Privacy Policy

TieDyed Analytics Lab ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our laboratory testing services and notification platform.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when registering for our Services:

• Account Information: Full name, work email address, company name, job title
• Contact Information: Business address, phone number, authorized personnel contacts
• Authentication Data: Password, security questions, multi-factor authentication credentials
• Service Data: Laboratory test orders, sample information, compliance requirements

1.2 Automatically Collected Information

When you access our Services, we automatically collect:

• Technical Data: IP address, browser type, device information, operating system
• Usage Data: Pages viewed, features accessed, time spent on platform, click patterns
• Email Interaction Data: Email open rates, link clicks, delivery status (for transactional notifications)
• System Logs: Access times, error logs, security events

2. How We Use Your Information

We use collected information for the following purposes:

• Service Delivery: Processing laboratory tests, generating reports, delivering results
• Transactional Communications: Sending test results, compliance alerts, safety notifications
• Account Management: Creating and maintaining your workspace, authentication, access control
• Compliance Tracking: Monitoring certification status, sending renewal reminders, regulatory notifications
• Security: Detecting fraud, preventing unauthorized access, maintaining system integrity
• Service Improvement: Analyzing usage patterns, optimizing performance, enhancing features
• Legal Obligations: Complying with regulatory requirements, responding to legal requests

3. Information Sharing and Disclosure

3.1 We Do Not Sell Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

3.2 Service Providers

We may share information with trusted service providers who assist in operating our Services:

• Email delivery infrastructure providers (Mailgun, AWS SES)
• Cloud hosting and data storage services
• Security and fraud prevention services
• Analytics and performance monitoring tools

All service providers are contractually obligated to protect your information and use it only for specified purposes.

3.3 Legal Requirements

We may disclose information when required by law, including:

• Compliance with legal process (subpoenas, court orders)
• Regulatory investigations and audits
• Protection of our legal rights and property
• Prevention of fraud or illegal activities

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: TLS/SSL encryption for data in transit, AES-256 encryption for data at rest
• Access Controls: Role-based access, multi-factor authentication, regular access reviews
• Network Security: Firewalls, intrusion detection systems, regular security audits
• Data Backups: Regular encrypted backups with geographic redundancy
• Incident Response: 24/7 security monitoring and incident response procedures

5. Data Retention

We retain your information for as long as necessary to:

• Provide ongoing Services under active contracts
• Comply with legal and regulatory retention requirements
• Resolve disputes and enforce agreements
• Maintain audit trails for compliance purposes

Laboratory test results and compliance records are retained for a minimum of 7 years in accordance with industry standards and regulatory requirements.

6. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request copies of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to legal retention requirements)
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing under certain circumstances

To exercise these rights, please contact us using the information provided below.

7. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions for data transfers to approved jurisdictions
• Binding corporate rules for intra-company transfers

8. Cookies and Tracking Technologies

We use essential cookies and similar technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Analyze platform usage and performance
• Ensure security and prevent fraud

You can control cookies through your browser settings, though disabling certain cookies may affect platform functionality.

9. Children's Privacy

Our Services are designed for business use and are not intended for individuals under 18 years of age. We do not knowingly collect information from children.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated via email notification or prominent notice on our platform. Your continued use of our Services after such changes constitutes acceptance of the updated policy.

11. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, please contact: