Privacy & Cookies

Our Privacy Statement describes how we process your personal information. Please take the time to read it carefully.

18/09/2023 (Revision:01)


At ENFER, we take your privacy seriously. It is important that you know exactly what we do with personal information that you and others provide to us, why we gather it and what it means to you. This document is being provided to you in line with our obligations under the General Data Protection Regulation (GDPR) and Data Protection Act 2018.

Enfer is committed to protecting all personal, special, and criminal categories of data held on you.

As such, we want you, the ‘data subject’, to understand how we collect, use, store, and share your personal data as a Data Controller. We also want you to understand what rights you can invoke to help you to protect your privacy. In this regard, it is important that you read this Privacy Notice and understand how we use your personal data. If you are under 16 years of age, please read this summary with a parent or guardian and ensure you understand it. Please note that we reserve the right to update this Privacy Notice as required.

1.1 ELDA biotech Information

ELDA biotech Ltd, a member of the Enfer Group, is a genomics solutions company that specialises in sequencing of nucleic acids for testing or analysis purposes. Additionally, in the pandemic emergency due to COVID-19, ELDA provided its services in order to process COVID samples for virus lineage determination.

ELDA biotech Ltd is committed to protecting the rights and privacy of individuals in accordance with European and Irish data protection legislation. ELDA biotech Ltd shall lawfully and fairly process personal data about employees, patients, clients, and other stakeholders to achieve its mission and functions.

Throughout this document, ‘we’, ‘us’, ‘our’ and ‘ours’ refer to ELDA biotech Ltd (ENFER). 

1.2 Data Protection Legislation

All personal data processed by Enfer is done so in accordance with the General Data Protection Regulation (GDPR) and the Irish Data Protection Act (DPA) 2018.

1.3 Queries and Complaints

If you are unhappy with the way we handle your personal data and wish to complain, or if you simply want further information about the way your personal data will be used, please contact us at the below:

Data Protection Officer


Unit T, M7 Business Park, Newhall, Naas

Co Kildare

Telephone: 045 819 000


You have the right to lodge a complaint with the Data Protection Commission. To contact the Data Protection Commission, please use the following details:

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2

D02 RD28


Telephone: +353 (0)761 104 800

Telephone: +353 (0)57 868 4800


1.4 Personal Data Breaches

Enfer will take all appropriate technical and organisational steps to safeguard and protect your personal data. In the unlikely event of a data breach, we will contact you in line with our legal obligations.


We may collect and process the following personal data about you:

  • Full name.
  • Date of birth.
  • Address.
  • Eircode.
  • Phone/Mobile number.
  • Email address.
  • Your financial details.
  • Your marital status.
  • Health data.
  • Your passport/ID information.
  • Online identifiers, e.g. Cookies
  • other personal information such as: criminal conviction data; telephone recordings; CCTV images at locations and information provided when exercising your rights under Section 10 below.

We collect information (i) you give us; (ii) information from your use of our services or our website AND (iii) information provided to us by third parties.

For further details on information collected from our website, please refer to section 7. What are cookies?


We may use your personal data where necessary for the following purposes:

  • To provide you with a range of genomics products and services to various industries. 
  • To conduct clinical tests for personnel who require this service.
  • To process clinical tests for and on behalf of Enfer Clients.

Under data protection law, Enfer must ensure that it has an appropriate lawful basis for the processing of your personal data and let you know what that basis is.  We will be processing your personal data based on the following lawful basis:

  • you have agreed or explicitly consented to the using of your data in a specific way (you may withdraw your consent at any time).
  • the use is necessary in relation to a service or a contract that you have entered into or will enter into (e.g., to provide you with laboratory services or because you have asked for something to be done so you can enter into a contract with us, or because you are applying for an open vacancy).
  • the use is necessary because we have to comply with a legal obligation, regulatory authorities, and law enforcement;
  • the use is necessary to protect your “vital interests” in exceptional circumstances; and
  • the use for our legitimate interests (which you may object to) such as managing our business including credit risk management, providing service information, conducting marketing activities, training and quality assurance, and strategic planning and the purchase or sale of assets.

Where the personal data includes special category personal data, Enfer may seek to rely on:

  • Explicit consent from the data subject.
  • processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent
  • processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy; and
  • processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

We will only use personal data for the purpose of our processing activities mentioned in the previous paragraph (3. Purpose of Processing and Legal Basis).

Also, in certain circumstances we will process your information on behalf of other Third-Parties and under their instructions in order to provide our services.  In these specific situations, third parties act as Data Controller and Enfer as Data Processor. Third parties will provide us your personal data to enable us to complete the provision of the service that data subjects directly agreed with them initially.


We will take all steps reasonably necessary to ensure that personal data is treated securely in accordance with this Privacy Notice and the relevant law.

In particular, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we manage, collect and store.


When providing our services to you, we may share your information with:

  • your authorised representatives.
  • third parties with whom: (i) we need to share your information to facilitate transactions you have requested, and (ii) you ask us to share your information.
  • ENFER Group companies.
  • service providers who provide us with support services e.g. LIMs provider
  • statutory and regulatory bodies (including central and local government) and law enforcement authorities.
  • third parties in connection with a sale or purchase of assets by us: persons making an enquiry or complaint; debt collection agencies, budgeting and advice agencies, tracing agencies, receivers, liquidators, examiners, Official Assignee for Bankruptcy and equivalent in other jurisdictions.
  • trade associations and professional bodies, non-statutory bodies, and members of trade associations.
  • pension fund administrators, trustees of collective investment undertakings and pensions trustees, insurers/re-insurers, insurance bureaus.
  • healthcare professionals and medical consultants.
  • business or joint venture partners.

When we engage another organisation to perform services for us, we may provide them with information including personal data, in connection with their performance of those functions. We do not allow third parties to use personal data except for the purpose of providing these services.


A cookie is a small data file that is transferred to your device (e.g. your phone or your computer) which collects information, including personal information about you. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of websites. For example, a cookie could allow our website to recognise your browser, while another could store your preferences and other information and let you navigate the website effectively.

Cookies can also help to ensure that adverts you see online are more relevant to you and your interests.

Types of cookies used on this website

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Strictly Necessary Cookies

Cookie Subgroup


Cookies used

Necessarycookieyes-consentCookieYes sets this cookie to remember users’ consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors. Duration: 1 Year.
NecessaryelementorThe website’s WordPress theme uses this cookie. It allows the website owner to implement or change the website’s content in real-time.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Performance Cookies

Cookie Subgroup


Cookies used

Analytics_ga_*Google Analytics sets this cookie to store and count page views. Duration: 1 year 1 month 4 days
Analytics_gaGoogle Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics  report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. Duration: 1 year 1 month 4 days

Managing and disabling cookies

Any cookie that is not Strictly Necessary is not active by default and does not send information to the resource it is called from. Accepting all cookies, makes all cookies active. You can modify your cookie preferences for the website at any time by clicking on the ‘Cookie Settings’ button below.


Clicking on above brings you to pop-up similar to this: 


The retention periods for your data are subject to legislation and regulatory rules we must follow, set by authorities such as the HSE, Revenue Commissioners, Irish National Accreditation Board.   


In some cases, we may transfer information about you and your products and services with us to our service providers and other organisations outside the EEA. We will always take steps to ensure that any transfer of information outside of the EEA is carefully managed to protect your privacy rights.  All cross-border data transfers to countries outside the EEA will be done in accordance with guidelines laid down by the European Commission and the European Data Protection Board. Detailed Data Transfer Impact Assessments will be carried out prior to such data transfers and Standard Contractual Clauses (where applicable) will be put in place as appropriate safeguards.


You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your personal data:

  • The right to withdraw your consent to the processing of Personal Data at any time.
  • The right to access your personal data.
  • The right to request the rectification of your personal data.
  • The right to be forgotten (RTBF) or to erasure of your personal data (where appropriate).
  • The right to restrict the use of your personal data.
  • The right to object to the processing of your personal data.
  • The right to receive your personal data, which you provided to us, in a structured, commonly used, and machine-readable format or to require us to transmit that data to another controller (where applicable); and
  • Information on the existence of automated decision-making, if any, as well as meaningful information about the logic involved, its significance and its envisaged consequences.

Vindication of your rights shall not affect any rights which we may have under Data Protection Law. You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law has taken place.

If you wish to exercise any of the rights set out above, please contact us at:

Data Protection Officer


Unit T, M7 Business Park, Newhall, Naas

Co Kildare

Telephone: 045 819 000


In certain circumstances we act under instructions given by third parties, and we may not be in condition to provide you with your personal data or fulfil your rights request. In these cases, you may need to contact the primary party in this process, or we can support you in redirecting your query to the relevant party in order to ensure the respect of your individual rights and freedoms.


We will post any changes on the website and when doing so will change the updated date at the top of this Privacy Notice. Please make sure to check the date when you use our services to see if there have been any changes since you last used those services. If you are not happy with any changes that we have made you should cease using our services.

In some cases, we may provide you with additional notice of changes to this Privacy Notice, such as via email. We will always provide you with such additional notice well in advance of the changes taking effect where we consider the changes to be material.