Privacy Policy
Data protection for demonstration platform visitors
π Privacy Policy Overview
VariantBase.com is a demonstration platform showcasing generic industry concepts for genetic variant knowledge platforms. We are committed to protecting your privacy and handling any personal information with transparency and security.
β οΈ IMPORTANT: No Clinical Data Accepted
This is a demonstration platform only. Do NOT submit any Protected Health Information (PHI), patient data, genetic test results, or confidential clinical information. We are not a healthcare provider, not HIPAA compliant, and this platform is not intended for medical or clinical use.
π Information We Collect
Information You Voluntarily Provide
Contact & Acquisition Inquiries
- Contact Form Data: Name, email address, company name, job title, and inquiry message when you contact us about domain acquisition
- Communication Records: Any additional information you provide in follow-up emails or communications
- Business Information: Company details, intended use case, and acquisition timeline when provided voluntarily
Demonstration Platform Interactions
- API Demo Usage: Non-personal usage data from interacting with our variant lookup demonstration (search queries are not stored)
- Platform Navigation: Pages visited and features accessed during your demonstration experience
Important: We do NOT collect, store, or process any actual genetic data, patient information, or clinical results. All demonstration queries are processed temporarily and not retained.
Automatically Collected Information
π― How We Use Your Information
Primary Use Cases
Domain Acquisition Communications
Responding to inquiries about VariantBase.com acquisition, providing domain information, and facilitating transfer discussions with qualified parties.
Platform Demonstration
Showcasing genetic variant platform concepts to potential acquirers, including API functionality and user interface capabilities.
User Experience Optimization
Improving demonstration content, navigation, and technical performance based on aggregated usage patterns and feedback.
Security & Abuse Prevention
Monitoring for security threats, preventing automated abuse, and ensuring platform integrity for legitimate users.
Legal Compliance
Meeting legal obligations, maintaining records as required by law, and responding to valid legal requests when necessary.
Anonymous Analytics
Creating aggregated, non-identifiable statistics about platform usage to improve demonstration effectiveness and content.
What We Do NOT Do With Your Data
- β No Data Sales: We never sell, rent, or lease your personal information to third parties
- β No Marketing Lists: We do not add you to marketing lists or share data with marketers
- β No Unsolicited Communications: We only contact you in response to your inquiries
- β No Clinical Data Processing: We do not collect, store, or analyze any health or clinical information
- β No Behavioral Profiling: We do not create detailed user profiles or track behavior across other sites
- β No Automated Decision Making: We do not use personal data for automated profiling or decision-making
π‘οΈ Data Protection & Security
Technical Security Measures
π Encryption & Transport Security
- TLS/SSL encryption for all data transmission
- HTTPS enforcement across entire platform
- Secure form submission protocols
- Encrypted storage of contact form data
π° Access Controls & Authentication
- Restricted access to personal data on need-to-know basis
- Multi-factor authentication for administrative access
- Regular access review and permission auditing
- Secure credential management practices
π Data Backup & Recovery
- Regular encrypted backups of essential data
- Secure off-site backup storage
- Tested data recovery procedures
- Business continuity planning
π± Infrastructure Security
- Regular security updates and patches
- Firewall and intrusion detection systems
- Monitoring for security threats and anomalies
- Secure hosting with reputable providers
Data Retention Policies
π€ Third-Party Services & Data Sharing
Limited Third-Party Integrations
We use minimal third-party services, selected specifically for their strong privacy practices and compliance with data protection regulations.
π§ Formspree (Contact Form Processing)
π Cloudflare (CDN & Security)
ποΈ Web Hosting Infrastructure
Data Sharing Limitations
π― Your Privacy Rights
GDPR & International Privacy Rights
Under the General Data Protection Regulation (GDPR) and other privacy laws, you have specific rights regarding your personal data:
Right to Access
Request a copy of all personal data we hold about you, including how it's used and who it's shared with.
Right to Rectification
Correct any inaccurate or incomplete personal information in our records.
Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data when it's no longer necessary for our legitimate purposes.
Right to Data Portability
Receive your personal data in a structured, commonly-used format for transfer to another service.
Right to Object
Object to processing of your personal data for specific purposes, including direct marketing.
Right to Restrict Processing
Limit how we use your personal data while we address concerns about accuracy or processing.
How to Exercise Your Rights
π§ Privacy Request Process
- Contact Us: Use our secure contact form or email with your privacy request
- Verify Identity: We may ask for verification to protect your privacy and prevent unauthorized access
- Specify Request: Clearly describe which right you're exercising and what specific action you want
- Receive Response: We'll respond within 30 days (may extend to 60 days for complex requests)
β±οΈ Response Timeframes
Additional Privacy Protections
πΊπΈ California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected and how it's used
- Right to know if personal information is sold or disclosed to third parties
- Right to opt-out of the sale of personal information (Note: We do not sell personal information)
- Right to non-discrimination for exercising privacy rights
π International Privacy Laws
We respect privacy rights under various international frameworks:
- PIPEDA (Canada): Personal Information Protection and Electronic Documents Act compliance
- LGPD (Brazil): Lei Geral de Proteção de Dados personal data protection
- Privacy Act (Australia): Australian privacy principles and individual rights
- Local Laws: Compliance with applicable local privacy regulations
π Privacy Contact Information
Data Protection Contact
Primary Contact
For all privacy-related questions, data requests, or to exercise your rights:
Method: Use our secure contact form
Subject Line: Mark inquiries as "Privacy Request" or "Data Protection"
Response Times
Privacy Inquiries: 1-2 business days for initial response
Data Requests: 30 days maximum for completion
Urgent Privacy Issues: Same-day response when possible
Purpose Limitation
Privacy Contact Only: This channel is exclusively for privacy-related matters
Domain Inquiries: Use regular contact form for acquisition discussions
Technical Issues: Not a technical support channel
Data Protection Authority Rights
π Policy Updates & Changes
How We Handle Privacy Policy Updates
Regular Reviews
We review this privacy policy annually and whenever we make significant changes to our data practices or platform functionality.
Change Documentation
All material changes are documented with updated effective dates and version numbers clearly displayed at the top of this policy.
User Notification
For significant changes that affect your rights, we will notify users who have contacted us via email before the changes take effect.
Continued Use Consent
Your continued use of the platform after policy updates indicates acceptance. If you disagree with changes, please contact us or discontinue use.