NotchBio Privacy Policy

Last Updated: March 5, 2026

Effective Date: March 5, 2026

This Privacy Policy explains how NotchBio ("NotchBio", "we", "us", or "our") collects, uses, stores, and shares personal data when you use our platform and related services.

This policy applies to notchbio.app, lab.notchbio.app, related APIs, application interfaces, and support channels.

1. Who We Are

NotchBio provides a cloud-based bioinformatics platform for research workflows, including RNA-seq upload/import, quality control, preprocessing, quantification, differential expression, and pathway analysis.

2. Contact

For privacy questions or data requests, use the in-app contact option or email contact@updates.notchbio.app .

3. Information We Collect

3.1 Account information

We may collect name, email, authentication identifiers, and organization details (if provided). Authentication is handled through third-party identity infrastructure.

3.2 Usage and technical information

We may collect IP address, browser/device metadata, timestamps, access logs, project/job activity metadata, and operational diagnostics.

3.3 Billing information

If paid services apply, billing may be processed by third-party providers. We may receive billing contact details, plan status, and transaction metadata. We do not store full payment card numbers.

3.4 Research data and user content

You may upload or import scientific datasets and metadata (for example, NCBI accessions and sequencing files), along with generated outputs. We process this content only to provide requested functionality.

4. How We Collect Information

  • Directly from you (account setup, uploads, forms, support requests)
  • Automatically during product use (logs and usage data)
  • From integrated third-party providers (authentication, billing, public repositories)

5. How We Use Information

  • Provide authentication and access control
  • Run requested analysis workflows
  • Manage projects, files, and collaboration features
  • Operate billing/subscription flows (if applicable)
  • Secure the platform and prevent abuse
  • Troubleshoot reliability and improve performance
  • Provide support and service communications
  • Comply with legal obligations

6. Legal Bases (Where Applicable)

Depending on jurisdiction, we process personal data under contract performance, legitimate interests, legal obligation, or consent (where required).

7. Research Data Handling

  • Users retain ownership and control of research datasets and outputs.
  • We do not sell research datasets.
  • Access is limited to users, authorized collaborators, and required service providers.
  • We process research data only to execute user-requested workflows.
  • Users are responsible for required rights, approvals, and legal basis for uploaded/imported data.

8. Third-Party Services

We rely on third-party providers for authentication and identity, compute and storage, infrastructure hosting and databases, billing/subscription handling, public repository integrations, and product analytics. These providers may include Clerk (authentication), Railway and Modal (hosting, storage, and compute), Paddle (billing), NCBI/SRA (public repository integrations), and PostHog (product analytics).

9. Cookies and Similar Technologies

We use cookies and similar technologies for session management, security, and functionality. On notchbio.app we ask for consent before enabling non-essential analytics cookies. If you opt in, we use PostHog to measure visits, CTA clicks, docs/blog attribution, and related marketing analytics.

Inside the authenticated lab application, we may use product analytics and masked session replay to understand workflow usage, reliability issues, and support requests. Session replay in the lab app is configured to mask text input fields by default. You can manage public-site analytics consent using the cookie settings control on the site.

10. Storage, Processing, and Retention

Data may be processed on cloud infrastructure across multiple regions. Temporary and intermediate files may be created during workflows. Retention varies by data type and operational need, and some data may remain in backups for limited periods.

11. Data Sharing

We do not sell or rent personal data.

We may share data with service providers, collaborators you authorize, as required by law, or during a corporate transaction, subject to applicable safeguards.

12. International Data Transfers

Because providers may operate globally, data may be processed outside your country of residence. We use reasonable safeguards appropriate to applicable law.

13. Security

We use technical and organizational controls including access control, secure transport, and operational monitoring. No system can guarantee absolute security.

14. Your Rights

Depending on jurisdiction, you may request access, correction, deletion, portability, restriction, or objection, and may withdraw consent where consent is the legal basis.

Submit requests through in-app contact or contact@updates.notchbio.app .

15. Children's Privacy

The Service is not intended for children under 18, and we do not knowingly collect their personal data.

16. Changes to This Policy

We may update this policy from time to time. Updated versions include a revised "Last Updated" date and become effective when posted unless stated otherwise.

17. Contact

For privacy inquiries, use the in-app contact option or email contact@updates.notchbio.app .