Privacy Policy

We collect information in the following ways:

Information you provide directly:

• Name, email address, phone number, and institution/organization name when you contact us or request a quote
• Project descriptions, research objectives, and scientific requirements submitted through inquiry forms or messaging platforms (e.g., WhatsApp, email)
• Billing and payment details when you engage us for paid services
• Communications and correspondence with our team

Research and scientific data:

• Genomic datasets, sequencing files (e.g., FASTQ, BAM, VCF), and associated metadata you upload or share with us for analysis
• Project-specific files and results we generate on your behalf

Automatically collected information:

• IP address, browser type, device information, and operating system
• Pages visited, time spent on pages, and referral sources
• Cookies and similar tracking technologies (see Section 10)

We use your personal information to:

• Respond to inquiries, provide quotes, and communicate about your project
• Deliver contracted bioinformatics services including NGS analysis, genomics, transcriptomics, biostatistics, and manuscript support
• Process payments and manage client accounts
• Provide post-delivery support, including interpretation assistance and revision handling
• Send relevant updates about your project or our services (you may opt out at any time)
• Improve our website, services, and user experience through analytics
• Comply with applicable legal and regulatory obligations

Given the sensitive nature of scientific and genomic data, we apply the highest standards of care:

• Strict confidentiality: All client research data, raw sequencing files, datasets, unpublished findings, and project materials are treated as strictly confidential at all times.
• NDA protection: We routinely execute Non-Disclosure Agreements (NDAs) before any data transfer occurs. You may request an NDA at any stage prior to sharing data.
• Limited access: Only the team members directly assigned to your project will have access to your data.
• No secondary use: Your research data will never be used for training, publication, third-party sharing, or any purpose beyond the scope of your project.
• Secure deletion: Upon project completion (and after your confirmation), data is securely deleted from our systems unless you request extended archiving.

Where applicable under UK GDPR and the Data Protection Act 2018, we rely on the following legal bases:

We do not sell, rent, or trade your personal information. We may share data only in the following limited circumstances:

• Service providers: Trusted third-party vendors (e.g., payment processors, cloud storage, communication tools) who are contractually bound to protect your data and may only use it to provide services on our behalf.
• Legal requirements: Where disclosure is required by law, court order, or regulatory authority.
• Business transfers: In the unlikely event of a merger, acquisition, or asset sale, your data may be transferred to the successor entity, subject to equivalent privacy protections.
• With your consent: Any other sharing you explicitly authorise.

We retain personal and project data only for as long as necessary:

• Client account and communication records: up to 5 years from the end of the project, for legal and dispute resolution purposes.
• Financial and billing records: as required by applicable tax law (typically 6–7 years in the UK).
• Research and scientific data files: deleted within 30 days of project completion unless you request archiving or a longer retention period.
• Website analytics data: retained in anonymised/aggregated form for up to 2 years.

You may request earlier deletion of your data at any time (see Section 8).

Retention Progress Overview:

We implement industry-standard technical and organisational measures to protect your data, including:

• Encrypted data transfer (TLS/HTTPS) for all file uploads and communications
• Access controls and authentication protocols limiting data access to authorised personnel only
• Secure, access-controlled cloud storage environments for research data
• Regular security reviews and staff confidentiality training

Subject to applicable law, you have the right to:

Bioinformatics Next operates globally and serves clients across 40+ countries. Your data may be processed or stored in countries outside your home jurisdiction. Where such transfers occur, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by relevant data protection authorities
• Processing only with vendors committed to equivalent data protection standards
• NDAs and data processing agreements in place prior to any international data sharing

Our website uses cookies and similar technologies to:

• Ensure core website functionality
• Analyse visitor behaviour and improve the user experience (e.g., via Google Analytics or similar tools)
• Remember your preferences across sessions

Our website contains links to external resources, including academic journals such as:

• Briefings in Bioinformatics
• Nature Genetics
• Nucleic Acids Research
• Genome Research
• PLOS Computational Biology
• Cell Systems

These links are provided for reference only. We are not responsible for the privacy practices of external websites and encourage you to review their respective privacy policies before sharing any personal information.

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we do, we will revise the "Last Updated" date at the top of this page. For material changes, we will notify active clients by email.

Continued use of our services following any changes constitutes your acceptance of the updated policy.