Last Updated November 23, 2014
“Core Informatics Services” include our:
- Products (including Applications and Components)
- Customer Support Portals
Core Informatics Services do not include:
- Third-party products. These are third-party products or services that you may choose to integrate with Core Informatics product or services, such as third-party applications available in the Platform for Science. You should always review the policies of third-party products and services to make sure you are comfortable with the ways in which they collect and use your information.
Unless otherwise stated, our Products, Applications and Components are treated the same for the purposes of this document.
Application: Core Informatics’ downloadable applications or applications accessible through the Internet including Components created by Core Informatics, that are installed by customers on an infrastructure of their choice. Applications do not include Components created by third parties, even when they are accessed through CoreInformatics.com or PlatformforScience.com.
Component: a bundle of code, resources and/or configuration files that can be used with an Core Informatics product to add new functionality or to change the behavior of that product’s existing features.
Core Informatics Services: Core Informatics’ Websites, Products, Components, Applications and Customer Support Portals.
Content: any information or data that you upload, submit, post, create, transmit, store or display in a Core Informatics Service.
Device: any computer used to access the Core Informatics Services, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device.
Personal Information: information that may be used to readily identify or contact you as an individual person, such as: name, address, email address, or phone number. Personal Information does not include information that has been anonymized such that it does not allow for the ready identification of specific individuals.
Websites: Core Informatics’ websites, including but not limited to CoreInformatics.com, CoreLIMS.com, CoreELN.com, CoreSDMS.com, PlatformforScience.com and any related websites, sub-domains and pages.
Information you provide to us
We collect the following information:
Content: We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our Products or Websites. Such Content includes any Personal Information or other sensitive information that you choose to include (“passively-collected Personal Information”). Users of Core Informatics Services generally do not create, input, submit, post, upload, transmit, store or display Personal Information in the process of using our Products or Websites, and we discourage you from doing so. Nevertheless, if you do so, we will collect and store that information alongside any other Content that you create, input, submit, post, upload, transmit, store or display in the process of using our Products or Websites.
Other submissions: We collect other data that you submit to our Websites or as you participate in any interactive features of the Core Informatics Services, participate in a survey, contest, promotion, sweepstakes, activity or event, request customer support, communicate with us via third party social media sites or otherwise communicate with us. For example, information regarding a problem you are experiencing with Core Informatics Services could be submitted to our Support Services or posted in our Community. Any information, including Personal Information, that you submit to our Websites could be visible to the Community unless submitted to a secure area in the Website where we collect information like job applications.
Information we collect from your use of Core Informatics Services
Web Logs: As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and Products. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your Devices, your mobile carrier, and system configuration information. In the case of our Product, the URLs you accessed (and therefore included in our log files) include usernames as well as elements of Content (such as project names, sample information, assay data, laboratory workflows, collaborations or partnerships) as necessary for the Product to perform the requested operations. Occasionally, we connect Personal Information to information gathered in our log files as necessary to improve Core Informatics Services for individual customers.
Analytics Information from Website and Products: We and our analytics providers collect and store analytics information when you use our Websites and Products to help us improve our products and services. In the Products, this analytics information consists of the feature and function of the Core Informatics Service being used, the associated license key and domain name, the username and IP address of the individual who is using the feature or function (which will include Personal Information if the Personal Information was incorporated into the username), the sizes and original filenames of attachments, and additional information required to detail the operation of the function and which parts of the Core Informatics Services are being affected. For example:
- In Core LIMS, analytics information that we collect when a user registers a sample includes the system-generated numeric identifier of the sample, the attributes or meta-data supplied by the user, and the name of the project. Similarly, analytics information that we collect when an sample is edited includes the system-assigned numeric sample number, the sample barcode (which consists of the sample type prefix and a system-generated sequence number), whether the edit is made by a user or automatically generated by the system, and whether email notifications or triggers are to be sent or run.
- In Core ELN, analytics information that we collect when a user creates an entry includes the system-generated numeric identifier of the entry, the template used to create the entry, the notebook in which the entry is being created, and the entry title. An example of analytics information that we collect when a user creates a new template includes the system-generated numeric identifier of the template, the notebooks in which the template is being created, and the template name and description.
As shown in the examples above, the analytics information we collect includes elements of Content related to the function the user is performing. As such, the analytics information we collect may include Personal Information or sensitive business information that the user has included in Content that the user chose to upload, submit, post, create, transmit, store or display in an Core Informatics Service.
Analytics Information Derived from Content. Analytics information also consists of data we collect as a result of running queries against Content across our user base for the purposes of generating Usage Data. “Usage Data” is aggregated data about a group or category of services, features or users that does not contain Personal Information. For example, we may query Content to determine the most common types of workflows that users use (e.g., what percentage of all installations use Illumina HiSeq workflows?) by searching for the most common workflow names, or we may query Content to determine the most popular job titles for Core LIMS users in order to better understand the composition of our user base.
Though we may happen upon sensitive or Personal Information as we compile Usage Data from Content across user instances, this is a byproduct of our efforts to understand broader patterns and trends. In the event we do happen upon sensitive or Personal Information, we endeavor to delete it from our compilations (although we do not delete any Content that you have posted). It is not a concerted effort by us to examine the Content of any particular customer.
California Privacy Rights
Under California’s “Shine the Light” law, California residents who submit personal information to our websites are entitled to request and obtain from us, once per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. To obtain this information from us, please send an email message to firstname.lastname@example.org with “Request for California Privacy Information” on the subject line and in the body of your message. We will provide the requested information to you at your e-mail address in response. Not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing (if any) will be included in our response. Our website does not respond to “do not track” requests.
Software Updates & License Information from Applications: Our Applications communicate with Core Informatics servers and/or our CRM provider Salesforce.com for licensing purposes, as well as to check for updates, patches, and compatibility with Components. Examples of information we collect for these purposes include the name and version of the Application and the server ID, license key, and IP address of the customer instance.
Information we collect from other sources
How we use Information we collect
General Uses. We use the information we collect about you (including Personal Information to the extent applicable) for a variety of purposes, including to:
- Provide, operate, maintain, improve, and promote Core Informatics Services;
- Enable you to access and use Core Informatics Services, including uploading, downloading, collaborating on and sharing Content;
- Process and complete transactions, and send you related information, including purchase confirmations and invoices;
- Communicate with you, including responding to your comments, questions, and requests; providing customer service and support; providing you with information about services, features, surveys, newsletters, offers, promotions, contests and events; providing other news or information about us and our select partners; and sending you technical notices, updates, security alerts, and support and administrative messages. Generally, you have the ability to opt out of receiving any promotional communications as described below under “Your Choices”;
- Monitor and analyze trends, usage, and activities in connection with Core Informatics Services and for marketing or advertising purposes;
- Investigate and prevent fraudulent transactions, unauthorized access to Core Informatics Services, and other illegal activities;
- Personalize Core Informatics Services, including by providing content, features, or advertisements that match your interests and preferences;
- Enable you to communicate, collaborate, and share Content with users you designate; and
- For other purposes about which we notify you.
Compiling aggregate analytics information: Because our Products and Applications are some of the most configurable in the market, we make extensive use of analytics information (including log and configuration data) to understand how our products are being configured and used, how they can be improved for the benefit of all of our users, and to develop new products and services. As such, we generate Usage Data (as defined above) from the web logs and analytics logs described above, including the Content elements captured in such logs, as well as from the Content stored in the Websites and Products.
Information sharing and disclosure
We will not share or disclose any of your Personal Information or Content with third parties except as described in this policy. We do not sell your Personal Information or Content.
Your use: When you use Core Informatics Services, Content you provide will be displayed back to you. Certain features of Core Informatics Services allow you to make some of your Content public, in which case it will become readily accessible to anyone. We urge you to consider the sensitivity of any data you make public.
Collaboration: As a natural result of using Core Informatics Services, you may create Content and grant permission to other Core Informatics users to access it for the purposes of collaboration. Some of the collaboration features of Core Informatics Services display your profile information, including Personal Information included in your profile, to users with whom you have shared your Content. Where this information is sensitive, we urge you to use the various security and privacy features of the Core Informatics Services to limit those who can access such information.
Access by your system administrator: You should be aware that the administrator of your instance of Core Informatics Services may be able to:
- access information in and about your Core Informatics Services account;
- disclose, restrict, or access information that you have provided or that is made available to you when using your Core Informatics Services account, including your Content; and
- control how your Core Informatics Services account may be accessed or deleted
Core Informatics Community: Our Websites offer accessible community services such as blogs, forums, bug trackers, and wikis. You should be aware that any Content you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account.
Service Providers, Business Partners and Others: We work with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis and other services for us. These third parties may have access to or process your Information as part of providing those services for us. Our agreements with these third parties do not provide them with any rights to use, access or distribute any of your information.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights: We may disclose your Information (including your Personal Information) to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, (b) to enforce our agreements, policies and terms of service, (c) to protect the security or integrity of Core Informatics’ products and services, (d) to protect Core Informatics, our customers or the public from harm or illegal activities, or (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
Business Transfers: We may share or transfer your information (including your Personal Information) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Aggregated or Anonymized Data: We may also share aggregated or anonymized information that does not directly identify you with the third parties described above.
With Your Consent. We will share your personal information with third parties when we have your consent to do so.
Information we do not share
We do not share Personal Information about you with third parties (including direct marketing purposes) without your permission.
Data storage, transfer and security
Core Informatics hosts data with hosting service providers in numerous countries including the United States. The servers on which Personal Information is stored are kept in a controlled environment. While we take reasonable efforts to guard your Personal Information, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. In addition, we cannot guarantee that any passively-collected Personal Information you choose to store in Websites or Products are maintained at levels of protection to meet specific needs or obligations you may have relating to that information.
Where data is transferred over the Internet as part of a Website or Product, the data is encrypted using industry standard SSL (HTTPS).
Where Applications are used, responsibility of securing access to the data you store in the Applications rests with you and not Core Informatics. We strongly recommend that administrators of Applications configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data.
You may opt out of receiving promotional communications from Core Informatics by using available unsubscribe links within emails, updating your account settings in Core LIMS, or emailing us to have your contact information removed from our promotional email list or registration database. Although opt-out requests are usually processed immediately, please allow ten (10) business days for a removal request to be processed. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Core Informatics’ Services.
You may be able to opt out of receiving personalized advertisements from companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising. For more information about this practice and to understand your options, please visit: http://www.aboutads.info andhttp://www.networkadvertising.org/choices/.
Accessing and updating your information
You can access and amend some of the information we keep about you through your account settings.
Compliance with privacy laws and regulations
You agree not to use the Core Informatics Services in a manner that would violate laws protecting an individual’s privacy rights, health or financial data, including the Health Insurance Portability and Accountability Act of 1996 as amended (HIPAA) and the Gramm-Leach-Bliley Act and its implementing regulations, the Privacy Rule and the Safeguards Rule.
Our policy towards children
Core Informatics Services are not directed to individuals under 13. We do not knowingly collect Personal Information from children under 13. If we become aware that a child under 13 has provided us with Personal Information, we will take steps to delete such information. If you become aware that a child has provided us with Personal Information, please contact our Support Services.
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Information to the United States to us. By providing your Personal Information, you consent to any transfer and processing in accordance with this Policy.