Privacy Policy

  1. Overview

At Archer Daniels Midland (“ADM”) Protexin (“we,” “our” or “us”), we are committed to protecting the confidentiality, accuracy and integrity of any personal data you provide to us. We always strive to safeguard such data from misappropriation, loss, misuse, unauthorized access, disclosure and/or alteration. We only collect personal data that is relevant for our described purposes.

  1. Controller

ADM Protexin Limited

Lopen Head

South Petherton

Somerset

TA13 5JH

Phone: +44 (0)1460 243230

Email: info@Protexin.com

  1. Data Protection Officer

You can contact the Data Protection Officer in relation to any questions, comments or complaints you have regarding your personal data.

Email: dataprivacyEMEA@adm.com

  1. Purpose and Legal Basis

As part of our activities, we process personal data of various data subjects (e.g., website users, prospects, customers) to the extent permitted by law. Below and according to each processing situation, you will find information about how we process your personal data, the purpose for our processing of your personal data and the legal basis for our processing of your personal data according to the UK GDPR.

  1. Recipients of your Personal Data

Here you will find information about recipients to whom we may need to share your personal data. We only share your personal data where it is necessary and according to the applicable legal basis.

Recipient

Function

ADM Group

ADM may share your personal information with subsidiaries and affiliated companies to provide the services you have requested. These subsidiaries and affiliated companies will handle your personal data in accordance with this Notice.

Unaffiliated third parties

ADM may share your personal data with unaffiliated third parties:

1. who perform administrative, marketing, professional or technological support functions;

2. with whom we enter into joint venture agreements, branding agreements or other strategic alliances, or in the event of a sale, merger, reorganization, liquidation or other similar event;

3. who help us to process your requests to do business with ADM, such as processing a credit application, performing a background check based on reference information, managing ADM account information, or facilitating trading and processing payments;

ADM may also share your personal data with third parties who assist us with our job postings, or with whom we have agreements.

Authoritative Bodies

ADM may be required to disclose personal data by statutory law or regulations, or legal process with competent authorities. We reserve the right to contact appropriate authorities when activities occur that we suspect are illegal and/or violate our policies.

  1. Transfer to third countries and/or international organisations

Where we transfer personal data in outside the European Union / European Economic Area, ADM will ensure that the necessary requirements of the UK GDPR are met and appropriate safeguards for the protection of your data are in place.

If a transfer is based on an adequacy decision pursuant to Art. 45 UK GDPR, you will find an overview of the existing EU adequacy decisions under this link.

If a transfer is based on standard data protection clauses of the EU Commission pursuant to Art. 46 para. 2 lit. c UK GDPR, you will find the corresponding templates of contractual clauses, under this link.

If you would like more information as to how we protect your personal data in these circumstances, please contact the Data Protection Officer with the contact details that we provided above.

  1. Storage of your Personal Data

We store your personal data for a period reasonable for our purposes of processing and/or for a period of time that is required of us by local applicable law. Personal data will be deleted as soon as the purpose of the processing no longer applies or there is a reason for deletion in accordance with Art. 17 para. 1 UK GDPR (e.g. the revocation of a given consent) and no exception to the deletion obligation in accordance with Art. 17 para. 3 UK GDPR applies.

  1. Your Rights

As a data subject, you have the following rights:

  • Right of access (Art. 15 UK GDPR)

  • Right to rectification (Art. 16 UK GDPR)

  • Right to erasure (Art. 17 UK GDPR)

  • Right to restriction of processing (Art. 18 UK GDPR)

  • Right to data portability (Art. 20 UK GDPR)

  • Right to object (Art. 21 UK GDPR)

Where your personal data is processed for the purpose of performing tasks carried out in the public interest (Article 6(1)(e)), for the purpose of legitimate interests of the controller (Article 6(1)(f)), or for the purpose of direct marketing and profiling related to this (Article 21(2)), you are able, based on the grounds relating to your particular situation, to object to the processing of your personal data.

Where the processing of your personal data is based on your consent, you are not able to object to this processing pursuant to Article 21 of the UK GDPR. However, you do have the right to withdraw your consent based on Article 7(3) of the UK GDPR. This shall have the same practical effect as objecting to the processing, should you wish to do so.

If you wish to exercise these rights, please contact our DPO at dataprivacyEMEA@adm.com.

  1. Complaints

You can contact the ICO (Information Commissioner’s Office) to raise concerns or lodge a complaint about our handling of your personal data.

  1. External Links

This website may provide links to external websites. When you click on one of these links, you will be transferred from this website and connected to the website of the organization or company that you have selected. Even if an affiliation exists between ADM and such a website, ADM may not exercise any control over linked sites and we do not imply any endorsement of the activities of these websites. Unless specifically stated, this Privacy Notice does not govern the data collection and use practices of those websites and we cannot ensure they are compliant with the data protection standards contained in this Privacy Notice.

If you visit a website that is linked from this website, you should familiarize yourself with that site’s privacy practices before providing any personal information.

  1. Processing Activities

  2. a) Website Usage

Our online services are intended to provide information about our company and our services, to initiate or conclude contractual relationships, and to communicate and interact with our customers and prospects.

For these purposes, we also process personal data. The scope and legal basis of data processing depend on the services requested by the user, the respective browser configuration, and the extent of any consents given.

  1. b) Account Registration

To place orders on our e-commerce platform, it is necessary to register for a personal customer account. Guest purchases are not possible. The registration allows us to process your orders effectively, manage your customer information, and provide you with an optimal shopping experience. The personal data collected during account registration, including contact information and order history, is processed based on Article 6(1)(b) UK GDPR, as it is required for the fulfilment of the contractual relationship.

  1. c) Registration via Single Sign-On (SSO)

We offer you the option to log in to our services via the "Single Sign-On" (SSO) feature. When you log in using SSO, you will be redirected to the respective third-party provider's website, where you log in with your credentials. Personal data (such as your name and email address) may be shared with us by the third-party provider when you use this login option. We use this data only to create your customer account with us or to provide you with access to our services. There is no permanent connection between your customer account and your account with the third-party provider.

Categories of Processed Data may include:

  • Account data from the third-party provider (e.g., name, email address)

  • IP address

  • Timestamp of registration

The processing of data obtained through SSO is based on Article 6(1)(f) UK GDPR, as we have a legitimate interest in simplifying the registration process. We store the data until the stated purposes of processing are achieved.

Further information about data processing by the third-party providers can be found in their privacy policies:

  1. d) Online Shop

In the context of using our online shop, we process personal data for order fulfilment, contract management, as well as for advertising purposes and personalized marketing activities. The processing is carried out on the basis of Article 6(1)(b) and (f) UK GDPR. Our legitimate interests lie in the design, operation, and availability of digital products, customer acquisition, retention, reactivation, and the promotion of sales activities. Additionally, the processing ensures the operation, integrity, and security of our digital products. The categories of data processed include master data, contact data, content data, contract data, payment data, usage data, and connection data.

  1. e) Web Technologies (Cookies & Co.)

To improve communication and interaction with our customers and to optimize the user experience, we use various software solutions and web technologies, including third-party tools for web analysis and marketing, as well as services for embedding third-party content such as fonts, maps, or videos.

Analysis tools are used to collect, measure, and analyse data points such as visitor numbers, visitor sources, pages visited, time spent on the website, or scroll depth. Marketing tools enable targeted delivery and evaluation of marketing activities (ad campaigns, affiliate advertising, multichannel analysis).

For reasons of ePrivacy and data protection, the use of such tools often requires the user's consent. To obtain and manage the required consents in accordance with Section 25(1) TDDG and, if applicable, Article 6(1)(a) UK GDPR, we use a consent management tool (CMT) (details in the following section).

Detailed information about the subject matter and scope of the corresponding consents and the resulting data processing is provided to you directly via the CMT.

Where consent is not required, personal data processing is carried out on the basis of Article 6(1)(f) UK GDPR for the described purposes, which also represent the interests pursued by us or our partners. The collection of data for providing the website and the storage of log files are essential for the operation of the website.

  1. f) Consent Management Tool

For consent management purposes, we use a consent management tool (CMT). When our website is accessed, a CMT cookie is set, through which the consents given for individual services are stored, and the corresponding activation or deactivation of functionalities can be managed.

The use of the CMT is intended to obtain the necessary consents and to document them in accordance with our obligation to provide proof. The legal basis for this is Article 6(1)(c) UK GDPR.

The CMT is provided by a service provider that processes the data on our behalf. The collected data is stored until you delete the cookie. Details on data processing by the CMT can be found in the user interface of the tool.

  1. g) Contact Inquiries

If you contact us via our contact forms, by email or live-chat, we process your personal data to respond to your inquiry or address your concern, typically based on Article 6(1)(f) UK GDPR, to fulfil legitimate business interests, particularly company communication.

Contract-related communication that is necessary to fulfil a contractual relationship with you or in the context of pre-contractual measures based on your request is carried out on the basis of Article 6(1)(b) UK GDPR.

  1. h) Newsletter Subscription

By subscribing to our newsletter, your personal data is processed to create a personalized experience and ensure you receive relevant content directly in your inbox. This processing is based on your consent, in accordance with Article 6(1)(a) UK GDPR. You can withdraw your consent at any time, which will result in the termination of any further newsletter delivery.

  1. i) Product / Purchase Reviews

In the context of collecting and publishing reviews, we process personal data to facilitate feedback collection, ensure quality control, and enhance our services. Customers are free to provide reviews, which can be submitted anonymously; however, if users choose to include identifiable information, personal data may be processed. The processing is carried out on the basis of Article 6(1)(f) UK GDPR. Our legitimate interests include ensuring the authenticity and integrity of reviews, fostering trust, and supporting transparency for future users. The categories of data processed may include contact data, content data, and, where applicable, usage data. This processing contributes to maintaining service quality, optimizing user experience, and upholding platform credibility.

  1. j) Social Media

Our website includes links (via icons) to social media platforms like Facebook and Instagram. These are simple links that do not transfer data when the page is loaded. If you are logged in when clicking the icon, your social media profile will recognize it. For privacy details, please visit the corresponding social media provider's privacy policy.

  • Clicking on the Facebook icon will redirect you to an internet presence of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. You can find information on the collection, storage, and use of your data by Facebook Inc. in their privacy policy: https://www.facebook.com/about/privacy/.

  • Clicking on the Instagram icon will redirect you to an internet presence of Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. You can find information on the collection, storage, and use of your data by Instagram LLC in their privacy policy: https://help.instagram.com/155833707900388.

  1. k) Google Analytics

In the context of website analysis, we process personal data using Google Analytics 4 (GA4), a web analytics tool provided by Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland). This tool is used to analyse user behaviour on our website, employing an event-based structure for data collection. The processing is carried out on the basis of Article 6(1)(a) UK GDPR, with your consent obtained via our cookie banner.

GA4 tracks events such as page views, clicks, and interactions, storing the data on Google servers and processing it to create usage reports. The insights gained from these reports assist us in optimizing our website and enhancing the user experience, supporting marketing strategy adjustments and the delivery of personalized content. Reports include user analytics (e.g., demographic data), engagement metrics (interaction and session duration), acquisition details (traffic sources), behaviour analysis (site interactions), conversion tracking, and real-time activity monitoring.

Google Analytics 4 uses pseudonymized user IDs assigned through cookies to monitor behaviour without direct personal identification. The data collected includes page views, event interactions (e.g., downloads), session duration, technical information (browser type, device, screen resolution, OS), geographic data based on anonymized IP addresses, and traffic sources.

Data is stored on Google servers, which may include locations in third countries such as the USA. Google adheres to the EU-US Data Privacy Framework to ensure data transfers comply with EU data protection standards. Details on Google’s data center locations can be found here.

The data retention period for Google Analytics 4 can be set to either 2 or 14 months, after which data is automatically deleted. You have the right to object to data processing and withdraw your consent at any time through our cookie settings.

Last Update: September 2025