Privacy Policy

Privacy Statement Summary:

This Privacy Policy ("Policy") explains how your information is collected, used and disclosed byNomic.bio ("we"/ "us" / "our"). This Policy applies where we are acting as a Data Controller, wherewe determine the purposes and means of the processing of that personal data, for example withrespect to the personal data of our website visitors, service users, clients, partners etc.

Who will use my data?

Nomic.bio

What for?

We will store and process your data in order to allow us to provide our products and services. This includes a primary contact name and email address as well as the business emails of any individuals receiving data products via our SaaS data portal.

If you contact us, we may also send you information that we think you will be interested in. This may include a range of related products and services. We will also send any relevant details to authorities and any other organisation that requires them by law.

What will happen if I contact you?

If you contact us, we will use your data to send you the information that you have requested and updates, and other information that we think you will be interested in.This may include a range of related products and services.

What data will be shared?

We will not share your data with any third parties other than as described here, to fulfill our obligations to you, operate and develop our company, and to protect our interests.We will only share any data that is particularly relevant to our process in order to provide the services that we offer. We may share your information with regulators orlegal bodies that request it.

How long?

Your data will be stored for up to 7 years following the last contact we have with you, after which time your data will be deleted. For more information please refer to ourData Retention Policy.

Who can access my data?

We will never sell, share or otherwise distribute your data to any other third party other than as described here. Access to your data is carefully controlled.

How is my data kept secure?

We will store your data on secure servers. We use industry-standard security protocols/technology to secure your data.

About This Privacy Policy

This policy sets out how we will collect, store, and process the information you provide to us, the information we collect as a result of our interaction, the information we collect about you from other sources, or the information we service about you by using the information we hold.

This policy helps to protect us from data security risks, including breaches of confidentiality, failing to offer choice, reputational damage, and any other risks inherent in the collection, storage, or processing of your data.

With this policy, we will work towards meeting the following goals:

Ensuring the protection of the individual's privacy rights and personal information

Promoting transparency and accountability in the processing of personal information

Minimizing the risk of data breaches and unauthorized access to personal information

Compliance with applicable laws, regulations, and guidelines

Establishing a framework for effective management of personal information

Principles of Processing Personal Information

The General Data Protection Regulation (GDPR) describes how organisations must collect, handle, process, and store personal information. These rules apply regardless of whether data is stored electronically, on paper or other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully. GDPR is underpinned by eight important principles. These say that personal data must:

Be processed fairly and lawfully;

Be obtained only for specific, lawful purposes;

Be adequate, relevant, and not excessive;

Be accurate and kept up to date;

Not be held for any longer than is necessary;

Processed in accordance with the rights of the data subjects;

Be protected in appropriate ways;

Not be transferred internationally, unless the country or territory also ensures an adequate level of protection.

We take these responsibilities seriously; this document describes our approach to data protection.

Who We Are And How To Contact Us

Nomic.bio is registered in Canada. The Data Protection Lead is Christopher Harris. You can contact us in any of the following ways:

Name of Data Protection Lead: Christopher Harris

Company name: Nomic.bio

Data Protection Lead Address: 5333 Casgrain

Data Protection Lead Email: chris.harris@nomic.bio

OUR ARTICLE 27 REPRESENTATIVE

We have appointed EU and UK Representatives under Article 27 of the EU GDPR and UK GDPR respectively. Our appointed representatives are:

Our UK Representative:

Under Article 27 of the UK Data Privacy Act, we have appointed a UK Representative to act as ourdata protection agent. Our nominated UK Representative is: GDPR Local Ltd.

Adam Brogden contact@gdprlocal.com

Tel +44 1772 217800

1st Floor Front Suite

27-29 North Street, Brighton

England

BN1 1EB

Our EU Representative:

Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is: Instant EU GDPR Representative Ltd.

Adam Brogden contact@gdprlocal.com

Tel +35315549700

INSTANT EU GDPR REPRESENTATIVE LTD

Office 2,

12A Lower Main Street, Lucan Co. Dublin

K78 X5P8

Ireland

To whom does this privacy policy apply?

We process your data to offer you our products and services and to run our company. This applies toall data we hold relating to identifiable individuals, even if that information technically falls outside ofthe GDPR. This policy relates to the following identified categories of data subjects:

clients

customers

suppliers

partners

add other categories of data subjects if applicable

Do we collect information from minors?

We do not knowingly solicit data from or market to children under 18 years of age. By using theServices, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at support@nomic.bio.

What this policy applies to?

This section describes the purposes for processing your data and applies to the information about yourself that you choose to provide us with or that you allow us to collect. This includes:

The information you provide when you contact us

When you contact us to discuss using our services

Information we collect about how you use the website

Information relating to services we offer to you and other transactions including financial and other personal information required to complete these transactions

Information that is given and stored as part of our ongoing relationship

Information we collect as a result of our interaction,

The information we collect about you from other sources,

or information we service about you by using the information we hold.

We do not routinely collect or process sensitive data about you. However, where this is the case we will ensure we ask for your consent where applicable and take appropriate precautions to protect your data.

How your information will be collected and used?

We will only use your personal data for the purposes for which we collected it and as you would reasonably expect your data to be processed and only where there is a lawful basis for such processing, for example, website UX analytics:

‍