Privacy policy

Labric Privacy Policy

Effective Date: 3/23/26

Last Updated: 3/23/26

Introduction

Labric ("Company," "we," "us," or "our") provides a data management and automation platform for laboratory environments. This Privacy Policy describes how we collect, use, disclose, and protect information in connection with our products and services, including Labric Sync, the Labric Core Platform, Jobs, the Labric API, and related systems (collectively, the "Services").

By using our Services, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Services.

Information We Collect

Information You Provide to Us

Account Information. When you register for an account, we collect your name, email address, organization name, role, and account credentials.
Billing Information. If you purchase a paid plan, we collect payment details such as billing address and payment method information. Payment processing is handled by third-party processors, and we do not store full credit card numbers on our servers.
Communications. When you contact us for support, send us email, or otherwise communicate with us, we collect the contents of those communications.
Customer Data. You or your organization may upload, sync, or otherwise transmit data to the Services, including laboratory instrument data, experimental results, metadata, file attachments, and structured data written via the Labric API ("Customer Data"). As described in our Terms of Service, you retain ownership of your Customer Data.

Information Collected Automatically

Usage Data. We collect information about how you interact with the Services, including pages visited, features used, timestamps, and clickstream data.
Device and Connection Information. We collect device type, operating system, browser type, IP address, and general location (city/region level) derived from your IP address.
Labric Sync Telemetry. When you use the Labric Sync desktop application, we collect diagnostic and performance data such as sync status, file counts, error logs, and application version information. Labric Sync monitors designated directories on your instrument computers to detect and upload new files; we collect metadata about these file system events (e.g., file names, sizes, timestamps) as part of normal operation.
Log Data. Our servers automatically record information including API calls, Job execution logs, access times, and referring URLs.
Cookies and Similar Technologies. We use cookies, local storage, and similar technologies to maintain session state, remember preferences, and analyze usage patterns. See the Cookies section below for more detail.

Information from Third Parties

Third-Party Technology Integrations. If you enable integrations with third-party instruments, software, or services through the platform, we may receive data from those systems as authorized by you.
Service Providers. We may receive information from analytics providers, payment processors, and other vendors that help us operate the Services.

How We Use Your Information

We use the information we collect for the following purposes:

Providing and Maintaining the Services. Processing uploads via Labric Sync, executing Jobs, running parser scripts, writing structured data to the Labric database, and displaying data through the Core Platform.
Account Management. Creating and managing your account, authenticating access, and processing payments.
Improving and Developing the Services. Analyzing usage patterns, diagnosing technical issues, and developing new features. As described in our Terms of Service, we may collect and analyze data relating to the provision, use, and performance of the Services, and use such data in aggregate or de-identified form to improve our offerings.
Communications. Responding to your inquiries, sending service-related notices (e.g., maintenance windows, billing confirmations), and, where permitted, sending product updates or announcements.
Security and Compliance. Detecting, preventing, and addressing fraud, abuse, security incidents, and technical issues, and complying with legal obligations.

How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

Service Providers. We share information with third-party vendors who perform services on our behalf, such as cloud hosting, payment processing, analytics, and customer support. These providers are contractually obligated to use your information only as necessary to provide services to us.
Third-Party Integrations. If you enable Third-Party Technology integrations, data may be exchanged with those third-party systems as authorized by you and subject to your agreements with those providers.
Legal Requirements. We may disclose information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers. In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.
Aggregate and De-Identified Data. We may share aggregate or de-identified information that cannot reasonably be used to identify you. This is consistent with the data use rights described in our Terms of Service.

Data Retention

We retain your information for as long as your account is active or as needed to provide the Services. Upon termination of your agreement, we will make Customer Data available for electronic retrieval for sixty (60) days, after which we may delete it, as described in our Terms of Service. We may retain certain information as required by law or for legitimate business purposes such as resolving disputes and enforcing agreements.

Data Security

We implement commercially reasonable technical, administrative, and organizational measures designed to protect the confidentiality, integrity, and availability of your information. These include encryption in transit and at rest, access controls, and regular security assessments. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Cookies and Tracking Technologies

We use cookies and similar technologies to:

Maintain your session and authentication state.
Remember your preferences and settings.
Analyze usage and performance of the Services.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Services.

Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information:

Access and Portability. You may request a copy of the personal information we hold about you.
Correction. You may request that we correct inaccurate or incomplete information.
Deletion. You may request that we delete your personal information, subject to certain exceptions (e.g., legal retention requirements).
Opt-Out of Marketing. You may opt out of receiving promotional communications by following the unsubscribe instructions in those messages or contacting us directly.
Data Export. Customer Data can be exported through the Core Platform or API during the term of your agreement.

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know what personal information we collect, the right to delete your personal information, the right to opt out of the sale or sharing of personal information (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights. To exercise these rights, contact us at the address below.

European Economic Area, United Kingdom, and Switzerland (GDPR)

If you are located in the EEA, UK, or Switzerland, we process your personal data on the following legal bases: performance of a contract, legitimate interests (such as improving the Services and ensuring security), compliance with legal obligations, and your consent where applicable. You have additional rights under the GDPR, including the right to restrict processing, the right to object to processing, and the right to lodge a complaint with a supervisory authority.

International Data Transfers

Our Services are operated from the United States. If you are located outside of the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. We take steps to ensure that your information receives an adequate level of protection wherever it is processed.

Children's Privacy

The Services are not directed at individuals under the age of 16, and we do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us and we will take steps to delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the revised policy on our website and updating the "Last Updated" date above. Where required by law, we will obtain your consent or provide additional notice. Your continued use of the Services after any changes constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at support@labric.co

This Privacy Policy is provided as a template and does not constitute legal advice. Labric recommends that this document be reviewed by qualified legal counsel before publication to ensure compliance with all applicable laws and regulations.