This Privacy Notice (“Notice”) describes how Octopio (“Octopio”, “we”, “us” and “our”) collect, use,
share, secure, and eventually dispose of (collectively “process”) your personal data. Personal data is
any information that does, or could, identify you. Your rights over your personal data are set out in
Section 11 – Your Rights.
This Notice applies to personal data collected by our websites, apps, and services (collectively
“services”), and in the course of routine offline business contact with you.
This Notice is addressed primarily to our customers, service users (including visitors to our sites and
trial users), sales prospects and individuals whose professional data is included in our services.
Octopio is a user-friendly web-based data analytics service that collects information from millions of
data points on a wide-range of life science products. Our analytics help to sharpen your sales
strategies, maximize your investment opportunities, assess hot leads and untapped sales
opportunities, convince prospects your product is the best and secure returns on investment.
Octopio has developed 5 different analytics tools:
Product analytics, Competitive forces, Sales lead
generation, Product promotion tools and Market insights
Changes to this notice
updated revision date. If we make any material changes, we will provide notice through the Service
or by other means.
Version 01, updated on 29/07/2018.
Personal data collected
We collect personal data directly from you:
- -When you use our services, e.g. when you purchase or access our services, we will collect your
profile details and other information that you choose to upload to your account. We will also store
your log-in credentials to our services.
- -When you interact with us, e.g. when you fill in an online form, we collect the information that you
include in those forms or, when you seek help with technical issues, you may share information
about your devices.
- -Through cookies and similar technologies included on our services, e.g. when you access our
website, we collect device and usage information on your use of our services. For more information
on how we use standard technologies, like web server logs and cookies and web beacons, please
We also collect personal data about you from third parties:
- -The organization(s) to which you belong or person(s) who have arranged your access to our services,
e.g. your employer or the institution you’re affiliated with may provide us with contact information
so that we can set up your login.
- -Our partners and service providers, e.g. technology providers in connection to your use of our
- -Publicly available sources like academic publications, patent offices, and regulatory agencies, e.g. if
you are an academic author or researcher, a patent holder, or clinical trials investigator, your
professional data such as your name, work contact details, and specialization may be included in our
services. If you have questions about this use of your data, contact us at
- -Other public or paid-for sources, e.g. we may acquire marketing lists from third parties to identify
prospects for our services (see Section 11 – Your Rights) for information on managing your marketing
Types of personal data we collect
How you interact with us, and the different products and services we offer, or that you are identified
in connection with, determines what personal data we collect about you.
The personal data we collect may consist of the following:
- -Name and contact details, e.g. name, e-mail address, organization, billing address.
- -Log-in Credentials, e.g. security and credentialing information required to access our services.
- -User inputted content, e.g. content you provide to us when you use our products and services.
- -Device information, e.g. information about your computer or other device, such as IP address,
location or provider.
- -Usage information, e.g. information about your use of our services, such as date and time of visits,
the pages viewed, time spent at one of our websites, as well as your favorites and search queries.
- -Purchase history, e.g. purchases you have made, when your subscriptions expire or renew.
- -Demographic information, e.g. your country and preferred language.
- -Billing information, e.g. credit card number and payment details if you make a payment through our
Sensitive personal data. We do not process personal data about race or ethnicity; political opinions,
or religious or philosophical beliefs; trade union membership; or genetic, biometric, health, or sex-
life information (“special categories of personal data” as defined by the European Union General
Data Protection Regulation) unless you provide or indicate such information in a user-controlled area
of our services, for example a professional profile. We may occasionally collect personal data that is
subject to enhanced security requirements, such as requiring a credit card or government-issued ID
to complete a transaction you have requested.
Purposes of processing
This section sets out the purposes for which we use your personal data. Your relationship with
Octopio will determine which purposes apply to you.
We are required by law in Europe to explain in this Notice the legal grounds on which we rely to
process your personal data. Generally, we process your personal data as follows:
- -Specific marketing & promotional purposes: offers from Octopio or our partners.
- -Contractual obligations: if you have a contract with us, we process your personal data to perform
- -Customer and service administration: to provide, activate and manage your access to, and
use of, our services; to provide user and technical support; to enforce our terms of business;
to provide technical, product and other support and help to keep the Service working, safe
and secure; to report to our content and technology providers; to process and fulfill a
request, order, download, subscription or other transaction or administrative task.
- -Product analysis and development: to analyze the functionalities we offer and to improve
the design and content of our services (including sharing your personal data across our
services allowing us to make all our services more intuitive and user-friendly) we may use
information collected on our services, usually in aggregated form. This helps us to better
understand your use of our services and to enhance your enjoyment and experience. We
may also provide information about your use of the services to a third party who has made
the services available to you (for instance, your employer).
- -Security: to protect the security of our IT systems, architecture and networks as well as to
prevent misuses of our services.
- -Our or a third party’s legitimate interests: namely customer and product administration, provision
and improvement of our services, protection of legal rights and marketing. We do not disclose your
contact information to third parties for their marketing purposes. More detailed information about
these legitimate interests is set out below.
- -To identify usage trends and develop data analysis, including for the purposes of research,
audits, reporting and other business operations. We may disclose aggregated or other usage
information about our users, or information that does not identify any individual, without
- -To personalize products: to deliver personalized functionality in our services, for instance we
may retain your browsing and usage information to make your searches within our services
more relevant. We also analyze product usage information to understand which content and
tools are most useful for our users and to allow us, or our partner companies or joint-venture
partners to deliver and suggest customized services that we believe may be of interest to you
as determined by your choices in managing your communications preferences and other
- -To tailor advertising content. We aim to offer you advertising content that is the most
relevant to you. In this context, we use, whether separately or combined, the personal
information you provide, we collect, or we infer from your use of the Service and the
Internet. This enables us to display advertisements that best match to your particular
interests. We do not disclose your contact information to third parties for their marketing
- -To comply with legal or regulatory obligations: to meet a court order or a regulator
- -To exercise our legal rights: to defend ourselves from claims and to comply with laws and
regulations that apply to Octopio or third parties with whom we work.
- -To participate in business restructuring or similar transactions: to participate in, or be the
subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or
other disposition of all or any portion of our business, assets or stock.
Recipients of the data
Your personal data will, depending on the purposes of processing, be disclosed to different
individuals and organizations, including:
- -Octopio employees, contractors and partners whose roles require access to your data. Personnel are
bound to confidentiality terms which cover their obligations to protect personal data.
- -The account administrator or the person providing you access to our services, in the case of
- -Service providers who process personal data on our behalf (“processors”); for example Cloud
computing providers and web analytics services like Google Analytics and credit card payment
processors. Such vendors are contractually bound to protect your data to the same standard as set
out in this Notice and, in the case of credit card payment processors, to meet the Payment Card
Industry Data Security Standard (PCI DSS).
- -Professional advisors such as legal counsel and information security professionals where reasonably
required to protect our rights, users, systems and our services.
- -Government agencies, law enforcement, courts and other public authorities where we have a duty
to disclose your personal data by law.
- -Subscribers to our services. If your personal data is collected from public sources for inclusion in our
product databases and any personal data you choose to provide to us for display in our services, your
personal data will be accessed by users of our services.
- -Prospective and actual buyers, sellers, advisers or partners in relation to any sale merger,
acquisition, or similar corporate event involving Octopio.
Octopio maintains appropriate administrative, technical, and physical security measures to protect
your personal data from accidental loss and unauthorized access or use. These measures include
encryption, firewalls, roles-based data access, intrusion-detection software, and physical access
controls to data centers. However, we cannot guarantee that loss, misuse, unauthorized acquisition,
or alteration of your data will never occur.
Octopio is a global business, and your data may be transferred to countries with different privacy and
data protection laws than your own, including to countries, such as the United States.
As far as possible, we store your information on servers located within the European Economic Area
(EEA). However, some of our service providers are located outside of the EEA, and it may be
necessary to transfer your personal information for processing to these countries. Some of those
countries may have a different regulation on data protection than the European Union. In such cases,
we pay special attention to make such data transfers compliant with applicable regulation and put in
place equivalent safeguards with respect to the protection of your privacy, fundamental rights and
freedoms to the ones offered by the European Union (notably by using Standard Contractual Clauses
of the European Commission).
We undertake to keep your personal information for no longer than is necessary for the purposes for
which we process them, in accordance with the regulations.
In order to calculate the retention period of your personal data, we use notably the following criteria:
- -The duration of your contract, if you have entered into such contract with Octopio,
- -The time required to proceed your request or your claim,
- -The duration for which your user account is opened, unless you have been inactive for
- -Your reactivity to our marketing information,
- -The need to keep a record of your interactions with us, for a good management of our commercial
- -Our legal or regulatory obligations.
We may have to keep some of your personal data for a longer duration, in an archive file, in order for
us to be able to defend in a legal action, until the end of the statute of limitation provided by
applicable law. For more information on how long we store your data, please contact us at
You have the following rights in respect of the processing of your personal information:
- -To request access to your information at any time,
- -To have your information corrected, if it is inaccurate or not up to date, which will help us to comply
with our obligation to have up-to-date information about you,
- -To have your information erased (also known as the right to be forgotten), although such right might
be limited in view of our contractual or legal obligations,
- -To receive a copy of your information in a structured, commonly used and machine-readable
format, and transmit it to another data controller (also known as the right to data portability),
- -To object to the processing of your information, on grounds relating to your particular situation, and
to restrict processing of your information, in the cases provided by the regulation,
- -To object to marketing information (notably when profiling is used), you can unsubscribe by using
the unsubscribe link in the email we send you,
- -To withdraw your consent at any time, for the purposes for which we collected your consent.
To exercise any of these rights, you may contact us, providing a proof of your identity, by email at
email@example.com or by post at:
Data Protection Representative
72 rue de la République
76140 Le Petit-Quevilly, France
You can unsubscribe from our mailings at any time by sending a request to Octopio. You can also
unsubscribe at any time in the future by using the link that appears in the footer of every email that
we send to you or in your profile page.
Finally, you have the right to lodge a complaint with the Information Commissioner’s Office about
the processing of your personal data. We encourage you to contact us before making any complaint
and we will seek to resolve any issue or concern you may have.
Our services may contain links to third party sites. Please be aware that Octopio is not responsible for
the privacy practices of any third-party sites. Therefore, we encourage you to read the privacy
statement of each and every site that you use that collects personal data about you.
Contact us by email on: firstname.lastname@example.org
Or by post to:
Data Protection Representative
72 rue de la République
76140 Le Petit-Quevilly, France
Submission of complaints to the CNIL
All complaints must be submitted to France’s regulatory authority, the Commission Nationale de
L'Informatique et des Libertés (CNIL):
3 Place de Fontenoy
75334 Paris 07