top of page

Privacy Policy

1. Introduction and Commitment

Toolbox Ultramarine is a biotechnology company engaged in the research, development, manufacture, and commercialization of proteins, assay design, and scientific consulting services.

We operate in a highly regulated and sensitive scientific environment where the protection of personal data, proprietary information, and intellectual property is fundamental. This Privacy Policy reflects industry-leading standards aligned with global biotechnology and pharmaceutical organizations.

2. Applicability and Hierarchy of Agreements

This Privacy Policy applies to information collected via:

  • Our website

  • Commercial transactions

  • Scientific collaborations and consulting engagements

In the event of any conflict, executed agreements (including NDAs, MSAs, and SOWs) shall supersede this Privacy Policy.

 

3. Categories of Information Collected

3.1 Personal and Commercial Information

  • Professional identity and affiliation

  • Contact details

  • Billing and transactional data

  • Communication records

3.2 Scientific and Proprietary Data

  • Protein sequences, constructs, and molecular designs

  • Assay methodologies and experimental parameters

  • Research data and technical documentation

Such information may constitute confidential information, trade secrets, or protected intellectual property.

3.3 Automatically Collected Data

  • IP address and device identifiers

  • Usage analytics

  • Cookies and tracking technologies

4. Purpose of Processing

We process information for:

  • Order fulfillment and service delivery

  • Assay design and protein development

  • Scientific consulting

  • Client communication and support

  • Operational improvement and compliance

5. Confidentiality and Scientific Data Governance

We maintain strict controls including:

  • Role-based access restrictions

  • Internal confidentiality policies

  • Technical and administrative safeguards

6. Intellectual Property (IP) and Data Usage

6.1 Client-Owned Materials

All client-provided data remains the exclusive property of the client, unless otherwise agreed in writing.

6.2 Company-Owned Technology

We retain all rights to:

  • Pre-existing technologies

  • Platforms and methodologies

  • General know-how and expertise

6.3 Derived Data

We may retain generalized, non-identifiable learnings that do not expose client confidential information.

6.4 Restrictions

We shall not:

  • Use client data outside agreed scope

  • Disclose proprietary information without authorization

  • Reverse engineer client materials

6.5 Aggregated Data

We may use anonymized data for internal analytics and process improvement.

7. Disclosure of Information

We do not sell data. Limited disclosures may occur to:

  • Authorized service providers

  • Legal authorities when required

  • Parties involved in corporate transactions

8. Data Retention

Data is retained based on:

  • Contractual obligations

  • Legal requirements

  • Business necessity

9. Data Security

We implement:

  • Encryption protocols

  • Access controls

  • Monitoring systems

No system is entirely immune from risk.

10. International Data Transfers

Data may be processed globally with appropriate legal safeguards.

11. Individual Rights

Users may have rights to:

  • Access, correct, or delete data

  • Restrict or object to processing

  • Request portability

12. Cookies

We use cookies for functionality, analytics, and security.

13. Third-Party Sites

We are not responsible for external websites.

14. Children’s Data

We do not knowingly collect data from individuals under 18.

15. Export Control and Biosecurity Compliance

Given the nature of biotechnology materials and data, we comply with applicable export control, trade compliance, and biosecurity laws and regulations, including but not limited to:

  • U.S. Export Administration Regulations (EAR)

  • International Traffic in Arms Regulations (ITAR), where applicable

  • Applicable international biosecurity frameworks

Users agree not to:

  • Provide data, materials, or specifications subject to export restrictions without proper authorization

  • Use our products or services for prohibited purposes, including unlawful, harmful, or dual-use applications in violation of applicable laws

We reserve the right to refuse service, terminate engagements, or report activities where there is a reasonable concern regarding misuse, regulatory violations, or biosecurity risks.

16. Data Breach Notification

In the event of a confirmed data breach affecting personal or sensitive information, we will:

  • Promptly investigate and contain the incident

  • Assess scope, impact, and risk

  • Notify affected parties and relevant regulatory authorities as required by applicable law

Notifications will include, where appropriate:

  • Nature of the breach

  • Categories of affected data

  • Mitigation steps taken

  • Recommended protective actions

We maintain internal incident response procedures aligned with industry standards to ensure timely and compliant handling of security events.

17. Indemnification

To the fullest extent permitted by law, users agree to indemnify, defend, and hold harmless the Company and its officers, directors, employees, and affiliates from and against any claims, liabilities, damages, losses, or expenses arising out of or related to:

  • Violation of this Privacy Policy

  • Breach of applicable laws or regulations

  • Unauthorized or unlawful use of our products or services

  • Submission of data, materials, or information that infringes third-party rights or violates export control or biosecurity laws

18. Limitation of Liability

To the maximum extent permitted by law, the Company shall not be liable for indirect, incidental, consequential, or punitive damages arising from data access or use, except in cases of gross negligence or willful misconduct.

19. Policy Updates

We may update this Policy at any time. Continued use constitutes acceptance of changes.

20. Contact Us For More Information

21. Regulatory Alignment

This Privacy Policy aligns with:

  • GDPR

  • CCPA/CPRA

  • Applicable global data protection and life sciences standards

Privacy

Toolbox Ultramarine is a biotechnology company focused on protein production, assay development, and scientific consulting. We are committed to protecting personal data, proprietary research, and intellectual property to the highest industry standards.

Data We Collect

We collect limited information necessary to operate our business, including:

  • Professional and contact information

  • Transaction and service-related data

  • Scientific and technical materials provided in the course of engagements

  • Website usage data (e.g., cookies, analytics)

How We Use Data

Information is used solely to:

  • Deliver products and scientific services

  • Support research, assay development, and consulting

  • Maintain client relationships

  • Ensure legal and regulatory compliance

Confidentiality & IP

  • Client data and materials remain client-owned

  • All scientific information is handled under strict confidentiality

  • We retain rights to our internal technologies and know-how

  • Only anonymized, non-identifiable data may be used internally

Data Sharing

We do not sell data.
Data may be shared only with:

  • Trusted operational providers

  • Regulatory authorities when required

  • Parties involved in corporate transactions

Security & Compliance

We apply industry-standard safeguards, including secure systems, access controls, and monitoring.
We comply with global data protection, export control, and biosecurity regulations.

Data Breach Commitment

We maintain formal incident response procedures and will notify affected parties and authorities as required by law.

Your Rights

You may have rights to access, correct, or delete your data, subject to applicable law.

bottom of page