These "privacy highlights" provide an overview of some core components of our data handling practices. Please be sure to read our full privacy statement.
We use information in general (i) to provide, analyze and improve our Services, (ii) as we reasonably believe is permitted by laws and regulations, including for marketing and advertising purposes, (iii) to protect the security and safety of our company, employees, and customers as we reasonably believe is permitted by laws and regulations, (iv) to comply with laws and regulations we are subject to, and (v) when you consent, for research purposes, the results of which could be used to develop therapeutics.
CONSENT TO THE USE OF SENSITIVE INFORMATION
By agreeing to our Privacy Statement and Terms of Service, you consent to sensitive information, such as information about your health, Genetic Information, and Self-Reported Information such as racial and ethnic origin and sexual orientation (where you provide it) being used by us to:
· analyze and provide you with our Services;
· determine whether you would be suitable to take part in surveys, polls or questionnaires that we are conducting; and
· monitor and improve existing products or services that we offer or to develop new products and services
We will not use your sensitive information without your consent unless: (i) the information has been anonymized or aggregated so that you cannot reasonably be identified as an individual; or (ii) a legal obligation requires us to use it in some way e.g. a court order requires us to disclose the information.
CONSENT TO THE TRANSFER OF YOUR PERSONAL INFORMATION
By agreeing to our Privacy Statement and Terms of Service, you consent to the storing and processing of your personal information, including sensitive information, in the USA and countries outside of the country you live in. We use a range of measures to safeguard information but these countries may have laws that are different from those of your country of residence. You also consent to your personal information, including sensitive information, being transferred in the event of a business transition such as a merger, acquisition by another company, or other transaction or proceeding. In such a case, your information would be used as set out in any pre-existing Privacy Statement.
We will not sell, lease, or rent your individual-level information (i.e., information about a single individual's genotypes, diseases or other traits/characteristics) to any third-party or to a third-party for research purposes without your explicit consent.
You may independently decide to disclose your information to friends and/or family members, doctors, health care professionals, or other individuals outside our Services, including through third-party services such as social networks and third-party apps that connect to our website and mobile apps through our application programming interface ("API"); always review the privacy policies of third-party apps and services before sharing your information.
We may share anonymized and aggregate information with third-parties; anonymized and aggregate information is any information that has been stripped of your name and contact information and aggregated with information of others or anonymized so that you cannot reasonably be identified as an individual.
We will use your information and share it with third-parties for scientific research purposes only if you sign a Consent Document. Note that we will disclose your individual-level information only if we obtain additional explicit consent from you.
If you have any questions about our privacy practices, please email us at privacy@Certainty Health.com or send a letter to the address provided at the bottom of our full privacy statement.
Full Privacy Statement
This privacy statement applies to all websites owned and operated by Certainty Health, LLC ("Certainty Health"), including www.Certainty Health.com. Our Privacy Statement is designed to help you better understand how we collect, use, store, process, and transfer your information when operating our website, mobile apps, products, software and other services (collectively "Service" or "Services").
- Key Definitions
- What information we collect
- Information you provide directly to us
- Information related to our genetic testing Services
- Information collected through tracking technology
- Other types of information
- How we use and share information
- Using information to provide, analyze and improve our Services
- Using information with your consent
- Recruiting for external research
- Information we share with third-parties
- Disclosures required by law
- Your choices
- Marketing communications
- Information you choose to share with others
- Important Information
- Privacy Shield
- Security Measures
- Business Transactions
- Linked Websites
- Children's Privacy
- Changes to this Privacy Statement
- Contact information
Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
Anonymized Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual.
Individual-level Information: information about a single individual's genotypes, diseases or other traits/characteristics, but which is not necessarily tied to Registration Information.
Personal Information: information that can be used to identify you, either alone or in combination with other information. Certainty Health collects and stores the following types of Personal Information:
- Registration Information: information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, address, user ID and password, and payment information).
- Genetic Information: information regarding your genotype (e.g. the As, Ts, Cs, and Gs at particular locations in your genome), generated through processing of your saliva by Certainty Health or by its contractors, successors, or assignees; or otherwise processed by and/or contributed to Certainty Health.
- Self-Reported Information: all information about yourself, including your disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while ordering a test.
- Sensitive Information: information about your health, Genetic Information, and certain Self-Reported Information such as racial and ethnic origin and sexual orientation.
User Content: all information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials - other than Genetic Information and Self-Reported Information: generated by users of Certainty Health Services and transmitted, whether publicly or privately, to or through Certainty Health.
Web Behavior Information: information on how you use the Certainty Health website (e.g. browser type, domains, page views) collected through log files, cookies, and web beacon technology.
Service or Services: Certainty Health's products, software, services, and website (including but not limited to text, graphics, images, and other material and information) as accessed from time to time by the user, regardless if the use is in connection with an account or not.
The following are our core privacy principles:
We collect and handle information (i) to provide, analyze and improve our Services, (ii) as we reasonably believe is permitted by laws and regulations, including for marketing and advertising purposes, (iii) to protect the security and safety of our company, employees, customers, as we reasonably believe is permitted by laws and regulations, (iv) to comply with laws and regulations we are subject to, and (v) when you consent, for research purposes, the results of which could be used to develop therapeutics.
We will not sell, lease, or rent your individual-level information (i.e., information about a single individual's genotypes, diseases or other traits/characteristics) to any third-party or to a third-party for research purposes without your explicit consent.
We understand and respect the sensitive nature of the information you may provide to us, including information about your genetic characteristics, disease conditions, racial and ethnic origin, etc. To that end, we strive to be transparent in our collection, use and disclosure of this information and to ask for your explicit consent to share such sensitive information with third-parties. Please see below to learn more about our sharing and consent practices.
We are committed to providing a secure and safe environment for our Services.
Please review this Privacy Statement and our Terms of Service. By using our Services, you agree to all of the policies and procedures described in the foregoing documents. Certainty Health is headquartered at the location indicated at the bottom of this policy - and is referred to herein as Certainty Health (or "we," "us," "our") and includes all of our commonly owned companies.
3. What information we collect
Information you provide directly to us
Registration Information. When you purchase our Services, we collect personal information, such as your name, date of birth, billing and shipping address, payment information (e.g., credit card) and contact information such as your email and phone number and license number.
Self-Reported Information. You have the option to provide us with additional information about yourself through surveys, forms, features or applications. For example, you may provide us with information about your personal traits (e.g., eye color, height), ethnicity, disease conditions (e.g. Type 2 Diabetes), other health-related information (e.g. pulse rate, cholesterol levels, visual acuity), and family history information (e.g. information similar to the foregoing about your family members). Where you are disclosing information about a family member, you should make sure that you have permission from the family member to do so.
User Content. Some of our Services allow you to create and post or upload content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission ("User Content"). For example, User Content includes any post or message you place on Certainty Health's community forums.
Blogs. Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request that we remove or anonymize your personal information from our blog or community forum, contact us at privacy@Certainty Health.com. Please note that whenever you post something publicly, it may sometimes be impossible to remove the information, for example, if someone has taken a screenshot of your posting. Please exercise caution before choosing to share personal information publicly on our blogs, community forums or in any other posting. Note also that you may be required to register with a third-party application to post a comment. To learn how the third-party application uses your information, please review their privacy statement.
Social Media Features and Widgets. Our website includes Social Media Features, such as the Facebook Like or Share button and Widgets, and the LinkedIn Open ID application ("Features"). These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. They may also allow third-party social media services to provide us information about you, including your name, email address, and other contact information. For example, if you use LinkedIn to sign in to our career portal, LinkedIn may import personal information from your LinkedIn profile in order to populate your job application. The data we receive is dependent upon your privacy settings with the social network. Features are either hosted by a third-party or hosted directly on our site. Your interactions with these Features are governed by the privacy statement of the company providing it. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service.
Referral Information and Sharing. When you refer a person to Certainty Health or choose to share results information with another person, we will ask for that person's email address. We will use the email address solely, as applicable, to make the referral or to share your results information, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for Certainty Health to communicate (e.g., via email) with him or her. The person you referred may contact us at privacy@Certainty Health.com to request that we remove this information from our database.
Address books. If you choose to use your computer's or mobile device's address book in connection with our Services to make referrals or to request that we communicate with another person, we may collect the names and contact information of those persons for these purposes only.
Third-party services (e.g., social media). If you use a third-party site, such as Facebook or Twitter, in connection with our Services to communicate with another person (e.g., to make or post referrals or to request that we communicate with another person), then in addition to that person's name and contact information, we may also collect other information (e.g., your profile picture, network, gender, username, user ID, age range, language, country, friends lists or followers) depending on your privacy settings on the third-party site. We do not control third-party site's information practices, so please review their privacy policies and your settings on those sites carefully.
Gifts. If you provide us personal information about others, or if others give us your information for purposes of ordering the Service as a gift, we will only use that information for the specific reason for which it was provided to us. Once a gift recipient registers for his or her Services and agrees to our Privacy Statement, our Terms of Service, and if applicable, Consent Document, his or her information will be used consistent with this Privacy Statement and those agreements, and we will not share any of the gift recipient's personal information with the user who purchased the gift.
Customer service. When you contact our Customer Care center or correspond with us about our Service, we collect information to: track and respond to your inquiry; investigate any breach of our Terms of Service, Privacy Statement or applicable laws or regulations; and analyze and improve our Services.
Information related to our genetic testing services
Saliva sample and bio-banking. To use our genetic testing services, you must purchase, or receive as a gift, a Certainty Health Genome Testing Kit, and ship your saliva sample using the provided label in the kit. Once received, your saliva sample will be identified by its unique barcode. The barcode label identifies you to us through your secure order only.
Unless you choose to not store your sample with Certainty Health (called consent to "bio-banking", which can be found here and changed in your settings), your saliva samples and DNA are kept after the laboratory completes its work, unless the laboratory's legal and regulatory requirements require it to maintain physical samples.
Genetic Information. Genetic Information refers to features of your DNA that distinguish you from other people (e.g. the As, Ts, Cs, and Gs at particular locations in your genome) may be generated when we analyze and process your saliva sample, or when you otherwise contribute or access your Genetic Information through our Services. Genetic Information includes the Certainty Health Results information reported to you as part of our Services, and may be used for other purposes, as outlined in Section 4 below.
Information collected through tracking technology (e.g. from cookies and similar technologies)
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you, such as your user profile ID or order number. We do this to improve services we offer you, and to improve marketing, analytics, and site functionality.
When you access our Service by or through a mobile device, we may receive or collect and store a unique identification numbers associated with your device or our mobile application (including, for example, a UDID, Unique ID for Advertisers ("IDFA"), Google Ad ID, or Windows Advertising ID), mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, phone number, and, depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device.
Third-parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use Flash Cookies (Local Shared Objects) to collect and store information. To learn how to manage privacy and storage settings for Flash cookies click here.
Google Analytics. Google Analytics is used to perform many of the tasks listed above. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions). We have enabled the following Google Analytics Advertising features: Remarketing, Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting, and DoubleClick Campaign Manager integration. We do not merge information collected through any Google advertising product with individual-level information collected elsewhere by our service. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings ("Targeted advertising" service providers). To opt out of Google Analytics entirely please use this link.
Other Types of Information.
We are always working to enhance our Services with new products, applications and features that may result in the collection of new and different types of information. We will update our privacy statement, as needed.
4. How we use and share information
Certainty Health will use and share your personal information with third-parties only in the ways that are described in this privacy statement.
Using information to provide, analyze and improve our Services
We use the information described above in Section 3 to operate, provide, analyze and improve our Services. These activities may include, among other things, using your information in a manner consistent with other commitments in this privacy statement, to:
- enable purchases and process payments, communicate with you, and implement your requests (e.g., referrals);
- host our website, run our mobile application(s), authenticate your visits, provide custom, personalized content and information, and track your usage of our Services;
- conduct analytics to improve and enhance our Services;
- offer new products or services to you, including through emails, promotions or contests;
- implement online marketing campaigns and targeted advertising, including by utilizing third-party ads (subject to your cookie settings and preferences), and to measure the effectiveness of our marketing and targeted advertising;
- conduct surveys or polls, and obtain testimonials;
- process and deliver your genetic testing results;
- perform research & development activities, which may include, for example, conducting data analysis and research in order to develop new or improve existing products and services, and performing quality control activities.
You may be able to opt-in, opt-out or otherwise adjust your preferences of having your information used for certain of these activities. Please see below to learn more.
We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
Using information with your consent
You have the choice to participate in Certainty Health Research by providing your consent. "Certainty Health Research" refers to research aimed at publication in peer-reviewed journals and other research funded by the federal government (such as the National Institutes of Health - NIH) conducted by Certainty Health. Certainty Health Research may be sponsored by, conducted on behalf of, or in collaboration with third-parties, such as non-profit foundations, academic institutions or pharmaceutical companies. Certainty Health Research may study a specific group or population, identify potential areas or targets for therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on genetic research initiatives, or otherwise create, commercialize, and apply this new knowledge to improve health care. Certainty Health Research uses your aggregate or individual-level Genetic Information and Self-Reported Information as specified in the Consent Document.
Consent process for research. Your Genetic and Self-Reported Information may be used for Certainty Health Research only if you have consented to this use by completing a Consent Document. If you have completed a Consent Document:
Certainty Health may use individual-level Genetic Information and Self-Reported Information internally at Certainty Health for Research purposes. In addition, we may allow select third-party research contractors to access your individual level Genetic and/or Self-Reported Information onsite at Certainty Health's offices for the purpose of conducting scientific research, provided that all such research contractors will be supervised by Certainty Health and subject to Certainty Health's access rules and guidelines.
When your Genetic Information and/or Self-Reported Information is being used for research purposes, it will not be linked to your Registration Information.
Withdrawing your Consent. You may withdraw your consent to participate in Research at any time by informing us of your change to the consent status. If you experience difficulties changing your consent status, contact the Human Protections Administrator at hpa@Certainty Health.com. Certainty Health will not include your Genetic Information or Self-Reported Information in new research occurring after 30 days from the receipt of your request. Any research involving your data that has already been performed or published prior to our receipt of your request will not be reversed, undone, or withdrawn. If you withdraw your consent for research your Genetic Information and Self-Reported Information may still be used by us and shared with our third-party service providers to provide and improve our Services, and shared as Aggregate Information that does not identify you as an individual.
What happens if you do NOT consent to Certainty Health Research? If you do not complete a Consent Document or any additional consent agreement with Certainty Health, your information will not be used for Certainty Health Research. However, your Genetic Information and Self-Reported Information may still be used by us and shared with our third-party service providers to provide and improve our Services, and shared as Aggregate or Anonymous Information that does not reasonably identify you as an individual.
Information we share with third-parties
General service providers. We share the information described above in Section 3 with our service providers, as necessary to provide their services to us. Service providers are third-parties (other companies or individuals) that help us to provide, analyze and improve our Services. For example, we work with third-party laboratories and contractors to process and analyze your saliva sample for purposes of generating your Genetic Information.
NOTE: Our service providers act on Certainty Health's behalf. While we implement procedures and contractual terms to protect the confidentiality and security of your information, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically.
When you purchase a testing kit from Certainty Health, you are instructed to send a saliva sample to our third-party laboratory with a unique barcode label. The unique barcode identifies you to us but not to the laboratory. We are also required to provide to the laboratory, your sex and date of birth or age pursuant to clinical laboratory requirements such as the Clinical Laboratory Improvement Amendments (CLIA). No other Registration Information (such as your name, address, email, phone number or other contact information) is required or provided to the laboratory. The receiving personnel at the laboratory will remove and discard your "sender information" from the packaging (e.g., name, address) before testing personnel receive the samples for processing. Receiving personnel do not perform testing, and testing personnel handle saliva samples that are labeled only with the unique barcode. Unless you choose to store your sample, DNA and saliva samples are destroyed after the laboratory completes its work, provided that laboratory legal and regulatory requirements no longer require the actual samples to be maintained. A de-identified copy of genotyping data will be kept in accordance with CLIA. The laboratory securely sends the resulting Genetic Information to us along with your unique barcode. Genetic Information is stored securely on our servers; the laboratory also stores your Genetic Information, but again, labeled only with the barcode.
If you wish to not have this information used for the purpose of serving you targeted ads, you may be able to opt-out of many advertising networks by visiting here and here (if you are located in Canada, click here; or if you are located in the European Union click here). Please note this does not mean that you have opted-out of being served advertising. You will continue to receive generic ads.
Aggregate information. We may share aggregate information with third-parties, which is any information that has been stripped of your Registration Information (e.g., your name and contact information) and aggregated with information of others so that you cannot reasonably be identified as an individual ("Aggregate Information"). This Aggregate Information is different from "individual-level" information. Individual-level Genetic Information or Self-Reported Information consists of data about a single individual's genotypes, diseases or other traits/characteristics information.
Information we share with commonly owned entities. We may share some or all of your information with other companies under common ownership or control of Certainty Health, which may include our subsidiaries, our corporate parent, or any other subsidiaries owned by our corporate parent in order to provide you better service and improve user experience. We may provide additional notice and ask for your consent if we wish to share your information with our commonly owned entities in a materially different way than discussed in this Privacy Statement.
Disclosures required by law
Under certain circumstances your information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders, or in coordination with regulatory authorities, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Certainty Health will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Certainty Health may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Certainty Health Terms of Service and other policies; (c) respond to claims that any content violates the rights of third-parties; or (d) protect the rights, property, or personal safety of Certainty Health, its employees, its users, its clients, and the public.
5. Your choices
Please note that you may not be able to delete User Content that has been shared with others through the Service and that you may not be able to delete information that has been shared with third-parties, though we can work with you to prohibit your data from being shared with third-parties in the future. We will respond to your request to access within 30 days.
Upon request Certainty Health will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at privacy@Certainty Health.com.
By ordering a test, you are agreeing that we may send you promotional emails about our Services. You can opt-out of receiving certain messages or notifications from us by contacting our Privacy Administrator at privacy@Certainty Health.com. You can also click the "unsubscribe" button at the bottom of promotional email communications. Please note that you may not opt-out of receiving non-promotional messages regarding your order, such as technical notices, purchase confirmations, or Service-related emails.
Information you choose to share with others
You may decide to disclose your personal information to friends and/or family members, doctors or other health care professionals, and/or other individuals outside of our Services, including through third-party services such as social networks and third-party apps that connect to our website and mobile apps through our application programming interface ("API"). These third-parties may use your personal information differently than we do under this Privacy Statement. Please make such choices carefully and review the privacy policies of all other third-parties involved in the transaction. For example, if you have enabled a Certainty Health sharing feature with another person who downloads a third-party app that uses our API, your information may also be obtained by that third-party app developer and, potentially, by other users of that third-party app.
In general, personal information, once shared or disclosed, can be difficult to contain or retrieve. Certainty Health will have no responsibility or liability for any consequences that may result because you have released or shared personal information with others. Likewise, if you are reading this because you have access to the personal information of a Certainty Health customer, we urge you to recognize your responsibility to protect the privacy of each person. It is incumbent upon all users to share personal information only with people they know and trust.
6. Important Information
Certainty Health takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of information, Certainty Health uses a range of physical, technical, and administrative measures to safeguard your Personal Information. In particular, all connections to and from our website and mobile application are encrypted using Secure Socket Layer (SSL) technology.
Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access our Services. You should not disclose your authentication information to any third-party and should immediately notify Certainty Health of any unauthorized use of your password. Certainty Health cannot secure Personal Information that you release on your own or that you request us to release.
Your information collected through the Service may be stored and processed in the United States or any other country in which Certainty Health or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.
In the event that Certainty Health goes through a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets, your information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
Certainty Health provides links to third-party websites operated by organizations not affiliated with Certainty Health. Certainty Health does not disclose your information to organizations operating such linked third-party websites. Certainty Health does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by Certainty Health.
Certainty Health is committed to protecting the privacy of children as well as adults. Neither Certainty Health nor any of its Services are designed for, intended to attract, or directed toward children under the age of 13. A parent or guardian, however, may collect a saliva sample from, and provide information related to, his or her child. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to Certainty Health about his or her child is kept secure and that the information submitted is accurate.
Changes to this Privacy Statement
Whenever this Privacy Statement is changed in a material way, a notice will be posted on the website for 30 days. After 30 days the changes will become effective. In addition, all customers will receive an email with notification of the changes prior to the change becoming effective.
7. Contact Information
If you have questions about this Privacy Statement, please email Certainty Health's Privacy Administrator at email@example.com, or send a letter to:
Certainty Health, LLC
7730 E. Greenway Rd Suite 205