Get involved and become a partner in our efforts towards biodiversity conservation. Visit the Project Sponsorship page to learn more about our microbial life archive and how you can contribute to our scientific research platform. **CLICK HERE**

Discover. Document. Protect Microbial Diversity with Epolleo

+1.605-213-0248

  • Home
  • Get Involved Today
  • Collection Campaigns
  • Screening Protocols
  • Students and Teachers
  • Curated Library
  • Donations and Fundraising
  • Ethical Sharing Policy
  • More
    • Home
    • Get Involved Today
    • Collection Campaigns
    • Screening Protocols
    • Students and Teachers
    • Curated Library
    • Donations and Fundraising
    • Ethical Sharing Policy

+1.605-213-0248

Discover. Document. Protect Microbial Diversity with Epolleo
  • Home
  • Get Involved Today
  • Collection Campaigns
  • Screening Protocols
  • Students and Teachers
  • Curated Library
  • Donations and Fundraising
  • Ethical Sharing Policy

Legal Policy and Compliance Documentation

Innovative Solutions for Your Business

Know Your Customer Policy

Personal Data and Privacy Policy

The Epolleo Know Your Customer (KYC) Protocol outlines our due diligence process for all platform participants—students, educators, researchers, and industry partners. To ensure transparency, security, and legal compliance, Epolleo verifies each user's identity and institutional legitimacy before granting access to sensitive data or licensing Diversity Credits. This policy protects the platform from misuse, supports ethical research, and aligns with U.S. and international standards, including AML/CFT laws, FATF guidance, and scientific responsibility. Please review the full document below for participation requirements and compliance expectations.

Learn More

Personal Data and Privacy Policy

Personal Data and Privacy Policy

This document outlines how Epolleo protects your personal information while using our platform. In accordance with U.S., EU, and global data privacy laws, our policy defines how we collect, process, store, and share user data—including names, emails, geolocation, and participation metadata. It includes a Know Your Customer (KYC) component requiring identity verification for access to sensitive services. The policy protects minors through COPPA- and FERPA-aligned practices and prohibits the sale of data. Users have rights to access, correction, deletion, and breach notification. View the full policy for legal, operational, and user protection details.

Learn More

Terms and Conditions for Registration

Terms and Conditions for Registration

This policy governs your participation on the Epolleo Diversity Platform. By registering an account or submitting microbial samples, you agree to these terms, which outline your responsibilities, data rights, and platform privileges. It includes rules for campaign registration, Diversity Credit issuance, account verification, and data licensing. The agreement also covers platform security, compliance with U.S. and international laws, and your rights regarding intellectual property and data contributions. All users—students, researchers, and industry partners—must review these terms before engaging with Epolleo.

Learn More

General User Guide

Global Website Privacy Policy

Terms and Conditions for Registration

This official guide provides a comprehensive overview of how to access, navigate, and contribute to the Epolleo Diversity Platform. Whether you're a student, educator, researcher, or institutional partner, this document walks you through creating an account, submitting microbial samples, earning Diversity Credits, and securely managing your data. It includes platform rules, eligibility requirements, dashboard functions, licensing processes, and user responsibilities. Designed to support transparency, compliance, and ethical participation, this guide is essential for all users interacting with the platform.

Learn More

User Manual

Global Website Privacy Policy

Global Website Privacy Policy

This comprehensive manual outlines the full operational structure, platform rules, legal terms, and user responsibilities for the Epolleo Diversity Platform. Unlike the General User Guide—which provides a quick-start overview—this manual serves as the authoritative reference for researchers, educators, institutions, and policy stakeholders. It covers data validation, project licensing, Diversity Credit protocols, system security, metadata standards, and dispute resolution under U.S. and international law. All registered users are expected to review this document for full compliance.

Learn More

Global Website Privacy Policy

Global Website Privacy Policy

Global Website Privacy Policy

This policy outlines how Epolleo collects, uses, protects, and shares your personal information when you interact with our website. Compliant with global standards—including GDPR (EU/UK), CPRA (California), PIPEDA (Canada), and COPPA (U.S.)—it details your rights, consent options, cookie preferences, and data access procedures. The policy also includes protections for educators, students, and research entities, along with transparency around third-party services and international data transfers. By using this site, you agree to these practices, designed to uphold your privacy and platform security.

Learn More

Policy File Downloads

Epolleo Inc. Policy and Procedure Documents for Download

Epolleo Personal Data Processing and Privacy Policy [1.0] (pdf)Download
Epolleo Terms and Conditions for Registration [1.0] (pdf)Download
Epolleo Know Your Customer Policy [1.0] (pdf)Download
Epolleo User Manual [1.0] (pdf)Download
Epolleo General User Guide [1.0] (pdf)Download
Epolleo Global Privacy Policy [1.0] (pdf)Download

Privacy Policy

Epolleo Global Privacy Policy

Effective Date: 7-22-2025
Last Updated: 7-22-2025


1. Introduction and Scope Epolleo is a nonprofit organization dedicated to advancing global microbial biodiversity and educational outreach through secure, ethical digital systems. This Privacy Policy outlines how Epolleo collects, uses, stores, and protects your personal information. It applies to all website visitors, users, contributors, and data subjects globally. This policy is binding and aligns with major privacy regulations, including:

  • General Data Protection Regulation (GDPR – EU/EEA)
  • UK General Data Protection Regulation (UK GDPR)
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Australia Privacy Act
  • Children’s Online Privacy Protection Act (COPPA – U.S.)

By using our website, hosted on GoDaddy, or submitting data through our platforms, you agree to this policy. If you do not agree, please stop use immediately.


2. Information We Collect We collect both personally identifiable and non-identifiable information:

  • Personal Data Provided by You: Includes name, email, organizational affiliation, education level, role, consent forms, and voluntarily submitted information in forms.
  • Educational Metadata: Includes anonymized student data submitted by verified educators, class-level identifiers, and project-related tags.
  • Technical and Log Data: Automatically collected information including browser type, IP address, time zone, date/time of visits, and device identifiers.
  • Search Behavior and Usage Analytics: Includes search terms, database access logs, clickstream data, and interaction timestamps.
  • Geolocation Information: Collected via IP lookup, subject to user consent.
  • Cookies and Tracking Pixels: Used for functionality, diagnostics, and performance optimization. Consent banners and opt-out controls are provided in accordance with each jurisdiction's requirements.


3. How We Use Your Data We process collected data to:

  • Deliver requested services and respond to inquiries
  • Maintain and verify user access to our scientific databases and tools
  • Enable safe collaboration between educators, researchers, and innovators
  • Conduct security audits and trace access to sensitive biological information
  • Fulfill legal obligations and ensure biosafety and export control compliance
  • Improve platform performance and user experience
  • Support Epolleo's research, education, and Diversity Credit issuance processes.

No personal data is sold or leased under any circumstances.


4. Legal Basis for Processing Under GDPR, UK GDPR, and equivalent global statutes, Epolleo processes your data based on:

  • Consent: For receiving communications or using non-essential cookies.
  • Contractual Necessity: To manage user accounts or fulfill MTAs.
  • Legal Obligation: To comply with recordkeeping, biosafety, and grant requirements.
  • Legitimate Interest: To secure our infrastructure, enforce our policies, and analyze performance metrics.


5. Data Sharing and Disclosure Data is shared with:

  • Internal Teams: Limited to trained personnel on a need-to-know basis.
  • Service Providers: GoDaddy (hosting), Google Analytics (anonymized), and file storage vendors, all of which are subject to contractual data protection clauses.
  • Government Authorities: When legally compelled under subpoena or biosafety investigation.
  • Educational and Scientific Review Panels: Under nondisclosure agreements for project approvals or grant matching.

We use Data Processing Agreements (DPAs) for all third-party vendors.


6. Cookies and Tracking Technologies Our site uses first-party and third-party cookies:

  • Essential Cookies: Required for site functionality and session management.
  • Analytics Cookies: For usage metrics and trend analysis.
  • Consent Management: Cookie banners are dynamically displayed based on the user's location and settings.
  • DNT Signals: Where browser-enabled, we respect Do Not Track preferences.

Users may update cookie preferences anytime via their browser or our settings portal.


7. Data Retention Policy We retain data only for as long as necessary:

  • User Accounts: Retained until deletion request or inactivity threshold (5 years).
  • Student Contributions: Anonymized and preserved for academic reproducibility.
  • Search Logs and Audit Trails: Retained for up to 7 years for biosafety compliance.
  • Backups: Secured and cycled on encrypted servers every 30 days.

Upon request, we will securely delete or anonymize data, subject to any applicable legal exceptions.


8. Your Rights Depending on your region, you may be entitled to:

  • Access and correct personal data
  • Request deletion (“right to be forgotten”)
  • Object to or restrict processing
  • Withdraw previously granted consent
  • Data portability (structured, machine-readable format)
  • File a complaint with a supervisory authority (e.g., ICO, EDPB, CPPA)

To exercise rights, contact privacy@epolleo.org with proof of identity. We respond within 30 days.


9. Children’s Privacy (COPPA & International Compliance) Epolleo complies with all applicable laws protecting minors:

  • Under 13 (U.S.): Parental or school consent is required before any data collection.
  • Under 16 (EU/UK): Data collected only with verified adult intermediary (e.g., teacher).
  • Student data is anonymized before analysis or reporting.
  • No direct communication is conducted with minors.


10. Security Measures Security is our highest priority:

  • End-to-end SSL/TLS encryption for data in transit
  • Encrypted-at-rest database storage on GoDaddy infrastructure
  • Role-based access control and minimum privilege enforcement
  • Routine penetration testing and log auditing
  • MFA for admin-level access
  • Annual third-party compliance review

If a data breach occurs, we will notify users within 72 hours as required by GDPR and applicable laws.


11. International Transfers If data is transferred outside of your country:

  • Transfers to the U.S. (e.g., GoDaddy servers) are protected by Standard Contractual Clauses (SCCs).
  • Data access logs are subject to regional audit rights.
  • We use encrypted VPN tunnels for high-sensitivity operations when needed.


12. Third-Party Services We use secure external vendors with limited scope:

  • GoDaddy: Hosting and domain services.
  • Google (Analytics): Site performance tracking (IP anonymized).
  • Mailgun or SendGrid: Transactional email.
  • All vendors must comply with global data protection requirements via DPAs.


13. Accessibility and Inclusive Use Epolleo is committed to digital accessibility:

  • Our site conforms to WCAG 2.1 Level AA standards.
  • Forms and materials are screen-reader compatible.
  • Contact privacy@epolleo.org to request alternate formats or accessibility accommodations.


14. Changes to This Policy We may revise this policy in response to:

  • Regulatory changes
  • Service or infrastructure updates
  • Audit recommendations

Users will be notified by email and homepage banner for material changes. Archived versions are available upon request.


15. Contact Information Epolleo Data Protection Contact:
Email: privacy@epolleo.org
Mail: Epolleo, 47080 273rd Ave, Harrisburg, SD 57032-8102
DPO Contact (EU/UK): dpo@epolleo.org


16. Jurisdiction and Dispute Resolution This Privacy Policy is governed by the laws of the State of South Dakota. Any dispute arising out of this Policy shall be resolved through:

  • Initial mediation, then binding arbitration
  • Jurisdiction of courts located in Minnehaha County, South Dakota, USA unless required otherwise by law


We appreciate your trust in Epolleo and are committed to handling your data with transparency, integrity, and care.

  • Active Campaigns
  • Suggest a Campaign
  • User Experience Protocols
  • Technical Documentation
  • Legal and Compliance
  • Request Database Access
  • FAQ Section
  • BioDiversity Credits
  • Donations and Fundraising
  • BioDiversity Broker Info
  • Global Indigenous Policy
  • Technical Transfer Office

Epolleo BioDiversity Platform

201 Lipton St, Tea, SD 57064

+1.605-213-0248

Copyright © 2025 Epolleo BioDiversity Platform - All Rights Reserved.

Powered by

Epolleo.org uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept