PRIVACY NOTICE

This privacy notice (Privacy Notice) sets out the ways in which we, Clustermarket Limited (we, us, our), collect and use your personal data in connection with our business. It also explains your rights in respect of your personal data.

CONTENTS

1. Introduction

2. About us

3. Information we may collect about you

4. How we collect personal data

5. How we use information about you

6. Who we might share your information with

7. How we look after your information

8. How long we keep personal data

9. How you can help to keep your information safe

10. International transfers of your information

11. Your rights to the information we hold about you

12. Third parties and links

13. Changes to this Privacy Notice

1. INTRODUCTION

In this privacy notice, the capitalised terms below have the following meanings:

  • User: means a user of our online Portal who requests and uses equipment, laboratory and technical services from a Provider.
  • Listing: means information published on the Platform by Providers about available equipment, laboratory and technical services.
  • Marketplace: means the online marketplace which provides Users with access to instruments and services from scientific organisations via the Platform;
  • Personal data: means any data which can be associated with you as an individual, either directly or indirectly.
  • Platform: means our websites (https://www.clustermarket.com/) and our Portal (https://app.clustermarket.com/).
  • Portal: means our online portal which provides access to our SaaS Services and Marketplace.
  • Provider: means a user of the Portal who makes available equipment, laboratory and technical services via our Portal.
  • SaaS Services: means the services provided through the Platform which enable users and providers of scientific and technical resources, laboratory facilities, equipment and services, to schedule and manage equipment, report and analyse use of equipment and laboratories, undertaking asset monitoring and such other services as described on our Platform.
  • Services: means the SaaS Services and Marketplace.

The Platform is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13. If you are under the age of 13, please do not access the Platform at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 13.

2. ABOUT US

We are a company registered in England and Wales under company number 09485659 with our registered address as set out below. We are registered as a data controller with the Information Commissioner's Office (ICO) under number ZA816561.

You can contact us as follows:

FAO: Johannes Solzbach (CEO)

Address: 34 Lime Street, London, England, EC3M 7AT

Email: info@clustermarket.com

3. INFORMATION WE MAY COLLECT ABOUT YOU

We collect different information depending on how you use our Platform, the Services you engage with and how you interact with us. If you use our SaaS Services and Marketplace, we collect:

  • Identity and contact data: names, work addresses (where applicable), email addresses.
  • User Profile data: when you register for user profile you will provide a password, log-in details, and a sector (academia or industry), and optionally your job title/position, gender, phone number and language preferences. We may also ask you to provide proof of your authority to register for a user profile on behalf of your organisation (where applicable). We will never have access to or visibility of your password.
  • Information transmitted via the Platform: we will collect information that you upload or post to your profile:

a. where you are using the SaaS Services: details of any laboratories that you use or are affiliated with, details of any equipment or facilities bookings (such as time and duration), any information and reports in respect of your use of the equipment, facilities or laboratories undertaken through the SaaS Services;

b. where you are using the Marketplace: reviews, details of products, facilities and services you offer, availability dates) and/or any correspondence, agreement and/or interactions that you may have with other Marketplace users.

  • Usage and transaction data: information about how you use the Platform (pages viewed, searches, requests, bookings etc.), and any communications we may receive from you, including in response to any surveys.
  • Payment data:

a. If you are an admin user on behalf of your organisation, we will collect payment details on behalf of your organisation or institution, including details required for the payment method and a billing address;

b. If you use the Marketplace and you make transactions via our Portal, you will need to provide payment details, which may include billing addresses and bank account details. We do not collect credit/debit card details: if you choose to pay by card, all card information is collected direct by our payment processor(s).

c. We use: 1) Stripe as our payment processor for payments that are made by credit or debit card on a subscription basis; or 2) Braintree where you are using our Marketplace and choose to pay by credit or debit card. We also use ChargeBee, a subscription management platform, to help us manage payments. Credit or debit card information is sent directly via ChargeBee to the relevant payment processor (currently Stripe) but we are able to access limited payment information, including the payment method that you have chosen to use and the last three digits of your card number.

  • Technical data: your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Platform.
  • Social media data: if you interact with us via social media, we may collect the information that you have shared on the relevant platform.
  • Marketing and communications data: including your preferences in receiving marketing and other communications from us and whether you would like to attend events we are hosting

We do not collect 'special categories' of personal data (such as your race or ethnicity, religious beliefs, sexual orientation, health and whether or not you have any disability) via the Services on our Platform.

4. HOW WE COLLECT PERSONAL DATA

Different personal data is collected in different ways. You may provide some of the data to us directly, or we may collect it automatically or (less frequently) from a third party.

a) Personal data that you provide to us. We will collect personal data that you provide to us, including when you:

  • make an enquiry or correspond with us by email, through our Platform, or over the phone;
  • create or update your account or user profile on our Platform;
  • use our Platform (e.g. when you fill in a form, conduct a search, post a Listing, submit reviews or comments, or interact or contract with other Platform users);
  • subscribe to our newsletter or mailing lists;
  • register to attend our events or meetups; and/or
  • ‘follow’, ‘like’, post to or interact with our social media accounts, including Facebook, LinkedIn, Twitter, Xing and Instagram.

b) Personal data we collect automatically.

As you use our Platform, we will collect certain technical data including your operating system, browser type, the Internet Protocol (IP) address used to connect your device to the internet, and your usage habits, patterns and preferences. We collect this data using cookies, beacons and similar technologies.

Cookies are small amounts of information in the form of text files which we store on the device you use to access our Platform. Cookies allow us to monitor and simplify your use of the Platform.  

For more information about the cookies we use, and information about how to block or reject cookies, please visit our Cookies Policy.

c) Information we receive from third parties

In certain circumstances, we will receive information about you from third parties, including (as applicable):

  • Other Portal users: we may receive personal information from other Portal users (who may be based inside or outside of your organisation). If you have used our SaaS Services, this may include information equipment scheduling or managing bookings that are connected to another user’s profile or account. Where you have used the Marketplace, this could include: reviews by other users, details about the services you offer, information relating to transactions and/or correspondence between Platform users.
  • Fraud detection agencies: where permitted or required by law, we may receive demographic data or fraud detection information from third party service providers and/or partners.  This information is limited in scope and includes whether a payment has been rejected and the reason why. For example, we may receive a notification alerting us that the card you tried to use to make a payment has expired, or that there is fraudulent activity suspected on your profile, account or card.
  • Our service providers: we may collect personal information from our Platform developer, IT support and security providers, customer service support provider, survey tool providers and payment services provider. If you log in to our  live chat support tool via your social media or email account, we will be able to see your user name from the relevant service and any information that you choose to post in the chat box.
  • Marketing partners: we might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.

5. HOW WE USE INFORMATION ABOUT YOU

We will only use your information where:

a) We need it to provide our Services to you (in order to perform our contract with you).

We need to process some of your data to give you access to the Platform and to provide our Services. We will use your identity and contact data, your user profile data, the information you transmit through the Platform, your payment data and some technical and usage data to make sure that the Portal functions properly, you can utilise the Services and enable you to communicate and transact with us and other users.  This also includes any other uses of your data which are covered by our terms and conditions, including notifying you of any changes and resolving any disputes between Portal users.

b) We have a reasonable business purpose (legitimate interest) for doing so.

We will use your information for our legitimate business reasons where our doing so will not unduly affect your rights.

We will use your identity, contact, user profile and usage information to keep our records up to date, provide you with user support, and to provide you with updates and information (where the law allows this).

We will use your technical information to:

  • provide and make improvements to the Platform, Services, system maintenance, support, reporting and hosting of data, and troubleshooting;
  • ensure that the Platform is secure;
  • analyse how users interact with the Platform or Services;
  • inform our marketing strategy; and
  • address any issues you may experience with the Platform or Services.

We use social media and usage data to develop and promote our business.

We may also use any or all of the information we collect about you to administer and manage our business in general, including for analytical and research purposes.

c) You have given us permission to do so.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you or where we are otherwise required to collect your consent by law. You have the right to withdraw your consent to marketing communications at any time by contacting us or using the unsubscribe feature in our emails.

Unless you have opted out to our mailing lists, we will send you updates and marketing information that you have consented to receive. Likewise, we may need your contact, identity, technical and/or usage information to respond to a question you have asked us.

d) To comply with a legal or regulatory obligation.

In certain circumstances, we may need to retain or use your data to comply with regulations and/or the law.

6. WHO WE MIGHT SHARE YOUR INFORMATION WITH

Some of your personal data (particularly your user profile information and contact details) will be shared with other Portal users so that you can interact and utilize our Services, and for the Marketplace this involves enabling you to transact, communicate with and review other users.

The personal data that is shared with other Portal users through our SaaS Services depends on your access rights to, and role, on the Portal. Organisation, department and laboratory administrators, as well as instructors on the platform, can access the full name, email address and phone number (optional) of all users that have been setup within their laboratory, whilst researchers can access name and email addresses of other Users, students can only access names of other Users, and third party guests who access the Portal cannot see any personal data relating to other Users.

Your name and email address may be shared with Clustermarket's partners where we are collaborating with a third party company in order to run an event. In this case, we will not share any of your personal data with our partner(s) unless you have registered your interest in, or to attend, the event

We also share certain information with our trusted third party service providers, such as cloud computing providers and customer support software, as well as other providers from time to time to allow us to provide our Services to you. When we share your information with our service providers, we will ensure that your data is kept secure and used only in accordance with this notice and UK data protection laws. Our service providers include:

  • IT development, administration, security and support (including mailing, live chat and survey tools and maps providers);
  • marketing and advertising services (including the Google Adwords service, and Customer.io in order to send out our newsletter and marketing information) and analytics providers (including Google Analytics);
  • payment providers, including Stripe, ChargeBee and Braintree;
  • identity verification and fraud prevention and detection services;
  • banking and professional services providers; and
  • client relationship management platforms.

We may update our service providers from time to time, depending on our business needs and relationships with those third parties. For more information on our sub-processors, please visit: https://clustermarket.com/sub-processors.

If you have chosen to use to integrate our Platform with third party software via our APIs, we will share limited personal data (such as your name and email address) with that third party software provider in order to facilitate your access to their services or API. Their use of your personal data will be subject to their own privacy notice and we advise you to read their privacy notice before agreeing to using the API. Further information will be made available to you as part of the sign-up process when accessing the third party platform through the API with Clustermarket.

On rare occasions, we may share personal data when we believe it is necessary to comply with the law, regulation or a legal request (including a court order or government inquiry); to enforce or apply our terms of use or other agreements; or to protect our rights, property, or safety or those of our employees, customers, or others.

Further, we may also be required to share your personal data with third parties to whom we may choose to sell, transfer or merge all or parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. We will seek to anonymise your personal data where it is possible to do so. However, this is not always possible, in which case any third parties who we enter into discussions with in respect of a company reorganisation or restructure will be bound by confidentiality provisions. If a change happens to our business, then the new owners or company may use your personal data in the same way as set out in this privacy policy.

7. HOW WE LOOK AFTER YOUR INFORMATION

We operate a practice of 'privacy by design'. This means that we have based our business around your privacy by looking for opportunities to minimise and protect the personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:

  • ensuring the digital security of our Platform by protecting it using Secure Sockets Layer (SSL) encryption;
  • ensuring that your access to the Portal is password protected;
  • ensuring the physical security of our offices or other sites;
  • ensuring the physical and digital security of our equipment and devices by using appropriate password protection;
  • maintaining a data protection policy for, and delivering data protection training to, our employees; and
  • limiting access to your personal information to those in our company who need to use it in the course of their work.

8. HOW LONG WE KEEP PERSONAL DATA

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your data (although this is not always the case): see Section 11 below for further information.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

If you would like further information in respect of our Data Retention Policy, please email us at info@clustermarket.com.

9. HOW YOU CAN HELP TO KEEP YOUR INFORMATION SAFE

You can also play a part in keeping your information safe by:

  • choosing a strong account password and changing it regularly;
  • using different passwords for different online accounts;
  • keeping your booking references and passwords confidential and avoiding sharing your login with others;
  • making sure you log out of the Portal each time you have finished using it. This is particularly important when using a shared computer;
  • letting us know if you know or suspect that your profile, account or booking has been compromised, or if someone has accessed your account without your permission;
  • keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software; and
  • being vigilant to any fraudulent emails that may appear to be from us. Any emails that we send will come from an email address ending in ‘@clustermarket.com’.

10. INTERNATIONAL TRANSFERS OF YOUR INFORMATION

Our company is located in the UK and our Platform is hosted on servers located in the EEA.

When we transfer your data outside of UK or the EEA to a country which the European Commission or UK Secretary of State does not deem to have adequate data privacy laws, we will ensure that such transfer(s) are in accordance with applicable data privacy laws. We enter into GDPR-compliant data processing agreements with each subprocessor, extending GDPR safeguards everywhere personal data is processed (specifically Model Clauses pursuant to European Commission decision 2004/915/EC or 2010/87/EU (as appropriate) and/or the UK International Data Transfer Addendum, as applicable.

Please contact us using the contact details at the top of this Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

11. YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU  

You have certain rights over your personal data. You may:

  • require us to rectify the personal data we hold about you, where that data is incorrect;
  • require that we restrict the processing of your personal information in certain circumstances;
  • request access to the personal data that we hold about you;
  • require that, in certain circumstances, we delete the personal information we hold about you;
  • require that we provide you with the information that we hold about you in a structured, commonly used and machine-readable format; and/or
  • withdraw your consent to our using your data for marketing purposes at any time.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”), which is the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, be grateful if you would contact us in the first instance so we can endeavour to deal with any concerns direct.

If you wish to exercise any of these rights, please contact us at info@clustermarket.com.

To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access or making corrections.

12. THIRD PARTIES AND LINKS

You might end up providing personal information directly to third parties as a consequence of your interactions with our Platform and the Services offered by Clustermarket. For example, your name and other personal information will be shared with other Platform users when you correspond with them via the Platform, you may provide your name and booking details directly to a Provider when you attend their facilities, or you may attend an event hosted by us where you communicate personal information directly with other attendees. Clustermarket is not responsible for how such third parties use personal data provided by you.  

Please be responsible with personal information of others when using our Platform and the services available on it, and the services and facilities of (e.g. by following instructions to delete personal data from Provider equipment once your booking has finished). Clustermarket is not responsible for your misuse of personal information, or for the direct relationship between you and others when takes place outside of the Platform or our Services.

Likewise, the Platform may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Platform, we encourage you to read the privacy notice of every website you visit.

13. CHANGES TO THIS PRIVACY NOTICE

We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your user profile information or contacting us via the contact details at the top of this Privacy Notice.

This Privacy Notice was last updated on 31 July 2025.