Privacy Policy
The Privacy Policy (“this Policy”) applies to all websites, services, features, and content owned and operated by Tianjin Shangyuan Gene Technology Co., LTD. Users (hereinafter referred to as “you”) are required to read and thoroughly understand this Policy before using the DNAChron Services, and to use the relevant services after confirming that you fully understand and agree to it. Once you have used the DNAChron Services, you acknowledge that you fully understand and agree to this Policy. If you disagree or do not accept the content of this Privacy Policy, please stop using the DNAChron Services immediately.
This policy will help you understand the contents of the following:
- How we collect and use your personal information
- How we use cookies and similar technologies
- How we share, transfer, and publicly disclose your personal information
- How we protect your personal information
- Your Rights
- How we handle personal information of minors
- Updates to this Policy
- How to contact us
I. How we collect and use your personal information
Personal information means information that is recorded electronically or otherwise and that, alone or in combination with other information, can identify you or reflect your activities. We collect information that is necessary to perform the functions of the service and to complete the service.
(I) Personal information provided by you directly and collected by us automatically
Information you provide voluntarily when you use the DNAChron Service:
- Registration Information. When you register for a DNAChron account, DNAChron collects the personal information you provide, including your cell phone number, email address, etc. This information is collected to help you complete your registration with DNAChron, protect your account security, and facilitate your use of DNAChron services.
- Individual Information. When you create a new test subject and set up your profile, Genetic Data will collect information that you fill in or modify for yourself or your authorized person, including origin, ethnicity, personal genetic history, etc.; this information is collected to better assist you in tracing your family history. DNAChron will display some or all of the Individual information depending on whether or not you have made the different subsections of the Individual information public.
- Information submitted in the course of use. Additional information, such as Y high-throughput sequencing data, whole genome sequence data, etc., for yourself or an authorized person, when you provide such information through the information collection portal of DNAChron, such as import data; this information is collected to accurately analyze the quality of your or authorized person’s gene sequencing, precise position on the ytree and shared information with other Individuals, and will be properly stored by DNAChron.
- Content of Communication with Customer Service
When you contact customer service in any way, DNAChron will collect your contact information and specific communications for customer service purposes only to better serve you.
(II) Information about your behavior when using DNAChron services
DNAChron automatically collects requests from you when you access or use the DNAChron Services to ensure your proper use of our services, optimize and improve our services, and protect your account security. This information is the basic information that must be collected to provide the Services. This includes, but is not limited to:
- Your device information. For example, device attributes (hardware model, operating system version, device configuration, etc.), device connection information (type of browser, telecommunications carrier, the language used), and device status information (device sensor data).
- Service log information. For example, your use of the DNAChron service, IP address, URL of the service accessed, type of browser and language used, and information on downloading, installing, or using mobile applications and software, and the date, time, and duration of access to the service.
About device permission invocation: In the process of providing our services, we may need you to open some device permissions, such as notification, album, camera, and other access rights. You can also choose to turn off some or all of the permissions at any time in the device’s settings function so that you can refuse us to collect the corresponding personal information. The way the permissions are displayed and turned off may vary from device to device. Please refer to the device and system developer’s instructions or guidelines for details. Please note that by enabling these permissions, you are authorizing us to collect and use such personal information as described in this policy. By turning off any of these permissions, you are revoking your authorization, and we will no longer collect and use personal information based on those permissions, nor will we be able to provide you with the features and services for which you are authorized. Your decision to turn off your permission will not affect the processing of personal information based on your authorization. About the use of permission calls, for example:
- To obtain the unique identifier of the device needed for pushing, we will read the device information (e.g. International Mobile Equipment Identity Code , network device hardware addresses ).
- To use the image saving and image selection functions, we will apply for cell phone storage privileges.
(III) The information generated when using third-party services
DNAChron may obtain information generated by you when you use third-party services. For example, if we obtain the name you use in a third-party service when you log in quickly, we will inform you of the source, type, and scope of use of your personal information before we obtain it. DNAChron does not control the privacy policy of such third parties, and the third party’s privacy policy will apply to the handling of your personal information by the third party’s platform, so please read it carefully and pay attention to your privacy settings with the third party.
(IV) Information generated by the analysis service
When you use the DNAChron Genetic Sequencing Data Analysis Service, we analyze your imported genetic sequencing data to generate information about the results of the analysis, including sequencing coverage, SNPs shared with other Individuals, and other information.
(V) How do we use the information we collect?
We may use the information we collect to:
- Provide services to you.
- Display and push personalized content for you.
- Product development and service optimization.
- Conduct scientific research.
- Evaluate and improve advertising and promotional programs.
If we want to use the information for purposes other than those described in this policy, we will ask for your prior consent to use the information collected for a specific purpose.
(VI) Exceptions to Prior Authorized Consent
You are fully aware that we do not need to obtain your prior authorized consent for the collection and use of personal information in the following cases:
- Directly related to national security or national defense security
- Directly related to public safety, public health, or significant public interest
- Directly related to crime investigation, prosecution, trial and execution of judgments, etc.
- For the purpose of safeguarding your or other individuals’ life, property, and other significant legitimate rights and interests but where it is difficult to obtain your consent.
- The personal information collected is disclosed by you to the public at your discretion
- The personal information collected from information that is lawfully and publicly disclosed, such as lawful news reports, government information disclosure, and other channels.
- Necessary for the conclusion and performance of a contract at your request
- Necessary for maintaining the safe and stable operation of the products or services provided, such as the discovery and disposal of service failures.
- Necessary for the conduct of legitimate news reporting.
- Necessary for conducting statistical or academic research in the public interest, and when it provides the results of academic research or descriptions to the public, it de-identifies the personal information contained in the results.
- Other circumstances specified by laws and regulations.
(VII) Anonymization of personal information
Anonymization of personal information refers to the process of technical processing of personal information so that the subject of personal information cannot be identified and the processed information cannot be recovered. The information obtained after the anonymization of personal information is not personal, and DNAChron has the right to mine, analyze and utilize the database of users after the anonymization process, as well as the right to conduct statistics on the use of products/services and share the desensitized statistical information with the public/third parties.
II. How we use cookies and similar technologies
(I) Cookies
To ensure that the website works properly, we store small data files called cookies on your computer or mobile device. Cookies usually contain an identifier, the name of the site, and some numbers and characters. With cookies, websites can store data such as your preferences. We do not use cookies for any purpose other than those described in this policy. You can manage or delete cookies according to your preferences. For more information, see AboutCookies.org. You can clear all cookies stored on your computer, and most web browsers have a feature that blocks cookies. However, if you do so, you will need to change your user settings yourself each time you visit our site. For details on how to change your browser settings, please visit the relevant settings page of the browser you are using.
(II) Web beacons and pixel tags
In addition to cookies, we also use web beacons and pixel tags, and other similar technologies on our website. For example, an email we send you may contain a click-through URL that links to content on our site, and if you click on that link, we track that click to help us understand your product or service preferences and improve customer service. A web beacon is typically a transparent image embedded in a website or email. With the help of pixel tags in emails, we can tell if an email has been opened. If you do not want your activity to be tracked in this way, you can choose to unsubscribe.
(III) Do Not Track
Many web browsers have a Do Not Track feature, which issues Do Not Track requests to websites. Currently, the major Internet standards organizations have not established policies to govern how websites should respond to such requests. However, if your browser has Do Not Track enabled, then all of our websites will respect your choice.
III. How we share, transfer, and publicly disclose your personal information
(I) Sharing
- We will not share your personal information with third parties, except for the following cases:
- Share with explicit consent: We will share your personal information with other parties after obtaining your explicit consent.
- We may share your personal information with external parties following laws and regulations, or as mandatorily required by government authorities.
- Only by sharing your information can we achieve the core functions of our services or provide the services you need.
- Following the relevant agreements signed with you (including electronic agreements signed online) or other legal documents agreed to be provided.
- Share with explicit consent: We will share your personal information with other parties after obtaining your explicit consent.
- Sharing by our affiliates: Your personal information may be shared with DNAChron’s affiliates. We will only share personal information that is necessary and is subject to the purposes stated in this policy. If an affiliate wishes to change the purpose for which personal information is processed, your authorized consent will be sought again.
- Sharing with authorized partners: Some of our services will be provided by authorized partners for the sole purpose of achieving the stated purposes in this policy. We may share some of your personal information with our partners to provide better customer service and user experience. We will only share personal information that is necessary to provide the services, and our partners are not authorized to use the shared personal information for any other purpose. We send information to vendors, service providers, and other partners who support our business. These supports include providing technical infrastructure services, analyzing how our services are used and potential risks, advertising services, shipping, providing customer service, providing data storage services, or conducting academic research and surveys.
(II) Transfer
We will not transfer your personal information to any company, organization, or individual other than our affiliates, except for the following:
- Obtain your prior express authorization or consent.
- Meet the requirements of laws and regulations, legal procedures or mandatory governmental requirements, or judicial rulings.
- If we or our affiliates are involved in transactions such as mergers, demergers, liquidations, acquisitions, or sales of assets or businesses, your personal information may be transferred as part of such transactions. We will ensure the confidentiality of such information at the time of transfer and ensure, to the maximum extent possible, that the new company or organization holding your personal information will continue to be bound by this Privacy Policy. Otherwise, we will require the company or organization to seek your consent to do so again.
(III) Public Disclosure
We will disclose your personal information publicly only if we:
- Obtain your express consent.
- Based on laws and regulations, legal proceedings, litigation, or under mandatory requirements of government authorities.
(IV) Exceptions to prior authorized consent for sharing, transferring or publicly disclosing personal information
Prior authorized consent is not required for sharing, transferring, or publicly disclosing your personal information in the following cases:
- Directly related to national security or national defense security
- Directly related to public safety, public health, and significant public interests
- Directly related to crime investigation, prosecution, trial and execution of judgments, etc.
- For the purpose of safeguarding your or other individuals’ life, property, and other significant legitimate rights and interests but where it is difficult to obtain your consent
- Personal information that you disclose to the public on yourself.
- Personal information collected from legitimate public disclosures, such as legitimate news reports, government information disclosure, and other channels.
Sharing or transferring personal information that has been de-identified and ensuring that the recipient of the data cannot recover and re-identify the subject of the personal information is not an act of sharing, transferring, or publicly disclosing the personal information to the public. The storage and processing of such data will be done without separate notification to you and with your consent.
IV. How we protect your personal information
(I) Storage Period
During your use of the DNAChron Service, we will store your personal information for you following the provisions or agreements of the Service Agreement, this Policy, and related documents. If you cancel your account or voluntarily request the deletion of the Individual, we will delete your information following the relevant laws and regulations.
(II) Storage Location
We store your genetic data in our data centers located in the Republic of Singapore.
We store your registration information, Individual information, and analysis results in our data centers located in both the People’s Republic of China and the Republic of Singapore based on the need to operate efficiently, improve performance, and create redundancy to protect data in the event of an outage or other problem.; We will strictly follow the laws and regulations and ensure the security of your personal information.
(III) Security Measures
- We store your registration information, Individual information, analysis result information, and genetic information data separately on the cloud and protect your personal information from unauthorized access, public disclosure, use, modification, destruction, or loss through reasonable and feasible security measures including technology, hardware, and management processes. For example, the exchange of data between your browser and the Services is protected by SSL encryption; we also provide https secure browsing of the DNAChron website; we use encryption technology to ensure the confidentiality of data; we use trusted protection mechanisms to prevent malicious attacks on data; we deploy access control mechanisms to ensure that only authorized personnel has access to personal information; we sign confidentiality agreements with employees and hold security/privacy training to enhance employees’ awareness of the importance of protecting personal information. For example, the exchange of data between your browser and the Services is protected by SSL encryption; we also provide https secure browsing of the DNAChron website; we use encryption technology to ensure the confidentiality of data; we use trusted protection mechanisms to prevent malicious attacks on data; we deploy access control mechanisms to ensure that only authorized personnel has access to personal information, and we sign confidentiality agreements with employees and hold security/privacy training to enhance employees’ awareness of the importance of protecting personal information.
- We remind you that the Internet is not a secure environment. When you interact with other users through social networking software, it is not certain that the transmission of information is fully encrypted by third-party software. Please take care to ensure the security of your personal information. We recommend that you do not send personal information through such means to avoid disclosure of personal information. Please use complex passwords to help us keep your account and personal information secure.
- We also ask you to understand that in the Internet industry, due to the limitations and rapid development of technology and the possible existence of various malicious attacks, it is not always possible to guarantee 100% security of information, even if we do our best to strengthen security measures. Please understand that the systems and communication networks used by you to use our products and/or services may have security problems at other points outside of our control.
- In the unfortunate event of a personal information security incident, we will, in accordance with the requirements of laws and regulations, promptly inform you of the basic situation and possible impact of the security incident, the handling measures we have taken or will take, suggestions for risks you can prevent and reduce on your own, remedial measures for you, etc. We will promptly inform you of the incident-related information by email, telephone, push notification, etc. When it is difficult to inform you one by one, we will take reasonable and effective ways to issue announcements. At the same time, we will also take the initiative to report the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.
V. Your Rights
(I) In the process of using the DNAChron Service, you can access your information and can manage your information by controlling the following, except for the exceptions provided by laws and regulations
- Accessing and changing account information
You can access and change your account information (e-mail, password, etc.) through the Personal Center on the DNAChron website. - Setting and changing the permission to disclose information about the Individuals
You can set and change the permissions for the disclosure of your non-shared Individuals’ information through the Personal Center on the DNAChron website. We will show or hide the information in the ytree according to whether you disclose the information of the Individuals or not.
(II) Your self-sharing practices
Even though DNAChron tries to protect your privacy as much as possible, DNAChron cannot restrict your information sharing practices or ensure that information that you disclose will not be retained or recorded by third parties. Therefore, please think carefully before sharing your information and keep in mind that your genetic data is important private information to you.
(III) Cancellation of Account and Deletion of Individuals
If for any personal reason, you wish to cancel your account with DNAChron or delete non-shared Individuals under your account, you may contact DNAChron Customer Service. Once we receive your account cancellation request, we will complete your account cancellation within 7 business days. If deletion of a Individual is involved, it will be processed within 7 business days of receipt of the confirmation letter. Please take into account that once a cancellation or deletion has been made, it cannot be reversed and you will not be able to request DNAChron to provide you with your data and information again.
(IV) Responding to your request
- For security purposes, when you make an administrative request as described above, we may ask you to verify your identity before processing it for you. We may refuse unwarrantedly repetitive requests, require excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), pose a risk to the legal rights of others, or are highly impractical (for example, involving information stored on backup space).
- In the following cases, we will not be able to respond to your request following laws and regulations:
- Directly related to national security and national defense security.
- Directly related to public safety, public health, and significant public interest.
- Directly related to crime investigation, prosecution, trial and execution of judgments, etc.
- We have sufficient evidence of subjective malice or abuse of your rights (e.g., your request would jeopardize public safety and the legitimate rights and interests of others, or your request is beyond what can be covered by ordinary technical means and commercial costs)
- Responding to your request will result in serious damage to the legitimate rights and interests of you or other individuals or organizations.
- Those involving trade secrets.
- Directly related to national security and national defense security.
VI. How we handle personal information of minors
DNAChron and any services provided are not intended to attract minors under the age of 18 to use them. If you are a minor under the age of 18, please obtain prior consent from your guardian before using the Genzyme services. If you are the guardian of a minor, you can register the account, fill in the information of the Individual, import the data, etc. Please make sure that you fulfill your guardian’s responsibility to protect the personal privacy and physical and mental health of the minor.
VII. Updates to this Policy
DNAChron may update the content of this policy from time to time. The updated Privacy Policy will be posted on this page and will be effective upon posting. We will notify you of material changes on the main exposure page of the DNAChron website or by email, postal mail, or other appropriate means of reaching you. If you do not agree to the changes, please discontinue using the DNAChron service, and if you continue to use our service, you agree to be bound by this policy as amended.
Material changes to this policy include, but are not limited to:
- Significant changes in our service model, such as the purposes for which personal information is processed, the types of personal information processed, and how personal information is used.
- Significant changes in our ownership structure, organizational structure, etc., such as changes in ownership caused by business restructuring, bankruptcy mergers, acquisitions, etc.
- Changes in the primary recipients of personal information sharing, transfer, or public disclosure.
- Significant changes in your rights to participate in the processing of personal information and how they are exercised.
- When there is a change in the department responsible for handling personal information security, our contact information, and complaint channels.
- When the personal information security impact assessment report indicates that there is a high risk.
VIII. How to contact us
If you have any questions about this policy or related matters, please contact DNAChron Customer Service at [email protected]
Update Date: May 1, 2022
Tianjin Shangyuan Gene Technology Co., LTD