Privacy Policy

Last updated: Nov 27, 2018

Protecting your privacy is very important to us. We’re telling you about our privacy policy and notice so you know what information we collect, why we collect it, and what we do with it. The GenoBank.io Service (“Service”) is owned and operated by GenoBank.io Inc. (“GenoBank.io”, “us”, “we”, or “our”), a Delaware corporation. We operate the www.GenoBank.io as well as the GenoBank.io.com website (collectively the “Website”). Your use of the Website and Service is governed by the privacy policy and notifications contained herein together (the ” Privacy Policy”, “Policy”). Please read this Privacy Policy carefully. By accessing, browsing or otherwise using the Website or any GenoBank.io Service, you acknowledge that you have read, understood, and agree that you have been so notified of this Privacy Policy. If you do not accept the terms and conditions of this Privacy Policy, you should not access, browse or use the Website. This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

1. GenoBank.io and researchers on our platform will not retain, use or share any individual-level sequencing, surveys, or other information except as explicitly allowed in this section.
2. Researchers and every entity retaining or using individual-level information will publicly register with GenoBank.io and create a cryptographic identity which only they control.
3. Researchers will announce every instance of every data sharing of individual-level information on GenoBank.io with a minimum of 60 days’ advanced notice.
4. GenoBank.io and researchers will announce every instance of data loss or unintentional sharing immediately and publicly on GenoBank.io.
5. GenoBank.io and researchers will destroy all individual-level information it controls within 90 days unless it can confirm current use permission through GenoBank.io. GenoBank.io and researchers will perform this check at least once every 30 days.
6. Every program participant will anonymously register with GenoBank.io and create a cryptographic identity which only they control. And participants will initially allow researchers full access to retain, use and share their individual information.
7. Note that GenoBank.io is based on blockchain and permissions are registered directly by participants using cryptographic identities which only they control – this means that GenoBank.io, including its employees, is unable to impersonate,

1. Data Utilization Description

GenoBank.io collects information from you when you register an account on our Website or create a wallet using our dapp, contribute Shared Data or Personal Data, including self-reporting information through surveys, forms, features or applications, use social media connections and features, refer contacts to us, share information through various interactions with us and our partners, and similar tracking technologies.

GenoBank.io will use your Shared Data and Personal Data as follows:

1. Population-level Research: GenoBank.io or a contracted third party may perform population-level searches based on a pre-defined study design. We refer to these searches as queries. Based on the results of a query, a subset of aggregated, de-identified Shared Data is populated in a private, secured computer environment controlled by GenoBank.io, which we refer to as a sandbox, in order to complete the analysis required by the study design. This population-level research may have various purposes including the advancement of genomic science and identifying links between genomics and disease or other conditions. Researchers and third parties will be able to associate your Shared Data with a unique data file identification number (Data Tokenization process) that is independent from your Personal Data using proprietary or open source algorithms.
2. Targeted Research Participation: In some situations, such as clinical trial recruitment, a researcher or contracted third party may want to contact you and other members directly. GenoBank.io enables this via an anonymous or incognito, automated process, which allows the researcher or contracted third party to invite you into a direct communication but does not grant them access to any of your Personal Data or individual Shared Data. It is then your choice whether you will engage in direct contact with the researcher or contracted third party or not. Your preference whether to receive these invitations (which we call opt-in) can be turned on or off within your personal wallet settings or account page. The invitation list is typically determined by GenoBank.io, the researcher or the contracted third party querying our platform, using the unique data file identification number linked to your Shared Data, and based on specific query parameters defined by the researcher or contracted third party.

3. As Required By Law: GenoBank.io may use or disclose any information it collects as required by law or legal process, for example, in responding to a court-issued subpoena. However, we believe the steps GenoBank.io takes to protect your information, such as its data segregation architecture which does not allow for re-identification of Shared Data without the consent of the contributing member, provides substantial protection to our members in these situations by using an individual data container and encryption key for each user or wallet. Where allowed by law or legal process and where reasonably possible, we will notify you in advance of any such proposed use or disclosure of your data.

4. Enforcement of Agreements. GenoBank.io may use your data to enforce our Terms of Service, any member Subscription Agreement, or our Operating Agreement, including in each case investigations of potential violations.

We will not use or share your information with anyone except as described in this Privacy Policy. As explained in our GenoBank.io Consent, you may choose at any time to revoke your consent to all of your data, purge some or all of your data, and even delete your account completely from our databases.

We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible at our Website.

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your first name, last name, address and email address (“Personal Information”). We collect this information for the purpose of providing the Service, identifying and communicating with you, responding to your requests/inquiries, servicing your purchase orders, and improving our services. We do not collect social security number or other similar information unless you choose to provide it. We do collect other limited information automatically from visitors who read, browse, and download information from our site. We do this, so we can understand how the site is being used and how we can make it more helpful.

Certain information about your visit can be collected when you browse websites. When you browse the GenoBank.io Website, we, and in some cases our third-­‐party service providers, can collect the following types of information about your visit, including:

• Domain from which you accessed the Internet

• IP address (an IP or internet protocol address is a number that is automatically assigned to a device connected to the web)
• Approximate geographic location based on the IP address of the user’s local system
• Operating system (which is software that directs a computer’s basic functions such as executing programs and managing storage) for the device that you are using and information about the browser you used when visiting the site
• Date and time of your visit
• Pages you visited
• Address of the website that connected you to our Website (such as google.com or bing.com)

• Device type (desktop computer, tablet, or type of mobile device)
• Screen resolution
• Browser language
• Geographic location
• Time spent on page
• Scroll depth – The measure of how much of a web page was viewed
• User events (e.g. clicking a button)
• We use this information to measure the number of visitors to our site and its various sections, to help make our site more useful to

 

2. No Cookies 

• We are putting your privacy at the highest of our priorities which is why we take pride in claiming that we don't track cookies

3. Do Not Track Disclosure 

• Do Not Track (“DNT”) is a preference you can set in your web browser to inform websites that you do not want to be
• io automatically observes the DNT browser setting for digital advertising that uses “conversion-­‐tracking” or  “re-­‐targeting”.  If  “Do  Not  Track”  is  set  before  a  device  visits  the GenoBank.io website, third party conversion tracking and retargeting tools will not load on the site. For more information on DNT or information on how to set the Do Not Track setting in your browser go to the Do Not Track website.
• So you can enable or disable Do Not Track by visiting the Preferences or Settings page of your web

4. Service Providers 

• We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-­‐related services and/or to assist us in analyzing how our Service is used. We will only share PII with third party vendors, consultants, agents, partners, and other service providers with whom we contract to help us provide or improve our
• These third parties will not have access to your Personally Identifiable Information and are obligated not to disclose or use your information for any other
• Please note that GenoBank.io will only share your information in accordance with this Policy, except in the following situations:

• You have given us your consent to share or use information about you;
• We believe that we need to share information about you to provide a service that you have requested from us or from others;
• We are required by law to disclose information; or
• We believe that it is necessary to protect our rights or to avoid liability or violations of the law.

5. Communications 

• We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to
• We also engage certain service providers for purposes of tracking and associating internet search and browsing behavior to provide improved functionality on the GenoBank.io website. We enable them to use tracking technologies, web beacons, on or in conjunction  with   the   io   website.   These   companies   may   use   non-­‐personally identifiable  information  about  your  visits  to  other  websites,  together  with  non-­‐personally identifiable information about your purchases and interests from other online and offline sources, to provide you with newsletters, marketing or promotional materials and goods and services that may be of interest to you.
• The use and collection of information by these service providers is governed by their respective privacy statements and thus is not covered by this Policy. In addition, we may share Website usage information with these service providers to manage and target ads and for market research
• Finally, information obtained through these processes may be combined with personally identifiable information in order to analyze our marketing efforts. You may opt out of receiving any, or all, of these communications from us by contacting

6. Compliance with Laws 

• io recognizes it may be subject to the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the regulations set forth thereunder at 45 C.F.R. Part 160 and Part 164 (the “HIPAA Privacy Regulations”) because GenoBank.io provides certain services which involve (i) the use and disclosure of Protected Health Information (as defined in the HIPAA Privacy Regulations) by GenoBank.io, and (ii) the disclosure of Protected Health Information by or on behalf of registered user by GenoBank.io. Accordingly, pursuant to the HIPAA Privacy Regulations, Service Company may be a “Business Associate” (as defined in the HIPAA Privacy Regulations). GenoBank.io complies with all of the requirements of HIPAA and the HIPAA Privacy Regulations applicable to Business Associates respectively.

• Additionally io complies in all material respects with all federal and state-­‐mandated regulations, rules, or orders applicable to the services provided herein, including but not limited to regulations promulgated under Title II, Subtitle F of the Health Insurance Portability and Accountability  Act  (Public  Law  104-­‐91)  (“HIPAA”).  We  will  not  disclose  your  Personal Information unless required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service. These regulations may require us to disclose to proper authorities information related to your usage of the Service, such as -­‐ but not limited to -­‐ time and date of your registration, your logins and logouts, your changes of passwords to the Service, time and date of your CCD and Fitbit (or weareables) uploads and authorizations to release your healthcare related data.

7. Security

• io acknowledges that, during its engagement by registered users, it will have access to Personal Information including identity attributes and health information. GenoBank.io in its collection, receipt, transmission, storage, disposal, use and disclosure of such Personal Information will be a responsible keeper of that information.
• While no method of internet transmission, or electronic storage is totally secure, GenoBank.io strives to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store. GenoBank.io shall implement administrative, physical and technical safeguards to protect Personal Information that are no less rigorous than accepted industry practices (including the International Organization for Standardization’s standards: ISO/IEC 27001:2005 – Information Security Management Systems  –  Requirements  and  ISO-­‐IEC  27002:2005  –  Code  of  Practice  for International Security Management, other applicable industry standards for information security), and shall ensure that all such safeguards, including the manner in which Personal Information is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws, as well as the terms and conditions of this Privacy

8. International Transfer 

Your information, including Personal Information, may be transferred and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

9. Changes to this Privacy Policy 

GenoBank.io may amend this Privacy Policy from time to time, at its sole discretion. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make changes to the Privacy Policy, we will notify you by posting an announcement on the GenoBank.io website so you are always aware of what information we collect, how we use it, and under what circumstances if any, it is disclosed.

10. GenoBank.io users located in the European Data Region

For GenoBank.io users located in the European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and GenoBank.io ’s processing will take place in accordance with the GDPR.

11. GenoBank.io users located in the US Data Region

For GenoBank.io users in the GenoBank.io US Data Region, GenoBank.io processes data solely in data centers located in the US. GenoBank.io has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the user’s data in GenoBank.io ’s possession. GenoBank.io will promptly notify the user in the event of any known unauthorized access to, or use of, the user’s data.

12. Users located in European Data Region: GenoBank.io as Controller 

• GenoBank.io processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR:
• GenoBank.io adheres to the Directive of 1995 and the GDPR from May 25th, 2018.
• All data collected by GenoBank.io will be stored exclusively in secure hosting facilities provided by GDPR compliant Amazon AWS Cloud. GenoBank.io has a data processing agreement in place with its provider, ensuring compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.

• See the GenoBank.io GDPR DATA PROCESSING ADDENDUM

In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the effected parties unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. ²Where the notification to the affected parties is not made within 72 hours, it shall be accompanied by reasons for the delay.

13. Retention and Deletion

GenoBank.io will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. For user data, users have control of the purpose for collecting data, and the duration for which the Personal Data may be kept.

14. Conditions of Use

We assume that all users of our Website and platform have carefully read this document and agree to its contents. If someone does not agree with this privacy policy, they should refrain from using our Website and platform. We reserve the right to change our privacy policy as necessity dictates. Continued use of GenoBank.io’s Website and platform after having been informed of any such changes to these conditions implies acceptance of the revised privacy policy. This privacy policy is an integral part of GenoBank.io ’s terms of use.

15. Links to Other Sites

Your activity on the third-­‐party websites that GenoBank.io links to (such as Facebook or Twitter) is governed by the security and privacy policies of those websites. You should review the privacy policies of all websites before using them so that you understand how your information may be used. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services. You should also adjust privacy settings on your account on any third-­‐party website to match your preferences.

16. Children’s Privacy

GenoBank.io is committed to protecting the privacy of children who visit our GenoBank.io website. Only persons age 18 or older have permission to access our Service. We do not knowingly collect personally identifiable information from persons under 18. GenoBank.io follows the U.S. Children’s Online Privacy Protection Act (“COPPA”). For more information about COPPA, please visit https://www.consumer.ftc.gov/articles/0031-­‐protecting-­‐your-­‐childs-­‐privacy-­‐online.

17. Changes to This Privacy Policy 

We may revise this Privacy Policy from time to time. The most current version of the policy dated Nov 27, 2018 will govern our use of your information and will always be at GenoBank.io.com/privacy. If we make a change to this policy that, in our sole discretion, is material, we will notify you via email to the email address associated with your account and/or prominent notice on our GenoBank.io website. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.

GenoBank.io reserves the right to update this Privacy Policy as it applies to Personal Data only (which therefore excludes and changes involving linkage of Personal Data to Shared Data, covered in this policy) from time-to-time without advance notice. When these changes are made, GenoBank.io will make a new copy of this Privacy Policy available on its Website and through our P2P private messaging system (when available). Such changes will not apply retroactively but may be effective immediately on being made available on our website. You acknowledge and agree that if you use any of our services covered by this Privacy Policy after the effective date of the change, to the maximum extent permitted by applicable law, you agree that you will be bound by the new terms.

18. Contact Us 

Thoughts or questions about this Privacy Policy? Please let us know by contacting us at:
GenoBank.io Inc,
Atte: Data protection & Privacy
Office: 650-999-0905
Email: [email protected]