- Browse and/or interact with BioData Website ("Website User") – including labguru.com/ and www.labhandy.com/ - or our social media pages (collectively, the "Website");
- Visit any of BioData’s premises ("’ Office Visitors");
- Attend a BioData event or an event that BioData sponsors ("Event Attendees");
- Are a prospect/potential customer and/or you receive marketing communications from BioData ("Prospect");
- Are a candidate for employment positions in BioData (“Candidate”); and/or
- Use BioData’s solutions or mobile applications (collectively, the “Services”), as a user of a BioData Customer (“Service Users”). “Customers” refers to BioData’s client which executed an agreement with regard to BioData’s Services.
HOW DO WE COLLECT AND USE PERSONAL DATA?
We collect Personal Data in the following ways:
When you are a Website User browsing and making use of our Website, we collect the Personal Data submitted by you using the website forms including, without limitation, full name, email address, phone number, position, company name and industry, comments, and messages (including, support requests or any other contact us or chat communication/conversation) and any other Personal Data you submit or provide us with.
When you are a Service User making use of the Services and your account: When you log in to our Services we collect the Personal Data, including, log-in details, full name, phone number, email address, IP address, usage pattern of the Services, payment and billing details and any other Personal Data you submit or provide us within the context of the onboarding and provision of the Services. . Please refer to Section 3 below for further Personal Data about the Customer Information.
Personal Data from Other Sources (e.g., Prospects, Candidates). If you are active in areas in which BioData operates (e.g., the life science space) we may collect publicly-available Personal Data about you. We may use this Personal Data to identify and contact you about, your area of expertise/role in the industry, for example, to invite you to write a blog or speak at an event. BioData may also obtain Personal Data about you from other sources, including publicly - or commercially- available information, and through third-party data platforms, partners, marketing events, conferences, and service providers.
Personal Data you provide to us in person (e.g., Office Visitors and/or Event Attends). For example, when you visit our offices, one of our exhibition booths, or attend one of our events and you provide us with your contact details. We will use the Personal Data to answer your inquiries or provide additional information to you.
Personal Data we collect from online interactions (e.g., Prospects, Candidates). For example, if you attend a webinar, contact us via social media, or otherwise interact with our business, including as a representative of a current/prospective customer, supplier, or partner, we track and make a record of those interactions, which may contain your contact details, such as full name, email address, messages and any other information that you decide to provide us with.
WE PROCESS PERSONAL DATA FOR THE FOLLOWING PURPOSES:
- To provide you with our Services. We will use the Personal Data, including, without limitation, for the following purposes: (i) allow you to create an account and to create a trail of what are the users' actions and activities; (ii) to provide you the Services and to process your requests; (iii) communicate with you about your use of the Services and for support purposes, including but not limited to chat or email; (iv) fulfill any instruction and/or request made by you in the context of the Services; (v) send you push notifications and/or emails and notifications regarding your account or certain features of the Services, including, updates pertaining to your subscription, and related to the services we provide you with; (vi) to personalize your experience with our Services; (vii) to allow you to create more users and administrate your users; and (viii) to generally administer and improve the Services.
- To allow you to make use of our Website. We will use your Personal Data to allow you to make use of our Website, including, (i) if you request a demo, we will use your Personal Data to provide you with the requested demo; (ii) to answer your questions and to allow you to communicate with us (e.g., by using the Website or blog comments); (iii) to analyze your use of our Website and to improve our Website; and (iv) to customize your experience.
- For Administrative Purposes. BioData may use your Personal Data (i) in order to process the transaction conducted with you; i.e. to provide you with the purchased service that you requested from us; (ii) to manage and keep a record of that relationship and other business administration purposes; (iii) to respond to your questions, comments, and other requests for customer support, or information, including information about potential or future services and to send you surveys about our Services; (iv) for internal quality control purposes, including, troubleshooting; (iv) to establish a business relationship; (v) to generally administer our Services; (vi) for our internal analytics; (vii) reporting purposes; (viii) to request feedback and contact you about your use of the Services; and (ix) to improve the Website and Services features based on the information and feedback we receive from you, including relevant solution pages, showcase pages, among others.
- To Market Our Website, Products and Services. BioData may use Personal Data to market our Website and Biodata/Labguru products and services to potential customers. Such use includes (i) notifying you about offers and services that may be of interest to you; (ii) tailoring content, advertisements, and offers for you, including, targeting and re-targeting practices; (iii) conducting market research; (iv) developing and marketing new products and services, and to measure interest in BioData's services; (v) other purposes disclosed at the time you provide information; and (vi) as you otherwise consent.
- Security purposes. Some of the above-mentioned Personal Data will be used for detecting, taking steps to prevent and prosecuting fraud or other illegal activity; identifying and repairing errors; conducting audits; and for security purposes. Personal Data may also be used to comply with applicable laws, with investigations performed by the relevant authorities, for law enforcement purposes, and/or to exercise or defend legal claims, including, without limitation, to enforce our rights and your obligations under the relevant agreement of the Website and/or Services.
- De-identified and Aggregated Information Use. In certain cases, we may or will anonymize or de-identify your Personal Data and further use it for internal and external purposes, including, without limitation, to analyze and improve BioData services and other products and offers (for example, through the use of artificial intelligence) and for research purposes. We may use this anonymous or de-identified information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them and/or to develop new product features and improve existing offerings).
- Cookies and Similar Technologies. We, as well as third parties that provide content, relevant, related, or complimentary offers, or other functionality on the BioData Website, use Technologies to automatically collect information through the Website. We use Technologies that are essentially small data files placed on your device that allow us to record certain pieces of information whenever you visit or interact with the Website. If you would like to opt-out of the cookies and similar technologies we employ on the Website, you may do so by blocking, deleting, or disabling them as your browser or device permits or by changing your setting and preferences in the preference center.
The lawful bases we rely on for processing Personal Data are (if and when applicable):
- The data subject has given consent to the processing of his or her personal data;
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary for the purposes of legitimate interests.
- BioData’s Services: Biodata offers a laboratory and research data management solution consisting of (Electronic Lab Notebook (ELN) Laboratory Information Management Software (LIMS), data automation, and other products and solutions that enable a broad spectrum of life science companies and institutions to manage their research and production activity and data on the Services.
- BioData has a contractual relationship with its Customers. In the context of the Services, the Customer can upload (at the Customer’s sole discretion) information technical data to the Services (“Customer Information”).
- BioData has a contract with its Customers, and Customers can request BioData to execute a data processing addendum (“DPA").
- For the avoidance of doubt, our Services have installed Technologies which are strictly necessary to provide you the Services. If you want further information about this topic, please send us an email at firstname.lastname@example.org.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Your Personal Data will be stored until we delete our records, and we proactively delete it, or if you send a valid deletion request. Please note that in some circumstances we may store your Personal Data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, and/or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings.
HOW DO WE PROTECT YOUR PERSONAL DATA?
BioData implemented and maintains technical, organizational, and security measures designed to protect your Personal Data, in accordance with industry best practices. As the security of Personal Data depends in part on the security of the computer, device, or network you use to communicate with us and to connect to our Services, and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect the Personal Data. We strongly recommend our Customers protect their Customer Information and who can access their environments and accounts by implementing security measures, for example, multifactor authentication.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We do not disclose or share your Personal Data with third parties except to provide you the Website and/or Services (including, to perform the contract and your instructions) you have requested, or under the following circumstances:
- We may share your Personal Data within our corporate group for our internal administrative, billing, and other business purposes as well as to fulfill the purposes mentioned above.
- We use third parties vendors, service providers, partners, agents, and advisers to operate our Website and Services, conduct and administer our business, and provide you with our Website and Services. Such third parties include billing companies, website infrastructure management, technology solutions, support platforms, cookies, and other similar technologies vendors (including, analytics and business intelligence service providers, CRM tools, marketing tools, hosting/storage, email distribution, and monitoring, authentication, marketing automation, logging and monitoring, sales engagement and automation, data and cyber security services, billing and payment processing services, fraud detection and prevention services, risk management, session recording, and remote access services, and our legal and financial advisors and document management.
- In order to enforce any claims we are entitled to (e.g., if you breach the contract).
- To the extent necessary, with regulators, courts, public authorities (for example, tax authority), banks, or competent authorities, to comply with applicable laws, regulations, and rules (including, without limitation, federal, state, or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order, as well as for internal compliance procedures and to protect the safety, security, and integrity of BioData, our Website, Services, customers, employees, property, and the public.
- If in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares or assets to a third party, we may disclose your Personal Data to such third party (whether actual or potential) in connection with the foregoing events (including, without limitation, our current or potential investors or purchasers (and their advisers), our advisers, with a need to know). In the event that we are acquired by, or merged with, a third-party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your Personal Data in connection with the foregoing events.
- In circumstances for which you have given your consent.
If you want to receive the list of the current recipients of your Personal Data, please make your request by contacting us at email@example.com.
INTERNATIONAL TRANSFERS OF PERSONAL DATA
- We store the Personal Data with some vendors and service providers, including, the following companies: HubSpot (US), AWS (US or EU), and Intercom (US or EU)
- In order to run our business and provide our Website and Services to you, we transfer Personal Data to certain countries around the world, including to our affiliates and service providers, many of whom are located outside of your jurisdiction (mainly in the US and EU). Therefore, your Personal Data may be processed in countries with privacy laws that are different from privacy laws in your country. Whenever we make such transfers, we will use commercially reasonable efforts to implement an appropriate level of protection to your Personal Data by implementing at least one of the following safeguards:
- Making sure the destination country has been deemed to provide an adequate level of protection for Personal Data; and/or
- By executing implement data onward transfer instruments such as data processing and protection agreements.
- The following rights (which may be subject to certain exemptions or derogations) shall apply to certain individuals (some of which only apply to individuals protected by specific laws):
a. You have a right to access Personal Data held about you. Your right of access may normally be exercised free of charge; however, we reserve the right to charge an appropriate administrative fee where permitted by applicable law;
b. You have the right to request that we rectify any Personal Data we hold that is inaccurate or misleading;
c. You have the right to request the erasure/deletion of your Personal Data (e.g. from our records). Please note that there may be circumstances in which we are required to retain your Personal Data, for example for the establishment, exercise or defense of legal claims;
d. You have the right to object, to or to request restriction, of the processing;
e. You have the right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and that f. you have the right to transmit that data to another controller;
g. You have the right to object to profiling;
h. You have the right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular, if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
i. You also have a right to request certain details of the basis on which your Personal Data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality;
j. You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place of work, or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.
- You can exercise your rights by contacting us at firstname.lastname@example.org. You may use an authorized agent to submit a request on your behalf if you provide the authorized agent with written permission signed by you. To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.
- You can unsubscribe from our marketing communications by clicking the link found at the bottom of the email, and we will process your request within a reasonable time after receipt. Please note that we may still communicate with you, for example, to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes. In case you need further assistance, please contact us at email@example.com
INTERACTION WITH THIRD-PARTY SERVICES.
We enable you to interact with third-party websites and products/services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.
Google Signals. The Website uses a tool called “Google Signals” to collect information about use of the Website. When we activate Google Signals, some existing Google Analytics features are updated to also include aggregated data from Google users who have turned on “Ads Personalization” (Ads Personalization available at https://support.google.com/ads/answer/2662856/). Audiences that we create in Google Analytics and publish to Google Ads and other Google Marketing Platform advertising products can serve ads in cross device-eligible remarketing campaigns to Google users who have turned on Ads Personalization. Google Analytics collects additional information about users who have turned on Ads Personalization, base across device types and on aggregated data from users who have turned on Ads Personalization. The data is user based rather than session based. The Cross Device reports include only aggregated data. No data for individual users is ever exposed. You can modify your interests, choose whether your Personal Data is used to make ads more relevant to you, and turn on or off certain advertising services in the Ads Personalization link above.
- Through our Website, we may allow third-party advertising partners to set technologies and other tracking tools to collect information regarding your activities and your device (e.g., your IP address, mobile identifiers, page(s) visited, location, time of day). We may also combine and share such information and other information (such as demographic information and past purchase history) with third-party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third-party websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising”.
- We reserve the right to remove or add new tools.
OUR CALIFORNIA DO NOT TRACK NOTICE.
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We may collect personally identifiable information about an individual consumer’s online activities over time and across different websites when a consumer uses the Website. If you choose to operate your web browser “do not track” signals or any other mechanism that provides consumers the ability to exercise choice regarding the collection of such information, we will use commercially reasonable efforts (insofar as possible) to respect your choice and stop collecting such information. We allow third parties such as companies that provide us with analytics tools, to collect personally identifiable information about an individual consumer’s online activities over time and across different websites when a consumer uses the Website and they may not respect the DNT signal.
If you would like any further information, or have any questions or concerns, regarding your Personal Data, as a first step, or if you wish to exercise your rights, we encourage you to first contact us at firstname.lastname@example.org.
Last updated August 15, 2023