GDPR Notice

Zymé Lab complies with the EU General Data Protection Regulation (Regulation (EU) 2016/679). This notice summarizes your rights and how to exercise them. It complements our Privacy Policy.

Data controller

Zymé Lab is the controller of the personal data you submit through this website. Contact: hello@zymelab.co.

Lawful bases

• Consent — when you submit our contact form.
• Legitimate interests — responding to business inquiries, securing our systems.
• Legal obligation — where applicable record-keeping is required.

Your rights

• Access — request a copy of the data we hold about you.
• Rectification — ask us to correct inaccurate data.
• Erasure — request deletion ("right to be forgotten").
• Restriction — ask us to pause processing.
• Portability — receive your data in a portable format.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — at any time, without affecting prior lawful processing.
• Lodge a complaint — with your local supervisory authority.

How to exercise your rights

Email hello@zymelab.co with the subject line "GDPR request" and describe what you would like us to do. We respond within 30 days, as required by Article 12.

International transfers

Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses with our infrastructure providers.

Retention

We retain inquiry data for up to 24 months after our last contact, unless a longer period is required by law or you request earlier deletion.