You have legitimate questions about your privacy and data. We have answers to them in plain English, because we want you to understand.
At Atlas Biomed, we believe in transparency and we truly believe that it’s essential to explain complex ideas so that everybody can understand. This ethos doesn’t just apply to our DNA and microbiome test results, the same goes for Information Technology, personal data protection, the tools and other technology associated with our products.
Why are companies so secretive?
In the field of health and wellbeing, there are any number of operators that function in unregulated, grey areas of the law and using loopholes. This includes companies that may lack the evidence to support their health claims. These companies make it hard to find information about what they do.
Furthermore, hacking scandals and breaches of user trust by major international companies have put data protection on everybody's radar, from individuals to governments and international organisations. In light of such events, it is normal to have questions and raise concerns.
It can be particularly hard to understand what’s happening on the Internet. Information on protocols, data protection, privacy and all the rest is usually written in jargon that only IT geeks and lawyers understand. So let us break it down for you, because we made history by launching the EU’s first ever CE-marked genetic testing products to be sold directly to consumers.
Here is list of the questions and answers you will find in this article. Every answer is boiled down into plain English and addresses every aspect of Atlas Biomed products from how we protect and use your data to a review of the technology used to sequence DNA and microbiome samples.
- 1. Is Atlas certified by anyone?
- 2. What about data protection regulations?
- 3. How do you protect my genetic data?
- 4. Do you sell my data? Who owns the data?
- 5. Do you use my data for research purposes?
- 6. Can I access and/or delete my data?
- 7. What happens to my stool sample after I get my microbiome results?
- 8. What happens to my saliva sample after I get my DNA results?
We are proud of our achievements and we are happy to disclose the measures we take to protect your genetic and personal data. Because, in addition to worldclass genetic and microbiome experts, we have a team of talented heroes in the IT department that rarely get celebrated for the lengths they go to protect you!
Important documents and how to contact us
We strongly encourage you to consult our documentation pertaining to the use and protection of your data.
If you have any questions, our customer service department will answer you in person. All you have to do is email us [email protected]
1. Is Atlas Biomed certified by anybody?
Products & services
The Atlas Biomed products (interpretation platform, DNA Test, Microbiome Test) have been registered with the following agencies:
- Medicines and Healthcare products Regulatory Agency (MHRA), UK
- European conformity - CE mark, EU
In order to receive approval for the sale of our genetic testing and analysis products, we were required to submit clinical evidence to support our health risk claims and analysis. In addition to that, we had to reach stringent standards for the technology, processes and data protection applied.
Sample collection kit
The collection kit for your DNA and/microbiome sample has also received:
- In vitro diagnostic European conformity - CE mark, EU
This means that the collection kit is compliant with EU/UK regulations pertaining to the quality standards for the collection of biosamples used for diagnostics.
Your sample is analysed by a partner laboratory that is compliant with international standard:
- ISO 15189
Analysis of DNA and microbiome samples is performed in an accredited laboratory in the Netherlands. To receive ISO approval, the laboratory has been assessed and is in compliance with international/EU/UK standards.
ISO 15189 accreditation is required for laboratories performing clinical medical services essential to patient care. These services cover every step of the process from collection and storage of clinical-grade samples, to interpretation and reporting with due consideration of lab safety and ethics.
2. What about data protection regulations?
Data protection compliance
In order to sell our tests, Atlas Biomed technologies, protocols and policies are compliant with:
- General Data Protection Regulation (GDPR), EU
The GDPR is a landmark European policy implemented as of May 2018 aimed at protecting users’ personal data. Under this regulation, the “sensitive nature” of genetic data is recognised and therefore falls under a “special category” with its own special stipulations.
This is why we keep your data in anonymised and encrypted format. You can read more about this further down.
In addition to compliance with the GDPR, this EU regulation stipulates that national governments may introduce further conditions on the processing of genetic data, biometric data or data concerning health.
UK data protection compliance
The Atlas Biomed products are registered with:
- Information Commissioner’s Office, UK
This is an independent authority set up to uphold information rights in the public interest.
3. How do you protect my genetic data?
User data are protected by several different means every step of the way to make sure that your information is safe with us.
- Storing your data
Your data are stored on certified servers located within the European Union in anonymised form. This means that your data does not contain any information that would allow personal identification, so you remain anonymous. There are strict protocols within Atlas Biomed on accessing data that have been reviewed and approved by regulators.
- Accessing your data
When accessing your data, you are protected by DDoS mitigation and web application firewall (WAF) service.
- Transferring your data
We protect data when it is transferred from the server to your computer using HTTPS protocol. HTTPS protocol provides secure data transfer with Extended Validation (EV) SSL certificate, the highest standard of certificate available. It is by DigiCert Inc and confirms that our website is run by a verified company (Atlas Biomed Group Ltd). It also confirms measures to protect data during transfer: SHA-256 with RSA encryption algorithm.
HTTPS protocol makes it impossible for people to understand your internet activity by encrypting your communication with the server where your data is stored. To see if a website is protecting your data using HTTPS, just look at the website address in your browser's address bar, it should start with https://. Some browsers also display a padlock symbol.
If you're still confused, we get it. So our IT team recommended this great video by The Curious Engineer to help explain.
4. Do you sell my data? Who owns the data?
You own your data and it is stored in anonymised format in accordance with UK and EU data protection laws.
We don’t sell your data. But we may use anonymised and aggregate raw data for research purposes. Read more about this in the next question.
5. Do you use my data for research purposes?
Furthermore, we are required by the GDPR to receive explicit consent from a user, should we wish to use their individual genetic data for research purposes. In order to obtain explicit consent, Atlas Biomed will contact the user in person by email. For more information on managing your personal data, see the next question.
6. Can I access, change and/or delete my data?
To access and receive a copy of the Personal Data we hold about you with the subject line ‘Personal data request’ in the email title. Please note that we may ask you to verify your identity before responding to such requests.
To rectify any Personal Data held about you that is inaccurate at any time by sending an e-mail to [email protected] with the subject line ‘Rectify my data’ in the email title
To request that we destroy your sample at any time by sending an e-mail to [email protected] with the subject line ‘Withdraw’ in the email title
To request that we delete your personal, health and genetic data by sending an email to [email protected] with the word ‘Forget me’ in the email title.
7. What happens to my stool sample after I get my microbiome results?
Your sample is securely stored in the laboratory in accordance with UK and EU data protection laws. You can request for your sample to be destroyed at any time.
8. What happens to my saliva sample after I get my DNA results?
A: Your sample is securely stored in the laboratory in accordance with UK and EU data protection laws. You can request for your sample to be destroyed at any time.
This article contains answers to the most commonly asked questions concerning data protection. We really hope it answers your queries. Don't forget, you can always contact our customer support department directly with your questions [email protected]