I. What Data We Collect
In the course of your use of our Services, we may collect the following types of information:
Payment Information: In order to pay for services you may be required to submit payment information, such as a credit card number and billing address.
Account Information: In the course of registering an account or subsequently, we may ask you to provide information such as your name, employer, email address or phone number.
User Activity Information: We may keep logs of your activity as you use our Services, for example, which pages you visit, when you start a task, or what calls are made to our API. We may also track user activity on our site using third-party services such as Google Analytics, Fullstory, and Appcues.
Other User Provided Personal Information: You may provide information to us via other communications with our team, for instance emails exchanged with our support team or suggestions submitted via a feedback form.
Submitted Data: You may provide us sequencing data derived from a human or other organism, for instance by uploading a BAM file or FASTQ file.
Submitted Metadata: When you provide us Submitted Data, that Submitted Data will usually be accompanied by associated metadata describing the Submitted Data, which may include information about the subject(s) of the sequencing data, for instance phenotype or population statistics.
II. What We Do With It
On the basis of your consent, we may use your Account Information to contact you about your use of our Services, for instance to let you know a task has completed, or to otherwise inform you about our Services, for instance by letting you know about changes or improvements to our offerings. In addition, if your email address is associated with a Gravatar, we may pull that Gravatar for display on our platform. Your Account Information may be stored on our behalf on third-party cloud infrastructure provider Amazon Web Services (AWS), a service provided by Amazon Web Services Inc.
We may use User Activity Information, Account Information and Other User Provided Personal Information to maintain, improve and better understand usage of our Service, on the basis of our legitimate interest in ensuring your data, our other clients’ data, and our systems are secure, in developing our Service to better serve you and other clients, and in managing and developing our business. In some cases, we may also be required to retain this information in order to meet our legal obligations.
We store and process Submitted Data and Submitted Metadata on your behalf, for instance when you run a pipeline on your data. If you consent, we may also access and process your Submitted Data and Submitted Metadata in order to provide support to you, for instance by running a few tests on your data for debugging purposes if your task fails. Your data is processed on your selected cloud infrastructure provider, either AWS or Google Cloud Platform (GCP), a service provided by Google LLC,and stored on their servers in encrypted form. You can find more information about Amazon Web Services’ security practices and Google Cloud Platform’s security online.
If you explicitly so choose (see “Controlling Your Data” below), we may share your Submitted Data and some elements of your Account Information with other users to whom you have granted permission to participate in your project. Your name and institutional affiliation may also be shared automatically with users who have granted you project permissions.
Seven Bridges may disclose your data if disclosure of your data to third parties is necessary to respond to a lawful request by public authorities, including to meet national security or law enforcement requirements, or if, at our sole discretion, we believe this is necessary in order to meet any legal requirement or enforceable governmental request or to identify, contact, or bring legal action against someone who may (either intentionally or unintentionally) be causing injury to or interference with our rights or property, users of our Service, or anyone else who could be harmed by such activities.
In addition to the potential transfer of data to the third-party services we mentioned in the previous sections, we may also transfer any and all information we collect from users to a third party in the event of any corporate reorganization, merger, sale, joint venture, assignment, transfers, or other disposition of all or any portion of Seven Bridges Genomics businesses, assets, or stock.
ANY transfers of European citizen personal data outside of the European Union, including transfers to Seven Bridges affiliates or subsidiaries, will only be transferred if a legal basis for such transfer exists (as is required under Articles 46, 47 and 49 of the General Data Protection Regulation). For example, our team members in Serbia may have access to your data to provide customer support. Such access will be governed by contractual provisions between Seven Bridges Genomics Inc. and its subsidiary in Belgrade that include the E.U. Model Clauses. Any transfers of data European Citizen to the United States are done under the basis that we subscribed to the E.U.-U.S. Privacy Shield (more information below).
V. Controlling Your Data
Seven Bridges Genomics Inc. complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. Seven Bridges Genomics Inc. has certified that it adheres to the Privacy Shield Principles with respect to such data. As described above, we may share Personal Data, as defined in the EU’s General Data Protection Regulation (GDPR) with service providers we have retained to perform services on our behalf, when such service providers are (a) subject to GDPR, the UK’s Data Protection Act 2018, or the Swiss Federal Act on Data Protection, as applicable, (b) subscribe to the Privacy Shield principles or (c) contractually agree to provide at least the same level of protection for Personal Data as is required by the relevant Privacy Shield Principles. In the context of such an onward transfer to a third party, Seven Bridges has responsibility for and may be liable for the processing of personal information it receives pursuant to the EU-U.S. Privacy Shield and Swiss-US Privacy Shield and subsequently transfers onward.
In compliance with the Privacy Shield Principles, Seven Bridges Genomics Inc. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Seven Bridges Genomics Inc. at:
You may also contact our subsidiary Seven Bridges Genomics UK Ltd. by mail at:
Oury Clark Solicitors
10 John Street
London WC1N 2EB
Seven Bridges Genomics Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the BBB National Programs, Inc. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Seven Bridges and our commitments under the Privacy Shield program are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
VI. Further Information
Links to Third Party Sites
Questions, Comments, and Complaints