatically gather Technical Data about your device and browsing behaviour. This includes details such as your IP address and browsing patterns, which we collect using cookies, server logs, and similar technologies. For more information on how we use cookies, please refer to our Cookie Policy.
Third Parties and Public Sources: We may also obtain personal data from other sources, including:
o Technical Data from analytics providers like Google (outside the EU) and search information providers (within the EU).
o Contact, Financial, and Transaction Data from payment and delivery service providers (within the EU).
o Identity and Contact Data from data brokers or aggregators (within the EU).
o Publicly Available Sources such as Companies House and the Electoral Register (within the EU).
If you have any questions about how we collect and use your data, or if you need more details, feel free to contact us. We’re here to ensure your experience with us is as transparent and smooth as possible.

4. HOW WE USE YOUR PERSONAL DATA
At AMRIS, we handle your personal data with care and ensure it is used only when permitted by law.
Typically, we process your data in the following situations:
• To Fulfill Contracts: when we need to perform or enter into a contract with you, we use your data to ensure we meet our obligations.
• For Legitimate Interests: when processing your data is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override these interests.
• To Comply with Legal Obligations: when we are required to meet legal obligations.
In general, we do not rely on your consent as the basis for processing your personal data. However, if we wish to send you third-party marketing communications via email or text message, we will seek your consent first. You have the right to withdraw this consent at any time by contacting us.
Purposes for Using Your Personal Data
Below, we outline how we use your personal data and the legal bases for these uses. We have also highlighted our legitimate interests where applicable.

Purpose Legal Basis Legitimate Interests
Performing contracts with you Contractual necessity Ensuring smooth contract execution
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to leave a review or take a survey Identity
Contact
Profile
Marketing and Communications Performance of a contract with you
Necessary to comply with a legal obligation
Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
Processing for business interests Legitimate interests Improving services and operations
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you Identity
Contact
Usage
Marketing and Communications
Technical Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
Compliance with legal obligations Legal obligation Adhering to legal and regulatory requirements
To make suggestions and recommendations to you about goods or services that may be of interest to you Identity
Contact
Technical
Marketing and Communications Necessary for our legitimate interests (to develop our products/services and grow our business)
We may process your personal data for more than one lawful reason, depending on the specific context. If you need more details about the particular legal ground we rely on for processing your data, please reach out to us.
Marketing and Your Preferences
We are committed to providing you with control over how your personal data is used, especially when it comes to marketing and advertising.
Promotional Offers from AMRIS
We may use your Identity, Contact, Technical, Usage, and Profile Data to understand your preferences and needs. This helps us determine which of our products, services, and offers may be most relevant to you (this is what we refer to as marketing).
If you have requested information from us or purchased services, you may receive marketing communications from us unless you have opted out.
Third-Party Marketing
We will always seek your explicit consent before sharing your personal data with any third parties for their marketing purposes.
Opting Out
You can request that we, or third parties, stop sending you marketing messages at any time. Simply follow the opt-out instructions provided in the communications.
Please note that opting out of marketing messages will not affect the processing of personal data provided as part of a service purchase, warranty registration, service experience, or other transactions.
Cookies
We use necessary cookies to ensure our website functions properly. Cookies are small text files stored on your device (such as a computer or smartphone) when you visit our site. These necessary cookies are essential for core features like security, network management, and accessibility. You can disable these cookies through your browser settings, but doing so may affect your experience on our website. For more information on the cookies we use, please refer to our Cookie Policy.
We also use optional Google Analytics cookies to improve our website by gathering anonymous data on how you use it. These cookies will only be set if you enable them. For more details, please review our Cookie Policy.
Change of Purpose
We will only use your personal data for the purposes for which it was originally collected unless we believe that another purpose is compatible with the original one. If you would like an explanation of how any new processing activities are compatible with the original purpose, please contact us.
If we need to use your personal data for a purpose unrelated to the original one, we will inform you and explain the legal basis that allows us to do so.
Please be aware that, in compliance with legal obligations, we may process your personal data without your knowledge or consent when required or permitted by law.

5. DISCLOSURES OF YOUR PERSONAL DATA
We may share your personal data with the following parties for the purposes outlined in the table above:
Internal Third Parties – these include other companies within the AMRIS group that may need access to your data to provide you with services or support.
External Third Parties – these are service providers, professional advisers, regulators, and other authorities who assist us in delivering our services or who have a legal right to access your data.
Business Transfers – in the event that we decide to sell, transfer, or merge parts of our business or assets, your personal data may be transferred to the new owners. Likewise, if we acquire other businesses or merge with them, your personal data may be used by the new entity in line with this privacy policy.
We require all third parties to uphold the security of your personal data and to handle it in compliance with the law.
Our third-party service providers are not permitted to use your personal data for their own purposes; they may only process your data for the specific purposes we’ve outlined and in accordance with our instructions.
6. TRANSFER OF YOUR INFORMATION OUTSIDE THE UK AND EEA
We may transfer your personal information to countries outside the United Kingdom (UK) and European Economic Area (EEA), including but not limited to:
 The United States of America: this transfer may be necessary for our lawyers and staff to contact you for business purposes, such as providing legal advice and services.
Please note that these countries may not have data protection laws equivalent to those in the UK and EEA.
While the European Commission has not determined that these countries provide an adequate level of data protection similar to that within the UK and EEA, we will ensure that any transfer of your personal information is safeguarded by appropriate measures as approved by the European Commission (as permitted under Article 46(5) of the General Data Protection Regulation).
These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event of misuse of your personal information.
If you would like more information about these safeguards, please contact us at office@amrisinternational.com.
We will not transfer your personal data outside of the UK and EEA, or to any organization governed by public international law, unless such transfer is in compliance with the relevant legal requirements.

7. DATA SECURITY
We take the security of your personal data seriously and have implemented appropriate measures to protect it from accidental loss, unauthorized access, misuse, alteration, or disclosure.
Access to your personal data is restricted to employees, agents, contractors, and other third parties who have a legitimate business need to access it. These individuals and entities will only process your personal data according to our instructions and are bound by a duty of confidentiality.
In the event of a suspected data breach, we have established procedures to respond promptly. If required by law, we will notify you and the relevant regulatory authorities of any breach that could affect your personal data.

8. DATA RETENTION – HOW LONG WE WILL USE YOUR PERSONAL DATA
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including meeting any legal, regulatory, tax, accounting, or reporting obligations. In some cases, we may need to keep your personal data longer if there is a complaint or if we reasonably anticipate the possibility of litigation related to our relationship with you.
To determine the appropriate retention period, we consider several factors, including the volume, nature, and sensitivity of the data, the potential risks of unauthorized use or disclosure, the purposes for processing the data, and whether those purposes can be achieved through other means. We also take into account any legal, regulatory, tax, accounting, or other requirements.
As required by law, we must retain basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for six years after they cease being customers, for tax purposes.
You have the right to request the deletion of your data under certain circumstances-please see the section on your legal rights for more details.

In some instances, we may anonymize your personal data (so that it no longer identifies you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. YOUR LEGAL RIGHTS
Under certain circumstances, you have specific rights under data protection laws concerning your personal data. These include the rights to:
 Request access to your personal data.
 Request correction of any inaccuracies in your personal data.
 Request erasure of your personal data.
 Object to the processing of your personal data.
 Request restriction of processing your personal data.
 Request transfer of your personal data to another party.
 Withdraw consent at any time, where we are relying on consent to process your data.
You also have the following rights:
• Access Your Personal Data: you can request a copy of the personal data we hold about you to verify that it is being processed lawfully.
• Correct Your Personal Data: if any of the data we hold about you is incomplete or inaccurate, you can request a correction. We may need to verify the new information you provide.
• Request Erasure: you can ask us to delete your personal data if there’s no valid reason for us to continue processing it. This right also applies if you have successfully objected to processing, if we have processed your data unlawfully, or if we need to erase it to comply with local laws. However, we may not always be able to fulfill your erasure request for specific legal reasons, which we will inform you about, if applicable, at the time of your request.
• Object to Processing: you can object to our processing of your personal data if it impacts your fundamental rights and freedoms, especially if we rely on legitimate interest or if we use your data for direct marketing purposes. In some cases, we may demonstrate compelling legitimate grounds to continue processing your data, which override your rights and freedoms.
• Request Restriction of Processing: you can ask us to suspend processing your personal data in certain situations, such as:
o When you want us to verify the accuracy of the data.
o If our use of the data is unlawful but you prefer that we restrict its use rather than erase it.
o When you need us to keep the data even if we no longer require it, as it may be needed for legal claims.
o If you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
• Request Data Transfer: you can request that your personal data be transferred to you or a third party in a structured, commonly used, machine-readable format. This right applies only to automated information that you initially consented for us to use, or where the data was used to perform a contract with you.
• Withdraw Consent: you can withdraw your consent for us to process your personal data at any time. This will not affect the legality of any processing carried out before the withdrawal. However, if you withdraw your consent, we may no longer be able to provide certain products or services to you, and we will inform you if this is the case.
If you wish to exercise any of these rights, please contact us.

No Fee Usually Required
You will not typically need to pay a fee to access your personal data or to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. In such cases, we may also refuse to comply with your request.
What We May Need from You
To help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights), we may request specific information from you. This is a security measure to ensure that your personal data is not disclosed to anyone who is not entitled to receive it. We may also contact you to request further information to expedite our response.
Time Limit to Respond
We strive to respond to all legitimate requests within one month. Occasionally, if your request is particularly complex or you have made multiple requests, it may take us longer. In such cases, we will notify you and keep you updated on the progress.

10. GLOSSARY
Legitimate Interest: this refers to our company’s interest in managing and conducting our business to provide you with the best services/products and a secure experience. Before processing your personal data for our legitimate interests, we carefully assess and balance any potential impact on you (both positive and negative) and your rights.
We ensure that our interests do not override your rights and interests unless we have your consent or are required or permitted by law to do so. For more information on how we evaluate our legitimate interests against any potential impact on you, please contact us.

Performance of Contract: this means processing your personal data when it is necessary to fulfill the terms of a contract you are a party to or to take steps at your request before entering into such a contract.
Comply with a Legal Obligation: this refers to processing your personal data when necessary to comply with a legal obligation that applies to us.

11. EXTERNAL THIRD PARTIES
Service Providers: acting as processors, we refer to the companies that provide IT and system administration services to support our business operations.
Professional Advisers: This includes lawyers, bankers, auditors, and insurers who may act as processors or joint controllers. They provide essential services such as consultancy, banking, legal advice, insurance, and accounting in accordance with legal requirements.
Government Authorities: Including HM Revenue & Customs, regulators, and other authorities who may act as processors or joint controllers. These national entities may require reporting of certain processing activities in compliance with legal and regulatory obligations.

12. Changes to this policy
AMRIS reserves the right to modify these Privacy Policy at any time at its sole discretion, with or without prior notice.
By using this Website, you are agreeing to be bound by the then-current version of these Privacy Policy.
This Privacy Policy was published on 15 July 2024.