Effective Date: 25 May 2018
Biomatters Limited and its subsidiaries (“we” or
“Biomatters”) value the privacy of customers who use our products, cloud services and web
sites, and we make all commercially reasonable efforts to protect that privacy.
Information” is information about an identified or identifiable individual.
Cloud services include Biomatters services and applications available through the internet and hosted on remote servers managed by Biomatters, including the Geneious cloud services, the Geneious Biologics cloud services, the Geneious 16S Biodiversity cloud service, and Biomatters’ Genome Profiler and Melanoma Profiler applications.
Websites and customer support portals include biomatters.com, geneious.com, support.geneious.com, geneiousbiologics.com, and any related websites, sub-domains and pages.
2. Information You Provide
When you use our Services, we may collect the following information:
(a) Account and Profile Information
We collect information that you create, input, submit, post, upload, transmit, store or display (including Personal Information and/or sensitive information) in the process of using our Services, for example when you request customer support.
Please note that the user forums on our support.geneious.com website are open to any online viewer. Any information that you post in these locations can be read, collected and used by anyone, and could enable others to send you unsolicited messages. Biomatters is not responsible for any publication or use of any information, including but not limited to personal information, that you choose to post in these locations.
(c) Credit Card Information
We use a third party payment processor, Avangate Inc., for all transactions where you use a credit card to purchase our Services. The payment processor securely handles all credit card details and informs us whether transactions succeed or fail. We do not receive (and cannot store) any credit card information whatsoever at any time.
3. Other Information We Collect From Your Use Of Our Services
When you use our Services, we may also collect the following information:
(a) Web Logs
Like most websites and services delivered over the internet, we gather certain information and store it in log files when you interact with our websites, products and cloud services. This information may include internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, information about your computer or mobile device, and system configuration information. In the case of our products or cloud services, the URLs you accessed (and therefore included in our log files) may include usernames as well as other information (such as project names or sample information) necessary for the Service to perform the requested operations.
(b) Analytics Information
We and our analytics providers collect and store analytics information when you use our Services, to help us improve our products and services. This analytics information may consist of features and functions being used, the associated license key and domain name, the username and IP address of the individual using the feature or function, file sizes and filenames, and additional information about the operation of the function and which parts of the Service are being affected.
We also collect and compile usage data to understand broad patterns and trends in the use of our Services and the composition of our user base.
By default, our Geneious desktop software automatically contacts our servers to check for updates. This process is anonymous, but does include the type of license and version number of the software associated with the instance, and the operating system used.
With your permission, we may also collect non-personally identifying statistics about the functions you use in our Geneious desktop software, and how often you use them. The information we collect may include data types that you have imported into or exported from the Geneious software, buttons you have clicked, types of calculations you have run and computational time associated with those calculations. These usage statistics do not include Personal Information or the contents of your data that you process using the software. This usage tracking is an optional setting, and can be turned on and off at any time by following these steps:
- Go to Tools > Preferences.
- On the General tab, select ‘Send anonymous usage information’ to turn usage tracking on, or deselect it
to turn it off.
- Click OK.
The only time we may collect Personal Information during a user’s use of the Geneious software is in the
specific case where a user voluntarily submits the information as part of a support/feedback/crash
(c) Cookies and Other Tracking Technologies
(d) Software Updates and License Information
Our products and cloud services communicate with secure servers hosted by Amazon Web Services and/or our CRM providers Salesforce and Zendesk for licensing purposes and to check for software updates. Examples of information we collect for these purposes include the software version, license key, and IP address of the customer instance.
4. How We Use Information We Collect
We use the information we collect for a variety of purposes, including:
- To provide, operate, maintain, improve and promote our Services.
- To enable you to access and use our Services, including uploading, downloading, sharing and
collaborating on data.
- To process and complete transactions, and send you related information, including purchase confirmations
- To communicate with you, including contacting you electronically (e.g. by text or email) for the
purposes of responding to your comments, questions and requests, providing customer service and support,
providing you with information about our Services, features, surveys, offers, promotions, events and
other news, and sending you technical notices, updates, security alerts, and support and administrative
messages. You can opt out of receiving promotional communications.
- To monitor and analyze trends, usage, and activities in our Services.
- To investigate and prevent fraudulent transactions, unauthorized access to our Services, and other
- To protect and/or enforce our legal rights and interests, including defending any claim.
- For other purposes authorized by you or applicable privacy laws.
As described in Section 3(b), we also collect and compile usage data to understand broad patterns and trends
in the use of our Services and the composition of our user base, for the purposes of improving our Services
and to develop new products and services.
5. Information Sharing and Disclosure
We will not share or disclose any of your personal information or data with third parties except as described in this policy. We do not sell your personal information or data.
When you use some of our Services, you may grant permission to other users to access your information and data for the purposes of collaboration. Where this information and data is sensitive, you should use the security and privacy features of the Services to limit those who can access it.
You should also be aware that any administrator of your instance of our products or services may be able to access information in and about your account, disclose, restrict, or access information that you have provided or that has been provided to you when using your account, and control how your account may be accessed or deleted.
Where we work with third party service providers to provide hosting, back-up, storage, virtual infrastructure, payment processing, analysis or any other services, these third parties may have access to or process your information in the course of providing these services, but our agreements with these third parties do not provide them with any rights to use (other than for the purposes of providing their services to us), access or distribute any of your information or data.
We may disclose your information to a third party if we believe that disclosure is reasonably necessary
- to comply with any applicable law, regulation, legal process or government request,
- to enforce our agreements, policies and terms of service,
- to protect the security or integrity of our Services, or
- to protect Biomatters, our customers or the public from harm or illegal activities.
To the extent reasonably necessary, we may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to a third party, however, we will take reasonable steps to ensure that the third party is under industry standard obligations of confidentiality.
We may also share aggregated or anonymized information that does not directly identify you with the third parties described above.
6. Data Storage, Transfer and Security
We will take reasonable precautions to protect your personal information and data from loss, misuse, unauthorized access, disclosure, unauthorized alteration, destruction or other malfeasance.
We host data with hosting service providers in numerous countries including (where permitted under applicable privacy laws) the United States. The servers on which your information and data are stored are kept in controlled environments. While we make reasonable efforts to guard your information and data, no security system is impenetrable and due to the inherent nature of the internet as an open global communications system, we cannot guarantee that information, during transmission through the internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. In addition, we cannot guarantee that any information or data you store in our Services are maintained at levels of protection to meet specific needs or obligations you may have relating to that information or data.
We are committed to protecting the security of your information and data, and we make commercially reasonable efforts to ensure their security on our systems, including but not limited to the following:
- Your account passwords are protected by encryption, and only you (or anyone administering your account
on your behalf) have access to them.
- Your personal information and data stored in our systems are protected by various physical, electronic
and procedural safeguards. They are housed in a secure facility, and Biomatters and our infrastructure
service providers restrict physical and network access to this facility to select trained staff and
regularly evaluate our technologies, facilities, procedures and potential risks to maintain the security
and privacy of your data.
- Where possible, we employ industry standard SSL data encryption when we transfer your information and
data over the internet in the course of your use of our Services.
7. How Long We Retain Your Personal Information
We will retain your personal information for as long as is needed to fulfill the purposes outlined in this
other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete
or anonymize it. If this is not possible, for example because your personal information has been stored in
backup archives, then we will securely store your personal information and isolate it from any further
processing until deletion is possible.
8. Review and Correction Of Your Personal Information
At any time, you may review and correct your Personal Information in your user profile. Subject to certain
grounds for refusal set out in any applicable privacy laws, you may also request access to, or correction or
removal of your registration data and readily retrievable Personal Information from our systems, however we
reserve the right to provide technical support and software upgrades to registered users only. Before you
exercise these rights of access, correction and removal, we will need evidence to confirm that you are the
individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able
to change the Personal Information, we will make the correction. If we do not make the correction, we will
take reasonable steps to note on the Personal Information that you requested the correction.
Where we are entitled at law to do so, we may charge you our reasonable costs of providing to you copies of
your Personal Information or correcting that information.
9. Compliance With Privacy Laws and Regulations
You agree not to use our Services in a manner that would violate laws protecting an individual’s privacy
10. International Users
Biomatters may store your data and information (including Personal Information) in secure servers of its
trusted service providers in the United States, European Union and New Zealand when you agree to any terms
and conditions governing your use of the Services.
Where we use service providers based in the United States to support our provision of the Services, we use
service providers who have adopted the principles of the EU-US Privacy Shield, a framework which helps to
protect Personal Information transferred from the European Union to the United States. More information on
the EU-US Privacy Shield can be found at https://www.privacyshield.gov/Program-Overview and
the following sites of our service providers. See:
- Amazon Web Services: https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/
- Google: https://www.google.com/intl/en/policies/privacy/
- Salesforce: https://www.salesforce.com/company/privacy/
- Avangate: http://www.avangate.com/privacy-shield-policy.php
- Zendesk: https://www.zendesk.com/company/customers-partners/privacy-policy/
- Jira: https://www.atlassian.com/legal/privacy-policy
If you are using our Services from the European Union or other regions with laws governing data collection
and use, please note that you are agreeing to the transfer of your information to the United States and/or
New Zealand, unless an exception is agreed in writing.
Where we transfer any Personal Information to another territory, we will take all reasonable steps to ensure
that the Personal Information is subject to an equivalent standard of protection to that given to it in your
By providing your information to us, you consent to any transfer and processing in accordance with this
11. Legal Basis for Processing (EEA only)
If you are an individual from the European Economic Area (EEA), our legal basis for collecting and using the
personal information will depend on the personal information concerned and the specific context in which we
collect it. However, we will normally collect personal information from you only where:
- we have your consent to do so,
- where we need the personal information to perform a contract with you, or
- where the processing is in our legitimate interests (and not overridden by your data protection
interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to
collect personal information from you.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline
your consent at any time.
12. Additional Rights for Certain Territories
If you are from certain territories (such as the EEA), you may also have additional rights available to you
under applicable laws, these may include:
- Right of erasure: In certain circumstances, you may have a broader right to erasure of personal
information that we hold about you, for example if it is no longer necessary in relation to the purposes
for which it was originally collected.
- Right to object to processing: You may have the right to request that Biomatters stop processing your
personal information and/or to stop sending you marketing communications.
- Right to restrict processing: You may have the right to request that we restrict processing of your
personal information in certain circumstances, for example where you believe that the personal
information we hold about you is inaccurate.
- Right to data portability: In certain circumstances, you may have the right to be provided with your
personal information in a structured, machine readable and commonly used format and to request that we
transfer the personal information to another data controller without hindrance.
If you would like to exercise such rights, please contact us as described in Section 15 of this Policy. We
will consider your request in accordance with applicable laws. To protect your privacy and security, we may
take steps to verify your identity before complying with the request.
You may also have the right to complain to a data protection authority about our collection and use of your
personal information. For more information, please contact your local data protection authority.
13. Sensitive Information
We do not knowingly collect any sensitive personal information, for example racial, ethnic, political, or
religious information on our customers. Please do not submit any sensitive information through our websites
If you have reason to believe that sensitive personal information has been provided to us through the
websites or Services, please contact us, as described in Section 15, and we will use commercially reasonable
efforts to delete that information.
14. Changes and Updates
additional notice, such as adding a statement to a login screen or sending you an email notification. Please
15. Contact Us
we collect, or our use of your personal information, please contact