Privacy Policy

This privacy policy ("policy") will help you understand how EDITGENE ("us", "we", "our") uses and protects the data you provide to us when you use our services ("service").

We reserve the right to change this policy at any given time, of which you will be promptly updated. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page.

What User Data We Collect

When you contact us, we may collect the following data:

·Your contact information and email address.

·Your project information such as gene, cell line, cell line engineering design, etc.

·

Why We Collect Your Data

We are collecting your data for several reasons:

·To better understand your needs.

·To improve our services and products.

·To send you promotional emails containing the information we think you will find interesting.

·To contact you to discuss the solution for your need.

Restricting the Collection of your Personal Data

At some point, you might wish to restrict the use and collection of your personal data. You can contact us via email and we will be more than happy to change the setting as you request .

EDITGENE will not lease, sell or distribute your personal information to any third parties. We might do so if the law forces us. Your personal information will be used when we need to send you promotional materials if you agree to this privacy policy.

Data storage

All personal date will be stored in the hard drive of the marketing department. The should strictly follow our Removable Media Policy and Data Destruction Policy.

Data Classification Policy

The purpose of this data classification policy is to provide a system for protecting information that is critical to company and clients. All workers who may come into contact with confidential information are expected to familiarize themselves with this data classification policy and to consistently use it.

1. SCOPE

This policy affects all employees, including board members, investors, contractors and volunteers, who may have access to company data.

2. POLICY

The organizations data classification system has been designed to support the need to know so that information will be protected from unauthorized disclosure, use, modification, and deletion. Consistent use of this data classification system will facilitate business activities and help keep the costs for information security to a minimum. Without the consistent use of this data classification system, EDITGENE unduly risks loss of customer relationships, loss of public confidence, internal operational disruption, excessive costs, and competitive disadvantage.

Applicable Information : This data classification policy is applicable to all information in the EDITGENE possession. For example, project details on clients, confidential information from suppliers, business partners and others must be protected with this data classification policy. No distinctions between the word data , information, knowledge, and wisdom are made for purposes of this policy.

Consistent Protection : Information must be consistently protected throughout its life cycle, from its origination to its destruction. Information must be protected in a manner commensurate with its sensitivity, regardless of where it resides, what form it takes, what technology was used to handle it, or what purpose(s) it serves. Although this policy provides overall guidance, to achieve consistent information protection, workers will be expected to apply and extend these concepts to fit the needs of day-to-day operations.

CLASSIFICATION LABELS

Public : This classification applies to information that is available to the general public and intended for distribution outside the organizations. This information may be freely disseminated without potential harm. Examples include product and service brochures, advertisements, job opening announcements, and press releases.

For Internal Use Only : This classification applies to all other information that does not clearly fit into the other classifications. The unauthorized disclosure, modification or destruction of this information is not expected to seriously or adversely impact the organization, its clients, its employees, or its business partners. Examples include the company telephone directory, new employee training materials, and internal policy manuals.

Confidential : This classification applies to information that is intended for use within the organization. Its unauthorized disclosure could adversely impact the organization, its clients, its employees and its business partners. Information that some people would consider private is included in this classification. Examples include client information (except that which is restricted confidential), data provided by client, client project details, client’s buying records, department financial data, purchasing information, vendor contracts.

Restricted Confidential : This classification applies to the most sensitive data and business information that is intended strictly for use within the organization. Its unauthorized disclosure could seriously and adversely impact the organization, its clients, its employees and its business partners. For example, client’s project report. Other examples are merger and acquisition documents, corporate level strategic plans, and litigation strategy memos.

D ata P rotection P olicy

EDITGENE’s Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.

With this policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights.

3. SCOPE

This policy refers to all parties (employees, job candidates, customers, suppliers etc.) who provide any amount of information to us.

Employees of our company and its subsidiaries must follow this policy. Contractors, consultants, partners and any other external entity are also covered. Generally, our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.

4. POLICY ELEMENTS

As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data etc.

Our company collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.

Our data will be:

l Accurate and kept up-to-date

l Collected fairly and for lawful purposes only

l Processed by the company within its legal and moral boundaries

l Protected against any unauthorized or illegal access by internal or external parties

Our data will not be:

l Communicated informally

l Stored for more than a specified amount of time

l Transferred to organizations, states or countries that do not have adequate data protection policies

l Distributed to any party other than the ones agreed upon by the data's owner (exempting legitimate requests from law enforcement authorities)

In addition to ways of handling the data the company has direct obligations towards people to whom the data belongs. Specifically we must:

l Let people know which of their data is collected

l Inform people about how we'll process their data

l Inform people about who has access to their information

l Have provisions in cases of lost, corrupted or compromised data

l Allow people to request that we modify, erase, reduce or correct data contained in our databases

5. ACTIONS

To exercise data protection we're committed to:

l Restrict and monitor access to sensitive data

l Develop transparent data collection procedures

l Train employees in online privacy and security measures

l Build secure networks to protect online data from cyberattacks

l Establish clear procedures for reporting privacy breaches or data misuse

l Include contract clauses or communicate statements on how we handle data

l Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.)

6. DISCIPLINARY CONSEQUENCES

All principles described in this policy must be strictly followed. A breach of data protection guidelines will invoke disciplinary and possibly legal action.