GenoMycoGenoMyco

Legal

Privacy Policy

Last Updated: March 2026

Introduction

GENOMYCO LTD (the “Company”, “we”, “our” or “us”) develops novel antifungal solutions using fungal genomics. We are committed to protecting your privacy rights and ensuring our practices regarding the collection and processing of Personal Data (as defined below) are transparent and fair.

This Privacy Policy (the “Policy”) was designed to help you better understand our practices regarding the collection, storage, use, sharing, and any other processing of Personal Data. This Policy applies whenever you visit our Website, including any other domains or subdomains owned and operated by us, or otherwise access or interact with any other services, features or platforms we operate (collectively, the “Services”). This Policy is incorporated into and forms part of our Terms of Service.

Please note that certain provisions of this Policy may not be applicable to you, depending on your jurisdiction and the applicable laws.

We strongly urge you to read this Policy and ensure you fully understand and agree to it. By using the Services, you signify your acceptance of this Policy. If you do not agree to this Policy, please do not use our Services. You are not legally required to provide us with any Personal Data, but without it we will not be able to provide you with the full range or with the best experience of using our Services.

This Policy describes the following –

Table of Contents

  1. What is Personal Data
  2. What types of Personal Data we collect?
  3. Why do we process your Personal Data?
  4. With whom do we share your Personal Data?
  5. Tracking technologies
  6. Your rights
  7. How do we protect your Personal Data?
  8. International data transfer
  9. Additional information for US residents
  10. Minors
  11. Data retention
  12. Third party websites and links
  13. Updates to this Policy
  14. Controlling version
  15. Contact information

1. What is Personal Data

“Personal Data” (also referred to as “Personal Information” under US Privacy Laws) refers to any information that can directly or indirectly identify an individual, or that could be used to identify an individual with reasonable effort. Examples of Personal Data include, but are not limited to, a person's name, date of birth, contact details such as email address or phone number, and online identifiers such as IP addresses or user IDs.

“Non-Personal Data” refers to information that is aggregated or anonymized such that it does not reveal, and cannot reasonably be used to reveal, the identity of any individual. We do not know the identity of the individual from whom Non-Personal Data is collected. Non-Personal Data may include aggregated usage information and technical information transmitted by your device, such as browser type and version, operating system type and version, mobile network details, device settings, and software-related information. For the avoidance of doubt, any Non-Personal Data that is connected or linked to Personal Data shall be considered Personal Data for as long as such connection or linkage exists.

Subject to what is stated below, we do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health, government identifiers, precise geo-location or data concerning a person's sex life or sexual orientation (“Special Categories of Personal Data”).

2. What types of Personal Data do we collect?

We may collect and process the following types of Personal Data:

  • Communication information. When you communicate with us, for example through the “Contact Us” option on our Website, or otherwise provide us with any feedback, we collect your email address, the contents of those communications, any attachments you may send us, and any other information you choose to provide.
  • Device information and usage data. When you visit or access the Services, we may collect technical information about your device and your interaction with our Services. This information includes your Internet protocol (IP) address, unique identifiers and other device identifiers that are automatically assigned to your device, browser type and language, hardware model, device type, operating system, internet service provider, geo-location information, and other information about actions taken through the use of our Services. We may also collect log-in history and information regarding your use of the Services, including technical information transmitted by your device and details about your interactions, and behavior within the Services.
  • Information from other sources. We may also obtain information (that in general will not contain Personal Data) about you from other sources, including private and publicly – or commercially – available information, and through third-party partners and service providers.

3. Why do we process your Personal Data?

This section explains for what purposes we use your Personal Data and, where applicable, outlines the legal bases that underlie our usage.

Where applicable, the following describes the specific purposes for which you have voluntarily provided your Personal Data and in respect of which you have not indicated an objection to, or withdrawal of consent for, our use of such Personal Data, as recognized under applicable law. Where you wish to indicate such objection or otherwise withdraw your consent to such use, please refer to Section 6 (“Your rights”) for information on how you may exercise this right at any time.

PurposeLegal basis
Communication and support. We use your Personal Data to communicate with you and provide information and materials, manage our relationship with you, and provide customer support.The legal bases for such processing are the performance of our contractual commitments towards you; your consent; compliance with our legal obligations, and our legitimate interests. Our legitimate interests in this case are the provision of our Service, and supporting our customers.
Improving our Services. We collect and analyse information about you and your usage of our Services for the purposes of usability, quality, effectiveness and functionality, of our Services, including debugging to identify and repair errors and undertaking internal research for technological development and demonstration.The legal basis for processing this data is our legitimate interests, which are providing and improving our Services.
Website Interaction. When you interact with our Website, we may collect your online identifiers, such as Internet Protocol (IP) address, Cookie ID and, unique identifiers ("Online Identifiers"). Online Identifiers are used in particular to operate the Website and enable its proper functionality, for example to automatically recognize you by the next time you enter the Website or to confirm you are a real person.Strictly necessary cookies (as described in the Tracking Technologies section below) which are required for the proper and basic operation of the Website will be processed in our legitimate interests, where such cookies collect Personal Data on our behalf. Other cookies, to the extent these collect your Personal Data, will be based on your consent which we will obtain through our cookie notice and consent mechanism.
Integrity. We process certain information about you and your usage of our Services to keep the integrity and security of our Services, prevent fraud, identify your identity and enforce our policies.The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are keeping the integrity of our Services; detection of fraudulent activities; and the safety of our end-users.
Corporate transactions. We will share your Personal Data with potential purchasers, successors or investors in the Company or in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, reorganization, bankruptcy, consolidation or asset sale of any asset or transfer in the operation thereof) in relation to the Company.The legal basis for processing this data is our legitimate interests.
Compliance with applicable laws. We may collect, retain, process and disclose your Personal Data to meet legal obligations and respond to lawful requests from authorities.The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are compliance with our legal obligations and assisting law enforcement agencies.
Dispute resolution and protection from and exercise of legal rights and claims. We may collect your Personal Data in order to investigate violation of our policies, enable us to resolve disputes in connection with your use of the Services and to establish and defend our legal claims.The legal basis for processing this data is our legitimate interests. Our legitimate interest in this case is to establish and defend our legal claims.

We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services, as detailed above.

4. With whom do we share your Personal Data?

We may disclose your Personal Data as described below:

Category of RecipientData that will be DisclosedPurpose of Disclosure
Service providersAll types of Personal Data mentioned aboveWe may disclose Personal Data to our service providers, contractors and third parties, that perform services on our behalf, such as, hosting, storage, marketing, advertising and analytics.
Affiliated companies and entities within our groupWe may share your Personal Data internally within our group, subsidiaries and other affiliated companies, as necessary for administrative, management or other business-related purposes, to operate our Services, communicate with you, offer and provide our Services to you, etc.
Mergers and acquisitionsWe may disclose any of the Personal Data in connection with any merger, sale, transfer of any of our assets, investment, acquisition, bankruptcy, or similar event or any corporate transaction.
Auditors and advisersWe may share your Personal Data with our external auditors, advisors and professional service providers (such as lawyers, accountants, and insurers) to ensure our compliance with regulatory requirements, support, auditing, and manage disputes.
Legal and regulatory entitiesWe may disclose any type of Personal Data, in case we believe, in good faith, that such disclosure is necessary in order to enforce our policies, take precautions against liabilities, investigate and defend ourselves against any third-party claims or allegations, protect the security or integrity of the Service and protect the rights and property of the Company. We may also disclose your Personal Data when requested by legal or regulatory authorities in response to a verified request relating to terror acts, criminal investigations or similar illegal activity, or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose. We may also disclose information to comply with applicable laws, regulations and rules, and if required to do so by court order.

We reserve the right to use, disclose or transfer (for business purposes or otherwise) aggregated and processed Non-Personal Data to third parties, including, inter alia, affiliates, for various purposes including commercial use. This information may be collected, processed and analyzed by us and transferred in a combined, collectively and aggregated manner (i.e., your information is immediately aggregated with other users) to third parties.

When we share information with service providers, we ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other Non-Personal Data for their own benefit).

5. Tracking technologies

When you visit or access our Website we use (and authorize 3rd parties to use) pixels, beacons, local storage, cookies, and similar technologies (collectively, “Tracking Technologies”). These allow us to automatically collect information about you, your device and your online behavior, in order to enhance your navigation in our Services, improve performance, perform analytics and customize your experience. In addition, we may merge data we have with data collected through these Tracking Technologies and data we may obtain from other sources and, as a result, such data may become Personal Data.

What types of Tracking Technologies do we use?

We store first-party and third-party Tracking Technologies when you visit or access our Services. These Tracking Technologies may be stored for the duration of your visit on our Services or for repeat visits.

We use the following categories of Tracking Technologies:

  • Strictly Necessary – These Tracking Technologies are automatically placed on your device when you access our Services. They are essential to enable you to log in, navigate around and use the features of our Services. We do not need to obtain your consent to use these Tracking Technologies.
  • Functionality – These Tracking Technologies allow our Services to remember choices you make and provide enhanced and personalized features. For example, they are used for authentication and support other features of our Services.
  • Performance and Analytics – These Tracking Technologies collect information about your online activity (for example the duration of your visit on our Services). They are used for analytics, research and statistical purposes (based on aggregated information). Our Website and Services use analytics tools, including Google Analytics, a web analysis service provided by Google Inc. (“Google”) which is based on Tracking Technologies. The information generated by these Tracking Technologies is usually sent to and stored on Google server in the USA. On behalf of the Company, Google will use the generated information to evaluate your use of the Website and the Services, to compile reports on website activities, and to provide the website operator with additional services connected with website and internet use. The IP address transmitted by your browser in connection with Google Analytics is not collated with other data by Google. We use the information we get from Google to maintain and improve our Website and Services. We do not combine the information collected through the use of Google with Personal Data we collect. We may add or remove analytic tools at any time.
  • Social Media and Similar – These Tracking Technologies include social media features, such as third-party log-in services. They may be hosted by a third-party or directly on our Services. Your interactions with these features are governed by the privacy statement of the company providing them.

How can you control Tracking Technologies?

Except for Strictly Necessary Tracking Technologies, you can always withdraw your consent to non-essential ones through your web browser or device settings, usually found in the ‘Options’ or ‘Preferences’ menu of your browser.

Any such changes may require you to manually adjust preferences each time you visit a site, and some services or functionalities may not work. If you reject Tracking Technologies through your browser, you may still use the Website and Services, but some features may be limited.

Do-Not-Track (DNT) Signals

Cal. Bus. and Prof. Code Section 22575 requires us to notify you about how we handle “Do Not Track” settings in your browser. As of the effective date listed above, there is no commonly accepted response for Do Not Track signals initiated by browsers, therefore, we do not respond to them. Do Not Track is a privacy preference you can set in your web browser to indicate that you do not want certain information about your web page visits tracked and collected across websites.

6. Your rights

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Data.

To the extent these rights apply and concern you, you can contact us via the contact details available below and ask us to exercise the following rights:

  1. Right of access: The right to receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
  2. Right of rectification: The right to request rectification of your Personal Data in our control, in the event that you believe the Personal Data held by us is inaccurate, incomplete or outdated.
  3. Right to erasure: The right to request the deletion of your Personal Data.
  4. Right to restrict processing: The right to request to restrict the processing of your Personal Data by us.
  5. Right to data portability: The right to receive the Personal Data you provided us with in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller.
  6. Right to object to processing: The right to request that we cease to conduct certain Personal Data processes at any time.
  7. Right to withdraw your consent: To the extent we process Personal Data on the basis of your consent, you have the right to withdraw your given consent at any time. Exercising this right will not affect the lawfulness of processing your Personal Data based on your consent before its withdrawal.
  8. Right not to be subject to automated decision making: The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significant effects.
  9. Right to opt-out of the sale or share of Personal Information: The right to opt-out of the “Sale” or “Share” of Personal Information (as these terms are defined under applicable laws).
  10. Right to limit use and disclosure of your Sensitive Personal Information: The right to request to limit the use and disclosure of your Sensitive Personal Information, to that use which is necessary to perform our Services.
  11. Right to non-discrimination: The right to be free from any discrimination for exercising your rights, such as offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request. We may, however, charge different prices or rates, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by your Personal Data.

Please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. We may also rectify, replenish, or remove incomplete or inaccurate information, at any time and at our own discretion, in accordance with our internal policies.

Exercising your rights:

  1. You may request to exercise these rights by contacting us at: info@genomyco.com. We will handle these requests, complaints or queries in accordance with applicable laws, and provide you with a reply in a timely manner. Please note that we may require additional information and documents when processing your request, including certain Personal Data, in order to authenticate and validate your or any applicable authorized agent's identity and to process your request. Such additional information may also be retained for legal purposes in accordance with this Policy.
  2. In some jurisdictions, you have the right to appeal a rejection of your request. If your appeal is denied, certain jurisdictions allow you to submit a complaint via the local attorney general or another competent authority responsible for handling such matters.
  3. If you think we have infringed data protection laws, you can file a claim with the data protection supervisory authority in your jurisdiction of residency, as applicable to you.

7. How do we protect your Personal Data?

We have implemented physical, technical, and administrative measures to help prevent unauthorized access, use, or disclosure of your Personal Data. Your Personal Data is protected by robust safeguards to ensure secured processing. For example, we ensure Personal Data is encrypted both in transit and at rest, and any access is strictly limited to a minimum number of authorized individuals who are subject to confidentiality, minimizing the amount of data that we store on our servers, restricting access to Personal Data by Company employees, contractors, agents, etc.

We will take all steps necessary to ensure that your Personal Data is treated securely and in accordance with this Policy, however, please note that the transmission of Personal Data via the internet is not completely secure. We cannot guarantee that the information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

8. International data transfer

Please note that we, as well as our trusted partners and service providers, may be located around the world. We operate globally, and any information that we collect, disclose or share, including (but not limited to) your Personal Data, may be stored and processed in various jurisdictions around the world, for the purposes detailed in this Policy, including in countries that may not provide the same level of data protection as the country where you reside. In such cases we will ensure that applicable safeguards and, where required, legal mechanisms, are used to ensure that the transfer is aligned with the applicable data protection laws.

9. Additional information for US residents

This section of the Policy addresses specific disclosure requirements under the applicable laws pertaining to data privacy, data security, and the protection of Personal Information in the United States (collectively: “US Privacy Laws”).

9.1. Collection of Personal Information

In the preceding twelve (12) months, we have collected the following categories of Personal Information:

Categories of personal informationData types
IdentifiersFor example, name, unique personal identifier, online identifier, internet protocol address, email address and other similar identifiers.
Personal information categories listed in the California Customer Records StatuteFor example, name.
Internet or other similar network activityInformation included in your interactions within our Services. Additional information also includes IP addresses, unique device identifiers, device and operating system, browser version, pages visited, your geographic location, log data and other information derived from your interaction with our Services.
Geo-location dataIP address and your non-precise geographic location.

9.2. Sources of Personal Information

In the preceding twelve (12) months, we have collected the above-mentioned categories of Personal Information from the following categories of sources:

  • Directly, through your activity on our Services: For example, from your interaction with our Services and when you provide information via our Services.
  • Indirectly from you: We track some activities across the internet, for example, when you view or interact with certain content, web pages or ads.
  • From third-parties: For example, from service providers who assist us in performing the Services.

We do not offer financial incentive to end users for providing Personal Information.

9.3. Disclosure of Personal Information

We do not “Sell” or “Share” your Personal Information, as these terms are defined under US Privacy Laws. However, we disclose Personal Information about you.

In the preceding twelve (12) months, we may have disclosed your Personal Information as follows:

Categories of RecipientsCategories of Personal Information
Affiliated companies and entities within our groupAll categories of Personal Information
Service Providers
Auditors and advisors
Any Acquirer of Our Business
Legal and Regulatory agenciesSubject to law enforcement or a competent authority request

Any disclosure of Personal Information is limited to what is essential for the purpose of such disclosure. Recipients are required to protect the Personal Information they receive and to use it solely for the agreed purposes, in accordance with applicable laws.

These third parties may independently use other Non-Personal Data for their own purposes.

9.4. Purposes for collection, processing and sharing

In addition to the practices detailed in this Policy, we also use and disclose the Personal Information we collect for the following commercial and business purposes:

  1. Auditing related to our interactions with you;
  2. Legal compliance;
  3. Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and necessary prosecution;
  4. Debugging;
  5. Performing services (for us or our partners);
  6. Internal research for technological improvement;
  7. Internal operations;
  8. Activities to maintain and improve our services; and
  9. Other one-time or short-term uses.

9.5. Authorized Agents

If you are a California resident, you may only designate an authorized agent to make a request on your behalf if: (i) The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and (ii) you sign a written declaration that you authorize the authorized agent to act on your behalf. The request must: (i) provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information or an authorized agent. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you, and (ii) describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it. We will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

10. Minors

We do not knowingly collect and process Personal Data from minors (as determined under the applicable laws where the individual resides; “Minor(s)”). By accessing or using our Services, you certify to us that you are not a Minor. In the event that we become aware that we have collected Personal Data from a Minor without verification of parental consent, we will delete that information upon discovery. Please contact us via the details available below if you believe that we might have any information from or about a Minor.

11. Data retention

We will retain your Personal Data for as long as necessary to provide our Services, comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.

12. Third party websites and links

We enable you to engage with third-party websites, mobile applications and products or services that are not under our ownership or control (referred to as “Third-Party Service”). However, we are not responsible for the privacy practices, security measures, or content of these Third-Party Services. Please note that these Third-Party Services may collect Personal Data from you. Therefore, we strongly encourage you to read the terms and conditions and privacy policies of any Third-Party Service you engage with.

13. Updates to this Policy

We reserve the right to change this Policy at any time. The most current version will always be posted on our Website (as reflected in the “Last Updated” heading). You are advised to check for updates regularly. By continuing to access or use our Services after any revisions become effective, you agree to be bound by the updated Policy. However, if this Policy is changed in a significant way, a notice will be posted on the home page of the Website 7 days before the changes take effect, unless the changes originate from any legal or regulatory requirement, in which case, the change shall enter into force in accordance with such requirement.

14. Controlling version

This Policy has been drafted in the English language, which is the original and controlling version of this Policy. To the extent permitted by law, all translations of this Policy into other languages shall be solely for convenience and shall not control the meaning or application of this Policy. In the event of any discrepancy between the meanings of any translated versions of the Policy and the English language version, the meaning of the English language version shall prevail.

15. Contact information

If you have any questions, inquiries, or concerns related to this Policy or the processing of your Personal Data, please contact us by email at: info@genomyco.com