AminoCloud | Home

Information We Collect

Personal Data

We may collect personally identifiable information from users in a variety of ways, including, but not limited to: when users visit our site, register, place an order, subscribe to a newsletter, respond to a survey, fill out a form, or use other features made available through the Site or Services.

Examples of personal information may include:

Name and professional credentials
Email address and contact information
Mailing address and billing information
Phone number
Company/Organization details and laboratory information
Job title, role, and department
Microsoft account information (for authentication)
Laboratory workflow and experiment data

We only collect this information when it is voluntarily provided or necessary to deliver the Services.

Laboratory and Technical Data

As part of our Laboratory Resource System, we may collect and process:

Electronic lab notebook entries and experimental protocols
Inventory management data and asset tracking information
Safety documentation and compliance records
Genomics data, primer designs, and sequence alignments
Training completion records and CAP checklist data
System usage logs and performance metrics

Non-Personal Data

We may collect non-personal information automatically when users interact with our Site or Services. This may include:

Browser type and version
Device type and operating system
Pages visited and time spent
IP address (filtered through Azure Web Application Firewall)
Usage patterns and system diagnostics
Azure performance and uptime metrics

How We Use Your Information

We may use the information we collect for the following purposes:

To provide, operate, and maintain our Laboratory Resource System and subsystems
To manage user authentication through Microsoft accounts and tenant-specific access
To notify you about updates, changes, or maintenance to the service
To respond to support requests and technical inquiries
To analyze usage patterns and improve system performance
To ensure compliance with 21 CFR Part 11 and ISO 27001 requirements
To manage license counts and subsystem access through our admin portal
To send administrative information (e.g., account, subscription, or compliance notices)
To provide system uptime information and deployment status updates
To send promotional content, special offers, or relevant communications (with your consent)
To enforce our rights under any agreement between you and us
To comply with healthcare regulations and legal obligations

Where applicable, our legal basis for processing your data includes the performance of a contract, compliance with a legal obligation, legitimate business interests, or your consent.

Disclosure of Your Information

We do not sell your personal information. However, we may share it in the following cases:

Service Providers: With trusted third parties who help us operate our Services (e.g., Azure hosting, analytics, email delivery) under strict confidentiality agreements.
Enterprise Service Providers: For authentication and collaboration features, governed by enterprise agreements and compliance certifications from leading technology providers.
Business Transfers: If we are involved in a merger, acquisition, asset sale, or financing, subject to continued compliance obligations.
Affiliates: With affiliated companies under our control that comply with this Privacy Policy and equivalent security standards.
Business Partners: For co-sponsored events, integrations, or offerings (with appropriate disclosure and consent).
Legal Compliance: When required by law, regulation, or valid legal process, including healthcare and laboratory compliance requirements.
With Your Consent: In any other case, only with your express consent.

Data Security and Infrastructure

Enterprise-Grade Security Measures

Deployment on leading enterprise cloud infrastructure with dedicated resources per client
Advanced web application firewall protection for all services
Complete tenant isolation with no shared resources between clients
Secure cloud storage for safety documentation and inventory assets
Enterprise-grade database systems with encryption at rest and in transit
Industry-standard authentication with tenant-specific configurations
Integrated collaboration platforms for compliant document management
Secure code repositories for genomics and bioinformatics workflows

We implement commercially reasonable measures to protect the confidentiality, integrity, and availability of your information. However, no system can be 100% secure, and we cannot guarantee absolute protection. Our security practices are regularly audited for ISO 27001 compliance.

Your Data Protection Rights

Depending on your jurisdiction, you may have the right to:

Access or receive a copy of the data we hold about you
Request correction of inaccurate data
Request deletion of your personal data (subject to compliance retention requirements)
Object to or restrict processing under certain circumstances
Withdraw consent at any time, where processing is based on consent
Request transfer of your data to another provider (data portability)
Receive notifications of data breaches that may affect you

To exercise any of these rights, please contact us at support@aminocloud.com. Please note that some data retention may be required for regulatory compliance purposes.

Cookies & Tracking Technologies

We use cookies and similar technologies (e.g., pixels, local storage) to:

Enhance functionality and user experience
Analyze traffic and usage patterns
Remember user preferences and authentication state
Maintain session security and prevent unauthorized access
Enable compliance tracking and audit trails

You can control cookie settings through your browser, though some features may not function properly if cookies are disabled. Essential cookies for authentication and security cannot be disabled.

Data Breach Notification

In the event of a data breach or cybersecurity incident affecting our infrastructure or cloud service providers that may impact your data, we are committed to prompt and transparent communication.

Notification Process

Rapid notification to affected customers upon discovery of confirmed incidents
Assessment of data exposure scope and potential impact
Regular updates as more information becomes available from investigations
Coordination with cloud service providers and security experts
Assistance with incident response and risk mitigation measures

Our incident response procedures are designed to minimize impact and ensure compliance with applicable data protection regulations and notification requirements.

Data Ownership and Access

Client organizations retain ownership over their submitted laboratory data and experimental records (as outlined in specific service agreements). AminoCloud may access aggregated or anonymized data to improve services, ensure compliance, or fulfill legal obligations. Any access is subject to strict confidentiality and security protocols.

Our administrative systems enable our team to manage client access, licensing, and system performance while maintaining complete tenant isolation and data segregation.

Third-Party Services and Links

Our website or services may contain links to external websites or tools not operated by AminoCloud. We do not control, and are not responsible for, the content or privacy practices of those third parties. Please review their policies before submitting information.

We integrate with leading enterprise platforms and services that maintain appropriate data protection and compliance commitments for laboratory environments.

Compliance and Regulatory Considerations

AminoCloud is committed to maintaining compliance with healthcare and laboratory regulations, including 21 CFR Part 11 for electronic records and ISO 27001 for information security management. Our data handling practices are designed to support clinical diagnostic laboratories in meeting their regulatory obligations.

We maintain audit trails, implement appropriate user access controls, and ensure data integrity throughout our systems to support your compliance requirements.

Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we do, we will revise the "Last Updated" date at the top of this page and notify users through appropriate channels.

Your continued use of the Services after any changes constitutes acceptance of the revised policy. For material changes, we may provide additional notice or seek explicit consent where required by law.

Contact Us

If you have any questions about this Privacy Policy or our practices, please contact us:

Email: support@aminocloud.com
Privacy Inquiries: privacy@aminocloud.com
Website: Visit the contact page on our website
Compliance Questions: compliance@aminocloud.com