What personal data we collect and why we collect it
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Genetic data uploaded to the website is stored in an encrypted storage system. It can only be accessed by the user account that uploads it. If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
How long we retain your data
Genetic data and data related to your user profile are encrypted, and stored on Amazon Web Services (AWS).
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you, including genetic data that you have uploaded for yourself and on behalf of your clients. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Your data is stored securely and encrypted on the Amazon Web Services platform, at the Toronto data facility. No data that you provide us is sent to external, third parties or analytic services. Genetic data does not leave our platform, and is deleted as soon as we no longer require it to provide services to you.
Your personal information and genetic data
How we protect your data
We keep your personal data only as long as necessary to provide you with the Service and for legitimate and essential business purposes, such as:
- maintaining the performance of the Service
- making data-driven business decisions about new features and offerings
- complying with our legal obligations
- resolving disputes
If you close or request that we close your account, we’ll delete or anonymise your personal data so it no longer identifies you, unless we’re required to keep something or we still need to use it for a legally justifiable reason.
Here are some examples of situations where we’re legally allowed or required to keep some of your personal data:
- if there’s an unresolved issue relating to your account, such as an outstanding credit or unresolved claim or dispute
- for our legal, tax, audit and accounting obligations
- for our legitimate business interests such as fraud prevention or to maintain security.
What data breach procedures we have in place
We’re committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data. However, be aware that no system is ever completely secure.
We have implemented various safeguards including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
To protect your user account, we encourage you to:
- use a strong password that is unique to your account
- never share your password with anyone
- limit access to your computer and browser
- log out once you have finished using the Service on a shared device
- read more detail on protecting your account
Due to the nature of the data on the website and platform, you are not permitted to share your login details with others, including friends, family members, colleagues or other associates. It’s your responsibility to protect your identity and the identities of your customers and clients by not allowing others to access your account.