Privacy Policy

1. Overview

GeneOps Inc. ("GeneOps", "we", "us", or "our") operates as a B2B genomic intelligence infrastructure provider. This Privacy Policy describes how we collect, process, and protect data in connection with our services.

GeneOps is a data processor for genetic and health data submitted via our API. Partner organizations are the data controllers and are responsible for obtaining appropriate consent from their end users.

2. Data We Process

In the course of providing our services, we process the following categories of data:

• Genotype data — raw or processed genetic variant data submitted by partners for analysis
• API usage data — request logs, response metadata, and usage metrics for billing and reliability purposes
• Contact information — name and email address for partner accounts and correspondence
• Technical data — IP addresses, browser type, and access timestamps for security and debugging

3. Legal Basis for Processing (GDPR)

Where the GDPR applies, we rely on the following legal bases:

• Contract performance — to deliver the services described in the partner agreement
• Legitimate interests — for security monitoring, abuse prevention, and service improvement
• Legal obligation — where required by applicable law
• Consent — where processing is based on explicit consent, including for special category data such as genetic information

Processing of genetic data constitutes processing of special category data under Article 9 GDPR. Partners must ensure an appropriate legal basis and, where required, explicit consent from data subjects before submitting genetic data to our services.

4. How We Use Data

We use the data we collect to:

• Deliver analysis outputs in response to API requests
• Operate, maintain, and improve the platform
• Monitor for security incidents and prevent abuse
• Communicate with partners about the service
• Comply with legal obligations

We do not sell personal data. We do not use genetic data to train machine learning models beyond the explicit scope of delivering the requested analysis. We do not share genetic data with third parties.

5. Data Retention

Genotype data submitted for analysis is retained only for the duration necessary to process the request and deliver the response. It is not stored beyond this window unless explicitly required by the partner agreement or applicable law.

API usage logs are retained for up to 12 months for debugging, billing, and security purposes. Partner account data is retained for the duration of the partner relationship and deleted upon request following contract termination.

6. Data Subject Rights

Where the GDPR or other applicable privacy law applies, individuals have the right to:

• Access — request a copy of personal data we hold about them
• Rectification — request correction of inaccurate data
• Erasure — request deletion of personal data ("right to be forgotten")
• Restriction — request that we restrict processing of their data
• Portability — receive their data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests

Requests from end users of partner products should be directed to the relevant partner (the data controller). GeneOps will assist partners in responding to such requests as required by law.

7. Security

We implement technical and organizational measures to protect the data we process, including encryption in transit and at rest, strict access controls, and regular security reviews. We follow responsible disclosure practices and maintain an incident response process.

8. Cookies

Our public website uses minimal, essential cookies for basic functionality. We do not use tracking cookies or third-party advertising technology on geneopsgroup.com.

9. International Transfers

GeneOps is incorporated in Delaware, USA. Data may be processed in the United States. Where personal data is transferred from the EEA, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V, including Standard Contractual Clauses where applicable.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to partners via email. The date of the most recent revision is shown at the top of this page.

11. Contact

For privacy-related questions or to exercise your rights, contact us at hello@geneops.ai.

GeneOps Inc.
Delaware, USA