Privacy Policy

1. Introduction
Bio CC LLC ("we," "us," or "our") operates biocc.us and provides biotechnology consulting services. 
This Privacy Policy explains how we collect, use, and protect information for clients, 
website visitors, and partners. By using our services, you consent to these practices.

2. Information We Collect
Category        Examples                    Collection Method
Identifiers        Name, email, phone, business address        Contact forms, contracts
Professional Data    Company affiliation, job title, credentials    Service agreements
Research Data        Protocols, preclinical data, biomarker reports    Secure client portals
Technical Data        IP address, device type, browser, cookies    Website analytics
Financial Data        Billing addresses, payment card details        Invoicing systems

3. How We Use Information
Service Delivery: Developing research strategies, regulatory submissions
Compliance: Meeting FDA/EMA/HIPAA/GDPR requirements
Communication: Project updates, industry insights (opt-in)
Security: Preventing data breaches and unauthorized access
Improvement: Analyzing website engagement patterns

4. Legal Bases for Processing (GDPR Compliance)
Purpose    Legal Basis
Contract fulfillment    Necessary for service delivery
Regulatory compliance    Legal obligation (21 CFR Part 11)
Legitimate interests    Client relationship management
Consent    Marketing communications

5. Information Sharing
We disclose data only under these circumstances:
With Consent: For collaborative research partnerships
Regulatory Bodies: FDA/EMA submissions as required by law
Service Providers: HIPAA-compliant cloud storage (AWS), encrypted email
Business Transfers: During mergers/acquisitions under NDA
Legal Requirements: Court orders or Florida Statute 501.171
We never sell client data.

6. Data Security Measures
🔒 Encryption: AES-256 for data at rest, TLS 1.3 for data in transit
🛡️ Access Controls: Biometric authentication, role-based permissions
📜 Audit Trails: Automated logging of all data interactions
🧑‍💼 Training: Annual HIPAA/GDPR training for staff

7. Your Rights
Access/Portability: Request copies of your data in machine-readable format
Correction: Update inaccurate information
Erasure: Delete data where legally permissible
Object/Restrict: Limit processing of sensitive research data
Withdraw Consent: Opt-out of communications anytime
Submit requests to: privacy@biocc.us (Response within 30 days)

8. Data Retention
Data Type    Retention Period
Client research data    7 years post-project
Financial records    10 years (IRS requirement)
Website analytics    26 months
Marketing consents    Until withdrawal
9. International Transfers
EU-US Data Privacy Framework certified
Standard Contractual Clauses (SCCs) for non-DFP countries

10. Policy Updates**
Changes posted at biocc.us/privacy-policy with 30-day advance notice for material revisions.

11. Contact
Data Protection Officer: Dr. Elena Rodriguez
Address: 11954 NARCOOSSEE RD, STE 313, ORLANDO, FL 32832
Email: privacy@biocc.us
Phone: (301) 555-1212