This Privacy Policy describes how Athens Bioscience, Inc. (“Athens,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal information you provide through our website at www.athensbioscience.com, our applications, and any related services including sales, marketing, and events (collectively, the “Services”). It also describes the choices and rights available to you regarding your personal information and how you can exercise those rights.
Athens is a United States-based company headquartered in Athens, Georgia, that manufactures native human and animal proteins for the global life sciences industry. We serve customers in the United States, Europe, Asia, and other regions worldwide.
We encourage you to read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you have questions or concerns, please contact us at legal@athensbioscience.com.
The data controller responsible for your personal information is:
Athens Bioscience, Inc. 110 Trans Tech Drive Athens, Georgia 30601 USA
Email: legal@athensbioscience.com Telephone: +1.706.546.0207
If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland and have questions about how we process your data, please contact us at the address above. If Athens appoints a representative in the EU under Article 27 of the GDPR, we will update this section with their contact details.
We collect personal information in several ways depending on how you interact with our Services. The categories of personal information we have collected in the preceding twelve (12) months include the following:
When you visit our website, we automatically collect certain technical information, including:
This information is collected through cookies, web beacons, pixels, tags, scripts, and similar tracking technologies, as described in Section 9 (Cookies and Tracking Technologies) below.
We may receive information about you from third-party sources including our distributors, business partners, and publicly available databases, which we may combine with the information we collect directly.
We use the personal information we collect for the following business and commercial purposes:
If you are located in the EEA, UK, or Switzerland, we rely on the following legal bases under the General Data Protection Regulation (GDPR) and equivalent laws to process your personal information:
We do not sell your personal information to third parties for monetary consideration. We share your personal information only in the ways described below:
We share personal information with companies that provide services on our behalf. These service providers are contractually bound to use your personal information only as necessary to perform services for us and are held to strict confidentiality obligations. Our current service providers and their roles include:
| Service Provider | Purpose / Role |
|---|---|
BigCommerce | E-commerce platform and order processing |
HubSpot | Customer relationship management (CRM) and marketing automation |
Fishbowl | Inventory management and order fulfillment |
Microsoft | Cloud services, email, productivity tools, and advertising |
Google | Website analytics, advertising, and cloud services |
This list may be updated from time to time.
We may share certain personal information (such as cookie identifiers, IP addresses, and browsing activity) with third-party advertising partners including Google and Microsoft for the purpose of delivering targeted advertising. Under certain state privacy laws, this sharing may be considered a “sale” or “sharing” of personal information even though no monetary payment is exchanged. You have the right to opt out of this sharing, as described in Section 7 (Your Privacy Rights and Choices) below.
We may disclose your personal information when we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process, or enforceable governmental request; to protect the rights, property, or safety of Athens, our customers, or others; to investigate fraud; or to respond to a lawful request by public authorities, including to meet national security or law enforcement requirements.
In the event of a merger, acquisition, reorganization, bankruptcy, or similar transaction, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
Under the California Privacy Rights Act (CPRA) and other state privacy laws, certain categories of personal information are classified as “sensitive personal information” and are subject to heightened protections.
Athens collects the following categories of information that may be considered sensitive: account login credentials (username and password combinations) and payment information (credit card or debit card numbers in combination with required security codes or passwords). As noted in Section 3.1, credit card numbers are processed directly by our PCI-compliant payment processors and are not stored by Athens.
We use sensitive personal information solely for the purposes of providing and fulfilling your orders, maintaining the security of your account, and processing transactions. We do not use or disclose sensitive personal information for purposes beyond what is necessary to provide the Services or as otherwise permitted by law. You have the right to limit the use and disclosure of your sensitive personal information as described in Section 7 below.
Depending on where you reside, applicable privacy laws may grant you certain rights regarding your personal information. Athens is committed to honoring these rights for all users regardless of location, to the extent practicable.
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Oregon, Montana, Texas, Iowa, Delaware, New Hampshire, New Jersey, Nebraska, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, or another state with a comprehensive privacy law, you may have the following rights:
If you are located in the EEA, UK, or Switzerland, you have the following additional rights under the General Data Protection Regulation (GDPR) and equivalent laws:
We do not currently engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals. If this changes, we will update this Privacy Policy and provide the required disclosures under GDPR Article 22.
To exercise any of the rights described above, please contact us using one of the following methods:
We will acknowledge receipt of your request within ten (10) business days. We will respond substantively to verified requests within forty-five (45) days for requests under U.S. state privacy laws, or within one (1) month for requests under the GDPR. If we require additional time, we will notify you of the extension and the reason for it, as permitted by applicable law.
To protect your privacy, we may need to verify your identity before fulfilling your request. We will not require you to create an account to submit a request. You may also designate an authorized agent to submit a request on your behalf, subject to appropriate verification.
Athens does not sell your personal information for monetary consideration. However, some of our advertising practices, such as sharing browsing data with advertising partners for targeted advertising, may be considered “selling” or “sharing” under the California Privacy Rights Act and other state privacy laws.
You may opt out of such sharing by:
This section provides additional disclosures required under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”). These disclosures supplement the information provided elsewhere in this Privacy Policy.
The following table summarizes the categories of personal information we have collected, the sources, purposes, and categories of third parties with whom we share each category in the preceding twelve (12) months:
| Category | Sources | Purpose | Shared With |
|---|---|---|---|
Identifiers (name, email, phone, address) | You; distributors | Order fulfillment, communications, marketing | Service providers (BigCommerce, HubSpot, Fishbowl, FedEx, UPS, DHL) |
Commercial information (orders, purchase history) | You; our systems | Order processing, customer service, analytics | Service providers (BigCommerce, Fishbowl) |
Financial information (billing address, payment details) | You | Payment processing | Payment processors (PCI-compliant) |
Internet / electronic activity (IP, browser, usage data) | Automatic collection | Analytics, site improvement, advertising | Analytics providers (Google, Microsoft); advertising partners |
Professional / employment information (company, title) | You | Customer segmentation, service delivery | Service providers (HubSpot) |
Geolocation (approximate, from IP) | Automatic collection | Content localization, analytics | Analytics providers (Google) |
In the preceding twelve (12) months, Athens has not sold personal information for monetary consideration. Athens may have “shared” Internet/electronic activity information (such as cookie identifiers and browsing activity) with advertising partners for purposes of targeted advertising, which constitutes “sharing” under the CCPA. You may opt out of this sharing as described in Section 7.4.
See Section 11 (Data Retention) for specific retention periods by data category.
We use the following categories of cookies and similar tracking technologies:
When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. For visitors in the European Economic Area, United Kingdom, and Switzerland, we obtain your affirmative opt-in consent before deploying any non-essential cookies, as required by the GDPR and the ePrivacy Directive. For visitors in the United States, you may opt out of non-essential cookies through the consent banner or by adjusting your browser settings.
You may also manage your cookie preferences at any time by clicking the “Cookie Settings” link in the footer of our website.
We may partner with third-party service providers to analyze how visitors use and interact with our website through behavioral metrics, heatmaps, and session replay technology. Session replay may capture mouse movements, clicks, scrolls, and form interactions on our website pages.
Important: We implement safeguards to protect your privacy during session replay, including masking or excluding sensitive form fields (such as payment and password fields), excluding checkout and payment pages from session recording, and applying data retention limits to session recordings. Providers currently used for these purposes are identified in our service provider list. These analytics are conducted for the purpose of site optimization and improving user experience, and we conduct data protection assessments for these activities where required by applicable law.
In addition to the opt-out mechanisms described in Section 7.4, you may opt out of targeted advertising through the following tools:
Please note that opting out of targeted advertising does not mean you will no longer see advertisements; rather, the advertisements you see will be less relevant to your interests.
We have implemented appropriate technical and organizational security measures designed to protect the personal information we process against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit using TLS (Transport Layer Security) encryption, access controls, and regular security assessments.
When you enter payment information on our order forms, the transmission is encrypted and processed by our PCI-compliant third-party payment processors. Athens does not store your complete credit card number on its systems.
Despite our best efforts, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and transmission of personal information to and from our Services is at your own risk. We encourage you to access our Services only within a secure environment and to use strong, unique passwords for your account.
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, unless a longer retention period is required or permitted by law. The following table summarizes our retention periods by data category:
| Data Category | Retention Period | Justification |
|---|---|---|
Account and contact information | Duration of active account plus 3 years | Customer relationship management; re-engagement |
Transaction and order records | 7 years from transaction date | Tax, accounting, and legal compliance |
Marketing preferences and opt-out records | Duration of active account plus 5 years | CAN-SPAM and opt-out compliance verification |
Website analytics and usage data | 26 months from collection | Trend analysis and service improvement |
Session replay recordings | 12 months from recording | User experience analysis |
Customer support correspondence | 3 years from last interaction | Service quality and dispute resolution |
Payment information | Not stored by Athens (processed by third-party payment processors per their retention policies) | PCI DSS compliance |
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if deletion is not immediately possible (for example, because your information has been stored in backup archives), we will securely store and isolate your personal information from further processing until deletion is possible.
If you wish to cancel your account or request that we stop using your information to provide Services, please contact us at legal@athensbioscience.com.
Athens is based in the United States. If you are accessing our Services from outside the United States, including from the EEA, UK, or Switzerland, please be aware that your personal information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.
When we transfer personal data from the EEA, UK, or Switzerland to the United States, we rely on appropriate transfer mechanisms to ensure that your personal data receives an adequate level of protection, including:
For more information about the safeguards we use for international data transfers, please contact us at legal@athensbioscience.com.
Our website and Services are intended for business professionals in the life sciences industry and are not directed at children under the age of sixteen (16). We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at legal@athensbioscience.com. If we learn that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information promptly.
We may from time to time offer a referral feature that allows you to share information about our products and Services with a colleague or associate. If you choose to use a referral feature, we will provide you with a unique shareable link or message that you can send directly through your own email, messaging, or social media applications. Athens does not collect the name, email address, or other personal information of the referred individual through this feature. If the referred individual visits our website and chooses to provide their personal information, that information will be collected and processed in accordance with this Privacy Policy.
Our website may include social media features and widgets, such as the LinkedIn button or similar sharing tools. These features may collect your IP address and information about the page you are visiting on our site and may set a cookie to enable the feature to function properly. In some implementations, these widgets may transmit data to the social media platform even if you do not interact with the widget. Social media features are either hosted by a third party or hosted directly on our site, and your interactions with them are governed by the privacy policy of the company providing the feature.
Our website may include links to other websites whose privacy practices may differ from those of Athens. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to read the privacy policy of any website you visit.
From time to time, we may invite you to participate in voluntary surveys on our website or through other channels. If you choose to participate, we may request contact information (such as name and email address) and professional or demographic information (such as company name, role, and zip code). Participation in surveys is entirely voluntary. We use survey responses to improve our products and Services, collect customer testimonials (with your consent), and better understand the needs of our customers.
We may post customer testimonials on our website that may contain personal information such as your name and company. We obtain your written consent prior to posting any testimonial that includes your personal information. If you wish to update or remove your testimonial, please contact us at legal@athensbioscience.com.
We require our payment processing providers to comply with the Payment Card Industry Data Security Standard (PCI DSS), which provides a framework for the safe handling of cardholder data, including prevention, detection, and response to security incidents. Athens does not store complete credit card numbers on its systems; all payment processing is handled by PCI-compliant third-party processors.
Where required by applicable law, Athens conducts data protection impact assessments for processing activities that present a heightened risk to the rights and freedoms of individuals. These include processing activities involving targeted advertising, behavioral analytics, session replay technology, and the processing of sensitive personal information. We review and update these assessments periodically or when there are material changes to our data processing practices.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We review this Privacy Policy at least annually. If we make material changes to how we use your personal information, we will notify you by email (sent to the email address associated with your account) or by means of a prominent notice on our website prior to the change becoming effective.
We encourage you to review this Privacy Policy periodically. The “Last Updated” date at the top of this policy indicates when it was most recently revised. Prior versions of this Privacy Policy are available upon request by contacting us at legal@athensbioscience.com.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Attn: Privacy Inquiries
P.O. Box 80785
Athens, Georgia 30608, USA
Email: legal@athensbioscience.com
Telephone: +1.706.546.0207
Website: www.athensbioscience.com
If you have an unresolved privacy concern that we have not addressed satisfactorily, you may have the right to lodge a complaint with your local data protection authority or state attorney general, as applicable.