EU Data Act Information

Pre-contractual information regarding connected products and related services

The data holder for the data generated by the connected product and related service is:

QIAGEN GmbH
QIAGEN Strasse 1, 40724 Hilden, Germany
or another QIAGEN Group1 entity that is a party to the contract.

Data may be processed by other entities within the QIAGEN Group for the purposes set forth in Section 9) below.

QIAGEN products listed below qualify as a "connected product" within the meaning of Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonized rules on fair access to and use of data (“EU Data Act”), insofar as the product is connected to QIAsphere or otherwise facilitates the export of data, for example, via a USB stick or a connected personal computer (PC).

QIAGEN services listed below qualify as a "related service" within the meaning of the EU Data Act, insofar as the service is connected with the product in such a way that its absence would prevent the connected product from performing one or more of its functions, or which is subsequently connected to the product by QIAGEN, the manufacturer or a third party to add to, update or adapt the functions of the connected product.

In accordance with Article 3(2) and 3(3) of the EU Data Act, the following information is provided to the user:

1) QIAGEN connected products are capable of generating the following types of product data during use that are designed to be retrieved: raw sensor data (e.g., fluorescence values, voltages, temperature profiles, images) and system data (e.g., service logs/audit trails).

The data is available as text in PDF, XML, Json or Plain text formats, or as image in a common image format like JPEG, PNG or TIFF (depending on the required capabilities) where the actual raw data represented is an image.

The volume of data generated varies considerably with the instrument type and usually scales with the instrument usage as it relates to activity performed by the user. As a general estimate, data output is typically less than 500GB per month.

2) QIAGEN related services enable functionalities such as remote monitoring, integration with laboratory systems, remote support, troubleshooting, and instrument qualification service.

QIAGEN’s related services collect various types of product data, such as troubleshooting packages, utilization data, and audit information.

The exact volume and frequency of product data collected through each related service varies depending on the specific services and features in use. However, the estimated amount does not usually exceed 500GB per month, with the usual frequency of data collection being every 5 minutes.

3) QIAGEN’s related services collect various types of related services data, such as troubleshooting packages, utilization data, and audit information.
The exact volume of related services data generated by each related service varies depending on the specific services and features in use. However, the estimated amount does not usually exceed 500 GB per month.

4) Connected products are capable of generating data continuously and in real-time. This capability is primarily active during the product's operation while the product is actively performing a task. Some monitoring data, such as instrument connection status and temperature safety data may be generated continuously even when the product is not executing a specific task.

5) Connected products are capable of storing data either locally on the device (on-device) or on a PC connected to the device. When devices are connected to QIAsphere, data is also stored on a remote server. The retention period for data depends on its type and storage locations. For result data, the intended retention is typically until manual deletion by the user. For other data, such as non-critical log data, retention is generally limited by the available storage capacity of the device. Retention policies for data stored on remote servers are governed by the terms of the relevant service.

6) Related services are capable of storing product data on secure cloud platforms. Related service data is stored on secure cloud platforms. The retention period for collected data depends on its type and intended purpose. Once the purpose has been fulfilled and there are no legal or contractual retention requirements, the data will generally be deleted, unless QIAGEN holds a license to use it for other purposes.

7) The user may access, retrieve, and erase data generated by connected products and related services through the following technical means:

Data stored on the device can be accessed by the device user interface (UI) for relevant data (e.g., result files, log files, service logs). Data can be retrieved by exporting it to files via a USB stick, to file shares in the user's network, or via a connected PC (e.g., for devices controlled by PC or connected to a to a management solution like QMC or the QIAcuity suite). Data stored locally can typically be erased through the product's UI or by standard file deletion methods on the connected PC or exported media. Once data is exported to external media or a user's network, the responsibility for its retention, access control, and erasure transfers to the user. Some data is contained in encrypted containers that are intended to safeguard information. This usually applies to so called “service packages” QIAGEN uses to investigate customer issues. Should a user wish to access data within such a service package, please contact GGlobalDataRequestEUDA@qiagen.com. QIAGEN will provide assistance to decrypt the data or will decrypt it on the user's behalf and return the relevant content of the package without undue delay. The right to request certain data may be subject to applicable restrictions (e.g., data protection). For assistance in locating data, or in cases where data cannot be directly accessed, retrieved, or erased through the means described above, please contact GGlobalDataRequestEUDA@qiagen.com.

The user can request that data generated by the related services and readily available to QIAGEN be shared with a third-party data recipient of their choice by submitting an access request to QIAGEN. QIAGEN shall make the requested data available to the third-party data recipient according to QIAGEN's standard process or as QIAGEN otherwise reasonably determines in compliance with the Data Act. The user may end data sharing at any time via the same channel.

8) The terms of use, contract duration and termination arrangements, and any applicable quality of service commitments related to data access, retrieval, and erasure, particularly for services such as QIAsphere, may be further detailed in the relevant agreements and/or general terms and conditions provided with the product or service.

9) QIAGEN shall be entitled to utilize readily available data for the purposes contractually agreed upon and, where expressly consented to by the parties, for its own purposes. Such purposes may include, but are not limited to, performance of the relevant agreement with the user or activities related to such agreement, provision and maintenance of the related service and associated support, scientific and statistical research publications, research activities, enhancement, provision, and development of QIAGEN’s products and services, including artificial intelligence solutions.

QIAGEN may make the readily available data that is non-personal data to other entities of the QIAGEN Group or third parties (in particular suppliers), provided they use the data for the purposes specified above or otherwise agreed with the user. QIAGEN and any of these other third parties may outsource the processing of the data to third parties or otherwise delegate such processing.

10) The user has the right to lodge a complaint alleging an infringement of Chapter II of the EU Data Act with the competent authority designated under Article 37 of the EU Data Act .

11) The data or files requested that is accessible from the connected product or generated during the provision of a related service may contain information protected as trade secrets. Trade secrets are confidential business information that derives the trade secret holder (QIAGEN, the user or a third party) value from not being publicly known. This may include proprietary algorithms, specialized datasets, or business-critical insights that the trade secret holder seeks to protect from unauthorized access or disclosure. Where QIAGEN claims trade secret protection for specific data or files, the product descriptions or technical specifications typically identify the trade secret holder (they can be downloaded on the QIAGEN websites or are provided in connection with the contractual materials), or QIAGEN does so separately. Any sharing of data that contains trade secrets will take place only subject to appropriate technical and organizational measures to preserve their confidentiality, as required by the Data Act and other applicable law.

QIAGEN connected products in scope:

  • Rotor-Gene Q
  • QIAsymphony
  • QIAstat-Dx Analyzer
  • QIAstat-Dx Rise
  • QIAcuity LS and Dx
  • QIAexpert
  • QIAxcel
  • QIAgility
  • QIAquant
  • EZ1 Advanced
  • QIAcube HT
  • PyroMark

QIAGEN connected products in scope with QIAsphere connectivity

  • EZ2 Connect Fx, LS, MDx
  • QIAcube Connect
  • QIAstat-Dx
  • QIAxcel Connect

QIAGEN related services in scope:

  • QIAlink Software
  • Instrument Integration (LIMS / LIS) including LIS Connector software
  • QIAIdentity
  • QIAsphere ecosystem (Cloud / Base / App / Export Tool) QRSS (QIAGEN Remote Support Solution)

1 QIAGEN Group shall mean QIAGEN GmbH and all companies in which QIAGEN N.V., with its registered office in Hulsterweg 82, Venlo, 5912 PL, Netherlands, directly or indirectly holds 50% or more of the shares or exercises management control. A list of the most relevant QIAGEN Group entities can be found at: https://www.qiagen.com/contact-us/global-contacts/subsidiaries.