General Provisions

As a rule, Foregenix does not collect or retain personal data except for what data is strictly necessary in order to provide our services in a secure manner. For example, if you are a customer we will most likely request (and store) an email address as your user identifier in our portals and possibly other contact details such as a phone where we can reach you in case of emergency, a billing address for invoices and other similar data. Such data is stored in the most secure way, accessible on a strict need to know basis by authorised personnel for the sole purpose of providing our services. For legal reasons we must retain most such data for relatively long periods, but will never share it with a third party unless required by law, neither use it for any other purpose without your written approval. Please refer to the privacy addenda and consent forms of each service you might use, for additional clauses and provisions that might apply to it. If you have any questions or concerns about how your information is used please email us at support@foregenix.com.

Information Commissioner’s Office

The Information Commissioner is the UK's independent body set up to uphold information rights and Foregenix is a registered Data Controller.

If you would like to know more about your rights under the Data Protection law, and what you should expect from us, visit the Information Commissioner’s website. If you have reason to believe that your data is not handled properly, you have the right to lodge a complaint. The contact details of the Information Commissioner’s Office are:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 or 01625 545 745

Email: casework@ico.org.uk

Access Logs

All our websites record and retain access and error logs for security, accountability and identification of potential issues. A log includes always an Internet Protocol address, the URL that was accessed and the HTTP status code returned by us. Depending on the exact use case the log might include other online identifiers such as usernames, web browser versions, geolocation information. We might produce aggregated results from the logs such as total bandwidth consumed over a given period in order to properly size our infrastructure, or web browser versions used by our visitors for compatibility considerations. We use the logs as input to real-time processing systems which will alert us about security breach attempts and/or other issues with our services. For security and accountability reasons, logs are kept in online, searchable form for a minimum period of 3 months and in archived form for a minimum period of 1 year. Regardless of online status, logs are stored in encrypted form and access to them is possible by authorised personnel only, in a heavily audited and hardened environment. We will never attempt to match the logs to a specific individual, unless instructed by the individual in order to debug and resolve an issue they might be facing while using our website (for example inability to log on). We will never share our raw logs with a third party, unless required by law.

Cookies

All our websites use session cookies and permanent cookies. Session cookies identify visitors within a session, so that users do not have to enter their login details or other similar information (such as having passed the “prove you are not a robot” challenge) with every request. Permanent cookies identify users across sessions, i.e. allowing the server to remember things about you on your next visit. We use cookies to enhance your user experience, to provide you with our services and to obtain analytics which help us improve our website and tailor it to your needs. You can disable cookies but this might have a negative impact on your user experience and some services might not work as expected, or at all. Please see the section “This Website” for a detailed listing of the cookies used by www.foregenix.com and their purpose and expiration.

Data Processor

Foregenix does not engage in personal data processing as the term is defined by the GDPR. However, in many cases we provide our clients with various direct and indirect ways of uploading or storing data to our systems as part of our services and have very very little control over the content that is uploaded. Therefore, it is possible that personal data might find its way into our systems by accident, by deliberate abuse or attached to a client request the fulfilment of which would constitute personal data processing in terms of the GDPR. Should such an incident come in our attention, we shall take action which depending on the exact circumstances might include reporting the incident to the authorities. In any event, we will never process the data.


This Website

This website, www.foregenix.com is our main corporate website and is addressed to the general public, with a focus on current and prospective customers. Your visits to this website are tracked for reasons of security and for providing us with analytics that help us conduct our business. This website is powered by Hubspot, and governed by its data processing agreement. 
You can request a machine-readable export of your personal data. You can request a correction to your data. Finally you can request that we delete your personal data. All such requests will be honoured in one working month, subject to you providing us with sufficient proof of evidence. For security reasons this does not include raw access logs. 

www.foregenix.com sets one or more of the following cookies:

Functional cookies

__hs_opt_out
This cookie stores your decision to opt out of cookies, so that you are not asked again.
(Expires: 2 years)

__hs_do_not_track
This cookie can be set to prevent the tracking code from sending any personalized information to our CRM. Setting this cookie is different from opting out of cookies, which still allows anonymized information to be sent to our CRM.
(Expires: 2 years)

__hs_testcookie
This cookie is used simply to test whether your browser has support for cookies enabled. 
(Expires: When you close the browser)

hs_ab_test
This cookie is used to consistently serve visitors the same version of an A/B test page that they’ve seen before.
(Expires: When you close the browser)

hs_lang_switcher_choice
This cookie stores your language choice. 
<id>_key
When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login. The cookie name is unique for each password-protected page.

hs-messages-is-open (TTL 30 minutes)
This cookie stores whether you left the chat window open, to restore it on your next visit. 
hs-messages-hide-welcome-message (TTL 1 day) 
When you dismiss the welcome message in your messages tool, a cookie is set to prevent it from appearing again for one day.

Consent banner cookies

__hstc
The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
(Expires: 2 years)

hubspotutk
This cookie is used by our CRM (Hubspot) to keep track of your identity.
(Expires: 10 years)

__hssc
This cookie keeps track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. 
(Expires: 30 min)

__hssrc
Whenever our CRM changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session.
(Expires: None. Session cookie)

messagesUtk
This is used for identifying you in live chat sessions with our representatives, should you choose to use this feature.