Service overview and legal framework

Last update: 2025-08-24.

Genomic Vault by Switzerland Omics

At a glance

Plain and simple: our product is complete privacy. Our only incentive is to protect and serve you.

We will never use your data for anything beyond storage and sharing under your control. We will never sell it, use it for advertising, or target you with upsells or spam. Your genome data and your identity remain private. The choice to share is always yours.

Purpose and scope

This page explains how Genomic Vault works, the principles behind its design, and the legal frameworks that guide it. It is not a contract or set of binding terms; it is an information page about our product and company approach.

Genomic Vault is operated by Switzerland Omics. It provides long term storage and controlled sharing of genome data and related outputs. The service is designed for individuals, clinics, and research groups that require privacy by default, transparent audit trails, and confidence that their data remains under their control.

Genomic Vault is a custody and governance platform. It is not a diagnostic or therapeutic service, and it does not provide medical advice, laboratory analysis, or clinical interpretation.

Applicable law

We operate under Swiss law, in particular the Federal Act on Data Protection (revDSG, SR 235.1). Where relevant, we also follow the Federal Act on Human Genetic Testing (HGTA or LAGH, SR 810.12), which protects individuals in the context of genetic analysis. Genomic Vault does not perform testing and is therefore not accredited under this Act.

The Swiss Code of Obligations (OR, SR 220) governs contractual relationships. For customers based in the European Union, we extend protections in line with the General Data Protection Regulation (GDPR, EU 2016/679).

We comply with valid Swiss court orders. To date, we have never received such an order, and we consider the likelihood to be very low. We do not voluntarily share personal data, including customer identities, with third parties. Outside of such orders, customers may delete or revoke access to their data at any time.

What the service is

Genomic Vault secures genome files and related digital content. It preserves metadata for provenance and integrity. It enables controlled sharing, whether limited variant sets or full file exports, and maintains a permanent record of each share, including recipient, dataset, and date.

What the service is not

The service is not a diagnostic tool and is not accredited under Swiss healthcare law. It does not provide medical advice or treatment recommendations, and outputs are not intended for clinical decision making.

Roles and responsibilities

In institutional deployments we may act as a data processor under the instruction of an institutional controller. For individual accounts, Switzerland Omics is the data controller for the limited processing required to operate the service, while the individual decides when and with whom to share their data. All processing follows purpose limitation, data minimisation, and privacy by design.

Data categories

We process genome files, metadata required for provenance and auditing, minimal account information, and operational logs evidencing access and sharing. We do not process unrelated behavioural data and we do not use customer data for advertising.

Security and governance

We apply technical and organisational safeguards consistent with the Federal Act on Data Protection and with international standards such as ISO 27001, 27017, and 27018. Core measures include encryption of data at rest and in transit, least privilege access controls, segregation of environments, comprehensive logging, pseudonymisation where suitable, regular vulnerability testing, and contractual security obligations for vendors.

We operate an information security management system with clear ownership, regular risk assessment, and defined incident response. All staff receive training appropriate to their roles. Security incidents are investigated, documented, and notified where required.

Data residency and transfers

Primary hosting is in Switzerland. If data are transferred outside Switzerland or the EU, we use recognised transfer mechanisms such as Standard Contractual Clauses. We assess recipient protections and restrict onward sharing.

Retention and deletion

We retain data for the duration of an account or institutional contract. On termination, data are either deleted or returned in accordance with the agreement. Backups are securely destroyed after the defined retention period. Customers can export and delete their data at any time through account controls.

Individual rights

We support rights of access, rectification, restriction, portability, and deletion under the revDSG and, where applicable, the GDPR. Customers can contact us at any time to exercise these rights.

Certification path

Our roadmap is phased. At launch, we focus on core compliance with Swiss law and industry best practice. As we grow, we will engage external auditors and formalise our information security management processes. We then seek ISO 27001 certification, extended with ISO 27017 and 27018 for cloud and personal data protection. For partnerships that require it, we may also obtain ISO 13485 or ISO 20387. At maturity, we maintain these certifications through regular audits and align with hospital and international requirements.

Future developments

Genomic Vault is not a diagnostic or medical service today. If in future Switzerland Omics extends into diagnostic-grade services, these will only be offered following the required regulatory approvals and accreditations. In Switzerland this would include authorisation under the Federal Act on Human Genetic Testing and accreditation such as ISO 15189. In the European Union it would include conformity with the In Vitro Diagnostic Medical Devices Regulation and related standards such as ISO 13485, ISO 14971, and IEC 62304.

References in law

• Swiss Constitution, Article 13
• Federal Act on Data Protection, revDSG, SR 235.1
• Federal Act on Human Genetic Testing, HGTA/LAGH, SR 810.12
• Swiss Criminal Procedure Code, SR 312.0
• Federal Act on the Use of DNA Profiles in Criminal Proceedings, SR 363
• Swiss Civil Code, Article 28
• Swiss Penal Code, SR 311.0
• Swiss Code of Obligations, OR, SR 220
• EU General Data Protection Regulation, EU 2016/679

Contact

• Legal, privacy, or operational enquiries: admin@switzerlandomics.ch

Final summary

Genomic Vault is a Swiss service that keeps your genome data safe and under your control. We store the files securely, let you decide when and with whom to share them, and keep a transparent record of every access. We do not sell or repurpose your data. The service is not diagnostic. If we expand into clinical use, we will do so only once the proper approvals and certifications are in place.