Privacy Policy

Last Updated: November 10, 2025
Effective Date: November 10, 2025

1. Introduction

Daly Innovations Ltd T/A FlowSEQ ("we," "us," "our," or "FlowSEQ") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our FlowSEQ platform (the "Service").

Our Contact Information:

  • Company: Daly Innovations Ltd T/A FlowSEQ
  • Address: 11 Ard Coillte, Ballina, Co. Tipperary, Ireland
  • Email: support@flowseq.bio

By using FlowSEQ, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contractual Necessity: To provide you with access to and use of the FlowSEQ Service
  • Legitimate Interest: To improve our Service, prevent fraud, and ensure security
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal Obligation: To comply with applicable laws and regulations

3. Information We Collect

3.1 Information You Provide to Us

When you create an account or use FlowSEQ, we collect:

Account Information:

  • Email address (required)
  • Full name (required)
  • Password (stored in hashed form using bcrypt encryption)

Profile Information:

  • Job title or role (optional)
  • Research interests (optional)
  • Profile preferences and settings

User-Generated Content:

  • Sequencing cost calculations and planning data
  • Cost library items and parameters
  • Cost profiles and combinations
  • Sustainability metrics and environmental impact data
  • Custom genome definitions and sequencing workflows
  • Protocol selections and laboratory settings
  • Saved sequencing runs and configurations
  • Lab configuration data
  • Any other data you input into the Service

Note: Your cost library data and business calculations are treated as confidential business information and are not shared with other users unless you explicitly choose to share lab configurations with colleagues.

3.2 Information Automatically Collected

When you access and use FlowSEQ, we automatically collect:

Technical Information:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Time zone setting and location (country/region level only)
  • Pages visited and features used
  • Date and time of access
  • Referring website addresses

Cookies and Similar Technologies:

  • Essential cookies for authentication and session management
  • Preference cookies to remember your settings
  • Security cookies to detect and prevent fraud

We do not use third-party advertising cookies or tracking pixels.

3.3 Analytics and Usage Tracking

User Opt-In Tracking:

We collect usage analytics only with your explicit consent to help us improve FlowSEQ and understand how users interact with the Service. You can enable or disable tracking at any time in your account settings.

When tracking is enabled, we collect:

  • Session information (duration, timestamps, navigation patterns)
  • User interactions (feature usage, button clicks, form submissions)
  • Page views (URLs, time spent, scroll depth)
  • Performance data (page load times, API response times, errors)

Important:

  • Tracking is disabled by default and requires your explicit opt-in
  • We do not use third-party advertising or marketing analytics
  • All analytics data is used solely for improving FlowSEQ's functionality
  • Analytics data is aggregated and anonymized for reporting purposes
  • You can disable tracking at any time without affecting your use of FlowSEQ

4. How We Use Your Information

4.1 Service Delivery

  • To create and manage your account
  • To provide access to FlowSEQ features and functionality
  • To process and store your sequencing cost calculations
  • To enable collaboration features (if applicable)
  • To provide customer support and respond to inquiries

4.2 Service Improvement

  • To analyze usage patterns and improve user experience
  • To develop new features and functionality
  • To troubleshoot technical issues and bugs
  • To conduct research and analytics (aggregated and anonymized)

4.3 Communication

  • To send account-related notifications (password resets, security alerts)
  • To provide service updates and feature announcements
  • To send educational content about cost optimization (with your consent)
  • To respond to your support requests

4.4 Security and Legal Compliance

  • To detect and prevent fraud, abuse, and security incidents
  • To enforce our Terms of Service
  • To comply with legal obligations and respond to lawful requests
  • To protect our rights, property, and safety

5. Data Storage and Security

5.1 Data Storage Location

Infrastructure and Data Location:

  • Hosting: Vercel (Application servers)
    • EU users: Frankfurt (fra1) or Dublin (dub1) region deployment
    • Ensures EU data residency compliance for application processing
  • Database: PostgreSQL
    • Configuration: EU region hosting for GDPR compliance
    • All user data stored in EU-based database instances
    • Encrypted at rest and in transit

For EU Users (GDPR Compliance):

  • User data for EU residents is stored on servers located within the European Union
  • Application hosting and database storage maintain EU data residency
  • No data transfers outside the EU without appropriate safeguards (Standard Contractual Clauses)

5.2 Security Measures

We implement industry-standard security measures to protect your data:

Encryption:

  • Data in transit: TLS/SSL encryption (HTTPS)
  • Data at rest: Encrypted database storage
  • Passwords: Hashed using bcrypt with strong salt rounds

Access Controls:

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA) for administrative access
  • Regular access reviews and principle of least privilege

Note: While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Sharing and Third-Party Services

We do not sell, rent, or trade your personal data. We may share your data only in the following circumstances:

  • With your consent: When you explicitly authorize us to share your data
  • Lab configuration sharing: When you choose to share lab settings with colleagues (your explicit action)
  • Service providers: With third-party vendors who perform services on our behalf (under strict confidentiality agreements)
  • Legal requirements: When required by law, regulation, legal process, or government request
  • Business transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)
  • Protection of rights: To protect our rights, property, safety, or that of our users or the public

Current Third-Party Services:

  • Cloud Hosting: Vercel (EU: Frankfurt/Dublin)
  • Database: PostgreSQL (EU region)
  • Authentication: Self-hosted (EU)
  • Error Logging: Sentry (US with EU data processing addendum)

7. Data Retention and Deletion

7.1 Active Accounts

We retain your personal data for as long as your account is active and as necessary to provide you with the Service, comply with legal obligations, resolve disputes, and enforce agreements.

7.2 Inactive Accounts

Automatic Deletion Policy:

  • Accounts inactive for 2 consecutive years will be flagged for deletion
  • We will send email notifications at 21 months and 23 months of inactivity
  • After 2 years of inactivity, account data will be permanently deleted unless you log in

7.3 User-Requested Deletion

You may request account deletion at any time by contacting support@flowseq.bio. Upon account closure, your personal data will be deleted within 60 days.

8. Your Rights Under GDPR and CCPA

8.1 Rights for EU Users (GDPR)

If you are located in the European Union, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for specific processing activities
  • Right to Lodge a Complaint: File a complaint with your local Data Protection Authority

8.2 Rights for California Users (CCPA)

If you are a California resident, you have the following rights:

  • Right to Know: Categories of personal data collected, sources, purposes, and third parties
  • Right to Delete: Request deletion of personal data (subject to exceptions)
  • Right to Opt-Out: Opt-out of sale of personal data (we do not sell personal data)
  • Right to Non-Discrimination: No discrimination for exercising your CCPA rights
  • Right to Correct: Request correction of inaccurate personal data

8.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: support@flowseq.bio

Subject Line: "Data Rights Request - [Your Request Type]"

Response Time: GDPR requests within 30 days; CCPA requests within 45 days

9. Cookies and Tracking Technologies

Types of Cookies We Use

  • Essential Cookies: Authentication, session management, and security
  • Preference Cookies: Remember your settings and preferences

What We Do NOT Use:

  • Third-party advertising cookies
  • Social media tracking pixels
  • Cross-site tracking cookies
  • Retargeting or remarketing cookies

10. Children's Privacy

FlowSEQ is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us at support@flowseq.bio.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

  • Material Changes: We will notify you by email or prominent notice in the Service at least 30 days before changes take effect
  • Minor Changes: We will update the "Last Updated" date at the top of this policy
  • Your Continued Use: Continued use of FlowSEQ after changes constitutes acceptance of the updated policy

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@flowseq.bio

Address:
Daly Innovations Ltd T/A FlowSEQ
11 Ard Coillte
Ballina, Co. Tipperary
Ireland

Response Time: We aim to respond to all inquiries within 5 business days.

13. Governing Law and Jurisdiction

This Privacy Policy is governed by:

  • EU Users: Irish law and the General Data Protection Regulation (GDPR)
  • California Users: California Consumer Privacy Act (CCPA) and applicable US federal law
  • Other Users: Irish law and applicable international data protection regulations

Additional Resources

Learn More About Your Privacy Rights:

EU Resources:

California Resources:

Back to Home