top of page

PRIVACY POLICY

version 2.3 from 2023/04/24

Enamine Germany respects the privacy of visitors to our Site. Your personal information is collected, used, stored, transferred, and disclosed by  Enamine Germany only in accordance with this privacy policy.

  1. Enamine is a research-and-production company specializing in fine organic synthesis and providing additional services for drug discovery with the following address:​    Enamine Germany GmbH,  Industriepark Höchst, G 837 65926, Frankfurt am Main

  2. What information do we collect?

    Information we get from your use of the Sites

    It is primarily non-personally identifying information of the sort that web browsers, servers, and services like Google Analytics typically make available, such as the browser type, language preference, referring site, and the time of each visit. Other non-identifying information that we might have access to includes how you use the Sites (e.g. search queries), your approximate location, cookies, etc.

    We collect this non-personally identifying information in order to track visits to our Sites, understand and evaluate the customer experience, improve the content and layout of our Sites and customize the web experience.

    When you use the Sites, we also collect potentially personally-identifying information in the form of Internet Protocol (IP) addresses.

    Enamine will only attempt to link the logs to identifiable individuals if that is necessary for investigating a data security breach, a breach of contract, a violation of Enamine’s policies and procedures, or a contravention of the laws.

    Information you provide to us directly

    Certain visitors to our Sites choose to interact with them in ways that may require them to provide us with personally identifying information.

    When you register for an account on our Sites, place an order or subscribe to our newsletter, basic contact details are collected such as the e-mail address and your name, job function, company name, shipping address, billing address, information on contact person for shipping and billing.

    You may also want to provide credit card information to pay for products. We never store this information and all credit card information goes through our Sites to the authorized third-party payment processor service – First Data (for payments in US dollars) without being stored locally. So the controllers of this data are the corresponding companies. Please refer to their privacy policy for more information (https://www.firstdata.com/en_gb/privacy.html).

    Information provided by other sources

    We collect information about you from other users of the Sites. For example, when another user provides your contact information when he designates you as a billing or shipping contact when placing the order.

  3. What do we use your information for?

    Any of the information we collect from you may be used for one or more of the following purposes:

    1. To personalize your experience (the information will help Enamine better respond to your individual needs);

    2. To improve our Sites (Enamine continually strives to improve our Sites offerings based on the information and feedback we receive from our customers);

    3. To identify you as a contracting party;

    4. To enable secure login for you into the account on our Sites;

    5. To establish a primary channel of communication with you;

    6. To enable Enamine to issue valid VAT invoices and to process transactions;

    7. To transfer information to others as described in this policy or to satisfy our legal, regulatory, compliance, or auditing requirements, including to disclose information to law enforcement authorities upon the validly served legal process or a valid judicial instruction (for example, pursuant to a court order);

    8. To enable automated handling of the subscriptions;

    9. To send periodic e-mails (The e-mail address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news (if accepted), updates, related product or service information, etc.)

    10. If at any time you would like to unsubscribe from receiving future e-mails, you can cancel your subscription by following the link in the footer of any email received from us.

  4. Legal basis

    1. EU General Data Protection Regulation (GDPR)

      The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).

      If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information in clause 1.

      In order to enter into a contract regarding the purchase of Enamine’s products, you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to sell the products or provide you the quotation.

    2. California Online Privacy Protection Act Compliance

      Because Enamine values your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute any personal information to outside parties without your consent except as stated in clause 7.

      As part of the California Online Privacy Protection Act, all users of our Sites may make any changes to their information at any time by logging into their account and navigating to the “profile page”.

    3. Children’s Online Privacy Protection Act Compliance

      Enamine is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 13 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.

  5. How do we protect your information?

    Enamine implements the following technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction, loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.

    1. Availability

      To ensure high availability automated daily backup of the Sites database is arranged. The backed up data are stored for 14 days at the same data centre as the main database. All failover mechanisms are fully automated.

      System and project files are backed up on a daily basis, backups are stored for 90 days at a Amazon Web Services and Digital Ocean data centres (see “9. Where do we store the information?” for more details).

    2. Integrity

      To ensure integrity, Enamine strives to provide a secure online environment for the transmission of personal information such as credit card details, usernames, and passwords. For Enamine Sites security is provided by Transport Layer Security (TLS/SSL) encryption and verified by security certificate issued by Thawte Consulting Certificate Authority. Encrypted connection can be identified by 'https' prefix in the address bar of your browser; it prevents all the data from being intercepted while transferred between your computer and our Sites.

    3. Confidentiality

      All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties.

      Whenever personal data is accessed by our company or representative companies personnel the access is only possible after password authentification. Access is granted to the personnel whose job functions require it by assigning the appropriate role. The log of roles assignment is maintened and may be accessible on request.

      There are additional security measures in place for the personnel with system administrator functions. When accessing the data in a database, the IP number of the person accessing the data, as well as login/password must be pre-authorized to obtain access.

      Personal data are never stored on mobile media like USB sticks and DVD’s.

    4. Monitoring

      Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. System performance and availability are monitored by qualified personnel.

    5. Personal Data breach notification

      In the event that your data is compromised, Enamine will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact on your experience using the Sites and Enamine's action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

  6. How we use cookies

    This website uses cookies. We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic. We also share information about your use of our site with our social media, advertising, and analytics partners. They may combine it with other information that you've provided to them or that they've collected from your use of their services.

    Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.

    There are four categories of cookies used: essential, performance, advertising, and content cookies, and web beacons.

    The table below lists the types of cookies and third-party service providers currently used but may not include all cookies or third-party service providers. In addition, the below list of cookies and third-party service providers is subject to change at any time.

     

    Cookie Type

    Who serves it

    What it does

    More information

    1

    Performance

    Google Analytics

    We use Google Analytics to analyze the use of our website.

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

    2

    Performance

    Amplitude

    We use Amplitude to analyze the use of our website.

    For more information about Amplitude’s privacy practices, see https://amplitude.com/privacy.

    3

    Performance

    Hotjar

    We use Hotjar to analyze the use of our website.

    For more information about Hotjar’s privacy practices, see https://www.hotjar.com/legal/policies/privacy/.

    4

    Advertising

    LinkedIn

    We use LinkedIn to share presentations and track conversions and website visits from our advertisements displayed on LinkedIn.

    For more information about LinkedIn’s privacy practices, please see https://www.linkedin.com/legal/privacy-policy.

    5

    Content

    Google Maps

    We use Google Maps to provide our locations

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

    6

    Content

    Youtube

    We use Youtube to share our videos

    For more information about Google’s privacy practices, see https://policies.google.com/privacy.

    • Essential cookies, web beacons, and other tracking technologies are necessary for the operation of the website. These tracking technologies enable you to move around on the site and use the website's features. You may not opt out of these types of cookies because they are required to operate the website.

    • Performance cookies, web beacons, and other tracking technologies collect information about how you have used the website. We use performance cookies, web beacons, and other tracking technologies to improve the user experience with our website.

    • Advertising cookies, web beacons, and other tracking technologies are used by our third-party service providers to deliver advertising to you on other third-party websites as well as help measure the effectiveness of our advertising campaigns. We also use these types of cookies to analyze website visits and ad conversions from third websites. Content cookies enable us to display content most relevant to the audience.

  7. Do we discloase any information to outside parties?

    Enamine does not sell, trade or otherwise transfer to outside parties any personally identifiable information.

    This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.

    We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

    1. Subcontractors/trusted third parties

      The list of main sub contractors/trusted third parties with whom we share your information is provided below.

       

      Category

      Company name

      Country

      Legal basis

      1

      Logistics

      SIA Enamine

      Latvia, EU

      Contract

      2

      Logistics

      Enamine LLC

      USA

      Contract

      3

      Data storage

      Amazon Web Services Inc.

      USA

      Consent (by agreeing to the Privacy Policy)

      4

      Data storage

      DigitalOcean LLC

      USA

      Consent (by agreeing to the Privacy Policy)

      5

      Card processing

      FirstData

      USA

      Consent (Terms of Use)

      6

      Analytics&Marketing

      Google Inc. (Google Analytics)

      USA

      Consent
      (by Cookies opt-in)

      7

      Analytics&Marketing

      Amplitude Inc.

      USA

      Consent
      (by Cookies opt-in)

      8

      Analytics&Marketing

      HotJar Inc.

      USA

      Consent
      (by Cookies opt-in)

      9

      Analytics&Marketing

      LinkedIn Ireland Unlimited Company or LinkedIn Corporation (LinkedIn, SlideShare)

      USA

      Consent
      (by Cookies opt-in)

      10

      Analytics&Marketing

      The Rocket Science Group LLC (MailChimp)

      USA

      Consent
      (by Cookies opt-in)

      Other subcontractors may be engaged in personal data handling based on your consent or in order to fulfil our contractual obligations.

    2. Legally required disclosure

      Enamine will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Enamine, Enamine strives to limit the disclosure. Enamine will only release specific data mandated by the relevant legal demand.

      If compelled to disclose your data, Enamine will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

  8. Third party links

    Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third party sites have separate independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.

  9. Where do we store the information?

    1. Personal data location

      All data are stored in databases and file repositories hosted in Amazon Web Services cloud owned by Amazon Web Services Inc.. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Other security features include, but are not limited to: full CCTV coverage externally and internally, biometric readers with two-factor authentication. Technical support staff do not have access to the backend hypervisors where virtual servers reside nor direct access to the NAS/SAN storage systems where snapshots and backup images reside. Only select engineering teams have direct access to the backend hypervisors based on their role. For more information regarding security measures and compliance of Amazon Web Services Inc., follow the link: Security | AWS

    2. International Data Transfers

      By using our Sites or by interacting with us in other ways, you authorize Enamine to transfer Personal Information outside of the European Economic Area.

  10. Your rights

    Your rights according to the GDPR are the right to information about the processing (provided to you here, in this Privacy Policy); the right to access personal data relating to you; the right to have such data rectified, erased or restricted from processing; the right to object to our processing of personal data; as well as the right to not be subject to automatic decisions and the right to data portability. To exercise your rights please contact us via privacy@enamine.net. If you want to know more about this, or have concerns about your rights, please do not hesitate to contact us.

    You may also access and update certain information about you stored in your account on the Sites by login in to it (Profile/View Profile on EnamineStore or by clicking on your name in the upper right corner of enamine.net).

    At any time, you can cancel your subscription to our email newsletter by following the link in the footer of any email received from us.

  11. Data retention

    Enamine stores your account information until you request to delete your account.

    Some information, needed for complying with our legal obligations, is stored according to legal requirements of the country of business registration and cannot be deleted upon your request.

    Marketing information, as email preferences, is stored until you opt-out receiving our email newsletter.

    Sites usage data logs with identifiable and non-identifiable personal information (SDS/CoA requests, search requests, add to cart actions) are stored for 60 days and are automatically deleted afterwards.

  12. Terms of Service

    Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our Sites.

  13. Your consent

    By using our Sites, you consent to this Privacy Policy.

  14. Changes to our Privacy Policy

    If we decide to change our Privacy Policy, we will post the amended Privacy Policy on the Sites and update the Privacy Policy modification date and version.

  15. Complaint

    You may at any time lodge a complaint with a supervisory authority regarding Enamine’s collection and processing of your personal data.

    You may find the list of competent authorities on the protection of personal data in each EU Member State by following the link: https://ec.europa.eu/digital-single-market/en/news/list-personal-data-protection-competent-authorities.

    Enamine LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission.

​

bottom of page