Privacy Policy

NGS CLOUD GDPR NGS CLOUD HIPAA

Privacy Policy

updated on 06.01.2020

Pairend Biotechnology is committed to protecting the privacy of the information you provide to us, including personal information and genomic data submitted by you when using our products and services. 

This Privacy Policy describes the policies and procedures of Pairend Biotechnology. and it subsidiaries and affiliated entities (together, “Company”, “we” or “us”) with respect to the collection, use and disclosure of personal, genomic and other information received from users of platform.pariend.com, or corresponding sites on social media outlets or through corresponding applications on mobile devices (collectively, the “Site”) and from users of the products, services including the NGS Cloud AI-supported Genetic Data Analysis Platform (“NGS Cloud”), forums, databases, websites and applications offered or made available by Company (collectively, together with the Site, the “Services”). 

By using or accessing the Site, NGS Cloud or other Services, or by submitting information to Company, you consent to this Privacy Policy. This Privacy Policy applies only to information that you provide to us through the Services and not to information we collect by other means or from other sources. This Privacy Policy may be updated from time to time. We will provide notice of any changes by posting the new Privacy Policy on the Site. You are advised to consult this Privacy Policy regularly for any changes. All references herein to “you” and “your” include you as the individual user and, to the extent relating to your use of the Site or other Services, any company, institution or other entity employing, contracting or retaining you, or on whose behalf you are using the Services.

What Information Do We Collect?

We collect, receive and store the following types of information:

Personally Identifying Information: We collect Personally Identifying Information from the Site ONLY when you choose to provide it to us. Personally Identifying Information (PII) is information that can be used to identify or contact you, including but not limited to your name, address, email address, company or institution affiliation, account identifiers, account password, payment information, credit card information and other billing data. In particular, we collect, receive and store the Personally Identifying Information you provide to Company when you purchase Services or sign-up or register with Company on the Site and/or for Services, including without limitation when you sign up for NGS Cloud or open any related account or membership, when you subscribe to a newsletter, respond to a survey, fill out a form, or complete your profile through the Site or Services.

Certain contact and other Personally Identifying Information may be necessary to use, sign up or register for Services, utilise certain features or functionality on the Site, or otherwise transact business with us. You can choose not to provide such information, but then you might not be able to use or take advantage of our Services, Site, business transactions or portions thereof.

Genomic Data: Genomic Data consists of genomic sequences, exomes, variant files, specific DNA or RNA sequences, gene sets and variant sets, as well as associated sample information, annotations, demographic descriptions (e.g., age, gender, ethnicity, background, etc.), phenotypic descriptions (e.g., disease conditions, health-related information, personal traits, family history) and other data that might be uploaded by you in connection with any such sequence data. We collect Genomic Data ONLY if you choose to provide it to us in connection with your use of our products or services.

User Content: User Content is information, data, text, files, software, graphics, music, audio, photographs, video, messages, communications or other materials, including Genomic Data, that you upload, submit, post or otherwise provide to the Site or Services. 

For example, we receive and store User Content you provide to Company when you:

  • use the Site, NGS Cloud or other Services; and/or
  • post, upload or otherwise provide content, materials, reviews or other information on the Site or through the other Services; and/or
  • fill out surveys or questionnaires or sign up for or enter promotions, events or other special activities through the Site or other Services; and/or
  • communicate with Company or with other users or participants of the Site or other Services (including the content of such communications and information provided in connection with such communications); and/or
  • provide information to third parties and their web sites, applications and services which are accessed or used by Company or through the Site and/or Services.

Information We Collect Automatically: We receive and store certain types of information whenever you interact with us. For example, we may automatically record your activity on the Site and in the Services, the time and date or your activities, your IP address, browser type, page views, domains and similar information. Also, we may automatically send and receive information to and from your computer which we use to automatically update our Services that you may use (new features, versions, bug fixes, etc.). Like many websites, we may also use “cookies” (see below), log files, web beacon technologies and other automated tools to obtain certain types of information when your web browser or application accesses our Services. We typically use this information for internal purposes such as to administer, develop, improve and customise the Site and the Services, to understand and analyse how the Site and Services are being used and to track, analyse and report on aggregate usage.

We comply with privacy and data protection laws and regulations applicable to us. Accordingly, if we receive or collect your Personal Data from Turkey we will comply with Personal Data Protection Law (“PDPL”) (please check the PDPL Information Text), if we receive or collect your Personal Data from the European Union or European Economic Area (“EU/EEA”) we will comply with any GDPR laws, rules and regulations that apply to us with respect to such Personal Data and you as a “Data Subject” under the GDPR. Accordingly, we will process any such Personal Data on the following basis:

  • for the performance of any agreement between you and the Company such as to provide Services
  • for the purposes of our legitimate interests related to the customer and business relationships between the Company and Data Subjects;
  • to comply with legal obligations applicable to us, including legal corporate and accounting obligations.

Except with respect to Services we offer that are expressly indicated to be compliant with the Health Insurance Portability and Accountability Act (“HIPAA”), we do not purposefully collect, and request that you not provide, any individually identifiable health information and disclaim all responsibility or liability with respect to any such information provided to Company. With respect to any Services which are expressly indicated to be HIPAA-compliant, Company may receive such individually identifiable health information in compliance with applicable laws and regulations.

How Is Your Information Used?

Our primary goal in receiving information from you is to provide, administer, develop and improve our Services. Accordingly, Company may use the information submitted, collected or received from and/or about you for any of the following purposes:

  • To operate, provide, administer, develop, and improve our Services (including without limitation the Site and NGS Cloud), and to operate and support Company’s related businesses.
  • To better understand how users access and use our Services on an aggregated and individualised basis, to track and monitor usage, to conduct quality control, to fix technical and other errors or problems, and to respond to user desires and preferences.
  • To analyse, compile and publish, on an aggregated basis, information regarding usage of the Services and related subjects of interest to the general public, to analyse, compile and publish aggregated data and statistics regarding genomic analysis, and to enhance annotations and database information within (and otherwise used for) the Services such as NGS Cloud and other genomic analysis products or tools of Company.
  • For advertising, marketing and promotional purposes; however, we do not sell or rent your Personally Identifying Information to any third party.
  • To provide personalised experiences and recommendations, language and location customisation, personalised help and instructions, or other responses to your usage of our Services.
  • To track memberships, purchases and usage as necessary for the purpose of our complying with any third party agreements or obligations (such as, for example, making royalty or other payments to third parties). However, we will use reasonable efforts not to transfer Personally Identifying Information to such third parties, unless it is strictly required for such compliance.
  • To communicate with or contact you concerning your account or membership or your usage of or participation in the Services, and for other customer service, This will include use of your e-mail address to send you messages and notices for the purposes described above and below.
  • To send you a newsletter with new and updated functionality. This newsletter will allow you to get the most out of the software, increasing chances of diagnosing your patients. You may Pairend Privacy Policy unsubscribe from this newsletter at any time.
  • To bill you, process payments and for authorisation, account history and billing purposes. This may include credit card authorisation and verification for purchases made from Company, location verification for products and services which may have limited geographical access, and the like.
  • To offer you content, services, or other products and services, including to develop new services and products.
  • To provide you with news and newsletters, special offers, promotions, and targeted advertising.
  • To comply with applicable laws, rules and regulations and any regulatory mandate or court order.
  • To protect the safety of any person, to address fraud, security or technical issues, or to protect Company’s rights or property.

As used in this policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organisation or among our affiliates within Turkey, the EU or internationally.

When is Information Shared with or Disclosed to Others or the Public?

Information provided by our users is an important part of our business. Company will share and disclose user provided or collected information only as compatible with the purposes described above, when we have your consent (as may be provided by you from time to time through the Services or otherwise), and as described in this section as follows:

Public Forum: Any User Content or other user information, content or materials submitted or posted to public portions of the Site (such as discussion groups, bulletin boards and similar forums) or portions of the Service designed for broad user access (such as reviews, focused user groups, etc…) are or may be shared with the public without restriction. Company also reserves the right to publish or make publicly available any information that is already publicly available prior to the time first provided to or collected by Company or information that becomes publicly available without any action or omission on the part of Company.

Aggregated Data and Annotations: Company may publish and otherwise disclose 

(a) on an aggregated basis, information regarding usage of the Services and related subjects of interest to the public, 

(b) aggregated data and statistics regarding genomic analysis. Company may also disclose within the applicable Services themselves (such as NGS Cloud and other genomic analysis products or tools of Company) enhanced annotations and database information derived from your and other users’ usage of the Services.

Company Affiliates: We may share your information with our subsidiaries and other affiliates, but only if those entities are either subject to this Privacy Policy or follow practices at least as protective as those described in this Privacy Policy.

Contractors and Agents: We may employ other companies and individuals to perform functions or otherwise act on our behalf. Examples include processing payments, resolving service problems, correcting errors related to the execution of the Services, sending postal mail and e-mail, removing repetitive information from customer lists, analysing data, providing marketing assistance (including data concerning marketing and promotional programs), hosting websites or software, developing websites and software, providing customer service, assisting Company with providing, administering, developing or improving the Services, and/or for other purposes within the ordinary course of business. These third parties have access to the Personally Identifying Information and other information needed to perform their functions on our behalf. We use reasonable efforts to require these companies to 

(1) provide adequate protections for your Personally Identifying Information that are no less protective than those set out in this Privacy Policy and 

(2) use your Personally Identifying Information only for the purposes for which the third party has been engaged by us. We are not liable for the acts or omissions of these third parties, except as provided by applicable law.

Business Transfers and Collaborations: As we continue to develop our business, we might sell the Company and/or its business or assets and/or sell or buy online sites, services, subsidiaries, or other businesses; or we might collaborate or partner with other companies in strategic transactions or licenses. In such transactions, customer and user information generally would be one of the transferred business assets or otherwise one of the components of, or involved in, the transaction, we may therefore share this information in connection with such a transaction. 

Compliance with Law and Protection of Company and Others: We reserve the right to disclose your Personally Identifying Information and any other information when we believe release is appropriate to comply with the law, judicial proceeding, court order, subpoena or other legal process; detect, prevent, or otherwise address fraud, security or technical issues; enforce or apply our Terms of Use and other agreements; or protect the rights, property, or safety of Company, our employees and contractors, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction purposes. This does not include selling, renting, sharing, or otherwise disclosing Personally Identifying Information from customers for commercial purposes in violation of this Privacy Policy. Changing or Deleting Your Information.

We endeavour to comply with our obligations under the GDPR in relation to the storage, deletion, access and modification of your Personally Identifying Information. In particular, we respect your rights as a Data Subject under the GDPR to:

  • access, modify or delete your Personal Data;
  • restrict our processing of your Personal Data or to object to certain processing of your Personal Data; and
  • to receive, under certain preconditions, your Personal Data in a structured, commonly used and machine-readable format and to transmit such data to another controller.

You may exercise these rights by updating your registration or membership profile, or sending us a written notice in accordance with the PDPL and the GDPR.

Alternatively, if you would like us to delete your Personally Identifying Information in our system, please contact us and we will make good faith efforts to accommodate your request if we do not have any legal obligation to retain the record or legitimate business need to retain such information. See below for privacy contact information. In such cases, we ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests because of the reasons stated above or because such requests are unreasonably repetitive or systematic, require disproportionate technical effort, relate to information that is incorporated into other databases or Services as permitted by this Privacy Policy, jeopardise the privacy of others, or would be impractical (for instance, requests concerning information residing on backup tapes or derivative information that is not separable), or for which access is not otherwise required. Because of the way we maintain certain Services, after you delete your information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems.

Cookies and Other Files

Like many websites, we may use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s memory for record-keeping purposes. We may use cookies to improve the quality of the Services, including for storing user preferences and tracking user trends. We may utilise persistent cookies to save your registration/member ID and login password for future logins to the Services. We may utilise session ID cookies to enable certain features of the Services, to better understand how you interact with the Services and to monitor aggregate usage by Company users and web traffic routing on the Services. Unlike persistent cookies, session cookies are usually deleted from your computer when you log off from the Services and then close your browser. Third party advertisers on the Services may also place or read cookies on your browser. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions or functionalities of the Services.

Log file information is automatically reported by your browser each time you access a web page. When you use the Services, our servers may record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other such information. When you use the Services, we may employ clear GIFs (also known as web beacons) or similar mechanisms which are used to track the online usage patterns of our users anonymously. No Personally Identifying Information from your Company account is collected using these clear GIFs. In addition, we may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting and make the Services better for our users.

Identity Theft and Related Abuses

Identity theft and the practice currently known as “phishing” are of great concern to Company. Safeguarding information to help protect you from identity theft is important to us. We do not and will not, at any time, request your credit card information, your account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.

Our Policy Toward Children

The Services are not directed to children under 18. We do not knowingly collect Personally Identifying information from children under 18. If we become aware that a child under 18 has provided us with Personally Identifying Information, we will delete such information from our files.

Security

Company is very concerned with safeguarding your information and protecting the security of your Personally Identifying Information and Genomic Data. We use appropriate, industry-typical security measures and technology to protect against unauthorised access to, or unauthorised alteration, disclosure or destruction of, user information covered by this Privacy Policy (excluding any such data that may be publicly shared in accordance with this Privacy Policy). In this regard, we employ administrative, physical and electronic measures designed to protect your Personally Identifying information from unauthorised access. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable statutes on security breach notification) to you via email or conspicuous posting on the Site or Services in the most expedient time possible and without unreasonable delay, insofar as these are consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

International Transfer

Your information may be transferred to – and maintained on – computers located in the United States of America as well as other locations and jurisdictions where we conduct business, which may be outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Company transfers Personally Identifying Information to the United States and processes it there, and your submission of such information represents your agreement to that transfer. With respect to Personal Data subject to the PDPL, GDPR, transfers of such Personal Data outside the Turkey, the EU/EEA are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission or Turkey in accordance with the GDPR and PDPL, respectively.

Limitation of Liability

Even though Company has taken reasonable commercial steps and efforts to prevent your Genomic Data, Personally Identifying Information and other information covered by this Privacy Policy from being accessed, used, intercepted or disclosed by unauthorised individuals in violation of this Privacy Policy, you should know and you acknowledge that Company cannot fully eliminate security risks associated with your information. You expressly acknowledge and agree that uploading, posting, providing, storing, using, analysing and/or modifying your Genomic Data, Personally Identifying Information and other information on or into the Site, NGS Cloud or other Services, and the use of all such Services, are all done at your sole risk and responsibility. You expressly acknowledge that Company is not liable for 

(i) any special, indirect, consequential, incidental or punitive damages, costs, or liabilities whatsoever arising out of or resulting from your use of the Site, NGS Cloud or other Services, including from your uploading, posting, providing, storing, using, analysing and/or modifying your Genomic Data, Personally Identifying Information and other information; or 

(ii) any loss, disclosure or use of your Genomic Data, Personally Identifying Information or other information.

Contacting Us

If you have any questions about this Privacy Policy, please contact us via [email protected] or at Pairend Biyoteknoloji, Çeçen Sokak No.: 25 D16 Akasya Kent Etabı A3 Blok Acıbadem Üsküdar/İstanbul, Turkey.