content

privacy-statement

Aster Biotech Limited (´Aster´, ´we´, ´our´, or ´us´) is committed to protecting the privacy, confidentiality and security of personal information that we process in the course of providing outsourcing and supply chain solutions for APIs and advanced intermediates.

This Privacy Statement explains how we collect, use, store, share, and protect information when you interact with our website, systems, services, or when you engage with us in a professional capacity.

1. Information We Collect

Depending on how you interact with us, we may collect the following categories of information:

1.1 Personal and Professional Information
  • Name, job title and role
  • Business email address and telephone number
  • Company name, department and office address
  • Regulatory, quality, technical and commercial contact details
1.2 Business and Transactional Information
  • Enquiries, RFQs and project requirements submitted to us
  • Information related to supplier, partner and manufacturer qualification
  • Audit, compliance and due diligence documentation exchange
  • Contracting and onboarding records for clients and vendors
1.3 Website and Technical Usage Data
  • IP address, browser type, device identifiers and access timestamps
  • Pages visited, clicks and navigation patterns on our website
  • Cookie and similar tracking data (where permitted by law)
  • System logs generated for cybersecurity and performance purposes

We do not knowingly collect consumer data unrelated to our B2B business model and we do not sell, rent or lease personal information to third parties.

2. Legal Basis for Processing

We process personal information on one or more of the following legal bases:

  • Legitimate interests – to operate, improve and protect our business and services.
  • Contractual necessity – to enter into and perform contracts with clients and partners.
  • Legal and regulatory obligations – including GMP, audit and traceability requirements.
  • Consent – for specific, optional activities such as certain types of communication or cookies.

3. How We Use Information

We may use personal and business information for the following purposes:

  • Responding to enquiries, project discussions and requests for information.
  • Evaluating and qualifying manufacturers, suppliers and partners.
  • Planning, coordinating and documenting audits, inspections and technical visits.
  • Preparing and managing contracts, NDAs, quality agreements and other legal documents.
  • Providing regulatory and documentation support for client filings and submissions.
  • Monitoring supply chain performance, quality, compliance and risk.
  • Maintaining records required by good manufacturing practices (GMP) and related regulations.
  • Protecting our systems, preventing fraud and enhancing cybersecurity.

We do not use your information for unrelated consumer marketing or for automated decision-making that produces legal or similarly significant effects.

4. Sharing and Disclosure of Information

We only share information with third parties where necessary and appropriate for legitimate business and compliance purposes, including:

  • Manufacturing and technical partners – to assess feasibility, manage projects and support supply.
  • Professional advisers – including legal, regulatory, quality and financial advisors.
  • IT and infrastructure providers – hosting, email, security and business applications.
  • Regulatory authorities and public bodies – where required by law or regulatory obligations.

All such parties are expected to protect personal information according to contractual, regulatory and confidentiality obligations.

5. International Data Transfers

Aster Biotech is headquartered in the United Kingdom and operates in multiple regions. Your information may be transferred and processed in:

  • The United Kingdom
  • The European Union / EEA
  • India (including manufacturing partners and service providers)
  • North America, APAC, LATAM, Middle East and Africa, as relevant to a specific engagement

Where required, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms to protect personal information in accordance with applicable data protection laws (including GDPR, UK-GDPR and other local regulations).

6. Data Security

We take the security of information seriously and apply technical and organisational measures designed to protect personal data, including:

  • Access controls and role-based permissions for internal systems.
  • Encryption and secure protocols for data in transit and, where appropriate, at rest.
  • Logging and monitoring of access to critical systems and documentation.
  • Physical and logical safeguards in line with industry standards and good practice.
  • Periodic reviews, risk assessments and vulnerability evaluations.

7. Data Retention

We retain personal and business information only for as long as necessary for the purposes for which it was collected, including:

  • Fulfilling contracts and managing client, supplier and partner relationships.
  • Meeting regulatory and GMP-related record-keeping and traceability obligations.
  • Maintaining audit trails and documentation required for applicable laws.

Retention periods may vary depending on the type of record and regulatory framework. Where information is no longer required, we will take reasonable steps to securely delete or anonymise it.

8. Your Rights

Depending on your location and applicable law, you may have certain rights regarding your personal data, including:

  • The right to request access to the personal information we hold about you.
  • The right to request correction or updating of inaccurate or incomplete data.
  • The right to request deletion or restriction of processing, subject to legal obligations.
  • The right to object to certain types of processing based on legitimate interests.
  • The right to withdraw consent where processing is based on consent.

To exercise your rights or raise any privacy-related question, please contact:

Email: [privacy email]
Subject: “Privacy Request – Aster Biotech”

9. Updates to This Privacy Statement

We may update this Privacy Statement from time to time to reflect changes in law, regulation, technology or our business practices. The “Effective Date” at the top of this page indicates the latest revision.

We encourage you to review this page periodically to stay informed about how we protect your information. Continued use of our website or services after changes are posted will constitute your acceptance of those changes.

🍪 To provide you with the best experience, we use cookies. By continuing you agree to our usage. Read our Privacy Policy .
🍪 To provide you with the best experience, we use cookies. By continuing you agree to our usage. Read our Privacy Policy .