Privacy and Security
I. What Data We Collect
In the course of your use of our Services, we may collect the following types of information:
Submitted Data: You may provide us sequencing data derived from a human or other organism as well as associated metadata, for instance by uploading a BAM file or FASTQ file. The associated metadata may include information about the subject(s) of the sequencing data, for instance phenotype or population statistics.
Payment Information: In order to pay for services you may be required to submit payment information, such as a credit card number and billing address.
Account Information: In the course of registering an account or subsequently, we may ask you to provide information such as your name, employer, email address or phone number. If your email address is associated with a Gravatar, we may pull that Gravatar for display on our platform. You can learn more about Gravatars at https://en.gravatar.com/. In addition, your account may be associated with other accounts via mechanisms such as billing group membership and project permissions.
User Activity Information: We may keep logs of your activity as you use our Services, for example which pages you visit, when you start a task, or what calls are made to our API. We may also track user activity on our site using third-party services such as Google Analytics, which you can learn more about at http://www.google.com/analytics/, Fullstory, which you can learn more about at https://www.fullstory.com, and other similar services.
Other User Provided Information: You may provide information to us via other communications with our team, for instance emails exchanged with our support team or suggestions submitted via a feedback form.
Marketing Information: In order to better understand use of and interest in our product, we may collect information on users or potential users of our product, for instance by matching up users with the institutions with which they are affiliated.
II. What We Do With It
We store and process Submitted Data on your behalf, for instance when you run a pipeline on your data. We may also access and process your Submitted Data in order to provide support to you, for instance by running a few tests on your data for debugging purposes if your task fails. Your data is processed on servers provided by Amazon Web Services, a third-party service provider, and stored on their servers in encrypted form. You can find more information about their security practices a thttp://aws.amazon.com/security/.
We may use your Account Information to contact you about your use of our Services, for instance to let you know a task has completed, or to otherwise inform you about our Services, for instance by letting you know about changes or improvements to our offerings. We may also aggregate information from user's Account Information in order to better understand use of and interest in our Service. Your Account Information may be stored on our behalf by third-party service providers, for instance on Amazon Web Services.
We may use User Activity Information, Account Information and Other User Provided Information to maintain, improve and better understand usage of our Service and otherwise analyze aspects of our business. This information may be stored or processed by third-party service providers on our behalf.
If you explicitly so choose (see "Controlling Your Data" below), we may share your Submitted Data and some elements of your Account Information with other users to whom you have granted permission to participate in your project. Your name and institutional affiliation may also be shared automatically with users who have granted you project permissions.
We may disclose your data to third parties if, at our sole discretion, we believe this is necessary in order to meet any legal requirement or enforceable governmental request or to identify, contact, or bring legal action against someone who may (either intentionally or unintentionally) be causing injury to or interference with our rights or property, users of our Service, or anyone else who could be harmed by such activities. We may also transfer any and all information we collect from users to a third party in the event of any corporate reorganization, merger, sale, joint venture, assignment, transfers, or other disposition of all or any portion of Seven Bridges Genomics' business, assets, or stock.
III. Controlling Your Data
You can access and edit most elements of your Account Information via the "Account Settings" menu. You can see which billing groups and projects you're associated with via the "Payments" and "Projects" menus respectively.
You can control which users have access to your project, including your Submitted Data, via the "Project Members" section of a project's "Dashboard". Permissions can be tailored to a project participant's needs, with separate permissions for writing data, copying data, executing tasks, and administering a project. (CAUTION: allowing a user to administer a project may allow them to grant themselves further permissions.) You can also access and delete your Submitted Data from the "Files" or "Dashboard" menus of a project. It may take up to a week for all back-up copies of your Submitted Data to be deleted.
If you would like to request further access to, correction of, or deletion of information we have about you, please contact us at firstname.lastname@example.org. We will make reasonable efforts to accommodate such requests.
IV. Further Information
Links to Third Party Sites
Questions, Comments, and Complaints
EU-US Privacy Shield Compliance and Swiss-US Privacy Shield Compliance
101 Euston Road, 8th Floor
London, NW1 2RA
Seven Bridges Genomics Inc. has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/file-a-complaint/ for more information and to file a complaint.
EU citizens may also raise privacy concerns with their national Data Protection Authority, the contact details of which can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. You may, under certain conditions, be able to invoke binding arbitration regarding a privacy issue before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
Last update: Jun 20, 2017