Privacy & Data Security

Privacy & User Access Rights

Data privacy is strictly controlled in LabCup: the group is the owner and any inventory data is private until it is specifically shared!

Controlled data sharing (groups & departments)

Data sharing hierarchy can be set up in LabCup that perfectly reflects the organization’s structure including institutes or departments. Data can be shared on a flexible way, down to the research group level decided by the leaders of the research groups.

User Access Rights

User access rights can be strictly controlled by the group administrators as required. Additionally, there is a ‘Safety Officer’ account, that can be assigned at group level or at any higher level in the organisation (Department, campus-wide, etc). There are also other special user accounts including Stores/loading bay, Fire department, Hazardous waste disposal, and other, to cover different user roles within the organisation.

Users are responsible for chemicals & equipments

Each and every chemical has a responsible person attached to it. When someone leaves the ownership of chemicals has to be transferred. For auditing purposes any change in ownership or chemical data is recorded in the log.

Laboratory Chemical Inventory Software Access Rights

Data Security

Your data is secured by industrial standard strong encryption on the server. Also, the end-to-end communication between the server and the client browser is encrypted by TLS and secure communication is always enforced.

To proactively protect your data we regularly complete third party penetration tests, security assessments and invest heavily into IT security and compliance.

Our latest (2020) penetration test and code review are conducted by the market leader Ernst & Young. The report is available for our contracted clients.

To facilitate the communication on IT security with our partners, we regularly take part in third-party cyber risk management programs as CyberGrx or Prevalent (H-ISAC-2.1.2).

Cyber Essentials is a UK Government-backed, industry-supported scheme to help organisations protect themselves against common online threats. The Cyber Essentials Scheme contains a self-assessment and a technical audit process to ensure the high level of IT security at LabCup.

Passwords

In compliance with the highest security standards, passwords are always encrypted within LabCup and no passwords are sent in emails. Password policy rules can also be set.

NEW: Now we provide optional two factor authentication (2FA) for additional security. It is compatible with hardware keys as well if you have any!

CAS integration

LabCup can link with Central Authentication Systems (“CAS”) or Single Sign-in Systems (“SSO”), including:
-OAUTH 2 providers
-SAML
-Shibboleth
Please contact us to discuss this requirement.

Audit logs

Any user action involving data modification is continuously logged and timestamped for auditing purposes (only). In case of incident these can be made available.

Dedicated server

If required, the LabCup software package can run on a dedicated, separate cloud server for an institution . Please contact us to discuss your requirements

Virus & Malware

Any uploaded files are automatically checked using two independent, commercial Virus & Malware scanner.

Backup of your data

Your data is backed up automatically backed up on a daily basis, with no action required on your part. However, if you also wish to save your data in addition to the automatic backup, then you can always export your inventory database and save it on your computer. Your data is yours and we don’t lock you in! The user always owns their data, LabCup simply provides a way for that data to be managed and stored. The backed up data is also AES256 encrypted for the highest data protection and stored on a remote server, within the region as required by data protection regulations.

Contact us:

For questions,
to arrange a demo,
pricing, and anything else, please get in touch through the catalog or the form!

Service Provider	LabCup Limited (1 Blanchardstown Corporate Park, Ballycoolen Road, Blanchardstown, Ireland, D15 AKK1, e-mail address: info@labcup-32e44d.ingress-bonde.easywp.com, represented by: Gábor Radics)
Website	The entirety of the content and the services available via the www.labcup.net and www.labcup.com web addresses operated by the Service Provider.
Software	Laboratory and research institution inventory software provided by the Service Provider.
Visitor	Natural persons who do not engage any services, but are merely browsing the Website.
Customer Authorized User	Organizations that entered into a customer agreement and having an account to the Software. Customers or individuals granted access to a workspace by a Customer. Visitors, Customers and Authorized Users shall be deemed together as Users.
Website GTC	The General terms and conditions of the Website, which are made available on the Website, and which regulate in detail how the Customers or Authorized Users may use the Website and the Software available there.