DATA COMPLIANCE

Data Compliance & Governance

Adhering to GDPR · PIPL · CCPA across three jurisdictions for global client data security

Compliance Framework

GenoMatrix adheres to data protection regulations across three jurisdictions, ensuring global client data security and privacy

🇪🇺

EU GDPR

  • Data minimization and purpose limitation
  • Data subject rights (access/erasure/portability)
  • EEA cross-border transfer compliance (SCCs)
  • Data Protection Officer (DPO) appointed
  • Compliant
🇺🇸

US Data Compliance

  • Princeton center follows US federal and state regulations
  • CCPA/CPRA California consumer privacy compliance
  • Animal genomics data regulatory adherence
  • Research Data Management (RDM) standards
  • Compliant
🇨🇳

China Data Security

  • Data Security Law compliance
  • Personal Information Protection Law (PIPL) compliance
  • Cross-border data transfer security assessment
  • Data classification and grading management system
  • Compliant

Data Governance Principles

🔐 Data Classification

All data classified into four sensitivity tiers: Public, Internal, Confidential, and Core. Each tier implements differentiated access controls, encryption strategies, and audit requirements.

🔄 Lifecycle Management

Full lifecycle management from data collection, transmission, storage, processing through disposal. Clear accountability and operational protocols at each stage ensuring compliance and traceability.

🌐 Cross-Border Transfers

Data transfers between our three centers comply with each jurisdiction's requirements. EU-China transfers use Standard Contractual Clauses (SCCs). All cross-border transfers undergo security assessment.

🛡️ Security Audits & Certification

Regular internal security audits and penetration testing. ISO 27001 Information Security Management System certification in progress. All API endpoints use TLS 1.3 encryption; data stored with AES-256.

📜 Compliance Statement

GenoMatrix is committed to the highest standards of data security for all client data. We comply with GDPR, PIPL, CCPA, and other major global data protection regulations, and continuously improve our compliance framework. Some security certifications (ISO 27001) are currently in progress — we maintain transparency and provide regular updates.

For data protection inquiries, contact our DPO: dpo@genomatrix.ai