GENOS.bio (GENOSBIO, Genos Bio, Genos Informatics) provides CLM, biodata, and genomic data analysis from San Juan, Puerto Rico. Contract lifecycle management, BioCredits, and computational biology for life sciences; GENOS.pr is the Puerto Rico network front door.

Privacy Policy

Last updated: January 26, 2026

Introduction

This privacy policy (“Privacy Policy”) applies to visitors and users of the GENOS LLC website at www.genos.bio, the GENOS.bio contract lifecycle management (“CLM”) application, BioCredits™ accounting features, and related services (collectively, the “Service”). GENOS LLC (“GENOS,” “we,” “us”) describes here how we collect, use, disclose, and safeguard personal information. This Privacy Policy also describes privacy rights that may be available under applicable laws, including in Puerto Rico and the United States.

Please read this Privacy Policy carefully. By accessing or using any part of the Service, you acknowledge you have been informed of our practices regarding your personal information and data.

Key Definitions

“Personal Information”
Information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular individual (including, in some jurisdictions, certain online identifiers).
“Customer Data”
Data and materials provided by or on behalf of a customer institution/organization in connection with contracted Services (for example, CLM documentation, statements of work, deliverables, and secure data exchanges). Customer Data may include research datasets depending on the engagement.
“Usage Data”
Service usage, diagnostic, and security-related data generated through interaction with the Service. Usage Data generally excludes Customer Data content but may include metadata such as timestamps, page paths, and performance signals.

Applicability and Customer Data

If you are using the Service under a contract between your institution/organization and GENOS (for example, a statement of work or SOW), this Privacy Policy supplements that agreement. Customer Data is governed primarily by the applicable contract and our Terms of Service. When we process Customer Data, we typically do so on behalf of the contracting institution/organization and in accordance with the contract’s instructions and security requirements.

Depending on the engagement, Customer Data may include materials from systems you authorize us to integrate with (for example, relevant email threads, meeting notes, Git repositories, documents, and deliverable exchanges) for the purpose of reconciliation, audit trails, and project execution.

If you are using the Services as an employee, researcher, or other representative of one of our customers, please direct any questions or requests regarding Customer Data to your institution, as they are the primary controller of that data.

Personal Information We Collect

The types of personal information we collect depend on how you interact with our Service.

  • Account and contact information: Name, email address, phone number, institutional affiliation, role, and similar information you choose to provide.
  • Contact form submissions: If you submit a request through our contact forms, we collect the fields you submit (for example, name, phone, email, institution, role, and interests) and the metadata needed to receive and respond to the request.
  • Usage and technical data: IP address, device type, browser type, operating system, language settings, approximate location (such as city/state/country), referral URLs, pages viewed, feature usage, and similar signals. Some of this is collected using cookies or similar technologies.
  • BioCredits™ and billing-related records: Records necessary to support platform accounting, allocations, and transaction history. Payment details are generally handled by the payment processor; we typically receive tokens/confirmations and transaction metadata rather than full card numbers.
  • Security and abuse-prevention data: Logs related to fraud prevention, rate limiting, and suspicious activity detection may include IP address, user-agent, request path, timestamps, and related diagnostic signals.
  • Authentication data (where enabled): Some GENOS services may support passkeys (WebAuthn) or other authentication methods. In those cases, we may process identifiers associated with your authentication device (such as credential IDs and public keys) and security logs. Your device may use biometric features (such as fingerprint or Face ID) locally to unlock a passkey, but we do not receive your biometric template from your device.
  • Customer Data (as defined above): Handled according to specific service agreements.

We do not request that you submit highly sensitive personal information through public web forms (for example, government identifiers). If Customer Data includes biological research datasets (for example, sequence data) or regulated data, handling and safeguards are defined by the applicable contract and any required addenda.

How We Use Personal Information

We use personal information for the following purposes:

  • Provide and operate the Service: Create and administer accounts, support CLM workflows, support BioCredits™ accounting, and provide customer support.
  • Respond to requests and communicate: Respond to inquiries, schedule meetings/demos, and send service-related communications (including security and administrative messages). Where required, we obtain consent for marketing communications, and you can opt out at any time.
  • Security, integrity, and abuse prevention: Monitor, prevent, and investigate fraud, misuse, and security incidents; enforce our terms; and protect the safety of users and our systems.
  • Improve and develop: Understand how the Service is used, diagnose issues, analyze performance, and improve features and reliability.
  • Compliance and legal: Comply with applicable laws and lawful requests, and protect rights, safety, and property.

BioCredits™ and Platform Records

BioCredits™ and the platform are designed to support institutional procurement governance, audit trails, and verifiable accounting for bioinformatics work. Depending on the deployment and the specific workflow:

  • Work records and audit trails: CLM workflows may create records of actions taken (for example, approvals, change orders, milestone updates, and deliverable acknowledgements), including timestamps and related identifiers.
  • Cryptographic hashes and verification: The Service may generate cryptographic hashes for documents or records to support integrity checks and verification.
  • Publicly verifiable views: Certain records may be made publicly verifiable via a URL or ledger-style view. Public views may include hashed/pseudonymous identifiers and transactional metadata (such as amounts, statuses, timestamps, and associated contract/verification hashes). If you or your institution chooses to publish or share a verification URL, anyone with that URL may be able to view the published record.

These records are intended to support institutional documentation and integrity. Some record types may be retained for audit, accounting, and dispute resolution reasons and may not be fully removable without compromising verification or audit requirements.

Reasons We Process (Legal Bases)

Depending on the context and applicable law, our reasons for processing personal information may include:

  • Contract: to provide the Service, administer accounts, and perform agreements.
  • Legitimate interests: to operate, secure, and improve the Service and communicate with business contacts, balanced against privacy interests.
  • Consent: where required (for example, certain cookies or marketing communications).
  • Legal obligation: to comply with applicable law and lawful requests.

Sharing Your Information

GENOS may share your personal information in the following circumstances:

  • Service providers: With vendors and partners that perform services on our behalf (for example, cloud hosting, payment processing, customer relationship management/contact intake, email delivery, analytics, and security tooling). They are obligated to protect the information and use it only to provide services to us.
  • Affiliates: With companies affiliated with GENOS, who are required to honor this Privacy Policy.
  • Legal Requirements & Rights Protection: If required by law, subpoena, court order, or other legal process, or if necessary to protect the rights, property, or safety of GENOS, our users, or others (including fraud prevention and enforcing our terms).
  • Business Transfers: In connection with a potential or actual merger, acquisition, reorganization, sale of assets, bankruptcy, or dissolution. We will make reasonable efforts to require the recipient to honor this Privacy Policy.
  • With Your Consent: For any other purpose disclosed to you at the time we collect the information or pursuant to your consent.
  • Aggregated/de-identified data: We may share data that has been aggregated or de-identified so it cannot reasonably be used to identify you.

GENOS only shares personal information with employees, contractors, and affiliated organizations who need to know the information to process it on our behalf or provide the Service, and who have agreed not to disclose it further. We do not sell your personal information.

Third-Party Links

The Service may contain links to third-party websites or services that are not operated by GENOS. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. Please review their policies before providing personal information.

Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, or destruction. However, no internet transmission or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee its absolute security.

Data Retention

We retain personal information for as long as reasonably necessary to provide the Service, fulfill contracts, comply with legal obligations, resolve disputes, and enforce agreements. Retention depends on the type of information and the context in which it was collected.

For Customer Data related to specific projects, retention and deletion are governed by the applicable contract/SOW and related requirements. Some records may need to be preserved for audit, billing, accounting, security, or legal reasons even after a contract ends.

Where the Service supports publicly verifiable records (for example, a ledger-style view of BioCredits™), certain fields may be designed to remain stable over time to preserve verification and integrity.

Cookies and Tracking Technologies

We may use cookies and similar technologies to operate the Service, remember preferences, enhance security, and understand usage. Some cookies are strictly necessary; others may be used for analytics or performance measurement. You can typically control cookies through your browser settings. Rejecting certain cookies may affect functionality.

Your Rights and Choices

Depending on your location and the applicable law, you may have rights regarding your personal information, including:

  • The right to access the personal information we hold about you.
  • The right to request correction of inaccurate data.
  • The right to request deletion of your data (subject to legal and contractual limitations).
  • The right to object to or restrict certain processing activities.
  • The right to data portability (where applicable).
  • The right to withdraw consent for processing based on consent.
  • The right to opt-out of promotional communications (via unsubscribe links or contacting us).

To exercise these rights, please contact us using the details below. We will respond in accordance with applicable law.

Additional Disclosures for Certain U.S. State Laws

If you are a resident of a U.S. state with privacy laws that provide additional rights (such as California, Colorado, Connecticut, Utah, Virginia, and others), you may have the right to request: (a) access to and a copy of certain personal information; (b) deletion of certain personal information; (c) correction of inaccurate personal information; and (d) information about our disclosures of personal information.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising as those terms may be defined under certain laws.

To submit a request, email [email protected] with “Privacy Request” in the subject line. We may need to verify your identity and/or your authority to act on behalf of an organization before responding. If your request relates to Customer Data controlled by an institution/organization, we may direct your request to that organization.

Cross-Border Data Transfer

The Service is hosted and operated primarily in the United States (including Puerto Rico). Your personal information may be stored and processed in the United States. If we transfer data across borders, we take steps designed to protect it consistent with applicable legal requirements.

Do Not Track

Some browsers offer a “Do Not Track” (“DNT”) signal. Because there is no widely adopted industry standard for responding to DNT signals, we do not currently respond to DNT signals.

Policy for Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. In addition, our Terms of Service require users to be 18 or older. If we learn that we collected personal information from a child under 13, or that a minor used the Service in violation of our Terms, we will take steps to delete the information and deactivate the account where reasonably possible. If you believe we might have such information, please contact us.

Changes to This Privacy Policy

GENOS may change its Privacy Policy from time to time, and at GENOS's sole discretion. We will notify you of material changes by updating the "Last updated" date of this Privacy Policy. Your continued use of the Service after any change in this Privacy Policy will constitute your acceptance of such change.

Contact Us

If you have questions, comments, or concerns about this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, please contact us:

The relevant data controller for personal information processed in connection with our Services is GENOS LLC.

GENOS LLC
1225 Ave. Juan Ponce de Leon - Penthouse
San Juan, PR 00907
Email: [email protected]

Please include "Privacy Concern" in the subject line for privacy-related inquiries.

Privacy Policy | GENOS