42gen Co Privacy Policy

Effective Date: October 9, 2025

This Privacy Policy describes how 42gen Co (“42gen,” “we,” “our,” or “us”) collects, uses, shares, stores, and protects your personal data in all interactions across our websites, applications, products, services, and offline communications. The commitments in this policy apply globally, reflecting compliance with leading regulatory frameworks such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), the Australian Privacy Principles, PIPEDA, and other relevant statutes. Use of our services signifies your agreement to this Privacy Policy, as amended from time to time.

42gen Co defines personal data as information relating to an identified or identifiable person. This includes both data that directly identifies you—such as your name or email—and also data that could reasonably allow identification, such as device serial numbers or IP addresses. Aggregated or anonymized data that does not permit identification is considered non-personal data. This policy governs all personal data collected, used, or shared by 42gen Co, whether online or offline, and does not apply to data practices by third-party services linked from our platforms.

All users of 42gen Co services have rights over their personal data, including the ability to request access, rectify errors, delete information subject to certain legal and operational constraints, restrict or object to specific uses, and data portability where supported. Requests to exercise privacy rights may be declined only if constrained by law, ongoing anti-fraud or security investigations, the need to protect other individuals’ privacy, or if unreasonable. When declining a request, 42gen Co provides an explanation as required by law.

42gen Co collects personal data when users engage with our services in various ways, such as creating accounts, downloading software, performing transactions, accessing customer support, responding to surveys, and using any product or feature. This can include account credentials, contact details, transaction records, usage and diagnostic data, device identifiers, and the content of communications with our team. Providing this information is typically voluntary but may be required to access certain services or functions. Additional data may be collected from authorized third parties or partners for verification, security, and lawful compliance.

Personal data is processed by 42gen Co only when a valid legal basis exists—for example, where consent has been given, to fulfill a contract, for legitimate interests balanced against individual rights, or to comply with applicable laws. Uses of personal data include operating and improving our products and services, facilitating transactions, communicating necessary updates or legal notices, preventing fraud and unlawful activity, performing security and diagnostics, and complying with regulatory reporting and requests. Some communications regarding account management or policy changes are considered essential and may not be subject to opt-out.

Sharing of personal data outside 42gen Co. is strictly limited. Data is shared only when necessary with closely governed affiliates, service providers under contractual data protection, joint partners maintaining equivalent privacy standards, or other parties with your explicit direction or lawful authorization. Personal data may be disclosed to authorities or involved in corporate restructuring only when legally mandated and always subject to confidentiality. 42gen Co does not sell user personal data or disclose it to third parties for their advertising purposes.

Safeguarding personal data is fundamental at 42gen Co.

We utilize strong administrative, technical, and physical controls, encryption standards, and privacy training requirements to maintain continuous security. International transfers of personal data are performed only within frameworks such as the Standard Contractual Clauses and other recognized adequacy measures.

Personal data is retained only as long as necessary for the purpose for which it was collected, or longer where required by law. When no longer needed, personal data is irreversibly deleted or anonymized through secure methods.

This Privacy Policy may be revised to reflect regulatory updates, technological advances, or improved practices. When significant modifications occur, a notice is published on our website at least seven days in advance, and direct notification is sent to those with available contact data. Ongoing use of our services confirms acceptance of any updates.

For all questions, complaints, or requests concerning privacy or data protection, please contact the 42gen Co Data Protection Officer using the following contact details:

42gen Co, Attn: Privacy
56 Broad St STE 14169
Boston, MA 02109
Email: privacy@42gen.com
Phone: ‪(401) 400-0354‬

Residents of the European Economic Area, United Kingdom, or other jurisdictions with statutory complaint rights may also reach their local data protection authority regarding unresolved concerns.

This policy supersedes previous privacy statements and is interpreted under the laws of our principal operating location. If any provision is deemed invalid, the remaining terms remain effective to the fullest extent permitted. Use of 42gen Co’s services confirms understanding and acceptance of this policy, and disputes are subject to exclusive jurisdiction in Boston, Massachusetts, unless otherwise required by law.