Research Applications and Financial Applications, Inc. (“BioRAFT”) understands your concerns about privacy and values its relationship with you. Our policy is to respect and protect Personal Data collected or maintained by or on behalf of the Company. As part of this commitment, BioRAFT has certified that we adhere to the Privacy Principles set forth in the US-EU Privacy Shield Framework regarding Personal Data.
- the types of information we collect from subscribers, customers, employees, contacts and visitors to our website at bioraft.com;
- how we may use that information;
- with whom we may share that information; and
- the measures we take to protect the security of that information.
Our Policy also tells you how you may contact us to update your information, remove your name from our mailing lists or get answer to questions you may have about our privacy practices.
Our website is hosted in the United States. We comply with applicable laws to safeguard your information.
We do not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to use the Service. If you are under 13, please do not attempt to register for the Service or send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 13 may provide any personal information to us or on the Service. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
2. WHAT INFORMATION DO WE COLLECT?
We collect the following types of information:
A. Information You Provide to Us.
We receive and store any information you knowingly provide to us. For example, we collect Personal Information such as your name, email address, job title and institutional or organizational affiliation. If we provide Service for which payment is required and you elect to receive such services, we may also receive and store Personal Information necessary to collect payment from you, including your credit card number and billing information. We also receive and store information you provide us that is contained in User Submissions, including without limitation figures, datasets and media you submit to the Service. You can choose not to provide us with certain information, but then you may not be able to register with us or to take advantage of some or all of the Service features. In addition, we may anonymize your Personal Information so that you cannot be individually identified, and provide that information to our partners, investors, Content providers or other third parties.
B. Information Collected Automatically.
When we collect usage information (such as the numbers and frequency of visitors to our website), we only use this data in aggregate form, and not in a manner that would identify you personally. For example, this aggregate data tells us how often users use parts of the website, so that we can make the Service appealing to as many users as possible. We may also provide this aggregate information to our partners; our partners may use such information to understand how often and in what ways people use our Service, so that they, too, can provide you with an optimal experience. We never disclose aggregate information to a partner in a manner that would identify you personally.
C. E-mail and Other Communications.
We may contact you, by email or other means; for example, we may send you promotional offers on behalf of other businesses, or communicate with you about your use of the Service. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make emails more interesting and improve our service. If you do not want to receive email or other mail from us, please indicate your preference by clicking the unsubscribe option at the base of any emails that you receive from us. Please note that if you do not want to receive legal notices from us, those legal notices will still govern your use of the Service, and you are responsible for reviewing such legal notices for changes.
3. WILL WE SHARE ANY OF THE PERSONAL INFORMATION WE RECEIVE?
We neither rent nor sell your Personal Information in personally identifiable form to anyone. We may share your Personal Information in personally identifiable form with third parties as described below.
A. Affiliated Businesses and Third-Party Websites We Do Not Control.
In certain situations, businesses or third-party websites we’re affiliated with may sell items or provide services to you through the Service (either alone or jointly with us). You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service. In addition, we may send your information to third parties when you elect to use certain features of the Service. While we neither solicit nor knowingly collect Personal Information in this context, we have no control over the content you Submit nor over the policies and practices of third parties as to privacy or anything else related to the content you Submit.
We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.
C. Other Persons Whom You Elect to Receive Your Personal Information.
You may request that certain information, including your name, email address, and any of your User Submissions, be displayed or provided to other persons by or through the Service (e.g., if you make your research publicly available). We have no control over the policies and practices of third parties as to privacy or anything else related to the information you request us to display or provide to other persons.
D. Business Transfers.
We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information would be one of the assets transferred to or acquired by a third-party.
E. Protection of Company and Others.
We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Company, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
F. With Your Consent.
Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to prevent the sharing of this information.
4. IS PERSONAL INFORMATION ABOUT ME SECURE?
We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
5. NOTICE TO END USERS OF AN ORGANIZATION THAT USES OUR SERVICES
We provide most of our Service to end-users of an organization as a so-called ‘data processor’ on behalf of our customers (for example, corporations, universities, and hospitals). Where Service is made available to you through your organization (e.g. your employer), we process your information according to the terms of our contracts with your organization. The main responsibility for data privacy compliance lies with your organization as the ‘data controller.’ If you are such an end user, please direct your data privacy questions to your administrator, as your use of any such Service is subject to that organization's policies.
6. PRIVACY SHIELD
We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of Personal Information from European Union member countries. BioRAFT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. As part of our participation in Privacy Shield, we are subject to the investigatory and enforcement powers of the US Federal Trade Commission. In certain situations, BioRAFT may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. BioRAFT is responsible for the processing of Personal Information it receives, and under Privacy Shield we may subsequently transfer that Personal Information to a third party acting as an agent on our behalf. BioRAFT complies with the Privacy Shield Principles for all onward transfers of Personal Information from the EU and Switzerland, including the onward transfer liability provisions. We offer individuals the opportunity to opt-out of Personal Information being: (i) disclosed to a third party (other than to a service provider or pursuant to lawful request as set forth above), or (ii) used for a purpose materially different from the purpose for which it was originally collected or subsequently authorized by you. You also have the ability to opt out at any time from the use of your personal information for direct marketing purposes, by following the unsubscribe procedures indicated in the mailing. Where we process personal information on behalf of your organization, we will work with your organization to comply with access to your Personal Information and choices for limiting use or disclosure of Personal Information. We take reasonable and appropriate measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have implemented appropriate physical, electronic and managerial procedures to help safeguard and secure personal information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
If you have an unresolved privacy or information security concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Human Resources Data
If your complaint involves human resources data transferred to the United States from the EU and Switzerland in the context of the employment relationship, and BioRAFT does not address it satisfactorily, BioRAFT commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) or the Swiss Federal Data Protection and Information Commissioner, as applicable, and to comply with the advice given by the DPA panel or Commissioner, as applicable, with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction.
Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
Contact details for the Swiss Federal Data Protection and Information Commissioner can be found at: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection—switzerland.html
8. QUESTIONS, CONCERNS AND DISPUTE RESOLUTION.