Privacy Notice

Effective Date May 19, 2026

Introduction and scope

At BioSensics, LLC (“BioSensics”, “we”, “us”, “our”), protecting your personally identifiable information (“Personal Data”) is our priority. This Privacy Notice (the “Notice”) governs how we collect and use your Personal Data. For the purposes of this Notice, unless otherwise noted, all references to BioSensics include this website (www.BioSensics.com) and BioSensics technologies, solutions, and services (collectively, the “Services”). The BioSensics website is a news and information site. By using this website and any other Services, you consent to the data practices described in this Notice. Please read this Notice to learn what we are doing with your Personal Data, how we protect it, and what privacy rights you may have under applicable data protection and privacy laws, such as applicable state laws in the United States, and the European Union General Data Protection Regulation (“EU GDPR”) and the United Kingdom General Data Protection Regulation (“UK GDPR”), collectively, the “GDPR”.

Within the scope of this Notice, BioSensics acts as a data controller for the Personal Data we process. This Notice does not apply to instances where we act as a data processor for our customers when providing our Services.

This Notice does not apply to the Personal Data of employees, job applicants, contractors, business owners, directors, and officers of BioSensics.

By using our Services and providing us with your Personal Data, you agree to the terms of this Notice and our collection and use of information in accordance with this Notice. If you do not agree to be bound by this Notice, you should not access or use our services or disclose any personal information to us through our Services.

If we do not maintain information in a manner that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular individual or household, such information is not considered Personal Data and this Notice will not apply to our processing of that information.

How to Contact Us

If you want to exercise your rights applicable under Data Privacy Laws, update your preferences and information, or have any questions or concerns about this Notice or about BioSensics’ processing of Personal Data, please contact us as follows:

Email address: privacy@biosensics.com

Postal address:

BioSensics, LLC
57 Chapel Street, Suite 200
Newton, MA 02458
USA

Lawful bases for processing

We may process your Personal Data on the basis of:

  • Your consent: Where you have given us permission to disclose and process your Personal Data for a specific purpose, including providing the Services.

  • The need to perform a contract with you: This includes using your Personal Data to fulfill our agreement with you, including processing necessary to provide you with Services or to manage our relationship with you.

  • Our legitimate interests or those of a third party, such as our interest in marketing our Services: We sometimes use your Personal Data because we believe it is in our interest or the interest of someone else. Legitimate interests work when we use your Personal Data in ways that make sense and do not unreasonably intrude on your privacy, or when we have a very good reason for it. Here is what it normally means for us:

    • Product Improvement: We may use data to enhance the Services features and functionality, making them more useful and user-friendly.

    • Customer Engagement: Keeping users, customers and others informed about updates, new features, and content that may interest them.

    • Research and Development: Using aggregated and anonymized data to conduct research on trends and user behavior to improve the Services.

    • Marketing and Promotion: Promoting the Services to a wider audience and providing tailored recommendations based on user data.

    • Security and Fraud Prevention: Protecting the Services and its users from security threats, fraud, and abuse.

    • Legal Compliance: Ensuring compliance with relevant laws and regulations, including the rules from other countries besides yours.

    • Business Operations: Managing day-to-day operations and ensuring the app’s sustainability and growth, including internal administration, accounting, finance, marketing, technology, cybersecurity, privacy, vendor and service provider management, and other operational activities.

  • Communicating with you: This includes responding to inquiries, providing updates, and sending service-related or marketing communications.

  • The need to comply with the law: This includes processing your Personal Data to follow the law, like keeping records of your cookie choices to comply with EU law such as the e-Privacy Directive and the GDPR.

  • Any other ground, as required or permitted by law: This includes using your Personal Data for any other reason that the law allows.

Where we process your Personal Data based on your consent (i.e., you have given us permission to your Personal Data), you may withdraw it at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect processing performed on other lawful grounds.

Where we receive your Personal Data as part of providing our Services to you based on a contract, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the Services to you.

When we rely on legitimate interests as a lawful basis of processing, you have the right to ask us more about how we decided to choose this legal basis.

Collection of your Personal Data

Categories of Personal Data

BioSensics may collect Personal Data, such as your biographical information (e.g. your name and last name) and contact information (like your email address, mailing address, billing address, and telephone number). We may also collect additional customer information (e.g. your banking details such as bank account number, credit card number, debit card number, or any other financial information) and commercial information (like your customer records of products or Services purchased, obtained or considered, or other purchasing or consuming histories or tendencies). We may gather additional personal or non-personal information in the future. Information about your computer hardware and software may be automatically collected by BioSensics. This information can include: your IP address, browser type, domain names, access times and referring website addresses. We will not collect additional categories of your Personal data without informing you.

How we receive your Personal Data

We may receive your Personal Data when:

  • you provide it directly to us, such as part of using our Services, when you use our website, express interest in our Services; signing up for our newsletter; or otherwise contact or engage with us, including over a web form, the telephone, online chat, or social media;

  • our customers (including their employees, contractors, and other representatives of the company) provide it to us;

  • our service providers provide it to us;

  • when a friend of yours or one of our partners or customers refers you to our Services by providing your Personal Data to us;

  • we may receive information from certain service providers that collect information from you on our behalf and at our direction. For example, we use the third party payment services of Quicken (https://www.quicken.com/) and Quickbooks (https://quickbooks.intuit.com/) for payments and invoicing. We do not have access to your full credit card number, PayPal, Venmo, Apple Pay, or Google Pay data stored by Quicken or Quickbooks but may receive truncated credit card number or other identifying information from them. For more information on how payments are handled, and to understand the data security and privacy protections afforded to such information, please refer to https://www.quicken.com/privacy-us/privacy/ and https://www.intuit.com/privacy/

  • automatically when you use our website, online services, or digital tools. We collect certain personal information and related data automatically through cookies, pixels, tracking technologies, and similar tracking or analytics technologies when you visit, use, or interact with our website, emails, advertisements, or services.

Use of your Personal Data

Purposes of Processing

BioSensics collects and uses your Personal Data to operate and improve the functionality of our website and deliver the Services you have requested, as well as to fulfill our legal obligations and enforce our rights. BioSensics may also use your Personal Data to inform you of other products or services available from BioSensics and its affiliates, as well as to respond to any quotation and/or other requests or questions you may send to us. BioSensics may also contact you via surveys to conduct research about your opinion of current technologies, solutions and Services or of potential new technologies, solutions and services that may be offered. We also use your Personal Data to provide general statistics regarding use of the BioSensics website. BioSensics may use anonymized and aggregated information that may be created or derived from your Personal Data or usage of our Services for any business purpose.

Specifically, we may use your information for the following purposes:

  • Providing other administrative functions, such as: Carrying out research and statistical analysis; Managing our business relationships; Operating and managing our business; Carrying out audits to ensure compliance with our regulatory and legal obligations; Providing operational information; Promoting our services; Preventing and detecting crime Dealing with disciplinary actions; and Dealing with complaints and inquiries.

  • To communicate with you.

  • Send marketing or advertising communications by email and postal mail

  • To seek advice on our legal rights and obligations and to identify, contact, or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other customers or business partners, visitors to BioSensics, or anyone else who could be harmed by such activities.

  • To maintain and service your account/file, provide customer service, and obtain data analytics.

  • To identify and repair errors that impair existing intended website functionality.

  • To promote security and integrity (for example, detecting security incidents, detecting and protecting against fraudulent and deceptive activity, and prosecuting those responsible):

    • For the prevention and detection of fraud or crime;

    • In order to assist with investigations (including criminal investigations) carried out by the police and other responsible authorities.

  • Where it is necessary to protect your or another person’s vital interests.

BioSensics encourages you to review the privacy notices of other websites you choose to navigate to from our website, so that you can understand how those other websites collect, use and share your Personal Data. BioSensics is not responsible for the privacy notices or other content on websites outside of the BioSensics website.

Sharing your Personal Data with third parties

BioSensics does not sell, rent or lease its customer lists to third parties. BioSensics may share your Personal Data with trusted partners and service providers to help perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your Personal Data except to provide these services to BioSensics, and they are required to maintain the confidentiality of your information. Our trusted partners and service providers are:

  • Aptible;

  • Amazon S3;

  • Box.com;

  • Google Workspace;

  • Telynx;

  • USPS;

  • UPS;

  • FedEx;

  • Slack;

  • Phone.com;

  • Quicken;

  • Google Analytics;

  • Freshdesk;

  • HubSpot.

For example, we may disclose Personal Data to the following categories of recipients, depending on how you interact with us, the purposes for which we use the information, and, where applicable, your choices and instructions:

  • You or other parties with your consent or at your direction.

  • Service providers and vendors that help us operate our business and provide our Services.

  • Retailers, dealers, distributors, and business partners where necessary to provide Services.

  • Professional advisers and representatives.

  • Legal, regulatory, law enforcement, or other public authorities where required to comply with applicable law.

  • Parties involved in corporate transactions.

The following chart details which categories of personal information we collect and process, as well as which categories of personal information we disclose to third parties, including service providers and vendors, for our operational business purposes, including within the 12 months preceding the date this Notice was last updated. We do not "share" personal information for purposes of cross-context behavioral or targeted advertising.

Categories of Personal Information

Purposes for which we may collect and use the personal information

Disclosed to Which Categories of Third Parties, Service Providers, or Vendors for Operational Business Purposes

Identifiers (e.g., name, email address, physical address, etc.)

  • Operations

  • Marketing

  • Box.com;

  • Google Workspace;

  • Telynx;

  • USPS;

  • UPS;

  • FedEx;

  • Quicken;

  • Google Analytics;

  • Freshdesk;

  • HubSpot.

Payment information

  • Operations

Quicken

Electronic, device and similar information, Cookie Identifiers (IP address, how you browse our sites)

  • Operations

  • Marketing

Third party tracking providers

Transfers of your Personal Data: Europe

Some of the third parties that we share your Personal Data with may be located outside of the European Economic Area (“EEA”), the UK or Switzerland. When your Personal Data is safeguarded by the EU GDPR or UK GDPR, or Swiss data protection law, before sending it to parties outside of the EEA, the UK, or Switzerland, we will do one of two things:

  • Seek your consent; or

  • Demand privacy and security: We will ensure the third party maintains the same level of privacy and security for your Personal Data as we do.

In some cases, the authorities of a country may have determined that the laws of other countries, territories or sectors within a country provide a level of protection equivalent to domestic law. You can see here the list of countries, territories and specified sectors that the European Commission recognized as providing an adequate level of protection for personal data; here the list of the UK; and here the list of Switzerland.

We are accountable for the protection of your Personal Data when we transfer it to others. We either send it to a country, territory or sector within a country that is recognized as providing the same level of personal data protection as the country of origin, or use safeguards like the Data Privacy Framework (as defined below), Binding Corporate Rules or the Standard Contractual Clauses (also known as the “SCCs”) approved by the European Commission under Article 46.2 of the GDPR, with necessary adjustments for transfers from the UK or Switzerland, or use specific transfer instruments like the UK International Data Transfer Agreement.

We remain liable for the protection of your Personal Data that we transfer to our service providers, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.

Other disclosures of your Personal Data

BioSensics will disclose your Personal Data, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on BioSensics or the site; (b) protect and defend the rights or property of BioSensics; and, (c) act under exigent circumstances to protect the personal safety of users of BioSensics, or the public.

We may also disclose your Personal Data in connection with a sale, merger, consolidation, change in control, transfer of substantial assets, reorganization, restructure, or liquidation of BioSensics. If we are subject to a merger or acquisition with/by another company, we may share information with the other company in connection with the transaction, and your Personal Data may be transferred to such company upon completion of the transaction. Such acquiring company’s right to use your personal information shall be limited to the terms of this Notice unless additional notice is provided to you.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data for any legal purpose. Such data does not include any Personal Data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.

If we have to disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data.

Your Rights

Marketing Preferences. You can opt out from receiving future marketing communications from us at any time by using the unsubscribe function in the email you receive from us, or contacting us as set forth under “How to Contact Us” above. Please allow sufficient time for your preferences to be processed. Even if you opt out of receiving marketing messages, we may still contact you for transactional purposes like confirming or following up on an order or service request, asking you to review a product or service you have ordered, or notifying you of product recalls. If you later opt back into getting marketing communications from us, we will remove your information from our opt-out databases.

Depending upon the US state or country in which you reside, you may have specific rights under applicable law, including the right to access, correct, or delete the personal information we hold about you. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. Please understand that we are required to verify your request and may require you to provide some information to enable us to carry out such verification. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

If we refuse to take action on a request to exercise your rights, in accordance with applicable law you may appeal our refusal to us within a reasonable period of time. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions, within the time period specified in the applicable state law. If the appeal is denied, we will also provide you with information about how to contact your Attorney General to submit a complaint.

Additional Information for Residents of Certain US States

Depending on which state you live in, you may have certain rights with respect to personal information that we have collected and used under certain circumstances. Where an applicable US state privacy law or similar legal requirement applies to the processing of your personal information, your rights may include the following:

  • The right to review and access your Personal Data

  • The right to receive a copy of your Personal Data in a usable format and transmit it to a third party (known as the right of data portability)

  • The right to request us to erase your Personal Data when we no longer need such data in connection with our services (subject to certain exceptions that may apply under applicable law)

  • The right to opt out of sales of your Personal Data.  Note: SYA does not sell your Personal Data for monetary consideration

  • The right to correct any inaccuracies related to your Personal Data

  • The right to limit the use and disclosure of your sensitive Personal Data

  • The right to opt-in for sensitive data processing

  • The right to opt-out of being profiled using automated decision-making technology based on your work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements

  • The right to opt out of targeted advertisements selected based on Personal Data from your activities over time and across nonaffiliated websites or online applications

  • The right to opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. Please note that we do not use your Personal Data to profile you in any way that produces legal or similarly significant effects

If you are a resident of a US state where one or more of these rights are granted to you under applicable law, and you wish to exercise any such rights listed above, please contact us as follows:

Email address: privacy@biosensics.com

Postal address:

BioSensics, LLC
57 Chapel Street, Suite 200
Newton, MA 02458
USA

Additional Information for European Residents

You have specific rights regarding your Personal Data that we collect and process. Please note that you can only exercise these rights with respect to Personal Data that we process about you when we act as a data controller. To exercise your rights with respect to Personal Data processed by us on behalf of one of our customers, please read the privacy notice of that customer.

In this section, we first describe your data protection rights and then we explain how you can exercise those rights.

We acknowledge the right of EU, UK and Swiss individuals to access their Personal Data pursuant to the Data Privacy Framework and will grant individuals reasonable access to Personal Data we received pursuant to the Data Privacy Framework Principles. In addition, we will take reasonable steps to permit individuals to correct, amend, or delete such information that is demonstrated to be inaccurate or processed in violation of the Data Privacy Framework Principles. Additionally, if we have received your Personal Data in reliance on the Data Privacy Framework, you may also have the right to opt out of having your Personal Data shared with third parties and to revoke your consent to our sharing your Personal Data with third parties. You may also have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. An individual may request to access their Personal Data, or otherwise correct, amend, delete, withdraw their consent or limit the processing of their Personal Data in line with the Data Privacy Framework Principles by contacting us.

Right to know what happens to your Personal Data

This is called the right to be informed. It means that you have the right to obtain from us all information regarding our data processing activities that concern you, such as how we collect and use your Personal Data, how long we will keep it, and who it will be shared with, among other things.

We are informing you of how we process your Personal Data with this Notice.

We will make every effort to let you know how we use your Personal Data. However, if we did not get your data directly from you, the GDPR does not require us to inform you in these cases: (1) When it is impossible or too costly to provide the information. (2) When the law obliges us to gather or share the data. (3) If the Personal Data must stay confidential because of professional or other secrecy obligations.

Right to know what Personal Data BioSensics has about you

This is called the right of access. This right allows you to (1) get confirmation of whether we process Personal Data about you (2) ask for full details of the Personal Data we hold about you and certain related information; (3) get a copy or access to the Personal Data.

You have the right to ask us to confirm whether or not we process Personal Data concerning you, and, where that is the case, to request a copy or access to the Personal Data and certain related information.

Once we receive and confirm that a request came from you or your authorized agent, we will disclose to you:

  • The categories of your Personal Data that we process;

  • The categories of sources for your Personal Data;

  • Our purposes for processing your Personal Data;

  • Where possible, the retention period for your Personal Data, or, if not possible, the criteria used to determine the retention period;

  • The categories of third parties with whom we share your Personal Data;

  • If we carry out automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you;

  • The specific pieces of Personal Data we process about you in an easily‑sharable format;

  • If we rely on legitimate interests as a lawful basis to process your Personal Data, the specific legitimate interests; and

  • The appropriate safeguards used to transfer Personal Data from the EEA or the UK to a third country, if applicable.

Under some circumstances, we may deny your access request. In that event, we will respond to you with the reason for the denial.

For security and legal compliance, we cannot disclose certain sensitive information like Social Security numbers, driver’s license numbers, financial account numbers, health insurance or medical IDs, passwords, or security questions and answers. However, we can inform you if we have such information without disclosing specific details.

Right to change your Personal Data

This is called the right to rectification. It gives you the right to ask us to correct without undue delay anything that you think is wrong with the Personal Data we have on file about you, and to complete any incomplete Personal Data.

Right to delete your Personal Data

This is called the right to erasure, right to deletion, or the right to be forgotten. This right means you can ask for your Personal Data to be deleted.

For individuals enrolled within a clinical trial, please contact your study coordinator or principal investigator. Others, please email privacy@biosensics.com.

Sometimes we can delete your information, but other times it is not possible for either technical or legal reasons. If that is the case, we will consider if we can limit how we use it. We will also inform you of our reason for denying your deletion request.

Right to ask us to limit how we process your Personal Data

This is called the right to restrict processing. It is the right to ask us to only use or store your Personal Data for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.

Right to ask us to stop using your Personal Data

This is called the right to object. This is your right to tell us to stop using your Personal Data. You have this right where we rely on a legitimate interest of ours (or of a third party). You may also object at any time to the processing of your Personal Data for direct marketing purposes.

We will stop processing the relevant Personal Data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your Personal Data to establish, exercise, or defend a legal claim.

Right to port or move your Personal Data

This is called the right to data portability. It is the right to ask for and receive a portable copy of your Personal Data that you have given us or that you have generated by using our Services, so that you can:

  • Move it;

  • Copy it;

  • Keep it for yourself; or

  • Transfer it to another organization.

We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you a copy in electronic format.

Right to withdraw your consent

Where we rely on your consent as the legal basis for processing your Personal Data, you may withdraw your consent at any time. If you withdraw your consent, our use of your Personal Data before you withdraw is still lawful.

If you have given consent for your details to be shared with a third party and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences.

How can you exercise your rights?

To exercise your rights described above, please submit a request by emailing us at privacy@biosensics.com or by postal mail at:

BioSensics, LLC
57 Chapel Street, Suite 200
Newton, MA 02458
USA

Verification of your identity

In order to correctly respond to your privacy rights requests, we need to confirm that you actually made the request. Consequently, we may require additional information to confirm that you are who you say you are.

We will only use the Personal Data you provide us in a request to verify your identity or authority to make the request.

Verification of Authority

If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request, a valid power of attorney on behalf of the individual, or proof of parental responsibility or legal guardianship. Alternatively, you may ask the individual to directly contact us by using the contact details above to verify their identity with BioSensics and confirm with us that they gave you permission to submit this request.

Response timing and format of our responses

We will confirm the receipt of your request within ten (10) business days, and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request.

Please allow us up to thirty (30) days to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing.

If we cannot satisfy a request, we will explain why in our response. For data portability requests, we will choose a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without difficulty.

We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.

Data Retention

We will retain your Personal Data for as long as is necessary to fulfill the purpose for which we collected your Personal Data and any other permitted linked purpose and in compliance with our data retention policies. For example, we will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

If your Personal Data is used for more than one purpose, we will retain it until the purpose with the longest retention period expires; but we will stop using it for the purpose with a shorter retention period once that period expires. Our retention periods are also based on our business needs and good practice.

Your Personal Data may need to be retained in our backup systems and will only be deleted or overwritten at a later time, our backup schedules vary by system and the nature of the data. This may be the case even when you or a Supervisory Authority has validly asked us to delete your Personal Data or when we no longer have a legal basis for processing such Personal Data. Please note that our backups are protected, and we have implemented a system to remind us to delete the data again when we restore a backup to production systems.

Factors that may be relevant to determining how long we keep Personal Data include:

  • The purposes for which we collected it;

  • The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you are an active customer with us or keep using our services) and the length of time thereafter during which we may have a legitimate need to reference your Personal Data to address issues that may arise;

  • Your preferences and how you engage with our sites and services;

  • Any applicable legal or regulatory requirements; and

  • Whether we need the information for our business purposes, or to protect our rights (for example, in actual or potential litigation).

Tracking Technologies and Cookies

BioSensics may collect and generate information about you when you interact with our website, which may include name and contact information (as described above), information about the device you use to interact with our website, and information about your interaction with our website (such as content you view, features you access, sites you view immediately before and after you access our website, content you view on our website, search terms you use on our website, and content in which you have indicated interest).

A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide basic relevant ads, website functionality, authentication (session management), usage analytics (web analytics), to remember your settings, and to generally improve our websites and Services.

We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser, but always have an expiration date. Most of the cookies placed on your device through our website are first-party cookies which are placed directly by us. Other parties, such as Google and Hubspot, may also set their own (third-party) cookies through our websites. Please refer to the privacy notices of these third parties to learn more about the way in which they collect and process information about you.

BioSensics may use web beacons or pixels. Web beacons are a small tag (which may be invisible to you) that may be placed on our website’s pages and messages. We or third-party partners may use invisible pixels or beacons on our website to count how many users access or use certain pages, features, or content. This information is collected and reported in the aggregate. We may use this information to improve our current service offerings, develop new services, and target information to you that may be helpful and useful to you based upon your use of our services.

BioSensics may use third-party analytics tracking technologies and tools to collect information about how you use our website, such as the frequency of visits, pages viewed, traffic data, location, referring and exit pages, and error information. These tools may also collect device information, discussed above. These tools examine website activities to prepare usage reports, and this information helps us improve our website and enhance user experience. Tracking information will be shared with the third-party analytics provider, which may use that information for its own purposes, potentially including marketing or advertising. While the tracking information we collect through such tools is not sufficient on its own for BioSensics to identify you, the third-party analytics provider may be able to combine it with other data it has to identify you.

If you would prefer not to accept cookies, you can change the setup of your browser to reject all or some cookies. Note, if you reject certain cookies, you may not be able to use all features of our websites. For more information, please visit https://www.aboutcookies.org/.

You may also set your browser to send a Do Not Track (DNT) signal. For more information, please visit https://allaboutdnt.com/. Please note that our Services do not have the capability to respond to “Do Not Track” signals received from web browsers.

Use of Artificial Intelligence

BioSensics may use artificial intelligence or AI to process Personal Data and for other purposes, including for the purposes and bases described above and with respect to our Services. For example, BioSensics may use AI to Personal Data for the following purposes: organize, summarize, analyze, recognize patterns, and identify specific aspects of information; create records, documents, text, images, communications, and similar content generated by AI based on information and prompts input into AI; conduct research; use notetakers and transcribers for meetings, video conferences, and BioSensics events; and perform other discrete aspects of our Services.

Security of your Personal Data

BioSensics secures your Personal Data from unauthorized access, use or disclosure, alteration or destruction by implementing and maintaining technical, administrative, and physical measures that are reasonably designed to help protect Personal Data from unauthorized processing. Some of these measures include the de-identification of clinical study data, on-device encryption, encryption in transit using TLSv1.2 or newer and encryption at rest. The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Any transmission of Personal Data is at your own risk.

Children under thirteen

BioSensics does not knowingly collect Personal Data from children under the age of thirteen. If you are under the age of thirteen, you must ask your parent or guardian for permission to use this website.

If we learn that we have collected or processed a child’s personal information without valid authorization from a parent or legal guardian where required by applicable law, we will take steps to delete that personal information from our systems as soon as reasonably practicable. If you believe that your child has provided us with personal information, please contact us so that we can investigate and take appropriate action.

Links to Other Sites

Our Services or website may contain links to third-party websites. If you click on one of those links, you will be taken to websites we do not control. This Privacy Notice does not apply to the information practices of those third-party websites. You should read the privacy policies of third-party websites carefully. We are not responsible for the content, privacy policies, actions or security of third-party websites.

Governing Law and Jurisdiction

This Privacy Notice shall be construed and governed under the laws of the United States and the Commonwealth of Massachusetts (without regard to rules governing conflicts of laws provisions). You agree that venue for all actions, arising out of or relating in any way to your use of our Services, shall be in the federal court in Boston, Massachusetts or state court of competent jurisdiction located in Middlesex County, Massachusetts, within one (1) year after the claim arises. Each party waives any objections based on forum non conveniens and waives any objection to venue of any action instituted hereunder to the extent that an action is brought in the courts identified above. Each party consents to personal jurisdiction in the courts identified above.

Data Privacy Framework

BioSensics complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  BioSensics has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  BioSensics has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/

Dispute Resolution

Where a privacy complaint or dispute relating to Personal Data received by BioSensics in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

Binding Arbitration

If your dispute or complaint related to your Personal Data that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution mechanism mentioned above, you may have the right to require that we enter into binding arbitration with you under the Data Privacy Framework “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

U.S. Regulatory Oversight

BioSensics is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

European Union Supervisory Authority Oversight

If the GDPR applies to our processing of your Personal Data, you also have the right to lodge a complaint with a data protection regulator in one or more of the European Union Member States. Specifically, you can lodge a complaint in the Member State of the European Union of your habitual residence, place of work, or the alleged violation of the GDPR. In the UK, you can lodge a complaint with the UK Information Commissioner’s Office.

Changes to this Notice

BioSensics will occasionally update this Notice to reflect company and customer feedback. BioSensics encourages you to periodically review this Notice to be informed of how BioSensics is protecting your Personal Data. Whenever we update this Notice, we will also update the “Effective” date.

Contact information

BioSensics welcomes your questions or comments regarding this Notice. If you believe that BioSensics has not adhered to this Notice or have any questions regarding the processing of your Personal Data, please email privacy@biosensics.com or by postal mail at:

BioSensics, LLC
57 Chapel Street, Suite 200
Newton, MA 02458
USA

Please allow up to four weeks for us to reply.

European Union Representative

We have appointed VeraSafe as our representative in the EU for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative/ or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland

United Kingdom Representative

We have appointed VeraSafe as our representative in the UK for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative/ or via telephone at: +44 (20) 4532 2003.

Alternatively, VeraSafe can be contacted at:

VeraSafe United Kingdom Ltd.
37 Albert Embankment
London
SE1 7TL
United Kingdom