Privacy Policy

Updated on 1 December 2022

At Tenpoint Therapeutics Limited (“Tenpoint”, “we”, “our”, or “us”), we’re committed to protecting and respecting your privacy. This privacy policy (“Privacy Policy”) explains when and why we collect personal data about people who visit our website www.tenpointtherapeutics.com (“website”), how we use it, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Privacy Policy from time to time so please check this page occasionally to ensure that you are happy with any changes.

For the purposes of the General Data Protection Regulation 2016/679 (“GDPR”), and the GDPR in such form as incorporated into the laws of the United Kingdom (“UK”), Tenpoint Therapeutics Limited will be the controller of your personal data. Any questions regarding this Privacy Policy and our privacy practices should be sent by email to info@tenpoint-tx.com or by writing to 30 Broad Street, Great Cambourne, Cambridge, England, CB23 6HJ.

1.  The personal data we collect from you?

When you interact with our website we may obtain information about you in the following ways:

  • Entering into agreement with us: when you enter into a contractual agreement with us we may collect certain details in respect of you or other representatives of your business, such as full name, contact details, company address, job title and location.
  • Contacting us or requesting content: when you send us an enquiry on our “Contact” page on our website or request to download content (such as brochures studies of guides), we may collect your full name, email address and the details of your enquiry.
  • Business partners: when we interact with you as a business partner, we may collect certain details of business partner representatives, such as full name, email address, company address, job title and location.
  • Careers: we may collect personal data from you when you apply for a vacancy with us on our “Join Us” page, such as your full name and the details included in your curriculum vitae.
  • Automated technologies: the servers hosting the website automatically record certain information about you when you use the website, including details of your domain name, IP address, operating system and browser. For further details please see section on “Cookies” below.

2. How is your personal data used?

We may use your personal data to:

  • Contact you regarding any queries you have raised through the “Contact” page or with us directly;
  • Carry out our obligations arising from any contracts entered into by you and us;
  • Notify you of changes to our services;
  • To understand how you visit our website to improve and monitor the quality of it;
  • To protect the security of and managing access to our premises, IT and communication systems, online platforms, website and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
  • To comply with our legal and regulatory obligations and requests, including reporting to and/or being audited or investigated by national and international regulatory bodies;
  • To comply with court orders and to exercise and/or defend our legal rights;
  • To optimise your user experience, we may use your personal data to operate, maintain, and improve our platforms and services;
  • To send you communications (via email) about our products, services, upcoming events, and other news about us and our selected partners, providing you haven’t objected to receiving these communications. You can opt-out of receiving marketing communications at any time by using the unsubscribe link in each marketing communication;
  • To facilitate corporate acquisitions, mergers, or transactions.

3. Legal reasons we rely on to process your personal data

If you are located in the European Economic Area (“EEA”) or the UK, please note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data.

In processing your personal data in connection with the purposes set out in this Privacy Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

  • we have obtained your explicit prior consent to the processing (this legal basis is only used exceptionally in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way);
  • the processing is necessary in connection with any contractual relationship that you may enter into with us;
  • the processing is required by applicable law; or
  • we have a legitimate interest in carrying out the processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.

For more information on the legal bases we rely on to process your personal data, please see the table below (please note that when we process your personal data for our legitimate interests we always ensure that we consider and balance any potential impact on you and your data protection rights):

Purpose of Processing Legal Bases for Processing

To reply to your communications. Based on our contract with you or to take steps at your request prior to entering into a contract; or based on our legitimate interests.

Carry out our obligations arising from any contracts entered into by you and us.
Based on our contract with you or to take steps at your request prior to entering into a contract.
Notify you of changes to our services.
Based on our contract with you or to take steps at your request prior to entering into a contract; or based on our legitimate interests.

To understand how you visit our website to improve and monitor the quality of it.
Based on our legitimate interests.
To monitor our security and service. Based on our legitimate interests.

To comply with our legal and regulatory obligations and requests. Based on our legal obligations.
To comply with court orders and to exercise and/or defend our legal rights.
Based on our legal obligations or our legitimate interests.

To optimise your user experience. Based on our legitimate interests.

Send you marketing communications. Consent or based on our legitimate interests.
To facilitate corporate acquisitions, mergers, or transactions. Based on our legitimate interests.

4. Cookies

Like many other websites, we use cookie technologies to collect data concerning the use of our website. A cookie is a small data file that is placed on your computer by your web browser when you visit the website. For more information on our use of cookies you can find further details in our cookies policy.

5. Who has access to your information?

We do not share, rent, or sell the personal data that you provide us with other organisations without your express consent, except as described in this Privacy Policy. We may disclose personal data to third parties under the following circumstances:

  • Compliance with Laws and Law Enforcement; Protection and Safety. We may share personal data for legal, protection, and safety purposes or to comply with laws.
  • Professional Advisors and Service Providers. We may share personal data with those who need it to do work for us. These recipients may include third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, email delivery and database management services), as well as lawyers, bankers, auditors, and insurers.
  • Group. We may share personal data with other companies in our group.
  • Business Transfers. We may share personal data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.

Please note that when we engage with third party service providers to perform our services, and this involves the sharing of personal data, we will enter into agreements with these third parties which include strict confidentiality obligations.

6. Security measures

We make use of physical, technical and administrative measures to safeguard the personal data in our possession against loss, theft and unauthorised use, communication or modification of personal data. Please pay attention to the fact that, in any case, no transmission or storage of personal data can be guaranteed as 100% secure. Consequently, while committing ourselves to protect the information in our possession, we cannot guarantee or ensure the total security of any information that you send us.

7. Amendments to this Privacy Policy

We may revise this Privacy Policy over time. The most recent version of the Privacy Policy will govern Tenpoint’s use of your personal data and will be available on the website: www.tenpointtherapeutics.com.

8. Data transfers

Your personal data will be stored on servers located in the UK and such personal data may be shared with our group affiliate in Switzerland. The UK and Switzerland have been recognised by the European Commission as providing adequate protection of personal data in line with European Union data protection laws (and for the purposes of the UK, Switzerland has been recognised by the UK government as a country which provides adequate protection of personal data according to UK data protection laws).

9. Data retention

We retain personal data we collect as long as it is necessary and relevant to fulfill the purposes outlined in this Privacy Policy. We may retain personal data for a longer period to comply with applicable law where required, prevent fraud, resolve disputes (or if we believe there is a prospect of litigation/dispute in respect to our relationship with you), troubleshoot problems, assist with any investigation, enforce our Terms of Use, and other actions permitted by law.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

10. Do Not Track

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

11. Children

Our service does not address anyone under the age of 18.

We do not knowingly collect personal data from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

12. Links to other websites

Our website may contain links to other websites run by other organisations. This Privacy Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

13. Your rights

Subject to applicable law, you may have the right to: (a) access the personal data we hold about you; (b) request we correct any inaccurate personal data we hold about you; (c) request we delete any personal data we hold about you; (d) restrict the processing of personal data we hold about you; (e) object to the processing of personal data we hold about you; (f) not be subjected to a decision based solely on automated processing, including profiling; and/or (g) receive any personal data we hold about you in a structured, commonly used and machine-readable format or have such personal data transmitted to another company.

Please note that we may ask you to verify your identity before responding to such requests. Depending on where you reside, you may be entitled to empower an “authorized agent” to submit requests on your behalf. We will require authorised agents to confirm their identity and authority, in accordance with applicable laws.

To exercise any of your rights in connection with your personal data, please contact us using the contact information in the “How to contact us” section below. If you are located in the UK or the EEA, you have the right to complain to a data protection authority in your country about our collection and use of your personal data.

14. How to contact us

If you have any questions regarding this Privacy Policy, please contact us at: info@tenpoint-tx.com.