Pairend Biotechnology is committed to protecting the privacy of the information you provide to us, including personal information and genomic data submitted by you when using our products and services.
What Information Do We Collect?
We collect, receive and store the following types of information:
Personally Identifying Information: We collect Personally Identifying Information from the Site ONLY when you choose to provide it to us. Personally Identifying Information (PII) is information that can be used to identify or contact you, including but not limited to your name, address, email address, company or institution affiliation, account identifiers, account password, payment information, credit card information and other billing data. In particular, we collect, receive and store the Personally Identifying Information you provide to Company when you purchase Services or sign-up or register with Company on the Site and/or for Services, including without limitation when you sign up for NGS Cloud or open any related account or membership, when you subscribe to a newsletter, respond to a survey, fill out a form, or complete your profile through the Site or Services.
Certain contact and other Personally Identifying Information may be necessary to use, sign up or register for Services, utilise certain features or functionality on the Site, or otherwise transact business with us. You can choose not to provide such information, but then you might not be able to use or take advantage of our Services, Site, business transactions or portions thereof.
Genomic Data: Genomic Data consists of genomic sequences, exomes, variant files, specific DNA or RNA sequences, gene sets and variant sets, as well as associated sample information, annotations, demographic descriptions (e.g., age, gender, ethnicity, background, etc.), phenotypic descriptions (e.g., disease conditions, health-related information, personal traits, family history) and other data that might be uploaded by you in connection with any such sequence data. We collect Genomic Data ONLY if you choose to provide it to us in connection with your use of our products or services.
User Content: User Content is information, data, text, files, software, graphics, music, audio, photographs, video, messages, communications or other materials, including Genomic Data, that you upload, submit, post or otherwise provide to the Site or Services.
For example, we receive and store User Content you provide to Company when you:
- use the Site, NGS Cloud or other Services; and/or
- post, upload or otherwise provide content, materials, reviews or other information on the Site or through the other Services; and/or
- fill out surveys or questionnaires or sign up for or enter promotions, events or other special activities through the Site or other Services; and/or
- communicate with Company or with other users or participants of the Site or other Services (including the content of such communications and information provided in connection with such communications); and/or
- provide information to third parties and their web sites, applications and services which are accessed or used by Company or through the Site and/or Services.
Information We Collect Automatically: We receive and store certain types of information whenever you interact with us. For example, we may automatically record your activity on the Site and in the Services, the time and date or your activities, your IP address, browser type, page views, domains and similar information. Also, we may automatically send and receive information to and from your computer which we use to automatically update our Services that you may use (new features, versions, bug fixes, etc.). Like many websites, we may also use “cookies” (see below), log files, web beacon technologies and other automated tools to obtain certain types of information when your web browser or application accesses our Services. We typically use this information for internal purposes such as to administer, develop, improve and customise the Site and the Services, to understand and analyse how the Site and Services are being used and to track, analyse and report on aggregate usage.
We comply with privacy and data protection laws and regulations applicable to us. Accordingly, if we receive or collect your Personal Data from Turkey we will comply with Personal Data Protection Law (“PDPL”) (please check the PDPL Information Text), if we receive or collect your Personal Data from the European Union or European Economic Area (“EU/EEA”) we will comply with any GDPR laws, rules and regulations that apply to us with respect to such Personal Data and you as a “Data Subject” under the GDPR. Accordingly, we will process any such Personal Data on the following basis:
- for the performance of any agreement between you and the Company such as to provide Services
- for the purposes of our legitimate interests related to the customer and business relationships between the Company and Data Subjects;
- to comply with legal obligations applicable to us, including legal corporate and accounting obligations.
Except with respect to Services we offer that are expressly indicated to be compliant with the Health Insurance Portability and Accountability Act (“HIPAA”), we do not purposefully collect, and request that you not provide, any individually identifiable health information and disclaim all responsibility or liability with respect to any such information provided to Company. With respect to any Services which are expressly indicated to be HIPAA-compliant, Company may receive such individually identifiable health information in compliance with applicable laws and regulations.
How Is Your Information Used?
Our primary goal in receiving information from you is to provide, administer, develop and improve our Services. Accordingly, Company may use the information submitted, collected or received from and/or about you for any of the following purposes:
- To operate, provide, administer, develop, and improve our Services (including without limitation the Site and NGS Cloud), and to operate and support Company’s related businesses.
- To better understand how users access and use our Services on an aggregated and individualised basis, to track and monitor usage, to conduct quality control, to fix technical and other errors or problems, and to respond to user desires and preferences.
- To analyse, compile and publish, on an aggregated basis, information regarding usage of the Services and related subjects of interest to the general public, to analyse, compile and publish aggregated data and statistics regarding genomic analysis, and to enhance annotations and database information within (and otherwise used for) the Services such as NGS Cloud and other genomic analysis products or tools of Company.
- For advertising, marketing and promotional purposes; however, we do not sell or rent your Personally Identifying Information to any third party.
- To provide personalised experiences and recommendations, language and location customisation, personalised help and instructions, or other responses to your usage of our Services.
- To track memberships, purchases and usage as necessary for the purpose of our complying with any third party agreements or obligations (such as, for example, making royalty or other payments to third parties). However, we will use reasonable efforts not to transfer Personally Identifying Information to such third parties, unless it is strictly required for such compliance.
- To communicate with or contact you concerning your account or membership or your usage of or participation in the Services, and for other customer service, This will include use of your e-mail address to send you messages and notices for the purposes described above and below.
- To bill you, process payments and for authorisation, account history and billing purposes. This may include credit card authorisation and verification for purchases made from Company, location verification for products and services which may have limited geographical access, and the like.
- To offer you content, services, or other products and services, including to develop new services and products.
- To provide you with news and newsletters, special offers, promotions, and targeted advertising.
- To comply with applicable laws, rules and regulations and any regulatory mandate or court order.
- To protect the safety of any person, to address fraud, security or technical issues, or to protect Company’s rights or property.
As used in this policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organisation or among our affiliates within Turkey, the EU or internationally.
When is Information Shared with or Disclosed to Others or the Public?
Information provided by our users is an important part of our business. Company will share and disclose user provided or collected information only as compatible with the purposes described above, when we have your consent (as may be provided by you from time to time through the Services or otherwise), and as described in this section as follows:
Public Forum: Any User Content or other user information, content or materials submitted or posted to public portions of the Site (such as discussion groups, bulletin boards and similar forums) or portions of the Service designed for broad user access (such as reviews, focused user groups, etc…) are or may be shared with the public without restriction. Company also reserves the right to publish or make publicly available any information that is already publicly available prior to the time first provided to or collected by Company or information that becomes publicly available without any action or omission on the part of Company.
Aggregated Data and Annotations: Company may publish and otherwise disclose
(a) on an aggregated basis, information regarding usage of the Services and related subjects of interest to the public,
(b) aggregated data and statistics regarding genomic analysis. Company may also disclose within the applicable Services themselves (such as NGS Cloud and other genomic analysis products or tools of Company) enhanced annotations and database information derived from your and other users’ usage of the Services.
Contractors and Agents: We may employ other companies and individuals to perform functions or otherwise act on our behalf. Examples include processing payments, resolving service problems, correcting errors related to the execution of the Services, sending postal mail and e-mail, removing repetitive information from customer lists, analysing data, providing marketing assistance (including data concerning marketing and promotional programs), hosting websites or software, developing websites and software, providing customer service, assisting Company with providing, administering, developing or improving the Services, and/or for other purposes within the ordinary course of business. These third parties have access to the Personally Identifying Information and other information needed to perform their functions on our behalf. We use reasonable efforts to require these companies to
(2) use your Personally Identifying Information only for the purposes for which the third party has been engaged by us. We are not liable for the acts or omissions of these third parties, except as provided by applicable law.
Business Transfers and Collaborations: As we continue to develop our business, we might sell the Company and/or its business or assets and/or sell or buy online sites, services, subsidiaries, or other businesses; or we might collaborate or partner with other companies in strategic transactions or licenses. In such transactions, customer and user information generally would be one of the transferred business assets or otherwise one of the components of, or involved in, the transaction, we may therefore share this information in connection with such a transaction.
We endeavour to comply with our obligations under the GDPR in relation to the storage, deletion, access and modification of your Personally Identifying Information. In particular, we respect your rights as a Data Subject under the GDPR to:
- access, modify or delete your Personal Data;
- restrict our processing of your Personal Data or to object to certain processing of your Personal Data; and
- to receive, under certain preconditions, your Personal Data in a structured, commonly used and machine-readable format and to transmit such data to another controller.
You may exercise these rights by updating your registration or membership profile, or sending us a written notice in accordance with the PDPL and the GDPR.
Cookies and Other Files
Log file information is automatically reported by your browser each time you access a web page. When you use the Services, our servers may record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other such information. When you use the Services, we may employ clear GIFs (also known as web beacons) or similar mechanisms which are used to track the online usage patterns of our users anonymously. No Personally Identifying Information from your Company account is collected using these clear GIFs. In addition, we may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting and make the Services better for our users.
Identity Theft and Related Abuses
Identity theft and the practice currently known as “phishing” are of great concern to Company. Safeguarding information to help protect you from identity theft is important to us. We do not and will not, at any time, request your credit card information, your account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.
Our Policy Toward Children
The Services are not directed to children under 18. We do not knowingly collect Personally Identifying information from children under 18. If we become aware that a child under 18 has provided us with Personally Identifying Information, we will delete such information from our files.
Your information may be transferred to – and maintained on – computers located in the United States of America as well as other locations and jurisdictions where we conduct business, which may be outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Company transfers Personally Identifying Information to the United States and processes it there, and your submission of such information represents your agreement to that transfer. With respect to Personal Data subject to the PDPL, GDPR, transfers of such Personal Data outside the Turkey, the EU/EEA are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission or Turkey in accordance with the GDPR and PDPL, respectively.
Limitation of Liability
(i) any special, indirect, consequential, incidental or punitive damages, costs, or liabilities whatsoever arising out of or resulting from your use of the Site, NGS Cloud or other Services, including from your uploading, posting, providing, storing, using, analysing and/or modifying your Genomic Data, Personally Identifying Information and other information; or
(ii) any loss, disclosure or use of your Genomic Data, Personally Identifying Information or other information.