STOmics STOmics

EN CN

Privacy Policy


Thank you for your trust on the STOmics (URL: https://en.STOmics.tech/ , hereinafter referred to as "this Website" or "STOmics"). As a website providing spatio-temporal omics analysis services to users all over the world, GCATbio Co., Ltd. (address: NO.118, Xicheng Road, Jintan District, Changzhou, Jiangsu, China, hereinafter referred to as we", ”us”, ”our”) respects your privacy and protects your personal information (“PI”) in accordance with applicable laws and regulations. We will explain to you how we will process your PI and how you exercise your rights in the process of using this Website, so as to better protect your rights as the subject of personal information in this STOmics Website Privacy Policy (hereinafter referred to as "this Policy").

Please read and understand this Policy carefully before you register and use this Website. In particular, please pay attention to the terms marked in bold to ensure that you fully understand and agree to the rules for processing your PI before using this Website. Unless otherwise provided by laws and regulations, if you continue to use this Website after we update this Policy, you are bound by the terms and conditions of this Policy (including the updated version).

Content

I. how We Collect and Process PI

II. How We Share, Transfer and Disclose PI

III. Exceptions for Processing PI with Prior Consent

IV. Cookies

V. How We Store PI

VI. How We Ensure the Safety of PI

VII. How We Protect Your Rights

VIII. How We Process Children’s PI

IX. Application of This Policy

X. Update

XI. Contact Us

I. How We Collect and Process PI

1. Registration If you register as a user of this Website, you need to at least provide us with your name, email address, your own password, organization, country/region and research interest for us to analyze the research fields to complete user registration and login. At the same time, you can also provide us with your mobile phone number, and the verification code for email verification and your retrieve the password when the password is lost. This Website provides a visitor mode, in which you can browse this website without registration.

 2. Network and information security In order to improve the security of the network and information when you use our services, more accurately prevent website fraud and protect account security, we may collect and process your network behavior (such as click frequency) log information, IP address information of accessing this Website, access time and other data to ensure the security of your information and account when you use this Website.

II. How We Share, Transfer and Disclose PI

1. We only share your PI with the following circumstances:

1) We have obtained your prior consent or authorization.

2)In order to ensure the global uniqueness of your STOmics ID and provide you with smooth access to STOmics Cloud services, websites or other website that allow you to log in with STOmics ID (STOmics Websites), we share your PI(including email address, password, the verification code, name, mobile phone number, country / region, organization and research interest)to operators of STOmics Website globally. If you do not agree to share your PI with global STOmics Websites operators, you may need to register and log in to STOmics Websites separately.

(STOmics ID is the account you use to access and use STOmics Cloud services, websites or other website that allow you to log in with.)

3) We may share your PI with third parties such as partners. However, we will only share your PI for legal, legitimate, necessary, specific, and clear purposes, and only share the PI necessary to provide services. Our partners are not authorized to use the shared PI for any other purpose. Our partners include suppliers, service providers and other partners. We will share information to suppliers, service providers, email verification service providers, consultants or agents and other partners supporting our business to support the services on this Website. These supports include providing technical infrastructure services, providing customer services, providing mailbox verification services, and providing legal advisory services. We require these service providers to use your information only for the purpose of providing services to us, and not for their own interests.

4) Sharing PI belongs to "the circumstances specified in [III. Exceptions for Processing PI with Prior Consent]". We will sign strict confidentiality agreements / terms with the third parties to require them to process PI in accordance with our instructions, this Policy and take any other relevant confidentiality and security measures. In the use of personal sensitive data, we require third parties to adopt data desensitization and encryption technology to better protect your personal information.

2. Transfer We will not transfer your PI to any company, organization or individual, except for the following circumstances:

1) We have obtained your prior consent or authorization.

2) If we need to transfer PI due to merger, division, dissolution, or bankruptcy, we will inform you of the name or contact information of the recipient. We will require the receiving party to continue to comply with this N Policy otice and other legal obligations. If the receiving party changes the original processing purpose and processing method, it will obtain your consent again.

3) The transfer of PI belongs to "the circumstances specified in [III. Exceptions for Processing PI with Prior Consent].

3. Disclosure We will only publicly disclose your PI under the following circumstances and adopting industry-standard safeguard measures:

1) We have obtained your separate consent or authorization in advance.

2) If your PI must be provided according to the requirements of applicable laws, mandatory administrative law enforcement or judicial requirements, we may publicly disclose your PI according to the type and disclosure method of PI required.

3) The public disclosure of PI belongs to "the circumstances specified in [III. Exceptions for Processing PI with Prior Consent]".

III. Exceptions for Processing PI with Prior Consent

The processing of PI includes the collection, storage, use, processing, transmission, provision, disclosure, and deletion. Please be aware that in the following scenarios, we do not need your consent to process PI: 

1. Necessary for the conclusion and performance of a contract to which an individual is a party; 2. Necessary for the performance of legal duties or legal obligations or in response to a legal process or request from a competent authority according to applicable laws;

3. Necessary for responding to public health emergencies or protecting the life, health and property safety of natural persons in emergencies;

4. Processing PI that is disclosed by yourself or other legally disclosed PI within reasonable purpose;

5. Other circumstances stipulated by applicable laws.

IV. Cookies

In order to ensure the normal operation of this Website, this Website stores small data files of cookies on computers or mobile devices. Cookies are plain text files stored on a computer or mobile device by a network server. The contents of a cookie can only be retrieved or read by the server that created it. Each cookie is unique to your web browser or mobile application. Cookies usually contain identifiers, site names, and some numbers and characters. With the help of cookies, the website can store user preferences and other data to improve the user experience. We use cookies for the following purposes:

1. With cookies, the Websites can save settings, such as language, font size and other browsing preferences of computers or mobile devices. This means that users do not need to reconfigure user preferences each time they visit.

2. User login authentication. When you visit this Website, we will generate a separate ID for you and record the user ID, organization identity, login status, name, email address and mobile phone number to identify your identity.

3. "Session cookie" is used to track your input when submitting online data and allow the system to identify users between pages or selections. We also use session cookies to provide the information you request through actions such as clicking a button or filling out a web form. Session cookies always expire after the browsing session ends. In most cases, you can manage cookie preferences by adjusting settings on your browser to disable cookies and other data collection technologies. Please note that if you choose to delete or reject cookies, or clear local storage, it may affect the function, availability, and performance of this Website.

V. How We Store PI

1. Location We will store your PI collected within the People's Republic of China (“China”) in the private cloud server of the national gene bank located in China in accordance with the provisions of applicable laws, and strictly keep these information confidential according to laws. If it is necessary to provide PI outside China due to business necessity, we shall strictly abide by the relevant provisions of applicable laws and regulations. Your PI collected from outside China will be stored on Aliyun cloud server in Hong Kong. In this case, when we transfer your PI to other countries / regions, we will take reasonable measures to ensure strict compliance with applicable laws.

2. Period For the information you provide during user registration, price consultation and your weblog information, we store such PI within the necessary period to provide you with services on this Website. If you deactivate your account, we may continue to store your PI for a necessary period of time for reasons such as system security and file management, and delete it in time when it is no longer necessary to continue to store, except for those that need to be retained according to applicable laws. For the sequencing and analysis data generated based on slice samples and the gene sequencing data, slice image data and other analysis related data you actively provide, we will retain your PI based on the shortest time required to provide you with relevant sequencing and analysis services, except those that need to be retained in accordance with applicable laws. After the expiration of the retention period, we will delete or anonymize your PI, unless it needs to be retained according to applicable laws. If we terminate the service or operation, we will notify you in advance and delete or anonymize your PI after the termination of the service or operation, unless otherwise required by applicable laws or required to retain your PI in order to fulfill our compliance obligations.

VI. How We Ensure the Safety of PI

This Website uses security protection measures in line with industry standards to protect your personal information, avoid unauthorized or illegal access, utilization, processing, or modification of the PI you provide, and avoid infringement or disclosure of the above personal information. In case of PI security incidents, we will promptly inform you by e-mail in accordance with the requirements of laws and regulations: the basic situation and possible impact of security incidents, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce risks, and the remedial measures for you. When it is difficult to inform personally, we will take a reasonable and effective way to publish the announcement and report the disposal of users' PI security events according to the requirements of the regulatory authorities.

VII. How We Protect Your Rights

In accordance with applicable laws, scientific research norms and ethical principles, we guarantee you to exercise the following rights to your PI. In addition, if applicable laws provide that you have other rights to your PI, we will also strictly abide by the provisions of applicable laws.

1. Access, correct and supplement Unless otherwise stipulated by laws and regulations, you have the right to access the "personal data" interface of this Website to access, correct and supplement your PI.

2. Delete You can request us to delete your PI in the following cases:

1) If you withdraw your consent; 2) If our processing purpose has been achieved, cannot be achieved or is no longer necessary to be achieved; 3) If you deactivate your account, or we stop providing products or services, or the storage period has expired; 4) If we deal with your PI in violation of laws, administrative regulations or agreements; 5) Other circumstances stipulated by applicable laws.

3. Deactivate You can deactivate your registered account at any time. After the account is deactivated, the website will stop providing you with products or services, your PI will be deleted or reasonable measures specified by applicable laws will be taken, and the account cannot be recovered after the account is deactivated. It is recommended that you make a backup, unless otherwise specified by laws and regulations.

4. Withdrawal You may withdraw your consent. When you withdraw your consent, we will no longer process the corresponding PI. However, your decision to withdraw your consent will not affect the previous PI processing based on your consent.

5. Responses You can contact info_global@stomics.tech to exercise your rights. For security, you may need to provide a written request or otherwise prove your identity. We may need to ask you to verify your identity before processing your request. We usually reply within 15 working days. We may not be able to respond to your request if the request is:

1) related to our performance of our obligations under laws and regulations; 2) directly related to national security and national defense security; 3) directly related to public safety, public health and major public interests; 4) directly related to criminal investigation, prosecution, trial and execution of judgment; 5) we have sufficient evidence to show that users have subjective malice or abuse of rights; 6) for the purpose of safeguarding the life, property and other major legitimate rights and interests of users or other individuals, but it is difficult to obtain their own consent; 7) responding to the user’s request will cause serious damage to the legitimate rights and interests of the user or other individuals and organizations; 8) involving trade secrets.

VIII. How We Process Children’s PI

1. The definition of children in this Policy will be determined in accordance with applicable laws. According to relevant laws and regulations of China, children refer to minors under the age of 14, and their PI belongs to sensitive PI.

2. Our services are generally for adult researchers. If you are a child under applicable laws, your guardian should read this Policy. You can use our services or provide us with your PI with the consent of your guardian. In the case of collecting your information with the consent of your guardian, we will process your PI under the following circumstances: where permitted by applicable laws and regulations, or with the explicit consent of the guardian, or in order to protect the rights and interests of the child’s PI.

3. If a child uses the services of this Website and provides PI without the consent of the guardian, the guardian has the right to contact us and refuse to further process the child's PI, or ask this Website to delete the child’s PI, and we will try to delete the relevant PI as soon as possible.

Ix. Application of this Policy

1. This Policy is only applicable to the services provided on this Website. If you jump to this Website through a third party or visit a third party's website through this Website and use the services provided by it, the commitment made by the third party's privacy notice has nothing to do with this Website. Please note that we have no control over the products, services or PI processed by third parties. 

2. The protection of your PI in the process of using third-party products or services does not apply to this Policy. This Policy also does not apply to any information you choose to provide to third parties. It is recommended that you consult or contact such third parties to obtain details about their privacy policy. If you find that these web pages created by third parties or applications developed by third parties are at risk, it is recommended that you terminate relevant operations to protect your legitimate rights and interests.

X. Update

1. In order to provide you with better service and with the development of our business, this Policy will be updated. Without your consent, we will not reduce your rights under this Policy. We will issue an updated version through this Website and remind you of any updates to this Policy through website announcements or other appropriate ways.

2. For material changes, we will also provide more significant notices (we may explain the specific changes of this policy by including but not limited to email, SMS or special notices on the website page).

3. Material changes referred to in this Policy include but are not limited to:

1) Significant changes have taken place in our service model. Such as the purpose of processing PI, the type of PI processed, the processing method of PI, etc.; 2) We have undergone significant changes in ownership structure, organizational structure, etc. Such as owner change caused by business adjustment, bankruptcy, M & A, etc.; 3) The main objects of PI sharing, transfer or public disclosure have changed; 4) Significant changes have taken place in your right to participate in PI processing and the way in which you exercise it; 5) When the responsible department, contact information and complaint channels responsible for ensuring PI security change; 6) When the PI protection impact assessment report indicates that there is a high risk;

4. We will also archive the historical version of this Policy for your reference.

XI. Contact Us

If you have any questions, comments, or suggestions about this Policy, you may send a written request to the address of the Space-time R & D group of GCATbio Co., Ltd. (address: NO.118, Xicheng Road, Jintan District Changzhou, Jiangsu, China) or email info_global@stomics.tech. Generally, we will reply within 15 working days.


cument.write(decodeURI("%3Cscript src='/1/94/visit_log?url=")+encodeURIComponent(document.location.href)+decodeURI("&referrer=")+encodeURIComponent(document.referrer)+decodeURI("' type='text/javascript'%3E%3C/script%3E"));