Privacy Policy for iGEM Consulting

iGEM Consulting (“we,” “our,” or “us”) is committed to upholding the highest standards of privacy and data protection. We value the trust you place in us when using our website, igemconsulting.com (“Website”), and are dedicated to protecting and responsibly handling the personal information you share with us. This Privacy Policy outlines the types of personal data we collect, the purposes for which that data is used, and your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Scope of Policy and Data Controller Role

This Privacy Policy applies to all visitors, users, and others who access our Website or otherwise interact with us through digital services offered via igemconsulting.com. For the purposes of applicable data protection legislation, iGEM Consulting is the controller of your personal data, determining the purposes and means of its processing. For any questions regarding this policy or our privacy practices, you may contact [email protected].

2. Categories of Data We Process

We collect, use, store, and transfer various categories of personal data, including but not limited to:

a. Usage Data
Information collected automatically when you interact with our Website, such as your browser type, device IP address, operating system, pages visited, length of visit, and referral source.

b. Account Data
Details you provide when creating or managing a user account, including your name, mailing address, email address, and phone number.

c. Profile Data
Information such as your preferences, service interests, user behavior, and historical data related to your interactions and purchases.

d. Communication Data
Records of your communications with us, including customer service inquiries, contact form submissions, feedback, and support tickets.

e. Technical Data
Data related to your technology and equipment, including device type, software settings, language preferences, time zone, mobile network data, and system diagnostic logs.

f. Transaction Data
Information collected during transactions such as billing details, order history, payment methods, delivery and fulfillment data.

g. Preference Data
Data you provide regarding your marketing preferences and interests in our products, services, and offerings.

3. Legal Bases for Processing Personal Data

We process your personal data in accordance with the following legal bases:

– Legitimate Interests: To operate and maintain our Website efficiently, improve user experience, and prevent fraud or misuse, provided our interests are not overridden by your rights.
– Contractual Necessity: Where processing is required to fulfill a contract with you or to take steps at your request prior to entering into a contract.
– Consent: Where you have provided clear and informed consent, such as for non-essential cookies or marketing communications.
– Legal Obligation: When processing is necessary for compliance with applicable legal or regulatory obligations.

4. Your Rights Under Data Protection Law

Subject to applicable data protection laws, you have the following rights in respect of your personal data:

– Right of Access: To obtain a copy of the personal data we hold about you.
– Right to Rectification: To have incomplete or inaccurate data corrected.
– Right to Erasure: To request the deletion of your data in certain circumstances (“right to be forgotten”).
– Right to Restriction of Processing: To request that we limit the processing of your information in certain scenarios.
– Right to Data Portability: To obtain and reuse your personal data for your own purposes across different services.
– Right to Object: To object to certain processing based on legitimate interests, direct marketing, or processing for research/statistical purposes.

To exercise any of the above rights, please contact us at [email protected].

5. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These include, but are not limited to:

– Data encryption in transit and at rest
– Role-based access control and multi-factor authentication
– Regular data backups and disaster recovery procedures
– Employee awareness and data protection training

6. International Data Transfers

Your personal data may, on occasion, be processed outside your country of residence, including in countries that may not provide the same level of data protection. In such circumstances, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, or other legally compliant mechanisms to ensure an adequate level of protection.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. Retention periods vary by data type:

– Account, Profile, and Transaction Data: Up to 7 years following account inactivity or final transaction, for legal and contractual purposes.
– Communication Data: Retained for 3 years post-last interaction.
– Technical and Usage Data: Stored for 12 to 24 months for security and analytical purposes.
– Preference and Marketing Data: Retained until consent is withdrawn or updated.

8. Cookies and Similar Technologies

Our Website uses cookies and other tracking technologies to enhance user experience and gather analytical data. Types of cookies include:

– Essential Cookies: Required for website functionality and cannot be disabled.
– Functional Cookies: Remember your preferences, such as language and region.
– Analytics Cookies: Help us understand website engagement and usage trends.
– Performance Cookies: Improve response times and usability based on load analysis and device performance.

9. Cookie Management and Legal Compliance

In compliance with GDPR and CCPA:

– Visitors are presented with a cookie consent banner upon accessing the Website.
– You may adjust your preference settings or revoke consent at any time by managing your cookie preferences in your browser settings or using the provided tool on igemconsulting.com.
– California residents may opt out of the “sale” of personal information under the CCPA through clear options, including “Do Not Sell or Share My Personal Information” links where appropriate.

10. Protection of Children’s Data

Our services and Website are not directed to, and we do not knowingly collect personal data from, children under the age of 13. If we become aware that such personal data has been collected by or from a minor without verified parental consent, we will take steps to delete such information promptly.

11. Policy Updates

We may amend this Privacy Policy to reflect changes in the law, our services, or data handling practices. When updates are made, we will revise the policy on this page and may notify you through reasonable means, as applicable. Continued use of igemconsulting.com following policy changes constitutes your acceptance of the changes.

12. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or how your personal data is handled, please contact us at:

Email: [email protected]
Website: https://igemconsulting.com

We are committed to ensuring your data privacy rights are respected and will respond to all inquiries promptly.

iGEM Consulting is committed to compliance with applicable privacy regulations including the GDPR and CCPA frameworks. For additional information or to exercise your privacy rights, please contact us at [email protected].