This privacy policy sets out how we protect and manage any personally identifiable information and/or data that is held as a result of any website dealings you may have with Aparito in compliance with GDPR.

Aparito is committed to ensuring that your data, including any personally identifiable information (PII), is secure.


To prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. We limit access to PI to authorized employees and third parties who need access to perform the business activities described in this notice. Although we strive to protect the PI we process and maintain, no security system can prevent all potential security breaches.

Visitors to our website

Our website may contain links to other websites of interest. Please note that once you leave our website we have no control over other websites and cannot be held accountable for any aspect of data privacy and protection.

Use of cookies

Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites. We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass personally identifiable data to third parties

Customers and Business Contacts

Aparito processes personal data about contacts of existing and potential customers and/or any individuals associated with them through emails, by phone or electronic calendar invites. We process this personal data solely for our business contract and on the basis that it is in our legitimate interests to do so (i.e. to ensure that we can manage our relationship with our customers). This information will be retained securely for as long as necessary for the purposes set out for that business contract.

Personal Data, such as emails or phone numbers, will never be given or shared with 3rd parties without express permission.

In addition, we also have in place procedures and measures to manage and protect commercially confidential information we are required to handle through delivering our services for customers. These are normally dealt with through specific NDAs and contractual agreements as required.

When using Garmin devices, Location data is required as part of the pairing process and syncing data. We do not store this data within our apps and never share it. 

Social media

We use third-party providers including LinkedIn and Twitter to manage our social media interactions and they all have their privacy policies. If you contact us via social media (for example by Tweeting us), we will use your social media handle and name, together with any other personal data you provide in your communication, to respond to your correspondence. We do this on the basis that it is in our legitimate interests to do so to make sure that we handle correspondence appropriately.

Recruitment – Job applicants, Current and Former Employees

Aparito is the data controller for all information you provide during the processes of recruitment and employment.

We will only collect the information we need to progress and assess your application during the various recruitment stages; this may include third parties such as recruitment agencies. This will only be used to progress and assess your application and we do this on the basis that it is necessary to take steps at your request to decide whether to enter into a contract with you.

If you are not successful in your application, any recruitment documentation not required is confidentially destroyed and/or electronically deleted at the end of each piece of recruitment. If you are successful in your application, your personal data will be used per our Employee Data Privacy Notice, which will be provided to you on induction.

Where we transfer and process Personal Information

This website is owned and operated by Aparito Limited in Wales (United Kingdom).

With the exception of trial-related personal information, your PI may be transferred and processed by and between Aparito and Eli Lilly and Company, its affiliates and wholly-owned subsidiaries, and third parties worldwide. When transferring PI across country borders, Lilly utilizes appropriate transfer mechanisms as applicable (which may include consent, Standard Contractual Clauses, existing adequacy decisions, intra-corporate data transfer agreements, etc.). To obtain additional information regarding the mechanism for transfers that Lilly has in place for cross-border transfers of PI, please contact us at or visit

Your rights in respect of Personal Information

You may request details of personal information which we hold about you and exercise any rights by writing to, calling, or emailing us at:

Data Protection Officer

Aparito, Unit 11 Gwenfro

Wrexham Technology Park

Croesnewydd Road



Telephone: +44 1978 896 191

You have the right to ask us to correct inaccurate personal data that we hold about you. You also have the following rights:

  • A right to ask us to erase personal data in some circumstances.
  • A right to ask for an electronic copy of some personal data to transfer it to another data controller.
  • A right to object to the processing of your personal data where we process it on the basis of our legitimate interests.
  • A right to ask us to restrict the processing of your personal data in some circumstances.
  • A right to opt-out of direct marketing.
  • A right not to be subject to wholly automated decisions that have significant effects on you.

 Changes to Our Privacy Practices

Aparito may change this policy from time to time and update this page. You should check this page from time to time to ensure that you are happy with any changes. We will always handle your PI in accordance with the Privacy Statement in effect at the time it was collected unless we provide you with the new notice and/or obtain your consent, as appropriate. This policy is effective from 23rd May 2024.

If you are not happy with how we have processed your personal information, you have the right to complain to the Information Commissioner’s Office. Please see for more information on how to do this.