Privacy Policy

updated on 10.09.2021

Pairend Biotechnology is committed to protecting the privacy of the information you provide to us, including personal information and genomic data submitted by you when using our products and services. 

This Privacy Policy describes the policies and procedures of Pairend Biotechnology. and its subsidiaries and affiliated entities (together, “Company”, “we” or “us”) concerning the collection, use and disclosure of personal, genomic and other information received from users of platform.ngscloud.com, or affiliated sites such as search.ngscloud.com but not limited to, and on social media outlets or through corresponding applications on mobile devices (collectively, the “Site”) and from users of the products, services including the NGS Cloud AI-supported Genetic Data Analysis Platform (“NGS Cloud”), forums, databases, websites and applications offered or made available by Company (collectively, together with the Site, the “Services”). 

You consent to this Privacy Policy by using or accessing the Site, NGS Cloud, or other Services or submitting information to the Company. This Privacy Policy applies only to information you provide to us through the Services and not to information we collect by other means or from other sources. This Privacy Policy may be subject to change over time. We will provide notice of any changes by posting the new Privacy Policy on the Site. We advise you to visit this Privacy Policy regularly for any changes. All references herein to “you” and “your” include you as the individual user and, to the extent relating to your use of the Site or other Services, any company, institution or other entity employing, contracting or retaining you, or on whose behalf you are using the Services.

What Information Do We Collect?

We collect, receive and store the following types of information:

Personally-Identifying Information: We collect Personally-Identifying Information from the Site ONLY when you choose to provide it to us. Personally-Identifying Information (PII) is information that can be used to identify or contact you, including but not limited to your name, address, email address, company or institution affiliation, account identifiers, account password, payment information, credit card information and other billing data. In particular, we collect, receive and store the Personally-Identifying Information you provide to Company when you purchase Services or sign-up or register with Company on the Site and/or for Services, including without limitation when you sign up for NGS Cloud or open any related account or membership when you subscribe to a newsletter, respond to a survey, fill out a form, or complete your profile through the Site or Services.

Specific contact and other Personally-Identifying Information may be necessary to use, sign up or register for Services, utilise certain features or functionality on the Site, or otherwise transact business with us. You can choose not to provide such information, but then you might not be able to use or take advantage of our Services, Site, business transactions or portions thereof.

Genomic Data: Genomic Data consists of genomic sequences, exomes, variant files, specific DNA or RNA sequences, gene sets and variant sets, as well as associated sample information, annotations, demographic descriptions (e.g., age, gender, ethnicity, background, etc.), phenotypic descriptions (e.g., disease conditions, health-related information, personal traits, family history) and other data that you might upload in connection with any such sequence data. We collect Genomic Data ONLY if you choose to provide it to us in connection with your use of our products or services.

User Content: User Content is information, data, text, files, software, graphics, music, audio, photographs, video, messages, communications or other materials, including Genomic Data, that you upload, submit, post or otherwise provide to the Site or Services. 

For example, we receive and store User Content you provide to Company when you:

Information We Collect Automatically: We receive and store certain types of information whenever you interact with us. For example, we may automatically record your activity on the Site and in the Services, the time and date of your actions, your IP address, browser type, page views, domains and similar information. Also, we may automatically send and receive data to and from your computer, which we use to automatically update our Services that you may use (new features, versions, bug fixes, etc.). Like many websites, we may also use “cookies” (see below), log files, web beacon technologies and other automated tools to obtain certain types of information when your web browser or application accesses our Services. We typically use this information for internal purposes such as administering, developing, improving, and customising the Site and the Services, understanding and analysing how the Site and Services are being used, and tracking and reporting aggregate usage.

We comply with privacy and data protection laws and regulations applicable to us. Accordingly, if we receive or collect your Personal Data from Turkey, we will comply with Personal Data Protection Law (“PDPL”) (please check the PDPL Information Text) if we receive or collect your Personal Data from the European Union or European Economic Area (“EU/EEA”) we will comply with any GDPR laws, rules and regulations that apply to us for such Personal Data and you as a “Data Subject” under the GDPR. Accordingly, we will process any such Personal Data on the following basis:

Except to the Services we offer that are expressly indicated to be compliant with the Health Insurance Portability and Accountability Act (“HIPAA”), we do not purposefully collect, and request that you not provide, any individually identifiable health information and disclaim all responsibility or liability for any such information provided to Company. For any Services which are expressly indicated to be HIPAA-compliant, Company may receive such individually identifiable health information in compliance with applicable laws and regulations.

How Is Your Information Used?

Our primary goal in receiving information from you is to provide, administer, develop and improve our Services. Accordingly, Company may use the information submitted, collected or received from and/or about you for any of the following purposes:

As used in this policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organisation or among our affiliates within Turkey, the EU or internationally.

When is Information Shared With or Disclosed to Others or the Public?

Information provided by our users is an integral part of our business. The Company will share and disclose user-provided or collected information only as compatible with the purposes described above, when we have your consent (as may be provided by you from time to time through the Services or otherwise), and as described in this section as follows:

Public Forum: Any User Content or other user information, content or materials submitted or posted to public portions of the Site (such as discussion groups, bulletin boards and similar forums) or portions of the Service designed for broad user access (such as reviews, focused user groups, etc.) are or may be shared with the public without restriction. The Company also reserves the right to publish or make publicly available any information that is already publicly available before the time first provided to or collected by the Company or information that becomes publicly available without any action or omission on the part of the Company.

Aggregated Data and Annotations: Company may publish and otherwise disclose 

(a) on an aggregated basis information regarding usage of the Services and related subjects of interest to the public, 

(b) aggregated data and statistics regarding the genomic analysis. Company may also disclose within the applicable Services themselves (such as NGS Cloud and other genomic analysis products or tools of Company) enhanced annotations and database information derived from your and other user’s usage of the Services.

Company Affiliates: We may share your information with our subsidiaries and other affiliates, but only if those entities are subject to this Privacy Policy or follow practices at least as protective as those described in this Privacy Policy.

Contractors and Agents: We may employ other companies and individuals to perform functions or otherwise act on our behalf. Examples include processing payments, resolving service problems, correcting errors related to the execution of the Services, sending postal mail and e-mail, removing repetitive information from customer lists, analysing data, providing marketing assistance (including data concerning marketing and promotional programs), hosting websites or software, developing websites and software, providing customer service, assisting Company with providing, administering, developing or improving the Services, and/or for other purposes within the ordinary course of business. These third parties have access to the Personally-Identifying Information and additional information needed to perform their functions on our behalf. We use reasonable efforts to require these companies to 

(1) provide adequate protection for your Personally-Identifying Information that is no less protective than those set out in this Privacy Policy and 

(2) use your Personally-Identifying Information only for the purposes we have engaged the third party. We are not liable for the acts or omissions of these third parties, except as provided by applicable law.

Business Transfers and Collaborations: As we continue to develop our business, we might sell the Company and/or its business or assets and/or sell or buy online sites, services, subsidiaries, or other business models; or we might collaborate or partner with other companies in strategic transactions or licenses. In such transactions, customer and user information generally would be one of the transferred business assets or otherwise one of the components of, or involved in, the trade. We may therefore share this information in connection with such a transaction. 

Compliance with Law and Protection of Company and Others: We reserve the right to disclose your Personally-Identifying Information and any other information when we believe release is appropriate to comply with the law, judicial proceeding, court order, subpoena or other legal processes; detect, prevent, or otherwise address fraud, security or technical issues; enforce or apply our Terms of Use and other agreements; or protect the rights, property, or safety of Company, our employees and contractors, our users, or others. It includes exchanging information with other companies and organisations for fraud protection and credit risk reduction purposes. It does not have selling, renting, sharing, or otherwise disclosing Personally-Identifying Information from customers for commercial purposes in violation of this Privacy Policy, changing or Deleting Your Information.

We endeavour to comply with our obligations under the GDPR concerning the storage, deletion, access and modification of your Personally-Identifying Information. In particular, we respect your rights as a Data Subject under the GDPR to:

You may exercise these rights by updating your registration or membership profile or sending us a written notice following the PDPL and the GDPR.

Alternatively, please contact us if you would like us to delete your Personally-Identifying Information in our system. We will make reasonable faith efforts to accommodate your request if we do not have any legal obligation to retain the record or legitimate business need to keep such information. See below the contact information for privacy issues. In such cases, we ask individual users to identify themselves. The information requested to be accessed, corrected or removed before processing such requests. We may decline to process requests because of the reasons stated above or because such requests are unreasonably repetitive or systematic, require disproportionate technical effort, relate to information that is incorporated into other databases or Services as permitted by this Privacy Policy, jeopardise the privacy of others, or would be impractical (for instance, requests concerning information residing on backup tapes or derivative information that is not separable), or for which access is not otherwise required. Because of the way we maintain certain Services after you delete your information, residual copies may take time before they are deleted from our active servers and may remain in our backup systems.

Cookies and Other Files

Like many websites, we may use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s memory for record-keeping purposes. We may use cookies to improve the quality of the Services, including for storing user preferences and tracking user trends. We may utilise persistent cookies to save your registration/member ID and login password for future logins to the Services. We may employ session ID cookies to enable certain Services’ features, better understand how you interact with the Services, and monitor aggregate usage by Company users and web traffic routing on the Services. Unlike persistent cookies, session cookies are usually deleted from your computer when you log off from the Services and close your browser. Third-party advertisers on the Services may also place or read cookies on your browser. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. However, if you do not accept cookies, you may not be able to use all portions or functionalities of the Services.

Logfile information is automatically reported by your browser each time you access a web page. Our servers may record certain information that your web browser sends whenever you visit any website when you use the Services. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, the number of clicks, domain names, landing pages, pages viewed, and other such information. When you use the Services, we may employ clear GIFs (also known as web beacons) or similar mechanisms to track our users’ online usage patterns anonymously. No Personally-Identifying Information from your Company account is collected using these clear GIFs. In addition, we may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting and make the Services better for our users.

Identity Theft and Related Abuses

Identity theft and the practice currently known as “phishing” are of great concern to Company. Safeguarding information to help protect you from identity theft is essential to us. We do not and will not, at any time, request your credit card information, your account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.

Our Policy Toward Children

The Services are not directed to children under 18. We do not knowingly collect Personally-Identifying information from children under 18. If we become aware that a child under 18 has provided us with Personally-Identifying Information, we will delete such information from our files.

Security

The Company is very concerned with safeguarding your information and protecting the security of your Personally-Identifying Information and Genomic Data. We use appropriate, industry-typical security measures and technology to protect against unauthorised access to, or unauthorised alteration, disclosure or destruction of, user information covered by this Privacy Policy (excluding any such data that may be publicly shared per this Privacy Policy). In this regard, we employ administrative, physical and electronic measures designed to protect your Personally-Identifying information from unauthorised access. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable statutes on security breach notification) to you via email or conspicuous posting on the Site or Services in the most suitable time possible and without unreasonable delay, insofar as these are consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

International Transfer

Your information may be transferred to – and maintained on – computers located in the United States of America as well as other locations and jurisdictions where we conduct business, which may be outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. Suppose you are located outside the United States and choose to provide information to us. In that case, Company transfers Personally-Identifying Information to the United States and processes it there, and your submission of such information represents your agreement to that transfer. Concerning Personal Data subject to the PDPL, GDPR, transfers of such Personal Data outside Turkey, the EU/EEA are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission or Turkey under the GDPR and PDPL, respectively.

Limitation of Liability

Even though Company has taken reasonable commercial steps and efforts to prevent your Genomic Data, Personally-Identifying Information and other information covered by this Privacy Policy from being accessed, used, intercepted or disclosed by unauthorised individuals in violation of this Privacy Policy, you should know. You acknowledge that Company cannot eliminate security risks associated with your information. You expressly acknowledge and agree that uploading, posting, providing, storing, using, analysing and/or modifying your Genomic Data, Personally-Identifying Information and other information on or into the Site, NGS Cloud or other Services, and the use of all such Services, are all done at your sole risk and responsibility. You expressly acknowledge that Company is not liable for 

(i) any special, indirect, consequential, incidental or punitive damages, costs, or liabilities whatsoever arising out of or resulting from your use of the Site, NGS Cloud or other Services, including from your uploading, posting, providing, storing, using, analysing and/or modifying your Genomic Data, Personally-Identifying Information and additional information; or 

(ii) any loss, disclosure or use of your Genomic Data, Personally-Identifying Information or other information.

Contacting Us

If you have any questions about this Privacy Policy, please contact us via [email protected] or at Pairend Biyoteknoloji, Çeçen Sokak No.: 25 D16 Akasya Kent Etabı A3 Blok Acıbadem Üsküdar/İstanbul, Turkey.