Last Update : 31 August 2022
This policy sets out the basis on which DAOGenics Ltd. (collectively “DeBio”, "we", “us” and ”our”) collect personal data from you and how we process such data.
Your privacy is important to us. It is DeBio's policy to respect your privacy and comply with any applicable law and regulation regarding any personal data we may collect about you, including any data you may provide through this Application when you sign up to or purchase a service or product.
By visiting, accessing, or using our platform, website, and services (“Services”) or any other applications or software we provide from time to time (collectively our "Application"), you accept and consent to the practices set out below. Further, you acknowledge that every personal data that you have provided or will provide is yours to share and is true and accurate.
1.1 Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
1.2 For the purposes outlined in Clause 2, we may collect, use, store, and transfer the following personal data about you:
(a) information you give us – information that you provide us (which may include identities of genetic analysts involved in the delivery of the Services such as profile picture, first name, last name, username or similar identifier, email and phone number, date of birth and gender) by filling in forms on our Services or in our Application, or by corresponding with us (by phone, email or otherwise), for example:
(i) when you register for an account with us for our Services or Application;
(ii) when you make payment for using our Services or Application;
(iii) when you report any problem to us;
(iv) when you use certain features on our Services or in our Application;
(v) when you request any support from us; or
(vi) when you complete any survey or questionnaire we send you.
(b) information we collect about you – information automatically collected when you visit or use our Services or Application, includes but not limited to:
(i) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your log-in information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
(ii) the content, communications, and other information that you provide or share;
(iii) all communication that you made when you are using the Services or Application; and
(iv) information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our Services or Application (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
1.4 Please note that labs will collect your genetic samples to provide test results as part of the Services. However, the labs do not have access to data that may identify to whom such samples belong to.
2.1 We will only use your personal data when the law allows us to. Most commonly, we use your personal data for the following purposes or circumstances:
In relation to the Services and Application
(a) Request Service, Request Test, and Genetic Analysis Service include providing you with and granting you access to our Services and Application, including to make suggestions and recommendations to you relating to the Services and Application, and processing your orders;
(b) improving and developing our Services and Application;
(c) researching, designing and launching new features or products;
(d) presenting content and information on our Services or in our Application in the most effective manner for you and for the device you use;
(e) providing you with alerts, updates, materials or information about our services or other types of information that you requested or signed up to;
(f) providing customer service and support to you in relation to your use of our Services and Application;
(h) communicating with you and responding to your questions or requests;
(i) handle complaints made by or related to you in connection with the Service or Application, which will be stored to prevent and detect fraud, infringement, and other potential misuse;
(j) for direct marketing purposes (please see further details in Clause 2.3 below);
2.2 Your personal data will not be further processed in a manner that is incompatible with the purposes in Clause 2.1. above. Please be aware that we may combine information we collect about you with general information or research data we receive from other trusted sources.
(b) complying with laws and regulations applicable to us in or outside of Indonesia;
(c) responding or taking part in legal proceedings, including seeking professional advice;
(e) fulfill any legal, regulatory and compliance requirements that apply to us and our Services and Application based on the applicable laws and regulations, as well as compliance with applicable agreements relating to the implementation of our Services and Application;
(f) implement the instructions or policies of the government, regulatory bodies, or authorized agencies;
(g) carry out our obligations in relation to any agreement with our business partners or contractors;
(h) process our internal process such as audit and taxation matters;
(i) conduct surveys, research, evaluations, data analytics, academic study and/or product or services development, either by us or other third parties; and
(j) purposes directly related or incidental to the above.
2.3 We intend to use your personal data in direct marketing (i.e., offering or advertising products or services by sending the relevant information directly to you). For the purpose of this clause:
(a) the personal data that may be used in direct marketing are those that you provide to us or we collect from you under Clause 1.1 above;
(b) the type of Services that may be offered or advertised will be determined by us from time- to-time;
(c) the relevant data may be sent to you by us;
(d) you may opt out any time by sending a written request to the contact provided in Clause 11. We will cease to send you marketing information without charge.
3.1. We will keep your personal data that we hold confidential but you agree we may provide your personal data to:
(a) personnel, agents, advisers, auditors, contractors, financial institutions, and service providers in connection with our Services and/or Application (for example staff engaged in the fulfilment of your request, the processing of your payment, and the provision of support services);
(b) our overseas offices, affiliates, business partners, market researchers, and counterparts (on a need-to-know basis only);
(c) persons under a duty of confidentiality to us;
(d) the relevant parties where we are anticipating or exercising corporate actions such as mergers, acquisitions, transfer out of the Services, sell or transfer all or a portion of our business or assets, or in the unlikely event of bankruptcy or insolvency;
(e) persons to whom we are required to make disclosure under applicable laws and regulations in or outside of Indonesia, such as, tax authorities, regulators, and other authorities based in Indonesia who require reporting of processing activities in certain circumstances;
(f) actual or proposed transferees of our operations (or a substantial part thereof) in or outside of Indonesia;
3.2. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. In addition, at our sole discretion, we will reasonably audit algorithm or other automated program to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. Please note that the end-user’s datasets will remain in our Network’s Privacy Cloud Storage.
(a) managing and customizing your experience on the Services or Application;
(b) analysing trends and improving our Services or Application for our users; and
(c) delivering content tailored to your interests and the manner in which you browse our Services or Application.
Any other information is anonymized and/or aggregated to produce statistical reports that enable us to evaluate the use of our Services or Application; and to make improvements to, and increase efficiency when you browse our Services or Application.
4.2 We use first party cookies that are set by us. Cookies are small files which are placed on your computer when you access a website or app – amongst other things, they help the website user to navigate efficiently between pages and the website operator to track usage of the site.
Our Services or Application or our communication with you may from time to time contain links to third-party websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites understand your rights. We accept no responsibility or liability for any practices of third-party websites.
6.1 If a password, a private key, or a secret phrase (collectively “password”) is used to help protect your accounts and account information, it is the responsibility of you to keep the password confidential.
6.2 We use reasonable and commercially acceptable technical, administrative, and physical security measures for the purpose of safeguarding all information you shared with us and preventing the loss, theft, misuse or unauthorized access, disclosure, copying, use, or modification of personal data by unauthorized parties.
6.3 Regardless of the steps and precautionary actions that we take, unauthorized entry or use, and hardware or software failure, may happen and compromise the security of personal data. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, even though we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
6.4 You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our Services. We will notify you, which may include through electronic means, of any unauthorized access to your personal data that we process and store.
6.5 Further, we are not liable to nor can we fully control the actions of other users with whom you may choose to share your information. You hereby acknowledge that we are not responsible, in particular, for any third-party action or action on your part leading to loss, damage or harm to you or any other person. Further, we will not be liable for any loss incurred by you for any information loss or theft due to unauthorized access to your electronic devices through which you avail our Services or Application.
7.2 Your personal data is stored in decentralized systems, including but not limited to DeBio Blockchain Network and Interplanetary File System, and other data storage infrastructures that we use to provide the Services and Application. When you are using our Services or Application, your personal data may also be stored or processed outside of your country by our personnel who work for us in other countries, or by our third-party service providers, vendors, suppliers, partners, contractors or affiliates.
8.1 Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:
(a) withhold your personal data from us, with the understanding that your experience of our Application may be affected;
(b) check whether we hold personal data about you;
(c) access any personal data we hold about you;
(d) require us to correct inaccurate, out of date, incomplete, irrelevant, or misleading personal data we hold about you;
(e) to the extent permissible under applicable laws and technologically feasible taking into account reasonable implementation costs, require us to “delete” any personal data we hold about you by deleting all keys that enable decryption of that data, but please be aware that the encrypted data would remain permanently on the blockchain due to its immutable nature of data,
by sending your request in writing to the contact provided in Clause 11 and provide us with your valid proof of identity along with the personal data you wish to check, access or correct.
8.2 Any such request may be subject to a small administrative fee to meet our cost in processing your request.
8.4 If you have previously agreed to us using your personal data for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications. Please be aware we may need to request specific information from you to help us confirm your identity.
8.5 If you believe that we have breached a relevant data protection law or regulation and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
8.6 We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.