1. INFORMATION WE COLLECT
1.1. PERSONAL INFORMATION
When you register with us for access to the Site, Platform or Services, and successfully complete the account registration process, you will become a ​"User" of the Company's services. As a User, you will have the opportunity to create a profile ("Profile") and to add information, data, and connections to the Platform including genetic information ("Platform Data"). At the time that you register, create a Profile, and at other times, we collect information that you provide and that may include information that personally identifies you, your company, or other entity, such as your name, address, telephone number, e‑mail addresses, as well as other information that you provide to us or that you include in your Profile or account (together, your ​"Personal Information"). In providing Personal Information, Platform Data or other information as part of the Site, Platform or Services, you should not include health-related information such as medical conditions, names of providers, treatments and other care information, regarding yourself or any third party (such as a patient or research subject), particularly if such data can be used to link Platform Data to a particular individual. Certain uses of the Site, Platform or Services may require that you provide certain requested information, and if you do not provide such information you may not be able to use the Site, Platform or Services.
We recommend that you protect the private and sensitive information contained within your Profile and any Platform Data provided and consider carefully whether to permit any third party to access your Profiles or Platform Data. All Users are responsible for monitoring the Profile content and Platform Data, whether uploaded by the User or by a third party. Please note that you, and not the Company, are responsible for maintaining and protecting all Profile content and Platform Data. From time to time, we may check for updates to your data and/​or require that you provide additional or new information or update information.
1.2. USAGE DATA
1.3. ACTIVITY DATA
When you or a third party or others provide, or we collect, information, or carry information, we may process and store such data and other related information ("Activity Data") in order to provide the Platform or Services to you. Some Activity Data may be retained or not completely deleted. Accordingly, we cannot and do not guarantee that the Activity Data will be completely deleted, and therefore any Activity Data that you send or allow to be accessed is sent or provided at your own risk.
1.4. STATISTICAL DATA
We may use aggregated or pseudonymized genomic data, genomic data or metadata that you process on the Platform for statistical and research purposes (e.g. to create aggregated statistical data and results) and for purposes of product improvement.
2. COOKIES AND DO NOT TRACK
Additionally, your browser may offer you a ​"Do Not Track" option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Site does not support Do Not Track requests at this time, which means that we collect information about your online activity while you are using our Site. We do not collect online activity after you leave our Site.
3. HOW WE USE THE INFORMATION WE COLLECT AND WHEN WE MAY SHARE THAT INFORMATION
4. SUPPORT SERVICES
Company may use your Personal Information to contact you regarding our services. For example, we may message you or provide a notification through an application to let you know about new releases, patches and other updates to the Site, Platform or Services.
From time to time, we may establish business relationships with other businesses that we believe are trustworthy and who have confirmed that their privacy practices are consistent with ours ("Service Providers"). For example, we may contract with Service Providers to provide certain services, such as hosting and maintenance, customer relationship management and data storage and management. We provide our Service Providers with only the information necessary for them to perform these services on our behalf. Each Service Provider must agree to use reasonable security procedures and practices, appropriate to the nature of the information involved, in order to protect your Personal Information and Activity Data from unauthorized access, use or disclosure. Service Providers are prohibited from using Personal Information or Activity Data in any manner other than as specified by Company.
We may also work with third party marketing and advertising companies. These companies may collect and use information about your use of services in order to provide advertisements about goods and services that may be of interest to you or for direct marketing campaigns. Advertisements may be shown via the Site or third party websites. These companies may place or recognize a unique cookie on your computer or device or use other similar technologies.
5. STANDARD ANALYTICS INFORMATION
6. OTHER TRANSFERS
We may share Personal Information, Usage Data and Activity Data with businesses controlling, controlled by, or under common control with Company. If Company is merged, acquired, or sold, if Company acquires a new business unit or affiliate, or in the event of a transfer of some or all of our assets, we may disclose or transfer Personal Information, Usage Data and Activity Data (including Platform Data) in connection with such transaction without your further consent.
7. COMPLIANCE WITH LAWS AND LAW ENFORCEMENT
Company cooperates with government and law enforcement officials to enforce and comply with the law. We may therefore disclose Personal Information, Usage Data, Activity Data, and any other information about you, if we deem that it is reasonably necessary to: (a) satisfy any applicable law, regulation, legal process (such as a subpoena or court order) or enforceable governmental request; (b) enforce the Terms and Conditions of Use, including investigation of potential violations thereof; © detect, prevent, or otherwise address fraud, security or technical issues; (d) comply with health monitoring and reporting requirements or recommendations; or (e) protect against harm to the rights, property or safety of Company, its users or the public as required or permitted by law.
8. BE CAREFUL HOW YOU SHARE YOUR OWN INFORMATION
Please remember that any content you or any user uploads to the Site, along with any Personal Information or content that you or any user voluntarily discloses online or through the Platform or Services in a manner other users can view (a ​"Public Disclosure"), becomes publicly available to these other users, and can be collected and used by these other users, and transferred or made public without our consent. In particular, be careful not to include in, or attach to, any Platform Data any identifiers including, for example, labelling a file with an individual's name, identifier, date of service or other similar information. You agree that any use or further disclosure of a Public Disclosure or any other content by another user of our services is not a use or disclosure by us. We do not control the policies and practices of any other third party site or service.
Additionally, when you share information with third parties, using the Site or otherwise, that information may be passed along or made public by others. Therefore, anyone with access to such information can potentially use it for any purpose, including sending unsolicited communications.
Company is committed to protecting the security of your Personal Information. We employ reasonable security measures designed to protect your Personal Information from unauthorized access in accordance with accepted industry practices. Regardless of our efforts, no data transmission over the Internet or other network, including any of Company's services such as the Platform Data, can be guaranteed to be 100% secure. Accordingly, we cannot and do not guarantee the security of any information you or any user transmits on or through the Site, Platform or Services, and any information you transmit is sent at your own risk.
10. CHILDREN'S PRIVACY
We do not knowingly collect or solicit Personal Information from children under the age of 13. By using the Site, Platform or Services, you represent that you are at least 13 years old. If you are under 13, please do not use the Site or attempt to register for any services or send any personal information about yourself to us. If you are under 18, please do not attempt to download, register for, or create a Profile. If we become aware that we have inadvertently received or collected Personal Information from a user of Company's services who is under the age of 13, we will attempt to immediately delete that information from our files and records. Furthermore, we encourage users of the Site, Platform or Services that are minors that are 13 years of age or older to ask their parents or guardians for permission before sending any information about themselves over the Internet.
If you believe a child who is under the age of 13 has provided us with Personal Information, please contact us atDatirium@​Datirium.​com.
11. WHERE INFORMATION IS MAINTAINED
While we attempt to store all Personal Information and Activity Data regionally, in some cases certain of such data may be transferred to and maintained on servers or databases located outside your state, province, or country. By using the Site, Platform and/​or Services, you agree that the collection, use, transfer, and disclosure of your Personal Information and communications will be governed by the applicable laws in the United States.
12. ACCURACY AND RETENTION
Under California Civil Code Sections 1798.83−1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/​or third parties for marketing purposes and providing contact information for such affiliates and/​or third parties. If you are a California resident and would like a copy of this notice, please submit a written request toDatirium@​Datirium.​com.
This Privacy Statement describes how Datirium, LLC, a private limited company incorporated under the laws of the state of Ohio, USA, with registered offices at 3559 Kroger Ave, Cincinnati, OH, 45226, USA processes your personal data when offering their services.
Datirium endeavors to process your personal data in compliance with the European Regulation (EU) 2016⁄679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation or ​"GDPR") and any other applicable data protection law.
Datirium reserves the right to update this document from time to time. You are therefore kindly advised to regularly check this document.
Please note that you can visit Datirium's websites without providing any personal data to Datirium. In that case, Datirium will only collect limited anonymous statistical data in relation to the general use of its website (e.g. the number of visitors, the amount of data traffic, etc).
1. How does Datirium use your personal data?
Datirium processes personal data for various purposes. Below you will find a detailed description of each purpose.
1.1 Client management related purposes
Datirium may process your personal data for client management purposes and for entering into contact with you, such as:
Contacting you following a request (necessary for the performance of the contract or precontractual measures) (legitimate interest, i.e. the freedom to undertake);
If you contact Datirium in person or through the contact form, Datirium processes your personal data to enter in contact with you and/​or your relevant employees. If your request has a general nature, the legal ground is consent or legitimate interest. If your request relates to a quote, the legal ground is contractual necessity. The personal data processed for this purpose includes identification data, personal characteristics (e.g. gender) and contact details (e.g. name, address, phone number, e‑mail address, etc). The personal data will be stored for a period of 10 years.
Client management purposes (legitimate interest, i.e. the freedom to undertake) (necessary for the performance of the contract), including the creation and management of user accounts;
If you create an account and if you execute an agreement with Datirium, Datirium will process your personal data and/​or the personal data of your employees for client management purposes and for the performance of the agreement. The personal data processed for this purpose includes identification data, personal characteristics (e.g. gender), contact details (e.g. name, address, phone number, e‑mail address, etc) and financial data. The legal ground is contractual necessity. The personal data will be stored for a period of 10 years following termination or expiry of the agreement.
Improving its services and analyzing general trends (legitimate interest, i.e. the freedom to undertake);
Datirium processes personal data to improve its service and to analyze general trends in relation to the use of its services. The personal data processed for this purpose includes identification data and contact details (e.g. name, address, phone number, e‑mail address, etc) and (meta)data in relation to your use of Datirium's services (e.g. number of analyses run, input file sizes, etc). The legal ground for this processing is Datirium legitimate interest (i.e. the freedom to undertake). The personal data will be stored for a period of 10 years.
1.2 Supplier management purposes
Datirium processes personal data for supplier management purposes, such as:
Contacting you (necessary for the performance of the contract or precontractual measures);
If you contact Datirium in person or through the contact form as a (prospective) supplier, Datirium processes your personal data to enter in contact with you and/​or your relevant employees. If your request has a general nature, the legal ground is consent or legitimate interest. If your request relates to a quote, the legal ground is contractual necessity. The personal data processed for this purpose includes identification data, personal characteristics (e.g. gender) and contact details (e.g. name, address, phone number, e‑mail address, etc). The personal data will be stored for a period of 10 years. For quote related processing, the personal data will be stored for a period of 10 years.
Managing (prospective) suppliers (legitimate interest, i.e. the freedom to undertake) (necessary for the performance of the contract);
If you are a (prospective) supplier Datirium shall process personal data to manage its relationship with you and your employees. The personal data processed for this purpose includes identification data, personal characteristics (e.g. gender), contact details, professional data and financial data. Your personal data may be obtained from third parties, such as your employer, or through public websites (e.g. LinkedIn). The personal data shall be stored for a period of 10 years following the termination or expiry of our contractual relationship.
1.3 Commercial communication
Datirium may send you commercial information about Datirium and its service offerings, either by e‑mail, by telephone, via social networks or by ordinary mail.
If you have opted-in to receive commercial communication from Datirium, the legal ground is consent. If you are an existing client of Datirium, the legal ground may be consent (if you opted in) or legitimate interest (if you did not opt in or if consent is not legally required otherwise). The legitimate interest of Datirium is the freedom to undertake.
The personal data processed for this purpose includes identification data, personal characteristics (e.g. gender) and contact details (e.g. name, address, phone number, e‑mail address, etc). Your personal data may be (partially) obtained from third parties, such as your employer, or through public websites (e.g. LinkedIn). This information shall be kept by Datirium for a period of 10 years following the last meaningful contact.
1.4 Statistical and research purposes
Datirium may process pseudonymized genomic data processed by means of its platform for statistical and research purposes and product improvement purposes. Such processing will be limited to generating aggregated statistical data which may subsequently be used by Datirium for its own purposes, e.g. for product improvement purposes.
The legal ground of this processing is Datirium's legitimate interest derived from the freedom to undertake.
The aggregated statistical result is anonymous data and therefore no longer subject to the GDPR.
2. Data transfers
Personal data may be transferred to recipients in the United States of America.
3. Recipients of the personal data
Datirium may share your personal data with other recipients such as:
Other entities within the Datirium group
Individuals within your own organization (i.e. your employees, consultants and advisors)
Banks and payment service providers
Processors that provides Datirium with services within the context of a data processing agreement and with the unique aim to provide assistance to Datirium
Police and other law enforcement authorities, as Datirium might be legally compelled to disclose information as part of an investigation or judicial proceedings
Partners with whom Datirium is working to improve and diversify its services
4. What rights do you have regarding the processing of your personal data?
The GDPR grants you a number of rights (data subject rights). You have a right:
To access and rectify your data
To opt-out at any time, free of charge, of our processing for direct marketing purposes ("right to opt out of direct marketing")
To be forgotten, to the erasure and to the restriction of processing of your data
To retract your consent at any time to the processing of your data
To data portability
To object to the processing of your personal data
to be informed, in case of automated decision-making process, of the logic underlying the system and the importance and consequences envisaged by the processing for the person concerned
Exercising these rights may be subject to conditions. E.g. the right to retract your consent only applies for processing based on your consent and the right to object to processing for direct marketing purposes does not apply to our processing for the purpose of contract performance. Datirium's data protection officer (DPO) may be contacted at any time to obtain further information about these legal conditions and restrictions.
Before submitting any complaint with the Supervisory Authority, Datirium kindly asks you to contact its DPO in order to seek a speedy and mutually acceptable solution.
Datirium has implemented an adequate system of protection of your personal data. These measures include adequate technical and organizational measures required to protect your personal data against the accidental or unauthorized destruction, accidental loss as well as against any alteration, access or any other unauthorized process of your personal data. Nevertheless, no security system can guaranty 100% of security. Datirium remains at your disposal should you have any questions relating to the confidentiality and the safety of your personal data.
You also have an important role in keeping your personal data secure. If you have created an account on Datirium's platform, you have to choose a sufficiently strong password and you have to keep your credentials and password confidential at all times.
6. How to contact Datirium
You may contact Datirium at the following address:
3559 Kroger Ave,
Cincinnati, OH, 45226
If you have a specific request related to this privacy statement or to data protection in general, or if you wish to exercise any right granted to you, feel free to contact Datirium's data protection officer:Datirium@​Datirium.​com