Privacy policy

At Novonesis, we are committed to respecting your privacy and safeguarding your personal data. 

Laws and regulations

As of January 29, 2024, the Chr. Hansen and Novozymes Groups have joined forces to form Novonesis Group, a unified entity with a shared vision. Our commitment to protecting your personal information is outlined in this Privacy Policy, which applies to the entire Novonesis Group.

In the sections below, we will explain how we handle and utilize any personal data we collect from you. Whether you are a valued customer or a business contact, this policy will guide you through our practices when you interact with our website, subscribe to our newsletters, or engage with us in any other way.

Some countries and regions require that we provide information in a specific format and/or with references to the specific legal basis for the processing of your personal data. You will find this included in specific sections below, including the relevant references to EU reg. no. 2016/679 on General Data Protection Regulation (“GDPR”).

We value your trust and are dedicated to maintaining transparency in how we handle your personal information. Please take the time to review this Privacy Policy to ensure you are familiar with our practices.

What information do we collect about you?

When you engage with us, we may collect various types of data related to you. Rest assured that we only use your personal data when permitted by law. Here are the most common situations in which we collect and utilize your personal information:

 

Managing our business relationship

To ensure we maintain a strong connection with you, we may gather specific information about you. This helps us to effectively manage our relationship, we collect the following information:

  • Full name and username: We ask for your full name and username to identify you accurately. 
     
  • Job title: This will allow us to understand your role within your organization. 

Additionally, we collect contact details, including: 

  • Email address: We request your email address to communicate important updates and information. 
     
  • Company name and address: Knowing your company’s details helps us tailor our services to the specific needs. 
     
  • Phone number: Having your phone number allows us to reach out to you promptly if needed. 

Furthermore, we may also from time to time retain relevant, non-sensitive conversation data that you have shared with us and information you provide as part of your profiles and accounts. This can include details that you choose to share, enhancing our understanding of your preferences and requirements.

We process your information to pursue our legitimate interest in managing our relationship with you. We carefully consider that our interests do not override your interests, fundamental rights and freedoms (as outlined in GDPR, art. 6 (1)(f)).

 

Handling customer orders

When it comes to handling your orders, we gather certain information to ensure a smooth process and fulfill our contractual obligations. This includes screening orders for potential risks or fraudulent activity.

Here is the information we collect: 

  • Email address: We require your email address to communicate order updates and important information
     
  • Company name: Knowing your company’s name helps us accurately process and address your order.
     
  • Billing and shipment addresses: Your billing address ensures proper invoicing, while the shipment address ensures timely delivery.
     
  • Phone number: Having your phone number enables us to contact you if there are any order-related concerns. 
     
  • Job title: Your job title provides us with a better understanding of your role within your organization. 
     
  • Payment information: We collect payment details to securely process transactions.

We process this information to fulfill the contract we have or are about to enter into with you (as specified in GDPR, art. 6 (1)(b)). It allows us to meet your order requirements effectively. Further, we process your information to safeguard against potential risks or fraud. This is in line with our legitimate interest in maintaining a secure and trustworthy environment for all customers. We carefully evaluate that our legitimate interest does not override your interests, fundamental rights and freedoms (cf. GDPR art. 6 (1)(f)).

 

Marketing products and services

We gather information about you to effectively market our products and services aiming to provide you with relevant information that may be of your interest. This includes the distribution of newsletters and other marketing communications. 

Here is the information we collect: 

  • Preferences: We collect your preferences regarding the receipt of marketing materials from us as well as your communication preferences in order to personalize our offerings and improve our services. 
     
  • Usage Data: We also collect data on how you use our apps, websites, products, and services. This helps us to improve our services.

We process this information to pursue our legitimate interest in managing our relationship with you. We carefully assess that our legitimate interest does not override your interests, fundamental rights and freedoms (cf. GDPR, art. 6 (1)(f)).

In certain cases, we may seek your explicit consent, such as when you opt in to receive newsletters or other marketing communications (cf. GDPR, art. 6 (1)(a)). For further details, please refer to the additional information provided under the “Marketing” section.

 

Apps, websites and other digital solutions

To enhance your experience and provide personalized services, we utilize the information collected when you use our websites, apps, and other digital solutions. This allows us to tailor your visits and optimize our services.

Here is the information we collect: 

  • Technical data: We collect technical data, including your IP address, login data, browser type and version, plug-ins, time zone setting, location, and operating system on the devices you use.
     
  • Username and password: Your username and password are collected to ensure secure access to our digital solutions. 
     
  • Purchases or orders: If applicable, we may collect information about purchases or orders made by the company you work for. 
     
  • Interests, preferences, and feedback: We gather information related to your interests, preferences, and feedback to personalize our offerings and improve our services. 
     
  • Usage data: We collect data on how you use our apps, websites, products, and services to gain insights and enhance user experience.

We process this information to pursue our legitimate interest in managing our relationship with you. We carefully assess that our legitimate interest does not override your interests, fundamental rights and freedoms (cf. GDPR, art. 6 (1)(f)).

 

Physical site visits

When you visit our sites, we collect specific information to ensure physical security and enhance your overall experience. 

Here is the information we gather: 

  • Full name: We ask for your full name to identify you accurately during your visit. 
     
  • Company name and address: Knowing your company’s name helps us understand your affiliation and purpose of visiting. 
     
  • Allergies and dietary preferences: If you have any allergies or specific dietary requirements, we take note of them to cater to your needs if applicable. 
     
  • Job title: Your job title provides us with insights into your professional background, aiding us in providing relevant assistance. 
     
  • Relationship with us: We inquire about your relationship with us to understand the nature of your visit.
     
  • CCTV/Video surveillance: To protect assets and operations, we have security cameras installed to prevent, detect or investigate security incidents. Monitoring complies with applicable laws on data privacy and signage. 

Additionally, we may collect your car’s license plate. This information is used to facilitate parking arrangements at our facilities, ensuring a smooth experience during your visit.

We process this information to pursue our legitimate interest in identifying who is present at our facilities, understanding the purpose of their visit and protecting our assets and those of our guests. We carefully assess that our legitimate interest does not override your interests, fundamental rights and freedoms (as outlined in art. 6 (1)(f) of the GDPR).

 

Legal and regulatory obligations

To fulfill our legal or regulatory obligations, we may need to collect certain information about you.  

  • Full name: We require your full name to accurately identify you in relation to the specific legal or regulatory requirement. 
     
  • Username: Your username helps us associate the collected information with your account or profile, if applicable. 
     
  • Job title: Your job title provides context regarding your role and responsibilities, which may be relevant to the legal or regulatory obligations.

Additionally, we may collect other necessary information as required by law. 

This may be e.g., to ensure compliance with trade sanctions and laws regarding export control. This ensures our compliance with applicable legal or regulatory obligations applicable within EU/EEA (cf. art. 6 (1)(c) or outside EU/EEA (cf. GDPR, art. 6 (1) (f)).

 

Webinars

When you take part in our webinars, we collect certain information to ensure a smooth execution of the session.

Here is the information we gather: 

  • Email address: We request your email address to communicate webinar-related updates and important information.
     
  • Company name: Knowing your company’s name helps us understand the audience and tailor our webinar content accordingly.
     
  • Job title: Your job title provides us with insights into your professional background, enabling us to deliver relevant content. 

Additionally, we collect information related to your participation and interest in the specific webinar and the corresponding business area. This helps us analyze and improve our webinar offerings.

We process this information to pursue our legitimate interest in understanding the participants of our webinars. We carefully assess that our legitimate interest does not override your interests, fundamental rights and freedoms (cf. GDPR, art. 6 (1)(f)).

Furthermore, the additional information, we collect is processed to fulfill our contractual obligation of providing the webinar to you (cf. GDPR, art. 6 (1)(b)).

 

Other types of data

In addition to the aforementioned information, we may also collect, use, and share Aggregated Data for various purposes. Aggregated Data refers to statistical or demographic information that is derived from your personal data. However, it does not directly or indirectly reveal your identity and is therefore not considered personal data under the law.

For instance, we may aggregate Usage Data from multiple users to calculate the percentage of people accessing a specific feature on our website. This allows us to analyze trends and improve our services. It is important to note that when Aggregated Data is combined or connected with your personal data in a way that it can directly or indirectly identify you, we treat it as personal data and handle it in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you. This includes sensitive information related to your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, genetic or biometric data. Additionally, we do not gather any details about criminal convictions and offenses.

 

Consequences of not providing your personal data

When it comes to using your personal data, there are different scenarios to consider. Here are the potential outcomes based on your choices: 

  • Legal Obligation or Legitimate Interests: If we are required by law or have a legitimate interest in using your personal data, providing it becomes mandatory. Failure to provide the necessary information may prevent us from fulfilling our contractual obligations or providing certain services. For example, you may not be able to receive newsletters, or fully benefit from our offerings.
     
  • Voluntary Data: In cases where providing personal data is voluntary, such as before entering into a contract or consenting to marketing activities, it is your choice whether to share that information. However, declining to provide voluntary data may result in our inability to fulfill the contract or restrict certain services.
     
  • Data Collection from Children: We do not target or engage with children on our platforms, and we do not collect personal data from children.

It is essential to understand that if we have a legal obligation or contractual agreement that necessitates personal data and you fail to provide it upon request, we may not be able to proceed with the contract or provide the requested product or service. We will inform you promptly if such a situation arises.

 

Marketing

We appreciate your interest in receiving information about our products and services. If you have given your consent to receive marketing communications from us, you can always opt out at a later date if you change your mind.

We believe in providing you with choices when it comes to the use of your personal data, particularly concerning marketing and advertising. You have the right to request that we stop contacting you for marketing purposes at any time.

To unsubscribe from marketing messages, simply click the unsubscribe link in the mail you have received or send an email to privacy@novonesis.com. We will promptly update our records to ensure you no longer receive such communications.

Please note that opting out of marketing messages does not apply to messages relating to other purposes, such as those related to product/service purchases or experiences. We will continue to handle that data as necessary.

We respect your preferences and prioritize the protection of your personal information.

 

Cookies

Cookies are small text files placed on your computer that collect standard internet log information and visitor behavior data. This information helps us track how visitors use our website and compile statistical reports on website activity.

You have the option to customize your browser settings regarding cookies. You can choose to refuse all or some browser cookies or set alerts when websites attempt to set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Please be aware that some of the cookies on our website are set by third parties. In these cases, we generally act as joint data controllers with the respective third parties. However, this joint data controllership only applies to the collection and sharing of personal data from visitors to our website.

For more detailed information about the cookies, we and third parties use, please refer to our cookie policy.

 

How is your personal data collected?  

We use different methods to collect your personal data, including:

  • Direct interactions. You may provide us with your personal data by filling in forms or corresponding with us via post, phone, email, or other means. This includes when you subscribe to our services or publications, request marketing materials, apply for our products or services, participate in competitions, promotions, or surveys, or provide feedback.
     
  • Automated technologies or interactions. When you interact with our website, we automatically collect technical data about your device, browsing activities, and patterns. This information is gathered through the use of cookies, server logs, and similar technologies. For more details, please refer to our cookie policy.
     
  • Third parties or publicly available sources. We may also receive personal data about you from third parties, including:
    • Technical Data from various parties (such as Google Tag Manager, Siteimprove Analytics, LinkedIn Analytics, Twitter Analytics and Google Analytics Audiences).
    • Technical Data from advertising networks (such as Google DoubleClick, LinkedIn Marketing Solutions and Ads, Twitter Advertising, Facebook Custom Audience and Twitter Conversation Tracking).
    • Personal data from social media platforms (such as Facebook Connect).

 

Disclosures of your personal data  

Sometimes we may have to share your personal data with internal and/or external third parties. This may include IT service providers, distribution partners, third-party business partners, insurance companies, tax and legal advisors, auditors and accountants, public authorities, regulatory or fiscal agencies or law enforcement. Such sharing may be done to comply with applicable laws and regulations (cf. GDPR, art. 6 (1) (c)), to fulfill a contract with you, or to respond to your request in that context (cf. GDPR, art. 6 (1) (b), to pursue our legitimate commercial interests or yours (cf. GDPR, art. 6 (1) (f)). 

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.  They are only authorized to process your personal data for specific purposes and in accordance with our instructions. A list of third-party service providers and their locations are available upon request. 

 

Data security and international transfers 

We take data security seriously and have implemented appropriate measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. We limit access to your personal data to authorized individuals who have a legitimate business need to know. These individuals will only process your data according to our instructions and are bound by confidentiality obligations.

Please note that when you upload or send your personal data to us over an open network, we have no control over the security until we receive it. During this transmission, your data may circulate on the open network without security measures, posing a risk of being seen and used by unauthorized parties. Therefore, we recommend communicating and transferring data on secure networks whenever possible.

In the event of a suspected personal data breach, we have established procedures to address the situation. If applicable, we will notify you and the relevant regulatory authorities of any breaches.

We share your personal data within the Novonesis Group and with third-party service providers both within and outside the European Economic Area (EEA). The purpose of sharing is to fulfill the purposes for which we use your personal data. Find a list of all Novonesis Group entities here: former Novozymes Group entities and locations and former Chr. Hansen Group entities and locations. A list of third-party service providers and their locations are available upon request.  

When transferring your personal data outside the EEA, we ensure it is subject to a similar level of protection. This is achieved by implementing relevant safeguards, such as using the EU Commission's Standard Contractual Clauses or other valid legal bases for such transfers. You can obtain a copy of the transfer mechanism by contacting us at privacy@novonesis.com.

 

How long will we keep your personal data?  

We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected. This includes satisfying any legal, accounting, or reporting requirements. 

To determine the appropriate retention period, we consider factors such as the amount, nature, and sensitivity of the personal data, the potential risks involved in unauthorized use or disclosure, the purposes for processing the data, alternative means to achieve those purposes, and relevant legal requirements. We will only keep your personal data for as long as it is reasonably necessary, taking into consideration our need to address inquiries, resolve issues, provide improved products and services, and comply with applicable legal and regulatory obligations. Once the retention period expires, your personal data will be securely deleted from all systems within Novonesis. 

 

Your data your rights  

We respect your rights regarding your personal data. If you wish to exercise any of the rights listed below, please contact us at privacy@novonesis.com.  

  • Request access to your personal data: You have the right to request a copy of the personal data we hold about you.
     
  • Request correction of your personal data: If you believe that any of your personal data is inaccurate or incomplete, you can request us to correct or remove it.
     
  • Request deletion of your personal data: In certain circumstances, you can ask us to delete your personal data. Note, however, that we may not always be able to comply with your erasure request and if that is the case, we will notify you of the specific legal reasons for our inability to comply at the time of your request.
     
  • Request restriction of processing: You have the right to request that we limit the processing of your personal data. However, similar to deletion requests, there may be specific legal reasons why we cannot comply, and we will notify you accordingly.
     
  • Object to processing: If we are relying on legitimate interests as the basis for processing your personal data, or if we are processing it for direct marketing purposes, you have the right to object. We will consider your objection based on the specific circumstances. In some cases, we may have compelling legitimate grounds to continue processing your information.
     
  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. You can withdraw your consent by clicking the unsubscribe link in the mail you receive or by contacting us.
     
  • Request data portability: In certain circumstances, you may have the right to receive your personal data in a structured, commonly used, and machine-readable format.
     
  • Right to lodge a complaint: You have the right to lodge a complaint with the relevant data protection authority in your country. The list of competent authorities in the EU can be found here.
     
  • Right to control digital legacy: You can provide instructions regarding the storage, communication, or erasure of your personal data after your death by contacting us. However, legal obligations or compelling legitimate interests may prevent us from fully complying with your instructions.

 

Changes to our Privacy Policy

We regularly review our Privacy Policy to ensure its effectiveness and make necessary updates. Any changes we make will be posted on this webpage. The last update to our Privacy Policy was made on January 29, 2024.

Data Controller Information

Novonesis is a global company with affiliates worldwide. You can find a list of all Novonesis entities and their locations here: former Novozymes Group entities and locations and former Chr. Hansen Group entities and locations.

This Privacy Policy represents the entire Novonesis Group, so when we refer to “Novonesis”, “we”, “us” or “our” in this Privacy Policy we are referring to the relevant company within the Novonesis Group responsible for processing your data.

The data controller for this website is Novozymes A/S, located at Krogshoejvej 36, DK-2880 Bagsvaerd, Denmark.

Contacting us

If you have any questions about our Privacy Policy or the information we hold about you, please do not hesitate to contact us.

If you prefer to communicate through mail, our address is Novozymes A/S, a part of Novonesis Group, Krogshoejvej 36, DK-2880 Bagsvaerd, Denmark.

We are here to assist you and address any concerns you may have regarding your privacy and personal data.