FastFinder typically processes three types of data. Customer sample data, customer personnel data and customer company information. While not all data is personal data, Velsera securely processes all information.
Customer sample data will typically include assay results, genetic data and non-personal data. This data is not considered health data (including sensitive personal data and protected health information), as it is not information (that can be) linked to a particular person. Data is protected at rest as well as in transfer: all data are stored within the selected region of storage (to ensure data residency compliance as well as low latency and high availability) and are always transferred over industry-grade secure connections. This type of data is stored for the complete product lifecycle period plus 10 years. The legal basis for this processing is a contractual necessity.
Customer personal data is used for (personal) identification such as a user login, e-mail, name, title, IP addresses (identifying a computer) and cookie session information (identifying a browser user). This data is stored in data centers within the West-European region and is transferred over industry-grade secure connections. This data is stored for 5 years after license expiry. The legal basis for this processing is contractual necessity.
Customer company information is financial identification data, business name, geography, company registration numbers, etc. This data is used for accounting purposes, customer due diligence and summary reports to diagnostic companies where applicable. This data is stored for 10 years. The legal basis for this processing is compliance with legal obligations.