Last Updated: February 10, 2016
What information do we collect from the people that use or visit our website, app or other services?
When ordering, signing up or registering on our website, app or other Services, you may be asked to enter your name, email address, mailing address, phone number, birthdate, gender, credit card information, sport and fitness interests and activities, medical insurance, and if you are professional joining the KDx network, your credentials and licenses may be requested, or other details to help you with your experience. On occasion, we might collect certain information about your characteristics, activities or behavior or possibly certain aspects of your medical history. We may collect any such information when you fill out forms or questionnaires or complete your profile through the Services, when you subscribe to email alerts, updates or newsletters or other special features through the Services or when you otherwise directly provide such information to us.
When you order genetic tests, biomarker tests or other tests through our Services, we may receive and store some or all of your test results (“Test Data”).
From time to time, you may upload, submit, post, transmit, share or otherwise provide on or through our Services certain text, files, software, graphics, music, audio, photographs, video, messages, communications, data, information or other materials that do not include PII (“User Content”).
Finally, we may generate, collect and store certain types of information about you and your use of our Services whenever you interact with or utilize the Services. For example, we may generate de-identified or aggregated analytics, trends or derivate data based on your use of the Services and/or your characteristics, Test Data and other information. As another example, we may automatically track or record your use of and activity on the Services, the time and date of your activities, your device ID, IP address, browser type, Internet Service Provider, page views, domains, operating system and similar information. Also, we may automatically send and receive information to and from a computer, mobile phone or other device in connection with your use of the Services. Like many websites and online services, we may also use “cookies” (see below), log files, web beacon technologies and other automated tools to obtain certain types of information when a web browser, mobile application or other application accesses our Services
How do we use your information?
We may use the information from or about you that we collect, receive or generate in the following ways:
- To operate, provide, administer, develop, and improve our Services, and to operate and support Company’s related businesses.
- To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested or targeted recommendations, promotions, information and instructions.
- To improve our website, applications and other Services in order to better serve you.
- To allow us to better support you in responding to your customer service requests and inquiries.
- To administer a contest, promotion, survey or other site feature.
- To process your transactions.
- To communicate with you regarding your use of the Services, such as to provide supplemental information in relation to your Test Data or to send periodic emails regarding the status of your orders or to notify you of any problems or delays.
- To better understand how users access and use our Services on an aggregated and individualized basis, to track and monitor usage, to conduct quality control, to fix technical and other errors or problems, to conduct market research and to respond to user desires and preferences.
- To analyze, generate, conduct research with, compile, publish, sell and otherwise similarly commercialize de-identified or aggregated information (excluding any Personally Identifiable Information) relating to Test Data and other usage and users of the Services, such as, for example, derivative and trend information and analyses regarding genetic variants, markers and SNPs of interest.
- For advertising, marketing and promotional purposes (excluding the provision to third parties of, or the publication of, any Personally Identifiable Information).
- To comply with applicable laws, rules and regulations and any regulatory mandate or court order.
- To enforce our TOS and other applicable agreements, rights and remedies.
- To protect the safety of any person, to address fraud, security or technical issues, or to protect Company’s rights or property.
- To use in any other manner, or for any other purpose, for which you have given express permission or consent to Company, including without limitation in any Informed Consent document.
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We also use regular malware scanning.
Your personally identifiable information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep such information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. All financial transactions are processed through a gateway provider and are not stored or processed on our servers.
We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of unencrypted electronically stored personally identifiable information to you via email or conspicuous posting on or through the Services in an expedient manner and without unreasonable delay, insofar as these are consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Do we use ‘cookies’ and other tracking technologies?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If you disable cookies, some features of the Services will be disabled or not function properly and your experience on our website may be adversely affected.
We may also use tracking technologies that are similar to cookies to collect information about your use and activities on our mobile applications, websites and other Services. For example, we may use log file information which is automatically reported by your browser each time you access a web page. When you use the Services, our servers may record certain information that your web browser sends whenever you visit any website or utilize any other services or applications. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other information. When you use the Services, we may employ clear GIFs (also known as web beacons) or similar mechanisms which are used to track the online usage patterns of our users anonymously. We may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. In addition, we may employ similar tracking technologies for mobile devices to collect and store information with respect to our mobile application.
When do we disclosue your information to third parties?
Except for the limited situations described below, we do not sell, trade, disclose or otherwise transfer to outside parties your personally identifiable information.
We may disclose your personally identifiable information and other information to website hosting partners, vendors, service providers and other parties who assist us in operating, providing or maintaining our website, mobile application and other Services, and in conducting our business or servicing you, so long as those parties agree to keep this information confidential and use such information only on our behalf. Other examples might include disclosures of your information to the laboratories conducting the tests that are part of the Services to generate your Test Data or disclosure of your information to physicians or counsels associated with such tests or the analysis of the Test Data for you. We may also release your personally identifiable and other information when we believe release is appropriate to comply with the law, judicial or regulatory proceedings or court orders or to enforce our Terms of Service and other Service policies. In addition we may disclose your personally identifiable and other information to protect ours or others’ rights, property, or safety or to detect, prevent, or otherwise address fraud, security, emergency situations or critical technical issues. Finally, we may disclose your personally identifiable information and other information to the extent you consent to such disclosure (whether through an Informed Consent document, through other parts of the Services or otherwise).
With respect to your non-personally identifiable information, we may disclose or provide such information to other parties for marketing, advertising, and other uses consistent with the permitted purposes described in the section above regarding how we may use your information. Furthermore, any User Content or other user information, content or materials submitted, posted, shared, transmitted or otherwise provided to publicly accessible portions of Services may be shared with the public without restriction. Company also reserves the right to publish or make publicly available any information that is already publicly available prior to the time first provided to or collected by Company or information that becomes generally publicly available without any action or omission on the part of Company.
We may also publish and otherwise disclose aggregated or de-identified information (including derivative information, trends and analyses) relating to usage, including results, and users of the Services, so long as such information is not connected to the name of an individual nor connected to similar information that would allow one to be specifically identified or contacted.
We will not disclose or transfer your individual Test Data to third parties except under those circumstances described above where it is permissible to disclose your personally identifiable information or to disclose aggregated or de-identified data.
Third party links, services and applications
Occasionally, at our discretion, we may include or offer third party products or services on our website or through our Services, which may involve links to third party sites or applications. The Services may also include or interoperate with applications, services, features or functionalities provided by third parties. In connection with such third party applications, services, features or functionalities, you may send (or such third parties may get access to) certain information about or related to you or your activities. These third party sites, applications, services, products, features and functionalities have separate and independent privacy policies that govern the information collected or generated about you. We have no responsibility or liability for these third party properties or for such third party’s use, protection and treatment of your information. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
In connection with the foregoing, we may implement the following from time to time:
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
- DoubleClick Platform Integration
We along with third-party vendors, such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions, and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
- Users can visit our site anonymously (although use of some of our Services may require registration and provision of certain PII).
- Users are able to change their personal information by logging in to their account
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place to the extent such signals require. Your use of DNT signals may adversely affect the Services available to you or their functionality.
Does our site allow third party behavioral tracking?
It’s also important to note that we allow third party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13. In order to use our Services you must represent and warrant that you are over the age of 13 in the sign-up process. Children under the age of 13 are not eligible to use the Services and must not attempt to sign-up with the Services and/or submit any personal information to us. We do not knowingly collect personal information from any person who is under the age of 13 or allow them to register. If it comes to our attention that we have collected personal data from a person under the age of 13, we will delete this information as quickly as possible.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Process orders and to send information and updates pertaining to orders
- We may also send you additional information related to our Services
- Communicate with your regarding support or customer service issues or your use of the Services
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the advertising and promotional messages as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests reasonably quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can email us at
firstname.lastname@example.org and we will promptly remove you from marketing and promotional correspondence.
Protecting Your Health and Test Information
Our Services are hosted in the United States. If you use the Services from the European Union, Asia or any other country outside the United States with laws or regulations governing personal data collection, use and disclosure that differ from the United States laws and regulations, please be advised that through the continued use of the Services, you are transferring information to the United States and you consent to that transfer. Your information may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us or use the Services, Company transfers personal information to the United States and processes it there, and your submission of such information represents your consent and agreement to that transfer.
Limitation of Liability
2120 University Ave.
Berkeley, CA 94704
version February 10, 2016