Immunologix Laboratories Privacy Policy
1 Privacy Notice
Biologics Development Services LLC, doing business as Immunologix Laboratories (“Immunologix,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://www.immunologixlabs.com, use our services, or interact with us in any other way.
2 For EU, UK AND SWISS Individuals: Data Privacy Framework Notice for Personal Data Transfers to the United States
Immunologix complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Immunologix has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Immunologix has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.
3 For EU Individuals: Your Rights under the General Data Protection Regulation
As the Controller of EU personal data, Immunologix is committed to complying with the General Data Protection Regulation (GDPR) N°EU 2016/679, the United Kingdom General Data Protection Regulation, and the Data Processing Act 2018 (UK GDPR), along with all relevant EU data protection laws and regulations. The DPF is recognized as an adequate method for US companies like Immunologix to adhere to GDPR principles. EU data subjects have the right to lodge privacy complaints or enforce GDPR rights with supervisory authorities: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
4 For US Individuals: Your Rights Under State Data Privacy Laws
Immunologix is dedicated to adhering to various US state-level data privacy laws, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These laws generally aim to provide consumers with greater control over their personal data and ensure that businesses manage data responsibly. For specific details about your rights and recourses related to personal data handling, please contact your respective state government.
5 Data We Collect and processing Purpose
Website Visitors
When you visit the Immunologix website, we gather certain technical details such as your IP address, browser type, operating system, and the type of device used to access the site. Some parts of the website may require session and/or persistent cookies, which are data files placed on your device by the website operator. You can decline cookies if your browser settings allow, but this may impact website access and performance.
Our website may contain links to other sites that operate independently of Immunologix and are not under our control. These links are provided for your convenience and information only. We are not responsible for the content, security, or privacy practices of these external sites.
Additionally, Immunologix hosts scientific seminars and requires attendees to provide contact information. Data for individuals may be stored and processed for marketing purposes, and we may contact individuals in the future for these purposes. We do not share this information outside of the company.
Clinical and Medical Information
We do not actively collect or process confidential patient information. Clinical sample demographic data is typically received in a pseudonymized form (e.g., identified by an alphanumeric code) without any identifiable information. However, Immunologix Laboratories may inadvertently receive confidential patient data, including private health information protected by the United States Health Insurance Portability and Accountability Act (HIPAA). If confidential medical information is received in error, our standard operating procedures outline the process for handling such data.
If you are a clinical trial patient, we will process your pseudonymized data for testing and providing laboratory results. These data may be shared with relevant medical authorities for the drug approval process. We never transfer personal medical information.
Customer Data
At Immunologix Laboratories, we prioritize the privacy and security of our customers’ data. We collect personal information, including contact details, to provide and enhance our laboratory services. This information is processed solely to deliver accurate test results, improve our services, and communicate with you. Your information will only be shared with trusted third parties, such as service providers and regulatory authorities, when necessary.
Industry Professional Information
Immunologix collaborates with various individuals from other organizations, including but not limited to CROs, clinical site management, consultants, and contractors engaged by our clients. We collect names, contact information, and other necessary details of these individuals to conduct bioanalysis for clinical studies. When appropriate, additional Confidentiality and/or Master Service Agreements may be established to supplement the requirements of this Privacy Policy.
Job Applicant Data
We gather personal information from job applicants through various channels, such as our company website, employment websites, third-party recruiters, and other sources. This information may include private contact details like address, phone number, email, and professional qualifications. Personal data may also be used in the hiring process, including background checks, and may be stored for future interview processes. Immunologix employs contractors to conduct background checks on applicants, including verification of work history and, where permitted by law, criminal background checks.
6 Data Access Rights to Individuals
Individuals from the EU, UK, and Switzerland and relevant US states have the right to inquire about the processing of their personal information. You may request access to relevant information, ask for corrections, withdraw consent for its use, and request data deletion. To make any such requests, please email privacy@immunologixlabs.com. Immunologix will implement the requested changes within a reasonable timeframe and notify you once the changes are completed. If changes are not possible, Immunologix will inform you and provide a legitimate reason for not complying with the request.
7 Onward Transfer
Immunologix may share data with third-parties (onward transfer). However, these providers and suppliers (or agents) are only permitted to use this data for purposes explicitly defined in their contracts. We have agreements with the following agents who may have access to your personal data. All listed agents undergo an annual SOC 2 Type II audit.
| Agent’s Legal Entity Name, Website, and Compliance Information | Location of Processing | Product(s) or Service(s) Provided |
| Datto, Inc. | Pennsylvania, USA | Endpoint Backup Solution |
| Docusign, Inc | California, USA | 21 CFR Part 11 electronic signature platform |
| Microsoft Corp. | Washington, USA | Office 365 |
| Salesforce.com, Inc. | California, USA | Customer Relationship Management Platform
|
| QuickBase, Inc. | Massachusetts, USA | Database platform for the Immunologix RAPTOR laboratory informatics system |
| ZenQMS, Inc. | Pennsylvania, USA | Quality Management System |
We may disclose information as required by applicable laws, regulations, or legal processes. In certain circumstances, we may need to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Immunologix never sells or trades personal data.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@immunologixlabs.com.
When Immunologix is the data controller, transfers to third parties are governed by the provisions outlined in this policy. Where data is being sent to another party defined as a data controller, the controlling organization’s privacy policy will supersede this policy. Immunologix may be held liable for onward transfers of data for EU, UK, or Swiss individuals received under the EU-U.S.-DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
8 Independent Resolution Mechanism
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Immunologix commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact the Immunologix Data Protection Officer (privacy@immunologixlabs.com).
Immunologix has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
9 Enforcement
Immunologix Laboratories is subject to the investigatory and enforcement powers of the Federal Trade Commission.
10 General Security Measures to Protect Personal Information
We take precautions to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Immunologix has established technical measures, processes, procedures, and training to protect personal information collected, imported, stored, and processed within the organization. Policies and procedures are regularly reviewed and managed by the Immunologix IT Steering Committee, with oversight from Executive Management.
11 Review and Changes to this Privacy Policy
The Immunologix Laboratories Privacy Policy will be reviewed at least once a year to ensure it complies with local, state, national, and international privacy standards. Updates will be published and made available on the Immunologix website (www.immunologixlabs.com/privacy-policy/).
12 Contacts
For any questions regarding this privacy policy, please submit them in writing to:
Data Protection Officer
Immunologix Laboratories
4710 Eisenhower Blvd
Tampa, FL 33634
privacy@immunologixlabs.com