Privacy
Policy
Effective Date: May 10, 2025 · Last Updated: June 12, 2026
1 Introduction and Scope
Welcome to the Cancer Genomics and Therapeutics Laboratory (CGTL) website, operated by the Department of Zoology at Mahatma Gandhi Central University (MGCU), Motihari, Bihar, India. This Privacy Policy describes how we collect, use, store, protect, disclose, and manage your personal information when you visit our website at cgtlab.co.in (the "Website"), use our services, interact with our research publications, submit inquiries through our contact forms, or otherwise engage with our laboratory's online presence.
CGTL is a research laboratory dedicated to advancing cancer genomics, therapeutics, computational biology, and molecular oncology. As an academic research institution affiliated with Mahatma Gandhi Central University, we are committed to upholding the highest standards of data privacy and protection in accordance with applicable Indian and international data protection laws, including the Information Technology Act, 2000 (India), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (India).
This Privacy Policy applies to all visitors, users, researchers, students, collaborators, and any individual who accesses or uses our Website. By accessing or using our Website, you acknowledge that you have read, understood, and agree to be bound by the terms and conditions of this Privacy Policy. If you do not agree with any part of this policy, we strongly advise you to discontinue use of our Website immediately.
We reserve the right to update or modify this Privacy Policy at any time without prior notice. Any changes will be effective immediately upon posting on this page, with the "Last Updated" date revised accordingly. Your continued use of the Website following any changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically to stay informed about how we protect your information.
2 Definitions and Key Terms
For the purposes of this Privacy Policy, the following definitions apply:
- "Personal Information" means any information that relates to a natural person which, either directly or indirectly, in combination with other information available, is capable of identifying such person. This includes but is not limited to name, email address, phone number, postal address, academic affiliation, research interests, and IP address.
- "Sensitive Personal Data or Information" (SPDI) means personal information that includes passwords, financial information (bank account, credit or debit card details), physical and mental health conditions, sexual orientation, biometric information, and any other information classified as SPDI under applicable Indian law.
- "Non-Personal Information" means information that does not directly identify a specific individual, including aggregated data, anonymized data, browser type, operating system, device type, and usage patterns.
- "Cookies" are small text files placed on your device by our Website to collect standard internet log information and visitor behavior information.
- "Data Controller" refers to Cancer Genomics and Therapeutics Laboratory, Department of Zoology, Mahatma Gandhi Central University, Motihari, Bihar 845401, India, which determines the purposes and means of processing your personal data.
- "Data Processor" means any third-party entity that processes personal data on behalf of the Data Controller, including hosting providers, analytics services, and email service providers.
- "Processing" means any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
3 Information We Collect
We collect various types of information to provide and improve our services, enhance your browsing experience, and support our research mission. The information we collect falls into several categories:
3.1 Personal Information You Provide Voluntarily
When you interact with our Website, you may voluntarily provide us with certain personally identifiable information. This includes:
- Contact Form Submissions: When you fill out our contact form, we collect your full name, email address, subject of inquiry, and the content of your message. This information is used solely to respond to your inquiry and is stored securely.
- Research Collaboration Inquiries: If you express interest in collaborating with our laboratory, we may collect your name, institutional affiliation, academic credentials, research interests, curriculum vitae (CV), publication history, and any other information you choose to provide in your communication.
- Job and Position Applications: If you apply for research positions, internships, or doctoral opportunities at CGTL, we may collect your full name, contact details, academic transcripts, CV, research statement, letters of recommendation, and any other documents you submit as part of your application.
- Email Communications: When you send us emails or subscribe to our research updates, we collect your email address and any information contained in your correspondence.
- Survey and Feedback Responses: If you participate in any surveys, questionnaires, or feedback forms we may conduct, we collect the responses and any associated information you provide.
3.2 Information Collected Automatically
When you visit our Website, certain information is collected automatically through cookies, web beacons, log files, and other tracking technologies. This includes:
- Device and Browser Information: Your IP address, browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution, and device identifiers.
- Usage Data: Pages visited, time and date of your visit, time spent on each page, click-through rates, navigation paths, referring website or source, search queries used to find our Website, and exit pages.
- Location Data: General geographic location derived from your IP address, including country, state, and city level data. We do not collect precise GPS location data.
- Log Data: Server log files that record information such as your IP address, browser type, Internet Service Provider (ISP), date and time stamps, referring/exit pages, and the number of clicks.
- Performance and Analytics Data: Website performance metrics, page load times, error reports, and aggregated usage statistics that help us optimize the Website experience.
3.3 Information from Third-Party Sources
We may receive information about you from third-party sources in certain circumstances:
- PubMed and Academic Databases: We display publicly available research publications and citation data from PubMed, Google Scholar, ResearchGate, and ORCID to showcase our laboratory's research output. This data is publicly accessible and not classified as personal information.
- Referral Sources: If someone refers you to our laboratory or shares your contact details with us for collaboration purposes, we may collect the information they provide about you.
- Public Academic Profiles: We may reference publicly available academic profiles (e.g., institutional faculty pages, Google Scholar profiles) for research collaboration and networking purposes.
4 How We Use Your Information
We use the information we collect for the following purposes, each grounded in a legitimate interest or with your explicit consent:
4.1 Responding to Inquiries and Communications
We use your name, email address, and message content to respond to your inquiries, answer your questions about our research, provide information about collaboration opportunities, and maintain ongoing communication with you. This includes responding to general inquiries, research collaboration requests, and academic queries submitted through our contact form or email.
4.2 Research Collaboration and Academic Engagement
When you express interest in collaborating with CGTL, we use your academic credentials, research interests, and publication history to evaluate potential collaboration opportunities, identify areas of mutual research interest, facilitate joint research projects, and coordinate with other research institutions and funding agencies. Your information may be shared with collaborating researchers within MGCU and partner institutions solely for academic and research purposes.
4.3 Website Improvement and Optimization
We analyze aggregated and anonymized usage data to understand how visitors interact with our Website, identify popular content and research areas, improve website navigation and user experience, optimize page load times and performance, fix bugs and technical issues, and enhance accessibility features. This analysis helps us ensure our Website effectively serves the research community and the general public.
4.4 Research Output and Publication Display
We display research publications, citation metrics, and author information sourced from PubMed and other academic databases to showcase our laboratory's contributions to cancer genomics and therapeutics. This information is publicly available and is used strictly for academic communication and research visibility purposes.
4.5 Legal Compliance and Institutional Obligations
We may process your information to comply with applicable laws, regulations, and institutional policies, respond to lawful requests from government authorities, protect the rights, property, or safety of CGTL, MGCU, our researchers, or the public, and fulfill reporting obligations to funding agencies and regulatory bodies as required by our research grants and institutional mandates.
4.6 Security and Fraud Prevention
We use certain information to detect, prevent, and address security issues, fraudulent activities, unauthorized access attempts, and potential threats to the integrity of our Website and the safety of our users. This includes monitoring for suspicious login attempts, spam submissions, and automated bot activities.
5 Legal Basis for Processing
We process your personal information based on the following legal grounds as recognized under applicable data protection laws:
- Consent: Where you have given us explicit consent to process your personal information for specific purposes, such as subscribing to research updates, participating in surveys, or submitting information through our contact form.
- Legitimate Interest: Where processing is necessary for our legitimate interests in conducting academic research, managing our Website, communicating with researchers and collaborators, and fulfilling our educational mission, provided these interests are not overridden by your fundamental rights.
- Legal Obligation: Where processing is necessary to comply with applicable laws, regulations, court orders, or governmental directives, including reporting requirements for publicly funded research.
- Vital Interests: Where processing is necessary to protect the vital interests of you or another person, such as in emergency situations (though this is unlikely to apply in the context of our Website).
- Public Interest: Where processing is necessary for the performance of a task carried out in the public interest, including academic research that contributes to the advancement of scientific knowledge in cancer genomics and therapeutics.
6 Information Sharing and Disclosure
We value your privacy and are committed to being transparent about how your information is shared. We do not sell, rent, trade, or lease your personal information to any third party for marketing purposes. However, we may share your information in the following circumstances:
6.1 Service Providers and Data Processors
We may share your information with trusted third-party service providers who assist us in operating our Website and conducting our research activities. These include website hosting providers (such as Vercel), email service providers (such as FormSubmit for contact form processing), analytics platforms, and cloud storage services. These service providers are contractually obligated to protect your information and use it only for the purposes for which it was shared. They are bound by data processing agreements that ensure compliance with applicable data protection standards.
6.2 Academic and Research Collaborators
In the course of our research activities, we may share relevant information with collaborating researchers, institutions, and research consortia. This includes sharing research findings, co-authored publications, and anonymized datasets. When sharing information for research collaboration, we ensure that appropriate data protection measures are in place and that information sharing complies with institutional policies and research ethics guidelines.
6.3 Funding Agencies and Regulatory Bodies
As a research laboratory receiving funding from government agencies, we may be required to share certain information with funding bodies, auditing agencies, and regulatory authorities. This includes reporting on research outcomes, financial utilization, and compliance with grant conditions. Such disclosures are made in accordance with applicable laws and funding agreements.
6.4 Legal Requirements and Protection of Rights
We may disclose your information if required to do so by law, or in good faith belief that such action is necessary to comply with legal processes served on us, protect and defend our rights or property, act under exigent circumstances to prevent fraud or imminent harm, or ensure the personal safety of users of the Website or the public.
6.5 Business Transfers
In the event that CGTL or MGCU undergoes a merger, acquisition, reorganization, bankruptcy, or transfer of assets, your personal information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.
6.6 Aggregated and Anonymized Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This data may be used for academic research, statistical analysis, institutional reporting, and public communication about research trends in cancer genomics and therapeutics.
7 Cookies and Tracking Technologies
Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user behavior. This section provides detailed information about the cookies we use and how you can manage them.
7.1 Types of Cookies We Use
- Essential Cookies: These cookies are necessary for the Website to function properly. They enable core features such as page navigation, dark mode preference persistence, and splash screen state tracking. Without these cookies, the Website cannot perform as intended.
- Functional Cookies: These cookies remember your preferences and settings, such as your dark mode preference, language preferences, and other customizable aspects of the Website. They improve your user experience by providing personalized features.
- Analytics Cookies: These cookies collect information about how visitors use our Website, including which pages are visited most often, how visitors navigate between pages, and whether visitors encounter error messages. This data is aggregated and anonymized to help us improve the Website.
- Performance Cookies: These cookies help us measure and improve the performance of our Website by collecting information about page load times, server response times, and other performance metrics.
7.2 How to Manage Cookies
You can control and manage cookies through your browser settings. Most web browsers allow you to:
- View what cookies are stored on your device and delete them individually or in bulk.
- Block cookies from specific or all websites.
- Set your browser to notify you when a cookie is placed on your device.
- Delete all cookies when you close your browser.
Please note that disabling or blocking certain cookies may affect the functionality of our Website and limit your ability to use certain features. For more information about managing cookies, please visit www.allaboutcookies.org or consult your browser's help documentation.
7.3 Local Storage and Session Storage
In addition to cookies, our Website uses browser local storage and session storage to maintain certain functional states, such as your dark mode preference and splash screen visibility status. Local storage persists until you manually clear it, while session storage is automatically cleared when you close your browser. You can manage these through your browser's developer tools or settings.
8 Data Security and Protection
We take the security of your personal information seriously and implement comprehensive technical, administrative, and physical safeguards to protect it from unauthorized access, alteration, disclosure, or destruction. Our security measures include:
8.1 Technical Safeguards
- SSL/TLS Encryption: All data transmitted between your browser and our Website is encrypted using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocols, ensuring that your information is protected during transit.
- HTTPS Protocol: Our Website exclusively uses HTTPS (Hypertext Transfer Protocol Secure) to encrypt all communications, preventing eavesdropping and man-in-the-middle attacks.
- Secure Hosting Infrastructure: Our Website is hosted on Vercel, a cloud platform that provides enterprise-grade security, DDoS protection, automatic backups, and compliance with industry security standards.
- Access Controls: Access to administrative functions and personal data is restricted to authorized personnel only, with role-based access controls and strong authentication mechanisms.
- Firewall Protection: Our hosting infrastructure employs web application firewalls (WAF) to filter and monitor HTTP traffic, blocking malicious requests and protecting against common web attacks.
8.2 Administrative Safeguards
- Regular Security Audits: We conduct periodic reviews of our data collection, storage, and processing practices to ensure compliance with our privacy policy and applicable regulations.
- Incident Response Procedures: We maintain documented procedures for responding to data security incidents, including breach notification protocols and containment measures.
- Staff Training: All laboratory members with access to personal data receive training on data protection best practices and their obligations under this Privacy Policy.
8.3 Limitations of Security
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your data, and you transmit information to us at your own risk. We will notify you and any applicable regulatory authority of a data breach where we are legally required to do so within the timeframe mandated by applicable law.
9 Data Retention and Storage
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The specific retention periods depend on the nature of the information and the purposes for which it is processed:
- Contact Form Data: Messages submitted through our contact form are retained for up to 24 months to allow for follow-up communications and record-keeping purposes. After this period, the data is securely deleted or anonymized.
- Analytics Data: Aggregated analytics data is retained indefinitely for research and Website improvement purposes. This data is anonymized and cannot be used to identify individual visitors.
- Server Logs: Server access logs are retained for up to 90 days for security monitoring and troubleshooting purposes, after which they are automatically purged.
- Research Collaboration Data: Information provided for research collaboration purposes may be retained for the duration of the collaboration and up to 5 years thereafter, in compliance with research data management policies.
- Job Application Data: Information submitted for job or position applications is retained for up to 12 months after the position is filled or the application is rejected, unless a longer retention period is agreed upon with the applicant.
10 Your Rights and Choices
Depending on your location and applicable laws, you may have the following rights regarding your personal information:
10.1 Right to Access
You have the right to request a copy of the personal information we hold about you. We will provide this information in a commonly used, machine-readable format within 30 days of receiving your verified request. The first copy will be provided free of charge; however, we reserve the right to charge a reasonable fee for subsequent requests or manifestly unfounded or excessive requests.
10.2 Right to Rectification
You have the right to request the correction of any inaccurate or incomplete personal information we hold about you. We will respond to your rectification request within 30 days and will notify any third parties to whom your information was disclosed about the correction, where applicable.
10.3 Right to Erasure (Right to be Forgotten)
You have the right to request the deletion or removal of your personal information where there is no compelling reason for its continued processing. This right is subject to certain exceptions, such as where the information is required for legal compliance, research purposes with appropriate safeguards, or the exercise of legal claims.
10.4 Right to Restrict Processing
You have the right to request that we restrict the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data, when the processing is unlawful, or when you have objected to processing pending verification of our legitimate grounds.
10.5 Right to Data Portability
You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to request that we transmit this information to another data controller where technically feasible and where the processing is based on consent or a contract.
10.6 Right to Object
You have the right to object to the processing of your personal information where we are relying on legitimate interest as the legal basis, or where the processing is for direct marketing purposes. We will stop processing your information unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
10.7 Right to Withdraw Consent
Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred before the withdrawal. You can withdraw consent by contacting us at the details provided in Section 16 of this policy.
10.8 Right to Lodge a Complaint
If you believe that our processing of your personal information infringes applicable data protection laws, you have the right to lodge a complaint with the relevant supervisory authority. In India, you may file a complaint with the Cyber Appellate Tribunal or the relevant authority established under the Digital Personal Data Protection Act, 2023.
11 Third-Party Links and Services
Our Website may contain links to external websites, academic databases, research platforms, and social media services that are not operated by CGTL. These include:
- PubMed / NCBI: For accessing research publications and biomedical literature
- Google Scholar: For citation metrics and academic profile information
- ResearchGate: For research networking and publication sharing
- ORCID: For researcher identification and publication linking
- Google Maps: For displaying our laboratory location
- Mahatma Gandhi Central University: For institutional information and resources
We have no control over the content, privacy policies, or practices of these third-party websites. We strongly encourage you to review the privacy policy of every site you visit. We are not responsible for the privacy practices or content of any third-party websites or services linked from our Website.
12 Children's Privacy
Our Website is not intended for individuals under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect, solicit, or maintain personal information from children under 13 years of age. If we become aware that we have collected personal information from a child under the age of 13 without verification of parental consent, we will take steps to delete that information from our servers promptly.
If you are a parent or guardian and you become aware that your child has provided us with personal information, please contact us immediately at shyambabuprasad@mgcub.ac.in. We will take immediate steps to remove such information from our systems. If you are between 13 and 18 years of age, you must have the consent of your parent or legal guardian to use our Website and provide personal information.
13 International Data Transfers
Our Website is hosted and operated within India. However, due to the global nature of the Internet and academic research, your personal information may be transferred to, stored, and processed in countries other than India. This includes transfers to our third-party service providers who may operate data centers in different geographic locations.
When we transfer personal information outside India, we ensure that appropriate safeguards are in place to protect your data, including:
- Contractual protections requiring the recipient to maintain adequate data protection standards
- Ensuring the recipient is in a jurisdiction recognized as providing adequate data protection
- Implementing technical and organizational measures to protect your data during transfer and processing
14 Automated Decision-Making and Profiling
We do not engage in automated decision-making, profiling, or any form of automated processing that produces legal effects or similarly significant effects on you. All decisions regarding your personal information are made by authorized personnel of CGTL and are subject to human oversight and review.
15 Changes to This Privacy Policy
We reserve the right to update, modify, or revise this Privacy Policy at any time at our sole discretion. When we make material changes to this policy, we will update the "Last Updated" date at the top of this page and may provide additional notice, such as a banner on our Website or an email notification for significant changes.
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. Your continued use of the Website after any changes to this Privacy Policy constitutes your acceptance of the revised terms. If you do not agree to the revised Privacy Policy, you should discontinue use of the Website immediately.
For material changes that significantly affect how we process your personal information, we will make reasonable efforts to notify you directly, such as through an email to the address you provided or through a prominent notice on our Website before the changes take effect.
16 Contact Us
If you have any questions, concerns, complaints, or requests regarding this Privacy Policy or our data protection practices, or if you wish to exercise any of your rights described in Section 10, please do not hesitate to contact us. Our Data Protection team will respond to your inquiry within 30 days of receipt.
Department of Zoology
Mahatma Gandhi Central University
Motihari, Bihar 845401, India
Data Protection Officer / Principal Investigator:
Dr. Shyam Babu Prasad
Assistant Professor
Email: shyambabuprasad@mgcub.ac.in
Phone: +91 9873602432
We aim to resolve all privacy-related complaints within 30 business days. If you are not satisfied with our response, you have the right to escalate your complaint to the appropriate data protection authority under the Digital Personal Data Protection Act, 2023.