Privacy Policy
Effective date: February 1, 2026 · Last updated: February 1, 2026
Contents
Overview
SafeGenics, Inc. (“SafeGenics,” “we,” “us,” or “our”) operates the SafeGenics Compliance Intelligence Platform, including the website at safegenics.com and all related services (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or interact with us.
We take privacy seriously — particularly because our platform processes sensitive compliance data including chemical inventories, safety data sheets, facility information, and regulatory obligations. This policy is designed to be transparent about what we collect, why we collect it, and how we protect it.
SafeGenics never sells your personal information or your compliance data. Your chemical inventory, SDS library, and facility data belong to you.
Information We Collect
Information you provide directly
| Category | Examples | Purpose |
|---|---|---|
| Account information | Name, email, company, job title, phone number | Account creation, communications, support |
| Compliance data | Chemical inventories, SDS documents, facility addresses, threshold calculations, incident reports | Core platform functionality — compliance intelligence, reporting and filing |
| Billing information | Payment method, billing address, invoicing details | Subscription processing (handled by our payment processor) |
| Communications | Support tickets, demo requests, email exchanges, feedback | Customer support, product improvement, responding to inquiries |
Information collected automatically
| Category | Examples | Purpose |
|---|---|---|
| Usage data | Pages visited, features used, session duration, click patterns | Product improvement, performance monitoring |
| Device information | Browser type, operating system, screen resolution, IP address | Security, compatibility, fraud prevention |
| Log data | Access times, error logs, API call records | Security monitoring, debugging, audit trails |
How We Use Your Information
We use the information we collect for the following purposes:
- Providing, operating, and improving the SafeGenics platform and its compliance intelligence capabilities
- Processing chemical inventories, decomposing mixtures, resolving chemical identities, and evaluating regulatory thresholds
- Generating Tier II reports, incident filings, and other regulatory submissions on your behalf
- Detecting regulatory changes and simulating their impact on your specific facilities
- Providing customer support and responding to inquiries
- Sending service-related communications, including regulatory alerts and compliance deadline reminders
- Analyzing usage patterns to improve platform performance and user experience
- Ensuring security, preventing fraud, and maintaining audit logs
- Complying with legal obligations
We do not use your compliance data (chemical inventories, SDSs, facility data) for advertising, marketing to third parties, or any purpose unrelated to providing the Services.
Data Sharing & Disclosure
We do not sell, rent, or trade your personal information or compliance data. We share information only in the following limited circumstances:
Service providers
We work with trusted third-party providers who process data on our behalf to deliver the Services. These include cloud infrastructure providers, payment processors, email delivery services, and analytics tools. All service providers are bound by data processing agreements and are prohibited from using your data for their own purposes.
Regulatory submissions
When you use SafeGenics to file Tier II reports, incident notifications, or other regulatory submissions, we transmit the required data to the relevant federal, state, or local regulatory agencies (such as EPA, state emergency response commissions, and local emergency planning committees) as directed by you. This transmission is the core function of the platform and occurs only at your instruction.
Legal requirements
We may disclose information if required by law, subpoena, court order, or government regulation, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business transfers
In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you via email or prominent notice on our website before your information becomes subject to a different privacy policy.
Compliance Data — Special Provisions
We recognize that the compliance data processed through SafeGenics — chemical inventories, safety data sheets, facility information, incident reports, and regulatory submissions — is sensitive and business-critical. We apply additional protections to this data:
- • Ownership: You retain all ownership rights to your compliance data. SafeGenics processes this data solely to provide the Services.
- • Isolation: Each customer’s compliance data is logically isolated within our infrastructure. No customer can access another customer’s data.
- • No training: We do not use your compliance data to train machine learning models, improve AI systems, or develop products for other customers without your explicit written consent.
- • Export: You can export your complete compliance data at any time in standard formats (CSV, JSON, PDF). We support full data portability.
- • Deletion: Upon termination of your account, we will delete your compliance data within 30 days, unless retention is required by law or you request an extended retention period. We will provide written confirmation of deletion upon request.
Data Security
We implement industry-standard security measures to protect your information:
- • Encryption at rest: AES-256 encryption for all stored data
- • Encryption in transit: TLS 1.3 for all data transmission
- • Access controls: Role-based access control (RBAC) with principle of least privilege
- • Authentication: SAML 2.0 single sign-on support, multi-factor authentication
- • Audit logging: Immutable, append-only audit logs for all data access and modifications
- • Infrastructure: SOC 2 Type II certified hosting environment with geographic redundancy
- • Monitoring: 24/7 security monitoring with automated threat detection
- • Disaster recovery: Recovery Point Objective (RPO) of less than 1 hour; Recovery Time Objective (RTO) of less than 4 hours
For detailed information about our security practices, certifications, and to request our SOC 2 Type II report, please visit our
Security page
or contact
security@safegenics.com
Data Retention
We retain your information for as long as your account is active or as needed to provide Services. Specific retention periods:
| Data type | Retention period |
|---|---|
| Account information | Duration of account + 30 days after deletion |
| Compliance data | Duration of account + 30 days (or as requested) |
| Audit logs | 7 years (regulatory requirement for compliance records) |
| Billing records | 7 years (tax and accounting requirements) |
| Usage analytics | 24 months (aggregated, anonymized) |
| Support communications | 3 years after resolution |
Cookies & Tracking Technologies
We use cookies and similar technologies for the following purposes:
Essential cookies
Required for the platform to function. These include session cookies for authentication, CSRF protection tokens, and user preference settings. These cannot be disabled.
Analytics cookies
Help us understand how visitors use our website and platform. We use privacy-respecting analytics to measure page views, feature usage, and conversion rates. Analytics data is aggregated and does not identify individual users. You can opt out of analytics cookies through your browser settings or our cookie preference center.
Marketing cookies
Used on our marketing website (not the application) to measure the effectiveness of advertising campaigns. These are only placed with your consent and can be disabled at any time.
We do not use fingerprinting, cross-site tracking, or sell cookie data to third parties.
Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- • Access: Request a copy of the personal information we hold about you
- • Correction: Request correction of inaccurate or incomplete information
- • Deletion: Request deletion of your personal information, subject to legal retention requirements
- • Portability: Receive your data in a structured, commonly used, machine-readable format
- • Restriction: Request that we limit processing of your information in certain circumstances
- • Objection: Object to processing based on legitimate interests
- • Withdrawal of consent: Where processing is based on consent, withdraw that consent at any time
To exercise any of these rights, contact us at
privacy@safegenics.com
We will respond within 30 days. We will not discriminate against you for exercising your rights.
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- • Right to know: You can request details about the categories and specific pieces of personal information we have collected about you in the past 12 months
- • Right to delete: You can request deletion of your personal information, subject to certain exceptions
- • Right to opt-out of sale: We do not sell personal information, so this right does not apply. However, you may still submit a request for confirmation
- • Right to non-discrimination: We will not deny services, charge different prices, or provide a different level of service because you exercised your CCPA rights
- • Right to correct: You can request correction of inaccurate personal information
- • Right to limit use of sensitive information: You can limit the use of sensitive personal information to only what is necessary to provide the Services
To submit a CCPA request, contact
privacy@safegenics.com
or call us. We will verify your identity before processing any request.
International Data Transfers
SafeGenics is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.
For enterprise customers requiring data residency guarantees, we can discuss specific hosting arrangements. Contact
security@safegenics.com
for details.
Children's Privacy
The Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at
privacy@safegenics.com.
Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (if you have an account) and update the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Your continued use of the Services after changes are posted constitutes acceptance of the revised policy.
Contact Us
If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us:
• Email: privacy@safegenics.com
• Security inquiries: security@safegenics.com
• General: hello@safegenics.com
SafeGenics, Inc.
San Francisco, California
United States
San Francisco, California
United States