Privacy Policy

πŸ” Your Privacy is Protected

Quick Navigation

πŸ“‹ Overview πŸ“Š Data Collection βš™οΈ Data Usage πŸ”’ Data Protection 🧬 Genomic Data βš–οΈ Your Rights βœ… Compliance πŸ“§ Contact
⚠️

Critical Privacy Notice


This is a DEMONSTRATION PLATFORM ONLY.

  • ❌ DO NOT submit Protected Health Information (PHI)
  • ❌ DO NOT upload actual genetic data or VCF files
  • ❌ DO NOT enter patient identifiers or clinical records
  • ❌ DO NOT share confidential research data


This platform is for demonstration purposes only and is NOT HIPAA compliant for actual clinical use.

1. Overview

AlleleAI.com ("we," "our," or "us") is a demonstration website showcasing concepts for AI-powered genomic analysis platforms. This Privacy Policy explains our data practices for this demonstration platform and domain acquisition inquiries.

Key Privacy Principles:

  • Minimal Collection: We collect only essential information for demo functionality and domain inquiries
  • No Genetic Data: We do not collect, process, or store any actual genetic or health information
  • Transparency: Clear disclosure of all data practices
  • Security First: Industry-standard protection measures
  • User Control: Full rights to access, correct, or delete your information


Scope of This Policy:

This policy applies to:

  • βœ“ Visitors to AlleleAI.com
  • βœ“ Users of our API demonstration
  • βœ“ Individuals making domain inquiries
  • βœ“ Recipients of our communications


This policy does NOT apply to any production genomics platform that may be built using this domain in the future.

2. Information We Collect

A. Information You Provide Directly

Data Type When Collected Purpose Required?
Name Contact form submission Respond to inquiries Yes
Email Contact form submission Communication Yes
Organization Contact form submission Context for inquiry Yes
Message Content Contact form submission Understand needs Yes
Role/Title Contact form submission Appropriate response No
Budget Range Contact form submission Qualification No

B. Information Collected Automatically

Data Type Collection Method Purpose Retention
IP Address Server logs Security & abuse prevention 90 days
Browser Type HTTP headers Compatibility testing 30 days
Page Views Access logs Usage analytics Aggregated only
Referrer URL HTTP headers Marketing insights 30 days
Demo Interactions JavaScript events Improve demo Session only

C. Information We Do NOT Collect

🚫Genetic Information

No DNA sequences, variants, or genomic data

🚫Health Records

No medical history, diagnoses, or clinical data

🚫Biometric Data

No fingerprints, facial recognition, or biological markers

🚫Sensitive Categories

No race, ethnicity, religion, or political affiliations

3. How We Use Information

βœ… Permitted Uses

  • Respond to domain acquisition inquiries
  • Demonstrate platform capabilities
  • Improve demo functionality
  • Prevent abuse and security threats
  • Comply with legal obligations
  • Aggregate usage statistics


❌ Prohibited Uses

  • Sell or rent personal information
  • Share with third parties (except legal requirements)
  • Use for unsolicited marketing
  • Create user profiles for advertising
  • Process any health or genetic data
  • Make automated decisions affecting individuals


Legal Basis for Processing (GDPR)

Processing Activity Legal Basis
Responding to inquiries Legitimate interest & consent
Security monitoring Legitimate interest
Legal compliance Legal obligation
Demo improvements Legitimate interest

4. Data Protection & Security

πŸ” Security Measures

πŸ”’ Encryption

TLS 1.3 for all data transmission

πŸ›‘οΈ Access Control

Role-based access with MFA

πŸ” Monitoring

24/7 security event logging

πŸ”„ Updates

Regular security patches

πŸ—„οΈ Backup

Encrypted backups

🚨 Incident Response

72-hour breach notification

5. Special Considerations for Genomic Data

🧬

Important: This Demo Does NOT Process Real Genomic Data

While this demonstration showcases genomic analysis concepts, it does not actually collect, process, or store any real genetic information. All variant data shown is synthetic and for illustration purposes only.

If This Were a Production Platform, We Would:

  • HIPAA Compliance: Full compliance with Health Insurance Portability and Accountability Act
  • GINA Compliance: Adherence to Genetic Information Nondiscrimination Act
  • De-identification: Remove all 18 HIPAA identifiers from genomic data
  • Consent Management: Explicit consent for each use of genetic data
  • Data Minimization: Process only necessary genetic variants
  • Right to Deletion: Complete removal of genetic data upon request
  • Encryption: AES-256 encryption at rest and in transit
  • Access Logging: Complete audit trail of all genomic data access
  • Data Residency: Store data in user's chosen jurisdiction
  • Research Ethics: IRB approval for any research use

6. Your Privacy Rights

Under GDPR (European Users)

Right Description How to Exercise
Access Request copy of your data Email with identity verification
Rectification Correct inaccurate data Contact form or email
Erasure Delete your data Email with specific request
Portability Receive data in portable format Request JSON export
Restriction Limit processing Email with details
Object Object to processing Email with reasoning

Under CCPA (California Users)

  • βœ“ Right to know what personal information is collected
  • βœ“ Right to know if personal information is sold or disclosed
  • βœ“ Right to say no to the sale of personal information
  • βœ“ Right to access personal information
  • βœ“ Right to request deletion
  • βœ“ Right to equal service and price

Note: We do not sell personal information to third parties.

How to Exercise Your Rights

  1. Submit request via our contact form or email
  2. Provide sufficient information to verify your identity
  3. Specify which right(s) you wish to exercise
  4. We will respond within 30 days (GDPR) or 45 days (CCPA)

7. Regulatory Compliance

πŸ‡ͺπŸ‡Ί GDPR Compliance

  • Lawful basis for processing
  • Data minimization
  • Purpose limitation
  • Privacy by design
  • Data Protection Officer available

πŸ‡ΊπŸ‡Έ US Privacy Laws

  • CCPA compliance (California)
  • COPPA compliance (children)
  • State privacy law adherence
  • Do Not Track honored
  • No HIPAA data processed

🌍 International Standards

  • ISO 27001 principles
  • Privacy Shield principles
  • Cross-border transfer safeguards
  • Standard Contractual Clauses
  • Adequacy decisions respected

Age Restrictions

This platform is not intended for children under 18. We do not knowingly collect personal information from minors. If we learn we have collected information from a child under 18, we will delete it immediately.

8. Contact Information

Privacy Questions

For privacy-related questions, data requests, or to exercise your rights:

Contact Privacy Team

9. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated through:


Continued use of our platform after changes indicates acceptance of the updated policy.

Important Reminder

AlleleAI.com is a demonstration platform only. Do not submit any real genetic data, patient information, or confidential research data. This privacy policy applies only to the demonstration platform and domain acquisition process.

Any future production use of this domain would require a comprehensive privacy policy appropriate for handling sensitive genomic and health data.