Please note that in some cases, even if you withdraw your consent, we might still have to retain or use some of your personal data for legal reasons. A more detailed overview of our processing activities and their underlying reasons can be found in the following sections.
Megeno has a general website www.megeno.com which you can visit without an account and which provides you with a description of activities and services as well as contact information. Please also consult our cookies policy on our website for more information on which personal data is processed during your website visit.
SafeTogether is a COVID-19 workplace prevention program offered to professionals working in Luxembourg. SafeTogether aims to secure a safe return to the workplace and improve occupational safety of employees by monitoring your and your coworkers' risk of COVID-19 exposure. Through your voluntary participation in SafeTogether, you can help keep your workplace COVID-19-free, and protect yourself and those around you.
SafeTogether is a web progressive solution that allows us to ask you for the information relevant to determining the risk of exposure to the SARS-CoV-2 infection: information about your health, household, and work environment.
Cleargene is a universal transaction service, enabling the retrieval and transfer of genomic information from any source to any point of reuse across Europe. Cleargene applies a clearing house concept to enable such transactions in a quality controlled fashion, meeting the highest ethical and legal standards.
Providing access to the private genome requires a system to ensure that the right person receives the right data. For this, an individual undergoes a verification process which includes a legal and biological identification. Specifically, the latter includes a single-nucleotide polymorphism fingerprint generated from a buccal swab sample. Megeno verifies if the buccal swab derived fingerprint matches with the original genome data set.
Individuals with personal access to genomic data need to be supported in the reuse of their data. Cleargene enables the compliant transfer of the private genome under a secure protocol to any given recipient chosen by the individual.
Megeno is legally required to implement appropriate security measures to protect your personal data (These measures include but are not limited to the following: access management, encryption, pseudonymisation, backups, monitoring of the data). Although Megeno has appropriate security measures in place to protect your personal data, no system is completely immune to hacks or data breaches that may expose your personal data to an unauthorised party. If your genome data is breached and linked to your identity, an unauthorized party may gain access to sensitive personal information about you. If your biometric data is breached and linked back to you, it could be used to uniquely identify you.
We process your personal data in accordance with valid legal acts and the following principles:
Personal data with respect to you is processed in a lawful, honest and transparent way;
Personal data is collected for specified, clearly defined and legitimate purposes and shall not be further processed in a way incompatible with those purposes;
Personal data must be adequate, appropriate and only which is necessary for the purposes for which it is processed;
Personal data must be accurate and, if necessary, updated; all reasonable steps must be taken to ensure that personal data which is not accurate in relation to the purposes for which it is processed shall be immediately erased or corrected;
Personal data shall be kept in such a way that your identity can be determined for no longer than is necessary for the purposes for which personal data is processed;
Personal data shall be managed by applying appropriate technical or organisational measures in such a way as to ensure the proper security of personal data, including protection from unauthorised processing or processing of unauthorised data, and against accidental loss, destruction or damage.
Please note that some of these processing activities may be carried out by our service providers on Megeno’s behalf. Please refer to the Sharing of your Data section below for more information.
Any of the personal data collected might also be processed when Megeno is required by law to do so.
Processing activities based on the performance of the contract and/or explicit consent
Account and contact information
Shipping and invoicing information
Legal identity documentation
Information relating to the use of our services
Communications with you
Website navigation tracking data
Processing activities based on Megeno’s legitimate interests:
Legal identity documentation
Information from the use of our services
Website usage tracking data
Megeno uses service providers to enable some of the features offered through our services. Some of these service providers will, therefore, process part of your personal data. Megeno only transfers on a need to know basis your personal data to our service providers. All our service providers are located in Europe and operate under the General Data Protection Regulation. Transfers outside the European Economic Area will only be performed under one of the transfer mechanisms described in articles 44-50 of General Data Protection Regulation. Megeno vets all of its service providers and ensures that they have in place the appropriate security measures to protect your data.
Your buccal swab samples;
A pseudonymised identifier;
Your biological signature.
A pseudonymised identifier;
The date of sample collection.
Picture/video of your face;
Picture/video/hologram of your legal identification document.
Billing information (such as a credit or debit card number, or bank account information);
Date of purchase;
Product or service bought.
Information from the use of our services.
Your email addresses;
Email communications with you;
Your mobile phone number.
Potentially all personal data processed by Megeno.
Megeno is based in Luxembourg and all of its employees are based in Europe. Nevertheless, some of our processors may perform part of their processing activities outside the European Economic Area. Your personal data will always be stored in Europe but might be accessed from outside the European Economic Area by those processors. This will always be done under the appropriate safeguards to ensure a level of data protection that matches your protection within the European Economic Area. We have entered into contractual clauses with the relevant processors which guarantee an appropriate level of data protection according to article 46 General Data Protection Regulation.
The cloud service providers only have access to genome data, the biological signature and pseudonymised identifiers. Although your data will always remain stored in Europe, the cloud service providers may access and process personal data on a global basis as necessary to perform the cloud services, including for IT security purposes, maintenance and performance of the cloud services and related infrastructure, cloud services technical support and cloud service change management. We have entered into contractual clauses with the cloud service providers which guarantee an appropriate level of data protection according to article 46 General Data Protection Regulation. You can contact email@example.com to obtain a copy of these model clauses.
For more information about cookies, including how to see what cookies have been set and how to manage, block and delete them, see our cookies policy and the site www.allaboutcookies.org for a general overview about cookies.
You can exercise your privacy rights at any moment by contacting us on firstname.lastname@example.org or, in some cases, simply through your Account in the “Account information” menu.
As a data subject, you have the following rights in relation to your personal data collected by Megeno:
The right of access: you have the right to see what data is held about you by Megeno;
The right to rectification: this refers to your right to have incorrect data corrected and/or amended;
The right to erasure: this refers to your right in certain circumstances to have your personal data be deleted (‘the right to be forgotten’);
The right to restrict processing: this refers to the right of you as a data subject to call for a temporary halt to data processing in certain circumstances;
The right to data portability: as a data subject, you have the right to ask for any data supplied to Megeno as a data controller to be provided in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided;
The right to object: in certain circumstances, you have the right to object to the further processing of your personal data which is inconsistent with the primary purpose for which it was held;
Rights related to automated decision making and profiling: as a data subject, you have the right not to be subject to a decision based solely on automated processing;
Right to lodge a complaint with the supervisory authority: you have the right to lodge a complaint with Luxembourg’s supervisory authority - the Commission National pour la Protection des Données (CNPD):
Commission Nationale pour la Protection des Données
1, avenue du Rock'n'Roll
Tel.: (+352) 26 10 60-1
You have the right to withdraw consent for the processing of your data for one or more services at any moment. Without your consent, Megeno will not process your personal data. Upon your withdrawal of consent and without further processing request from your part, Megeno will, therefore, delete your data without undue delay, unless there is a legal exception that allows or requires us to continue processing your data (see Processing of Data section).
Please note that the withdrawal of your consent does not affect the lawfulness of the processing of your data before your withdrawal and does not exempt you from any outstanding payment obligations as determined in the general terms of service.
You can ask us, or any related third parties, to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not affect our processing of your personal data for other non-marketing purposes such as providing a product and/or service to you, product and/or service experience or other transactions, etc.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow such a link, please note that these websites have their own privacy and cookies policies and Megeno does not accept any responsibility or liability for these third-party websites.
Ernst & Young Business Advisory Services S.à.r.l.
35E avenue John F. Kennedy