Privacy Policy

Overview

Omics807 is committed to protecting your privacy and ensuring the security of your genomic, transcriptomic, and medical imaging data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our multi-omics cancer analysis platform.

Important: Omics807 is designed for research and educational purposes. We do not store personal health information (PHI) or personally identifiable information (PII) linked to patient identities. All data processing occurs on secure infrastructure with industry-standard encryption.

Data We Collect

1. Genomic & Multi-Omics Data

When you use Omics807's analysis features, we process:

• DNA Variant Data: VCF files, BAM files (tumor/normal), somatic variant calls from DeepSomatic
• RNA-seq Data: Single-cell RNA expression matrices (CSV/TSV format), gene counts, cell type annotations
• Medical Imaging: DICOM images from TCIA, CT/MRI/PET scans, radiology metadata
• Analysis Results: Variant annotations, pathway enrichments, clinical interpretations, AI-generated insights

2. Technical Information

• Usage Data: Analysis timestamps, feature usage, job processing logs
• Browser Data: IP address, browser type, device information (for security and performance optimization)
• Session Data: Temporary cookies for session management (no tracking cookies)

3. Newsletter & Communications

• Email Address: If you subscribe to our newsletter for platform updates and research insights
• Support Requests: Information you provide when contacting support (anthony@digitalvibes.ca)

How We Use Your Data

Your data is used exclusively for:

• Multi-Omics Analysis: Running DeepSomatic variant calling, scRNA-seq cell type prediction, pathway enrichment, and AI interpretation
• Research Insights: Generating Omics807 insights, clinical evidence summaries, therapeutic matching
• Platform Improvement: Analyzing aggregated, de-identified usage patterns to improve algorithms and user experience
• Communications: Sending newsletter updates (only if subscribed), responding to support inquiries

We DO NOT:

• Sell, rent, or share your genomic data with third parties
• Use your data for advertising or marketing purposes
• Link genomic data to patient identities or PHI
• Train AI models on your private data without explicit consent

Data Storage & Security

Infrastructure Security

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Cloud Processing: DeepSomatic runs on isolated Ubuntu 24.04 servers with SSH/SFTP secure transfers
• Access Controls: Role-based access, API key authentication, environment secret management
• Temporary Storage: Uploaded files are automatically deleted after analysis completion (24-hour retention maximum)

Data Retention

• Analysis Results: Stored in job history (job_history.json) for 30 days unless explicitly deleted by user
• Raw Files: Deleted immediately after processing (VCF, BAM, scRNA-seq CSV files)
• Newsletter Emails: Retained until you unsubscribe
• Support Emails: Retained for 1 year for customer service purposes

Third-Party Services

Omics807 integrates with the following third-party services:

• xAI Grok-4: For AI-generated variant interpretations and biological insights (data sent via API, not stored by xAI)
• HuggingFace (Cell2Sentence): For cell type prediction from scRNA-seq data (inference only, no data storage)
• Public Databases: VEP, CIViC, gnomAD, AlphaFold, ChEMBL, STRING, Reactome, TCIA, GDC (queries only, no data sharing)
• Exa.ai: For literature search and research evidence extraction (anonymized queries)
• ClinicalTrials.gov: For clinical trial matching (public API, no data transfer)

Note: Optional integrations (OncoKB, COSMIC) require your own API keys and are governed by their respective privacy policies.

GDPR & International Compliance

If you are located in the European Union, you have the following rights under GDPR:

• Right to Access: Request a copy of your data we hold
• Right to Erasure: Request deletion of your analysis results and newsletter subscription
• Right to Rectification: Correct inaccurate information
• Right to Data Portability: Export your analysis results in CSV format
• Right to Withdraw Consent: Unsubscribe from newsletter at any time

To exercise these rights, contact us at anthony@digitalvibes.ca. We will respond within 30 days.

Your Responsibilities

When using Omics807, you are responsible for:

• De-identification: Ensuring all uploaded data is de-identified and does not contain PHI/PII
• Compliance: Following your institution's IRB/ethics board requirements for genomic data analysis
• Data Ownership: Confirming you have the legal right to analyze the data you upload
• Secure Access: Protecting your account credentials and API keys

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify users of significant changes via:

• Email notification (if subscribed to newsletter)
• Platform announcement banner
• Updated "Last Updated" date at the top of this page

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices:

Email: anthony@digitalvibes.ca
Response Time: Within 48 hours for privacy inquiries