GDPR

Amplexa Genetics is a privately owned genetic laboratory. We offer genetic testing services to both individuals and healthcare professionals. Data plays a vital role, and we take pride in processing your data responsibly. The new Data Protection Regulation (GDPR) came into effect on May 25, 2018. As a result, we have updated our personal data policy to ensure that you can use our services safely and securely. Among other things, the new rules give you greater control over how we process your data. You can read our personal data policy below.

PERSONAL DATA POLICY

Contents:

1. General
2. What personal information do we collect, for what purposes, and the legal basis for processing?
3. Recipients of Personal Data: Within the EU/EEA, Outside the EU/EEA
4. Your rights
5. Deletion of personal data
6. Security
7. Contact information
8. Changes to the Personal Data Policy
9. Versions

   
   1. GENERAL

This personal data policy (“Personal Data Policy”) describes how Amplexa Genetics A/S (“Amplexa,” “we,” “our,” “us”) collects and processes information about you.

This policy applies to personal data that you provide to us or that we collect via Amplexa’s websites (“Website”).

Amplexa is the data controller for your personal data. Any inquiries to Amplexa can be made using the contact information listed in section 7.

2. WHAT PERSONAL INFORMATION DO WE COLLECT, FOR WHAT PURPOSES, AND THE LEGAL BASIS FOR PROCESSING?

• When you visit our website, we automatically collect information about you and your usage of the site, such as the type of browser you use, search terms you enter, your IP address, including your network location, and information about your computer. This is done to optimize your user experience and the Website’s functionality. The processing of this data is necessary for us to protect our interests in improving the Website and showing you relevant offers. The legal basis for this processing is Article 6(1)(b) and (f) of the GDPR.
• When you submit an order form, we collect the information you provide, such as your name, address, email, phone number, payment method, details about the products you buy or return, delivery preferences, and the IP address from which the order was placed. This information is processed to deliver the products you’ve ordered and fulfill our agreement with you, including managing your rights to returns and complaints, and contacting you regarding your order. We may also process submitted data to comply with legal obligations, such as accounting and invoicing, and for targeted marketing. The legal basis for this processing is Article 6(1)(b), (c), and (f) of the GDPR.
• When you sign up for our newsletter (when this is enabled), we collect your name and email address to send you newsletters. The legal basis for this processing is Article 6(1)(b) and (f) of the GDPR.
• When you communicate with us, we collect the information you provide, such as your name, address, email, phone number, and the content of your inquiry. This information is processed to provide you with the best possible customer service. The legal basis for this processing is Article 6(1)(b) and (f) of the GDPR.
  
  

  3. RECIPIENTS OF PERSONAL DATA

• Information about your name, address, email, phone number, order number, and specific delivery preferences may be shared with the carrier handling the delivery of your purchased items.
• Recipients of Personal Data within the EU/EEA:
  Information may be shared with external partners who process data on our behalf. We use external partners for technical operations and improvements to the Website, sending newsletters, and collecting customer feedback about our company and products. These companies are data processors, and they process data on our behalf. Data processors are prohibited from using the information for purposes other than fulfilling our contract and are bound by confidentiality agreements. We have signed written agreements with all data processors who handle personal data on our behalf.
• Recipients of Personal Data outside the EU/EEA:
  Similar to the above, information may be shared with external partners who process data on our behalf. These external companies are data processors and are under our instruction. They are not allowed to use the information for any other purpose than fulfilling our contract, and they are subject to confidentiality agreements. We have signed written agreements with all data processors who handle personal data on our behalf.
  
  

  4. YOUR RIGHTS

   As the data controller, we are committed to transparency in the processing of your data. Therefore, we want to inform you of your rights:

• Right of Access:
  You have the right to request information about what data we hold about you, the purpose of its collection, the categories of data, and any recipients of that data. You may also request information about the origin of the data. You have the right to receive a copy of your personal data. If you wish to receive a copy, please send a written request to [email protected].
  You may be asked to verify your identity.
• Right to Rectification:
  You have the right to request correction of any inaccurate personal data we hold about you. If you become aware of errors in the data we hold, we encourage you to contact us in writing so that the information can be corrected.
• Right to Erasure:
  In certain cases, you have the right to request the deletion of all or some of your personal data. For example, if you withdraw your consent and we do not have another legal basis to continue processing, we are obligated to delete your data. However, if the continued processing of your data is necessary for legal obligations, or for the establishment, exercise, or defence of legal claims, we are not required to erase your personal data.
• Right to Restrict Processing:
  In certain situations, you have the right to request that we limit the processing of your personal data to storage only. For example, if you believe the data we are processing is inaccurate.
• Right to Data Portability:
  You have the right to request that personal data you have provided to us be provided to you in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another data controller.
• Right to Object:
  You have the right to object to our processing of your personal data at any time. Additionally, you have the right to object to processing based on legitimate interests (as described in sections 2.1 and 2.3) for reasons related to your personal situation.
• Right to Withdraw Consent:
  You have the right to withdraw any consent you have previously given for the processing of your personal data by contacting us at [email protected]
• Right to Lodge a Complaint:
  You have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) at Borgergade 28, 5, 1300 Copenhagen K, Denmark. You can also contact them by email at [email protected] or by phone at +45 33 19 32 00.
  
  

5. DELETION OF PERSONAL DATA

• Information collected during your purchase (section 2.2) will generally be anonymized 2 years after the order has been completed or cancelled. However, data may be retained for a longer period if we have a legitimate reason for extended storage, such as for legal claims or compliance with legal requirements. Accounting records are retained for 5 years to comply with Danish accounting laws.
• Information collected during your newsletter subscription will be deleted when you withdraw your consent to receive newsletters. Data may be retained for a longer period if there is a legitimate reason for extended storage.
• Information collected from communications with us (section 2.6) will generally be anonymized 2 years after you have contacted us. However, data may be retained for longer periods if necessary to establish, exercise, or defend legal claims, or if required for legal compliance.
  
  

6. SECURITY

We have implemented appropriate technical and organizational security measures to protect personal data from accidental or unlawful destruction, loss, alteration, or unauthorized access.

Only employees who have a legitimate need to access your personal data to perform their job duties are allowed to do so.

7. CONTACT INFORMATION

Amplexa Genetics A/S is the data controller for the personal data collected via the Website.

If you have any questions or concerns about this Personal Data Policy or wish to exercise any of your rights outlined in section 4, please contact:
Amplexa Genetics A/S
Sverigesgade 24, 5000 Odense
Email: [email protected]

8. CHANGES TO THE PERSONAL DATA POLICY

If we make significant changes to the Personal Data Policy, it will be clearly indicated on the Website.

9. VERSIONS

This is version 2 of revised Amplexa’s personal data policy, dated January, 2026.