Privacy Policy

Last updated: 8 June 2026

1. Who we are

BioInformatics by LilySys (“we”, “us”, “our”) provides bioinformatics, AI/ML and research-IT services. For the purposes of this policy, the data controller for personal data collected via this website is BioInformatics by LilySys, contactable at bioinformatics@lilysys.com.

2. What we collect

• Information you give us — name, email, organisation, and the contents of any message you send via our contact channels (email, WhatsApp, or a form).
• Client project data — where you engage us for services, we may process research, sequencing, genomic, clinical or other data you provide. This is handled under a separate services agreement and/or non-disclosure agreement, and only on your instructions (see §6).
• Technical data — basic, privacy-respecting usage analytics (e.g. pages viewed), collected without invasive cross-site tracking.

3. How we use it and our legal bases

• To respond to enquiries and provide quotes — on the basis of taking steps at your request prior to a contract.
• To deliver and administer services you engage us for — on the basis of performance of a contract.
• To improve the website and understand aggregate usage — on the basis of our legitimate interests, balanced against your rights.
• To comply with legal obligations.

4. Sensitive and research data

Where project data includes personal data of research subjects or patients (including genomic or health data), you remain the controller and we act as your processor. We process such data strictly on your documented instructions, do not use it to train models or products for any other party, and apply appropriate technical and organisational safeguards. Specific terms are set out in the relevant services agreement and/or data-processing agreement.

5. Sharing and sub-processors

We do not sell your personal data. We share it only with service providers who help us operate (e.g. email, hosting, analytics, scheduling), under appropriate confidentiality and data-protection terms, and where required by law. Any sub-processors handling client personal data are engaged only with your prior authorisation.

6. International transfers

Where data is transferred across borders, we rely on appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms). Where you require data residency in a specific region, we can agree this in writing as part of an engagement.

7. Security

We implement appropriate technical and organisational measures including access controls, encryption in transit and at rest, and logging, proportionate to the sensitivity of the data. No method of transmission or storage is completely secure, but we work to protect your information and to notify you of material breaches as required by law.

8. Retention

We keep enquiry data for as long as needed to respond and for a reasonable follow-up period, and project data for the duration of the engagement plus any period required by law or agreement, after which it is securely deleted or returned.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, to data portability, and to withdraw consent. Under the EU/UK GDPR you may also lodge a complaint with a supervisory authority; under India’s Digital Personal Data Protection Act, 2023 you may exercise the rights it provides. To make a request, contact bioinformatics@lilysys.com.

10. Cookies and analytics

We aim to use privacy-friendly, cookie-light analytics. If we introduce cookies that require consent, we will present a consent mechanism and update this policy accordingly.

11. Children

This website is intended for professional and research audiences and is not directed at children.

12. Changes

We may update this policy from time to time. The “last updated” date above reflects the latest version.

13. Contact

Questions about this policy or your data: bioinformatics@lilysys.com.