For Clinical Labs
In today’s diagnostic landscape, laboratories must deliver fast, reliable, and cost-effective results despite staffing shortages, tighter regulations, and rising technical complexity.
Privacy Policy
Welcome to Ascentry.
We value your privacy and are committed to protecting your personal data.
This Privacy Notice explains, in clear and transparent terms, how we collect, use, and protect your personal data when you:
-
Visit our website
-
Register for or attend our events or webinars
-
Communicate with us (for example by email, at meetings, or via our contact forms)
-
Apply for a job or are contacted regarding career opportunities
We want you to feel confident that your data is handled responsibly, in line with the General Data Protection Regulation (GDPR) and our information security practices.
Who we are
We are Ascentry.
Our parent company is BYG4lab Group SAS, registered in France under number 915 233 837 (SIREN).
Ascentry operates through the following affiliated subsidiaries:
-
BYG Informatique SAS (France)
-
Finbiosoft Oy (Finland)
-
BYG4lab Inc. (United States)
Together, these companies make up Ascentry.
Depending on the activity and context (for example sales, marketing, or recruitment), one or more of these entities may act as joint data controllers for your personal data.
For contact details, please see the Contact us section below.
Data we collect
When you visit our website
-
Anonymous audience measurement data (to improve our website)
-
General geographic location (country or city, derived from IP address)
-
Data submitted via contact forms (name, email address, phone number, company, message…)
-
Limited technical information required for website operation and security (IP address, browser type, operating system type)
When we communicate with you
-
Name and professional contact details (email, phone number, address)
-
Company and role
-
Country or city
-
Preferred language
-
Profile pictures (for events, only if you choose to provide one)
-
Messages exchanged with us (emails, contact forms, meeting notes)
For job applications and recruitment
-
CV/resume, cover letter, qualifications, and professional experience
-
Publicly available professional information (for example from LinkedIn)
-
Information provided by recruitment agencies, where applicable
How we use your data (purposes)
We use your personal data to:
-
Respond to your requests and communicate with you
-
Send newsletters, product updates, and event invitations (with your consent or, where permitted, based on legitimate interest for professional contacts)
-
Provide relevant marketing and informational content
-
Organize and run events and webinars
-
Process and evaluate job applications
-
Contact you about career opportunities
-
Improve our website and communications through analytics (using anonymous data only)
Our Sales and Marketing & Communication teams manage marketing-related processing.
Recruitment data is managed by our Human Resources team.
We do not use your data for automated decision-making or profiling.
Legal basis for processing
We process your personal data based on one or more of the following legal grounds:
-
Legitimate interests, such as operating our sales, marketing, communications, and recruitment activities
-
Consent, where required (for example for newsletters or event communications)
-
Pre-contractual measures, such as handling job applications
-
Legal obligations, where applicable
We always balance our legitimate interests against your rights and freedoms.
If you believe that a processing activity does not respect this balance, you may object at any time (see Your rights and Contact us).
Sources for data collection
We collect personal data from:
-
You directly (via our website, communications, or events)
-
Publicly available professional sources (such as professional social networks or company websites)
-
Professional or organizational databases (marketing only)
-
Recruitment agencies (recruitment only)
Data retention
-
We retain personal data only for as long as necessary for the purposes described above:
-
General inquiries, marketing, and events: up to 2 years after your (or your company’s) last interaction with us
-
Recruitment: unsuccessful job applications are kept for up to 2 years, so we may contact you about future opportunities
-
Customers: data may also be processed and retained in accordance with applicable customer contracts
-
After these periods, data is securely deleted or anonymized.
Sharing your data
Within Ascentry
Our entities in France, Finland, and the United States may access your data when necessary for the purposes described in this notice.
With third-party providers
We use trusted third-party service providers (such as CRM, email and collaboration tools, webinar platforms, and HR solutions).
These providers act as data processors, under strict contractual obligations, and may only process your data on our instructions.
We never sell your personal data.
International data transfers
Ascentry operates internationally.
Your personal data may therefore be accessed by Ascentry group entities or service providers located outside the European Union, including in the United States.
Where personal data originating from the EU is transferred to the United States:
-
Transfers rely on the EU–US Data Privacy Framework, where applicable; or
-
Where the framework does not apply, we use appropriate safeguards, such as Standard Contractual Clauses, in accordance with the GDPR.
For customers, users, or contacts located in the United States, personal data is processed in accordance with applicable US laws and our contractual obligations, while maintaining appropriate security and confidentiality safeguards.
Your rights
Under the GDPR, you have the following rights regarding your personal data:
Right to information
This Privacy Notice is intended to explain how we process your personal data.
You may request additional information at any time if something is unclear or if you would like more detail about a specific processing activity.
Right of access
You have the right to request confirmation as to whether we process your personal data and, if so, to obtain access to that data and related information.
Right to rectification
You have the right to request the correction of inaccurate personal data and to have incomplete data completed.
Right to object
You may object, at any time, to the processing of your personal data where the processing is based on our legitimate interests, if you believe that your interests, rights, or freedoms override those interests.
Right to restriction of processing
You may request that we restrict the processing of your personal data in the following situations:
-
if your data is inaccurate, for the period needed to update or verify it;
-
if the processing is unlawful (or suspected to be) and you oppose erasure;
-
if we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims;
-
if you have objected to processing, pending verification of whether our legitimate grounds override yours.
Right to erasure (“right to be forgotten”)
You may request the deletion of your personal data when:
-
it is no longer necessary for the purposes for which it was collected;
-
you withdraw your consent (where processing is based on consent);
-
you object to processing and there are no overriding legitimate grounds;
-
the processing is unlawful.
How to exercise your rights
To exercise any of these rights, please contact us using the details provided in the Contact us section below.
We may ask you to verify your identity before responding, to protect your data.
You also have the right to lodge a complaint with your local supervisory authority.
In France, the competent authority is the CNIL (https://www.cnil.fr).
A list of EU supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Protecting your data
We apply appropriate technical and organizational measures to safeguard your personal data.
Access to data is restricted on a need-to-know basis, and our practices are regularly reviewed as part of our information security management system.
Children’s privacy
Our website is not intended for use by children under the age of 13.
We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it promptly.
Changes to this privacy notice
We may update this Privacy Notice from time to time.
The most recent version will always be available on our website.
Contact us
If you have any questions about this Privacy Notice or wish to exercise your rights, please contact our Data Protection Officer:
Email: privacy@ascentry.com
Postal address:
Data Protection Officer
Ascentry
13 rue d’Ariane
31240 L’Union
France