BioAssayAI
Privacy Policy
Your privacy is important to us. This policy explains how we handle data on our demonstration platform.
π Quick Summary
- We collect minimal data - Only basic analytics and contact information
- No health data - We never collect or store Protected Health Information (PHI)
- No selling data - We never sell or rent your personal information
- Secure handling - Industry-standard security measures protect your data
- Your rights - You can access, correct, or delete your data anytime
- Demo only - This is a demonstration platform not intended for real data
π 1. Overview
BioAssayAI.com ("we," "our," or "us") is a demonstration website showcasing concepts for AI-powered laboratory assay optimization platforms. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website.
Scope of This Policy
This policy applies to information we collect:
- On this website (bioassayai.com)
- In email and other electronic messages between you and us
- Through contact forms and domain acquisition inquiries
- When you interact with our demonstration features
π 2. Information We Collect
Information You Provide
We collect information you voluntarily provide when you:
| Activity | Information Collected | Purpose |
|---|---|---|
| Contact Form Submission | Name, email, company, message | Domain acquisition inquiries |
| Demo Interaction | Search queries (anonymous) | Demonstration functionality |
| Newsletter Signup | Email address | Updates about domain availability |
| Support Requests | Name, email, issue description | Technical assistance |
Information Automatically Collected
When you visit our website, we automatically collect certain information:
- Device Information: Browser type, operating system, device type
- Usage Data: Pages visited, time spent, click patterns
- Network Information: IP address (anonymized), approximate location (country/region)
- Referral Data: How you arrived at our website
π‘οΈ Data Minimization Principle
We follow the principle of data minimization, collecting only the information necessary to provide our services and demonstrate the platform capabilities.
βοΈ 3. How We Use Information
We use collected information for the following purposes:
π§ Communication
Respond to inquiries about domain acquisition and provide requested information
π§ Platform Improvement
Enhance demo features and user experience based on usage patterns
π Analytics
Understand visitor behavior and optimize website performance
π Security
Detect and prevent fraudulent or abusive activity
βοΈ Legal Compliance
Comply with legal obligations and enforce our terms
π€ Business Transactions
Facilitate domain transfer and acquisition processes
What We DON'T Do
- β Sell or rent your personal information to third parties
- β Use your data for targeted advertising
- β Share your information with marketing companies
- β Store or process any health-related data
- β Make automated decisions that significantly affect you
π€ 4. Data Sharing & Disclosure
We may share your information only in the following limited circumstances:
Service Providers
We work with trusted third-party services to operate our website:
| Service | Purpose | Data Shared |
|---|---|---|
| Formspree | Contact form processing | Form submissions |
| Cloudflare | CDN & DDoS protection | IP addresses (anonymized) |
| Web Hosting | Website hosting | Access logs |
| Escrow.com | Domain transfer | Transaction details (if applicable) |
Legal Requirements
We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., court orders or government agencies).
Business Transfers
If the domain is sold or transferred, limited data may be transferred to the new owner solely for continuity of service. You will be notified of any such change.
π 5. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.
Security Measures Include:
- SSL/TLS encryption for data transmission
- Regular security audits and updates
- Access controls and authentication
- Secure data storage practices
- Incident response procedures
- Employee training on data protection
Data Breach Response
In the unlikely event of a data breach that affects your personal information, we will:
- Notify affected users within 72 hours of discovery
- Provide details about what information was involved
- Explain steps we're taking to address the breach
- Offer guidance on protective measures you can take
- Report to relevant authorities as required by law
βοΈ 6. Your Rights
Under data protection laws, including GDPR and CCPA, you have certain rights regarding your personal information:
π Right to Access
Request a copy of the personal data we hold about you
βοΈ Right to Correction
Request correction of inaccurate or incomplete data
ποΈ Right to Erasure
Request deletion of your personal data ("right to be forgotten")
π€ Right to Portability
Receive your data in a structured, machine-readable format
π« Right to Object
Object to processing of your personal data
βΈοΈ Right to Restrict
Request restriction of processing in certain circumstances
Exercising Your Rights
To exercise any of these rights:
- Contact us using the information provided below
- Provide sufficient information to verify your identity
- Specify which right(s) you wish to exercise
- We will respond within 30 days of your request
π 8. Third-Party Services
Our website may contain links to third-party websites or services that are not owned or controlled by BioAssayAI.com.
Third-Party Privacy Policies
We encourage you to review the privacy policies of any third-party services you interact with. We are not responsible for the privacy practices of these external sites.
Integrated Services
| Service | Purpose | Privacy Policy |
|---|---|---|
| Formspree | Form processing | View Policy |
| Cloudflare | CDN & Security | View Policy |
| Google Fonts | Typography | View Policy |
πΆ 9. Children's Privacy
Our website is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age.
Age Verification
By using our website and providing any personal information, you confirm that you are at least 16 years of age or have parental/guardian consent.
π 10. International Users
Data Transfers
Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.
Regional Rights
πͺπΊ European Union (GDPR)
Full GDPR rights including access, rectification, erasure, and portability
πΊπΈ California (CCPA/CPRA)
Rights to know, delete, opt-out, and non-discrimination
π¬π§ United Kingdom
UK GDPR rights similar to EU protections
π¨π¦ Canada (PIPEDA)
Access rights and ability to challenge compliance
π¦πΊ Australia
Privacy Act protections and access rights
π Other Regions
Rights as provided by local data protection laws
Legal Basis for Processing (GDPR)
For EU residents, we process personal data based on:
- Consent: When you provide explicit consent
- Legitimate Interests: For business operations and improvement
- Contract: To fulfill our agreement with you
- Legal Obligation: To comply with applicable laws
π 11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.
Notification of Changes
We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date at the top
- Sending an email notification (if we have your email)
- Displaying a prominent notice on our website
Last Review: February 15, 2025
π§ 12. Contact Information
Privacy Inquiries
For questions about this Privacy Policy or our data practices, please contact us:
Email: privacy@bioassayai.com
Contact Form: Secure Contact Page
Response Time: Within 48 hours
Data Protection Officer
For GDPR-related inquiries, you may contact our Data Protection Officer at:
dpo@bioassayai.com
Supervisory Authority
EU residents have the right to lodge a complaint with their local supervisory authority if they believe their data protection rights have been violated.