Reach out to get started with Reshape

We can help you unlock the full potential of your lab. Let's talk.

Privacy Policy

 

Effective date: January 28, 2025.

This Privacy Policy describes how Reshape ApS (“Reshape”, “we”, “us” or “our”) respects your privacy and is committed to protect it through our compliance with this policy.

1. Scope of this Privacy Policy

This Privacy Policy applies to all Reshape products and services (Collectively, the “Services”) including Reshapebiotech.com and other interactions (e.g. customer support inquiries, user conferences etc) you may have with Reshape. If you do not agree with the terms listed herein, do not access or use the Services, website or any other aspect of Reshape’s business.

This Privacy Policy does not apply to any third-party applications or software that integrate with the Services through the Reshape platform.

2. Information we collect and receive

We collect and receive several types of information about the users of our website and Services.

Website:

a. Cookie information. Reshape uses cookies and similar tracking technologies on our Website to collect and process data about you. We will only use non-essential cookies with your prior explicit consent, which you can withdraw at any time through our cookie management tool available on any subpage of the Website. The specific categories of cookies used, their purposes, and the data collected are detailed in our cookie consent banner and cookie policy.

b. Additional information provided to Reshape. Reshape receives additional information when submitted through forms on our website or in other ways, such as participation in surveys, focus groups, activities, events, applying for a job or similar.

Usage information:

a. User information. When a new authorized user of our Services is created, we store metadata on that user which may include their respective business e-mail.

b. Log data. As necessary for the operation of our Services and website, Reshape automatically collects and processes information when you access or use our website or Services and records it in our log files. This processing is based on our legitimate interests in ensuring the security and proper functioning of our Services. This log data may include the IP address, the address of the web page visited before using the website or Services, browser type and settings, the date and the time the Services were used, information about browser configuration and plugins language preferences and cookie data.

c. Device information. Reshape may collect data about the device accessing the Services, including what type of device it is, operating system, device settings, application ID’s, unique device identifiers and crash data.

d. Location information. Reshape may receive information and related parties that may help Reshape approximate your geolocation. Reshape may as an example approximate it by reviewing the business address received by the Customer or the by the IP address received by your browser or device. Reshape may also collect location information from devices in accordance with the consent process provided by your device.

e. Third-party services. A Customer may be able to connect Third-Party Services to its Customer environment. Third-Party Services are software services that can integrate with Reshape’s Services and a Customer may permit its authorized users to enable or disable these integrations for its customer environment. Reshape may also develop and offer Reshape Services that include connection to Third-Party Services. This may include, but is not limited to API calls, open API access or similar.

3. How Reshape uses information

Service data will be used by Reshape in accordance with the applicable MSA, customer’s use of the Services and as required by the law applicable to the agreement between the parties. Reshape is the processer of the data collected from use of the Services and the Customer is the controller.

Specifically, Reshape uses the information in the legitimate interest of operating our Services, website and business as specified below:

a. To provide, update, maintain and protect our Services, Website and business. This includes use of Service data and information to support the delivery of our Services under an MSA, prevent or address Service errors, security or technical issues, analyze and monitor usage, trends and other activities or at an authorized user’s request.

b. As required by applicable law, legal process or regulation.

c. To communicate with you be responding to requests, comments and questions. If you contact us through one of the available communication channels, Reshape may use information to respond to your inquiry.

d. To develop and provide additional features. Reshape tries to make Services as useful as possible for Customers and Reshape may use aggregated and anonymized data from use of the Services to develop new Services or improve the existing Services available to Customers.

e. To send e-mails and other communications. Reshape may send you service, technical and other administrative emails, messages and other types of communications. Reshape may also contact you to inform you about changes in the provided Services, Service offerings and other important Service-related notices such as security and fraud notices. These communications are considered part of the Services, and you may not opt out of them. Reshape may also send emails about product features, promotional communications and/or other updates about Reshape. These are marketing messages, and you can control whether you wish to receive them.

If you have additional questions about a message you received from Reshape, please reach out through the contact mechanisms described below in this policy.

f. For billing, account management, and other administrative matters. Reshape may need to contact you for invoicing, account management, and similar reasons and Reshape uses account data to administer accounts and keep track of billing and payments.

4. Data retention

Reshape will retain data in accordance with the applicable MSA or equivalent and as required by applicable law.

5. How Reshape shares and Discloses information

a. Corporate affiliates. Reshape may share information with its corporate affiliates, parents and/or subsidiaries.

b. During a change to Reshape’s business. If Reshape engages in a merger, acquisition, public offering of securities or similar transaction or proceeding, some or all information may be shared or transferred, subject to appropriate and commercially reasonable confidentiality arrangements.

c. Aggregated or de-identified data. Reshape may disclose or use aggregated or de-identified information with prospects, partners or similar parties for commercial or research purposes, provided that such information has been transformed in a manner that ensures it cannot be reasonably used to identify any individual and cannot be reversed to re-identify individuals.

d. To comply with applicable laws. If a law enforcement or government agency sends Reshape a demand for information about a Customer, Reshape shall try to redirect the agency to request the data directly from the Customer. As part of this process, Reshape may provide the Customer’s basic information to the law enforcement or government agency. If compelled to disclose information to a law enforcement or government agency, then Reshape will give the Customer reasonable notice of demand and cooperation to allow the Customer to seek a protective order or other appropriate remedy unless Reshape is legally prohibited from doing so. Reshape will not voluntarily disclose information related to a Customer to any law enforcement or government agency, unless required so by public authorities, including to meet national security or law enforcement requirements.

e. To enforce our rights, prevent fraud and for safety. To protect and defend the rights, property or safety of Reshape or third parties, including enforcing contracts or policies, or in connection with investigating and/or preventing fraud or security issues.

f. With consent. Reshape may share information with third parties when Reshape has consent to do so.

6. Security

Security is critical for Reshape’s mission and is a top priority for Reshape as a company. Reshape uses industry standard technical and organizational measures to protect any information from loss, misuse or unauthorized access or disclosure.

7. Changes to the Privacy Policy

Reshape has the right to change the Privacy Policy from time to time. This could be subject to changes to laws, regulations and/or evolving industry standards. Reshape will update the date of the Privacy Policy if applicable and encourage you to review our Privacy Policy to stay up to date. For any changes that materially changes your privacy rights, Reshape will provide additional notice such as via e-mail or through communications inside the Services. If you disagree with the changes, you should cease interacting with the Service and/or Website. If you have questions to changes and/or any part of the Privacy Policy, you should use the communication guidelines shared below in this policy.

8. International Data Transfers

Reshape may transfer your personal data to countries outside of your residing country and the European Economic Area (EEA). While the data for our Services is primarily stored within the EU, when we transfer personal data outside the EEA, we ensure adequate protection through appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, or other legally recognized transfer mechanisms. We require all our sub-processors to maintain similar levels of data protection and will preferentially use sub-processors operating within the EU.

9. Your rights

Individuals located in certain jurisdictions have specific statutory rights regarding their personal data. This includes individuals in the European Economic Area and United Kingdom (rights to access, rectification, erasure, restriction of processing, data portability, and objection to processing), and US states such as California (CCPA rights including access, deletion, and opt-out of sale) and Virginia (VCDPA rights). Subject to any exemptions provided by law, you may exercise these rights in relation to your personal data. We will respond to your request within the timeframe required by applicable law (30 days for GDPR requests, 45 days for CCPA requests). Where possible and as outlined in this Privacy Policy, you can also request to limit the use and disclosure of your information. You can exercise your privacy rights by sending a request via e-mail as outlined below in this policy.

10. Contacting Reshape

If you need to contact Reshape about any of the aforementioned matters and/or if you have any questions related to this Privacy Policy, please feel free to reach out to Reshape on the e-mail address it-ops@reshapebiotech.com. Reshape will ensure to respond to your inquiry within a timeframe that is compliant with the applicable regulations.