Last Updated: Feb 2, 2019

If you are an individual, the terms “you” and “your” apply to you.  If you are acting on behalf of an entity, these terms apply to that entity.

Genosity Inc., including its subsidiaries (referred to collectively as “Genosity,” “we” or “us”) is committed to protecting your privacy. This document informs you of our policies regarding the collection, use, and disclosure of personal data when you use our websites including, www.Genosity.com and services offered through our Gateway Portal, LIMS, Genome Explorer and Cortex platforms (collectively called “Services”), and the choices you have associated with that data.

ACCEPTANCE

Before using our Services, please read Genosity’s Terms of Use, or to the extent you are using Genosity’s Gateway Portal, LIMS, Genome Explorer (Pipeline, Case Analyzer, Report Builder) and Cortex, the asso­ciated Terms of Use. By accepting the applicable Terms of Use, you agree with our privacy practices as described in this Policy statement. If you do not agree with the terms of this statement, please do not access or use our websites or our Services.  Your use of the Services after you have viewed this docu­ment constitutes your acceptance of our privacy Policy.

POLICY UPDATES

Genosity may update this Policy statement from time to time. All updates will be posted on the first web page of this document. If we make any material changes, we will notify you by e-mail (sent to the e-mail address specified for your account) or by means of a notice on our websites prior to the update becom­ing effective. Your continued use of our websites after we have posted an update notice on the same constitutes your acceptance of such update.

Genosity may provide additional “just-in-time” disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify Genosity’s privacy practices or may provide you with additional choices about how Genosity processes your information. If you have any questions, please contact us at info@genosity.com.

TYPES OF INFORMATION WE COLLECT

Throughout this Policy statement we use the term “personal information” to describe data that iden­tified you or makes you identifiable. The definition of personal information depends on the applicable law based on your physical location and may include other types of information such as your IP address. Only the definition that applies to your physical location will apply to you under our Policy.

This Policy statement covers all personal information that you voluntarily submit to us, and does not apply to data that cannot be used to identify you, such as aggregated data. Except as described in this Policy statement, Genosity will not transfer, give, sell, rent or loan any personal information to any third party.

We may collect the following types of information:

Information you provide voluntarily: We collect personal information that you voluntarily provide to us, such as your inquiries through our website, information you provide about your business, suggestions for improvements, referrals, survey responses, or any other actions performed by you on our websites or in utilizing our Services.

Genomic Data: Genomic Data consists of genomic sequences, exomes, variant files, specific DN/ or RNA sequences, gene sets and variant sets, as well as associated sample information, annotations, demo­graphic descriptions (e.g., age, gender, ethnicity, background, etc.), phenotypic descriptions (e.g., disease conditions, health-related information, personal traits, family history) and other data that might be uploaded by you in connection with any such sequence data.

Communications between you and Genosity: We collect personal information you submit when con­tacting us (such as your name, contact information and any other information you choose to submit). We collect communications between us, including any files or attachments we exchange. For example, we may send you Service-related e-mails such as account verification, changes/updates to features of our Services, technical and security notices.

Registration information: When you set up an account to use our Services, we collect personal informa­tion such as your name, date of birth, billing and shipping address, and contact information such as your e-mail and phone numbers. This information is combined with other personal information and protect­ed health information that you provide to our websites in order to gain access to test results, check the status of your orders, upload relevant documents, pay your bills, manage wet-lab and bioinformatics workflows, and write result reports.  Protected health information is used in accordance with the Health Information Portability and Accountability Act (“HIPAA”) and other applicable laws governing patient privacy.

Payment information. When you place an order with us or engage in transactions via our Services, we collect your payment information through our websites (such as payment card, billing, and shipping information in addition to your contact information).

Device information: When you use a mobile device (e.g., a tablet or smartphone) to access our Services, we may collect information about your device. We may collect information about your device’s hard­ware, operating system or software, device name, unique device identifier, your mobile network infor­mation and any other information about your device’s interaction with our Services. Some features of the Services may not function properly if use or availability of device identifiers is impaired or disabled.

Information about your use of the Services: When you browse our websites, our system automatically collects information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, domain names, referring and exit pages and URLs, platform type, pages viewed and the order of these page views, the amount of time spent on particular pages, the date and time of your request and one or more cookies that may uniquely identify your browser. We may collect this information through third-party analytics tools. This information is used to analyze trends, administer our websites, improve the design of our websites, and otherwise enhance our Services.

Cookie Policy: We use technologies like cookies, web beacons and pixel tags to gather information about how you are interacting with our Services, which may include identifying your IP address, browser type, and referring page.

Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows us or a third party to recognize you and make your next visit easier, and make our websites more useful to you. There are different types of cookies utilized by our Services as described below:

Analytical/performance cookies: They allow us to recognize and count the number of visitors and see how visitors move around our websites. This helps us improve the way the websites work, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies: These are used to recognize you when you return to our websites, so we can remember your information and auto-populate forms for you.

Targeting cookies: These cookies record your visit to the websites, the pages you have visited, and the links you have followed. We use this information to make content displayed more relevant to your interests. We may also share this information with third parties for this purpose.

Third Party Cookies: Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis) may also use cookies, over which we have no control. We suggest you check the third-party websites for more information about their cookies and how to manage them. Below is a list of some of the third-party partners who may set cookies on your device:

  • Facebook: Facebook uses cookies to anonymously record that a user has clicked on a Facebook ad link that referred the user to any Genosity website. For further information, use this link: https://www.facebook.com/help/cookies
  • Twitter: Twitter uses cookies to anonymously record that a user has clicked on a Twitter ad link that referred the user to any Genosity website. For further information, use this link: https://twitter.com/privacy
  • LinkedIn: LinkedIn uses cookies to anonymously record that a user has clicked on a LinkedIn ad link that referred the user to a Genosity website. For further information, use this link: https://www.linkedin.com/legal/cookie-policy
  • Google: Google uses cookies to anonymously record that a user has clicked on a Google link that referred the user to a GENOSITY website. For further information, use this link: https://www.google.com/policies/technologies/cookies

Aggregate Website data collection: On a sitewide basis, our servers automatically collect information created by use of our websites and compile anonymous aggregate website statistics.

CHILDREN’S INFORMATION

Our websites are directed toward adults and are not designed for, intended to attract, or directed toward children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before using or accessing our websites. If we become aware that we have collected any personal information from children under 16, we will promptly remove such information from our databases.

HOW IS YOUR INFORMATION USED?

Your personal information may be used for the following purposes:

  1. To provide our Services to you: We process your personal information to provide you with the Services that you request. We share this information with third-party services upon your request, or our service providers or partners to the extent necessary to provide you with our Services. We cannot provide you with our Services without processing your personal informa­tion.
  2. To inform you about research opportunities and clinical trials:  If you are a healthcare provider or patient ordering our Services, we may contact you about research opportunities, clinical trials, or clinical treatments for you or your patients when appropriate.
  3. To contact you about our Services: When you sign up for our Services, we will send you admin­istrative or account-related information to keep you updated about our Services. As service-related communications are not promotional in nature you are not able to unsubscribe from such communications; otherwise you may miss important developments relating to your account or our Services that could affect your use of our Services.
  4. To respond to your inquiries and provide customer service: When you contact us, such as with questions, concerns, feedback, disputes or issues, we process your information. Without your personal information, we cannot respond to you or ensure your continued use and enjoyment of our Services.
  5. To enforce our terms, agreements or policies: We process your personal information to actively monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities on our websites; investigate, prevent, or mitigate violations of our terms, agreements or policies; enforce our agreements with third parties and partners. We cannot provide our Services in accordance with our terms, agreements or policies without processing your personal information for such purposes.
  6. To ensure the security of the Services: We process your personal information to combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity so that unauthorized users do not access your account with us. We cannot ensure the security of our Services if we do not process your personal informa­tion for security purposes.
  7. To maintain legal and regulatory compliance: Certain laws or regulations apply to our Services that may require us to process your personal information. For example, we process your per­sonal information to fulfill our business obligations, ensure compliance with employment and recruitment laws, or as necessary to manage risk as required under applicable law. Without processing your personal information for such purposes, we cannot perform our Services in accordance with legal and regulatory requirements.
  8. To personalize your experience on our websites: We use cookies and similar tracking techno­logy to personalize your experience on our websites – please see our Cookie Policy for more information. By personalizing our Services, you more benefit from our Services because we keep track of your preferences (e.g., your language selection, your time zone, etc.). Without pro­cessing your personal information for such purposes, you may not be able to access or personalize part or all of our Services.
  9. To conduct research and development: To continue to provide you with our innovative Ser­vices, we may collect information about the way you use and interact with our Services for research and development purposes. Research and development help us improve our Services and build new Services with customized features. We take additional security measures when processing your personal information for such purposes, by de-identifying your information, limiting access to personnel that may conduct research and development, and applying other technical, physical, and administrative security measures. Without processing your personal information for such purposes, we cannot make these improvements.
  10. Aggregated Data: Genosity may publish and otherwise disclose (a) on an aggregated basis, information regarding usage of the Services and related subjects of interest to you and others, (b) aggregated data and statistics regarding genomic analysis (excluding any protected health information in both cases). Genosity may also disclose within the applicable Services them­selves, enhanced annotations and database information derived from you and other users’ usage of the Services.  Such information does not identify you.
  11. To engage in marketing activities: To share information about our Services with you, we may process your contact information or information about your interactions with our Services to send you targeted marketing communications; provide you with information about events, webinars, or other materials; and keep you updated about our Services. You can opt out of our marketing activities at any time by contacting us at info@genosity.com.

If in the future, we use your personal information in any way that is not described in this Policy state­ment, we will first disclose this to you. At that time, you can choose not to allow us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or for which we subsequently obtained your consent.

If you choose to limit the ways we can use your personal infor­mation, some or all of our Services may not be available to you.

INFORMATION SHARING

Genosity may disclose your personal information as described below.

Contractors and Agents: We may employ other companies and individuals to perform functions or otherwise act on our behalf. Examples include online data storage and processing, processing payments, resolving service problems, correcting errors related to the execution of the Services, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing market­ing assistance (including data concerning marketing and promotional programs), developing or hosting websites or software, providing customer service, assisting Genosity with providing, administering, developing or improving the Services, and/or for other purposes within the ordinary course of business. These third parties have access to the protected health information and other information needed to perform their functions on our behalf. We use reasonable efforts to require these companies to (1) pro­vide adequate protections for your protected health Information that are no less protective than those set out in this Privacy Policy statement and (2) use your protected health Information only for the purposes for which the third party has been engaged by us; but do not otherwise guarantee that any entity receiving such information in connection with one of these transactions will abide by this Policy. We are not liable for the acts or omissions of these third parties, except as provided by applicable law.

 Affiliated businesses: We may share your personal information with affiliated businesses which may use your information to help provide, understand, and improve our Services and the affiliates’ own services.

Change of control: We may share your personal information with a subsequent owner, co-owner, or operator of our Services, or in connection with a corporate merger, consolidation, or restructuring, financing, acquisition, divestiture, or dissolution of all or some portion of our business; or other corpor­ate change. In the event of such a change, we will notify you of any choices you may have regarding your information.

Safety and legal compliance: We may share your personal information if we believe that such disclosure is necessary to comply with any applicable laws, regulations, legal processes or requests by public auth­orities (e.g., law enforcement, tax authorities, etc.); protect you, us or our other users’ rights or pro­perty, or to protect our Services, agreements or policies. 

Your consent or actions: We will share your personal information with companies or individuals when we have your consent to do so. Any information or content that you voluntarily disclose for posting to our Services, such as blog comments or social media posts on our social media profiles, become avail­able to the public.

Anonymous or aggregate data: We may share anonymized or aggregated information with any third parties. Such information no longer reasonably identifies you.

USE AND DISCLOSURE OF DE-IDENTIFIED INFORMATION

“De-identified” information is data we have stripped of your personally-identifiable information, such as your name, address, or birthdate. We may use de-identified information that we have obtained from our Services for various purposes, including for example:

For quality control & validation: In accordance with regulatory requirements, we may de-identify, store and use patients’ samples and information for internal quality control, validation, and research and development. This is important for Genosity to maintain high quality genetic testing and to develop new genetic tests.

In accordance with regulatory requirements, we may also share de-identified patients’ samples and information with other laboratories for quality assurance and validation purposes. Such sharing is essential to having high-quality genetic testing within the community of testing laboratories.

For research purposes: We may contribute de-identified genetic variants that we have observed in the course of providing our Services to publicly available databases such as ClinVar. We do this to increase understanding and raise awareness of the significance of genetic variants within the medical and scientific communities.

We may use or disclose de-identified patient information for general research purposes. This may include research collaborations with third parties such as universities, hospitals or other laboratories, in which we utilize de-identified clinical cases, at the individual level or in the aggregate, in accordance with our study protocols; and we may present or publish such information. This may also include com­mercial collaborations with private companies for purposes such as to determine the prevalence of particular disorders or variants among the patients we have tested, or to determine whether any of the patients we have tested might be suitable for potential recruitment for research, clinical trials, or clinical care; however, we will not directly contact these patients about these opportunities without their prior written consent.

THIRD PARTY INFORMATION

You agree that you have provided notice to, and obtained consent from, each individual whose personal information you supply to us, and informed that individual of (a) the purposes for which such personal information has been collected; (b) the intended recipients or categories of recipients of such personal information; (c) which of the individual’s personal information must be provided and which information, if any, is optional; and (d) how the individual can access and, if necessary, revise the personal informa­tion provided.

LINKED WEBSITES

Our websites may contain links to external websites. Genosity does not maintain these external sites and is not responsible for the privacy practices of sites that it does not operate. Please refer to the specific privacy policies posted on these sites.

DATA RETENTION

We retain your personal information for as long as we need it to provide you our Services, to serve the purposes for which your personal information was processed, or as necessary to comply with our legal obligations, resolve disputes, or enforce our agreements to the extent permitted by law. We generally store information used for marketing purposes indefin­itely until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request.

SECURITY

We use reasonable technical, administrative and physical measures to protect information contained in our system against unauthorized access, misuse, loss or alteration. Information that you provide through our websites is encrypted using industry-standard Secure Sockets Layer (SSL) technology, with the exception of information you send via e-mail. Your information is processed and stored on servers with restricted access. Unfortunately, no method of electronic transmission is 100% secure, so we cannot guarantee the security of any information you transmit to our websites, and you do so at your own risk.

Protecting your personal information is also your responsibility. You should keep your username, pass­word, ID numbers, or other access credentials secure as Genosity cannot secure personal information that you release on your own or that you request us to release. If we receive instructions using your log-in information we will consider that you have authorized the instructions.

YOUR RIGHTS

Genosity takes reasonable steps to allow you to correct, amend, delete, or limit the use of your personal information. If you wish to be informed what personal information we have collected about you or if you want it to be removed from our systems, please contact us by phone, email, or on our websites’ “contact us” page. In certain circumstances, you have the right:

  • To access and receive a copy of the personal information we hold about you.
  • To correct any personal information that is inaccurate.
  • To request the deletion of personal information.
  • To request a copy of the information be sent to you in a commonly used electronic format.

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

We may store, process and transmit personal information in locations around the world, including locations outside of the country or jurisdiction where you are located. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Services.

We transfer your personal information subject to appropriate safeguards as permitted under the applicable data protection laws. Specifically, when your personal information is transferred out of the location where it was initially stored, we have the required contractual provisions for transferring personal information in place with the third parties to which your information is transferred. For such transfers, we rely on legal transfer requirements or agreements, or we work with U.S.-based third parties that are certified under the European Union-US and Swiss-US Privacy Shield Framework. With respect to personal information subject to the European Union General Data Protection Regulation (“GDPR”), transfers of such personal information outside the European Economic Area (“EEA”), which includes the European Union, are made subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the European Union Commission in accordance with the GDPR.

LIMITATION OF LIABILITY

Even though Genosity takes reasonable steps to prevent your information covered by its Privacy Policy from being accessed, used, intercepted or disclosed by unauthorized individuals, we cannot fully eliminate security risks associated with your information.

BY ACCEPTING THE PRIVACY POLICY DESCRIBED IN THIS STATEMENT, YOU AGREE THAT UPLOADING, POSTING, PROVIDING, STORING, USING, ANALYZING AND/OR MODIFYING YOUR PERSONAL AND OTHER INFORMATION ON OR INTO OUR WEBSITES AND SERVICES ARE ALL DONE AT YOUR SOLE RISK AND RESPONSIBILITY. YOU AGREE THAT GENOSITY IS NOT LIABLE FOR (I) ANY SPECIAL, INDIRECT, CONSE­QUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, COSTS, OR LIABILITIES WHATSOEVER ARISING OUT OF OR RESULTING FROM YOUR USE OF OUR WEBSITES AND SERVICES OR (II) ANY LOSS, DISCLOSURE OR USE OF YOUR PERSONAL OR OTHER INFORMATION.  GENOSITY MAKES NO REPRESENTATION OR WARRANTY OF ANY KIND AS TO UNAUTHORIZED ACCESS TO YOUR INFORMATION.

EUROPEAN ECONOMIC AREA PERSONAL INFORMATION TRANSFER POLICY

Genosity complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Privacy Shield Frame­work as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from EEA member countries; namely the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  To learn more about the Safe Harbor program, and to view the Genosity certification, please visit http://www.export.gov/safeharbor/

Safe Harbor: The United States Department of Commerce and the European Commission have agreed on a set of data protection principles (the “U.S.-EU Safe Harbor Principles”) and frequently asked ques­tions (collectively the “U.S.-EU Safe Harbor Framework”) to enable U.S. companies to satisfy the require­ment under European Union law that adequate protection be given to personal information transferred from the EU to the United States. The EEA also has recognized the U.S. Safe Harbor as providing ade­quate data protection. The United States Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland have agreed on a similar set of data protection principles (the “U.S.-Swiss Privacy Shield Principles”) and frequently asked questions (collectively the “U.S.-Swiss Pri­vacy Shield Framework”) to enable U.S. companies to satisfy the requirement under Swiss law that adequate protection be given to personal information transferred from Switzerland to the United States. Consistent with its commitment to protect personal privacy, Genosity adheres to the U.S.-EU Safe Harbor Framework and U.S.-Swiss Privacy Shield Principles (hereinafter “Safe Harbor Princi­ples”).

Scope: This Safe Harbor Privacy Policy is in addition to, and not in replacement of, our Privacy Policy as previously described.  It applies to all personal information received from persons in the European Economic Area.

Notifications: Where Genosity collects personal information directly from individuals in the EEA, it will notify them about the purposes for which it collects and uses personal information about them and the choices and means, if any, Genosity offers them for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Genosity, or as soon as practicable thereafter, and in any event before Genosity uses or discloses the information for a purpose other than that for which it was orig­inally collected, or to a non-agent third party.

Where Genosity receives personal information from its affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.

DEFINITIONS

“Agent” means any third party that collects or uses personal information under the instructions of, and solely for Genosity or to which Genosity discloses personal information for use on its behalf.

“Affiliate” means any individual, corporation, company, partnership, trust, limited liability company, association or other business or research entity which directly or indirectly controls, is controlled by or is under common control with Genosity.

“Personal information” means any information that identifies or is used by or on behalf of Genosity to identify an individual. Personal information does not include information that is encoded , de-identified, anonymized, or publicly available through no fault on the part of Genosity.

“Sensitive personal information” means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life. In addition, Genosity will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.

LIMITATION TO INTENDED USE

Genosity will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the corresponding individual; and take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current. We will only collect and store personal information that is relevant to fulfill the purpose of the request.

ENFORCEMENT

Genosity will conduct compliance audits of its relevant privacy practices to verify adherence to its Privacy Policy, and promptly take steps to correct any deficiency found by the audits.

CONTACT INFORMATION

If you have any questions about this policy statement, please contact us via email at info@genosity.com or write to us at Genosity Inc., 485F Route 1S, Suite 110, Iselin, NJ, 08830.

Bitnami