Privacy Policy
Last updated: May 27, 2026
1. Scope
This policy explains how the Mosaic Biodata Institute learning platform (the “Institute”) handles information about students and visitors. The Institute is an education and certification platform. It does not collect or process genetic data from students. Any genetic data you hold through a Mosaic Biodata testing product lives in your Mosaic platform account and is governed by Mosaic’s Genetic Data Consent Notice, not by this policy.
2. Information we collect
Account information. Your name and email address, provided through your shared Mosaic account when you sign in.
Learning activity. Your enrollment status, lesson progress, video watch progress, assessment attempts and scores, and certificate status.
Payment information. When you enroll, payment is processed by Stripe. We receive a confirmation and limited transaction metadata; we do not receive or store your full card number.
Technical data. Standard session and security information needed to operate the service (for example, a session cookie and request logs).
3. How we use information
We use your information to provide the program, track and unlock your progress, issue and verify certificates, process enrollment payments, send transactional messages (such as enrollment confirmation), secure the platform, and meet legal obligations.
4. Identity and single sign-on
Sign-in is handled through your shared Mosaic Biodata account. The Institute identifies you by a shared account identifier and your email; it does not maintain a separate password for you and stores no special categories of personal data beyond what is described here.
5. Service providers
We share information only with vendors that help us run the service, under contracts that limit their use of it:
- Stripe — payment processing.
- Mux — video hosting and signed playback.
- Amazon Web Services — hosting, storage, and email delivery.
We do not sell your personal information, and we do not share Institute learning data for third-party advertising.
6. Cookies and sessions
We use a secure session cookie to keep you signed in and to protect the platform. We do not use advertising or cross-site tracking cookies on the learning platform.
7. Data retention
We retain account and learning records for as long as your enrollment is active and as needed to maintain certificate verification, and for up to seven years thereafter, after which we delete or de-identify them, subject to legal requirements.
8. Your rights
Depending on where you live, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise any of these rights, contact us using the details below; we will respond within the timeframes required by applicable law.
9. Security
We use technical and organizational measures designed to protect your information, including encryption in transit, access controls, and signed media delivery. No method of transmission or storage is completely secure.
10. Children
The program is intended for adults and is not directed to children. We do not knowingly collect personal information from anyone under 18.
11. International transfers
We operate the service from the United States. If you access it from elsewhere, your information may be transferred to and processed in the United States.
12. Changes to this policy
We may update this policy and will revise the “Last updated” date above. Material changes will be communicated where required.
13. Contact
Privacy questions or requests: support@mosaicbio.io.
