Privacy Policy

1. Introduction

Mandrake Bioworks Private Limited ("we," "us," "our," or "Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and web application (collectively, the "Services").

This policy applies to all users of our Services and is designed to comply with applicable Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other relevant data protection regulations.

By using our Services, you consent to the data practices described in this Privacy Policy.

2. Information We Collect

We collect various types of information to provide and improve our Services:

2.1 Personal Information

• Contact Information: Name, email address, phone number, company name, and job title
• Account Information: Username, password, and account preferences
• Payment Information: Billing address, payment card details, and transaction history
• Location Data: IP address and general geographic location

2.2 Proprietary Data

• Research Data: Biological sequences, genomic data, experimental results, and other scientific data you upload for analysis
• Analysis Results: Output data, reports, and insights generated through our Services
• Project Information: Project names, descriptions, and associated metadata

2.3 Usage Information

• Analytics Data: Pages visited, features used, time spent on Services, and interaction patterns
• Device Information: Browser type, operating system, device identifiers, and technical specifications
• Log Data: Access times, referring URLs, and system activity logs

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

• To provide, maintain, and improve our biotech analysis Services
• To process and analyze your proprietary data using our bioinformatics tools
• To generate reports and deliver analysis results
• To manage your account and provide customer support

3.2 Business Operations

• To process payments and maintain billing records
• To communicate about Service updates, maintenance, and changes
• To respond to inquiries and provide technical assistance
• To monitor and enhance Service performance and security

3.3 Legal and Compliance

• To comply with applicable laws and regulations
• To protect our rights, property, and safety, and that of our users
• To detect, prevent, and address fraud and security issues

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We engage third-party services to facilitate our operations:

• Payment Processors: To handle secure payment transactions (e.g., Razorpay, PayPal)
• Cloud Service Providers: For data storage and infrastructure (e.g., AWS, Google Cloud)
• Analytics Services: To understand Service usage (e.g., Google Analytics)
• Communication Tools: For email and customer support services

4.2 API Integration Partners

• AI Analysis Services: We use third-party AI agents and APIs for advanced bioinformatics analysis
• Specialized Bioinformatics Tools: Integration with external computational biology services
• These partners process data solely for analysis purposes under strict confidentiality agreements

4.3 Legal Requirements

We may disclose information when required by:

• Court orders, subpoenas, or other legal processes
• Government authorities as required by applicable law
• Circumstances involving threats to physical safety

4.4 Business Transfers

In the event of merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction, subject to the same privacy protections.

5. Data Security

We implement comprehensive security measures to protect your information:

5.1 Technical Safeguards

• Encryption: SSL/TLS encryption for data in transit and encryption at rest for stored data
• Access Controls: Multi-factor authentication and role-based access restrictions
• Security Monitoring: Continuous monitoring for unauthorized access attempts and vulnerabilities
• Regular Updates: Timely application of security patches and system updates

5.2 Organizational Measures

• Employee Training: Regular security awareness training for all staff
• Confidentiality Agreements: All employees and contractors sign strict confidentiality agreements
• Access Limitation: Data access restricted to authorized personnel on a need-to-know basis
• Incident Response: Established procedures for detecting and responding to security incidents

5.3 Data Integrity

• Backup Systems: Regular automated backups with secure storage
• Version Control: Maintaining data integrity through versioning systems
• Audit Trails: Comprehensive logging of data access and modifications

6. International Data Transfers

Your data may be transferred to and processed in countries other than India, including:

• Locations where our third-party API providers operate
• Countries where our cloud infrastructure is hosted

We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your information.

7. Data Retention

We retain your information for as long as necessary to:

• Provide the requested Services
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Maintain business records as required by law

Proprietary research data is retained according to your account settings and deleted upon request, subject to any legal retention requirements.

8. Your Rights and Choices

Under applicable law, you have the following rights:

8.1 Access and Portability

• Request access to your personal information
• Obtain copies of your data in a structured, commonly used format

8.2 Correction and Deletion

• Request correction of inaccurate or incomplete information
• Request deletion of your personal information, subject to legal requirements

8.3 Consent Withdrawal

• Withdraw consent for data processing where consent is the legal basis
• Opt-out of marketing communications

8.4 Account Management

• Update account settings and preferences
• Download or export your analysis results and data

To exercise these rights, contact us at support@mandrakebio.com.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain session state and remember preferences
• Analyze Service usage and performance
• Provide security features

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may limit Service functionality.

10. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware of such collection, we will promptly delete the information.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices within the Services

The "Last Updated" date at the top reflects the most recent revision.

12. Grievance Redressal

In compliance with the Information Technology Act, 2000, we have appointed a Grievance Officer:

You may contact the Grievance Officer for any concerns regarding data processing or to exercise your rights under this policy.

13. Contact Information

For questions, concerns, or requests regarding this Privacy Policy, please contact us:

14. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of India. Any disputes arising under this policy shall be subject to the exclusive jurisdiction of the courts in Karnataka, India.

Acknowledgment

By using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.