1. Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified. 2. De-identified Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual, also known as pseudonymized information. 3. Individual-level Information: information about a single individual’s genotypes, diseases or other traits/characteristics, but which is not necessarily tied to Registration Information. 4. Personal Information: information that can be used to identify you, either alone or in combination with other information. Doctor Directed collects and stores the following types of Personal Information:
Registration Information: information you provide about yourself when registering for and/or purchasing our Services (e.g., name, email, address, user ID and password, and payment information).
Genetic Information: information regarding your genotypes generated through processing of your Test Kits by Doctor Directed or by its affiliates, contractors, successors, or assignees; or otherwise processed by and/or contributed to Doctor Directed.
Self-Reported Information: information you provide directly to us, including your disease conditions, other health-related information, current medications you may be taking, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your Doctor Directed.
Sensitive Information: information about your health, Genetic Information, and certain Self-Reported Information, such as racial and ethnic origin, and sexual orientation.
User Content: all information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials – other than genetic Information and Self-Reported Information – generated by users of Doctor Directed Services and transmitted, whether publicly or privately, to or through Doctor Directed.
Web-Behavior Information: information on how you use Doctor Directed Services collected through log files, cookies, web beacons, and similar technologies, (e.g., browser type, domains, page views).
INFORMATION WE COLLECT
Doctor Directed collects personally identifiable information, such as your e-mail address, name, home or work address, telephone number, and other information you may provide to us, including but not limited to services of interest to you, and/or medications you may be taking. Doctor Directed also collects anonymous demographic information, which is not unique to you, such as your ZIP code, age, gender, preferences, interests and favorites.
We collect Web-Behavior Information via cookies and other similar tracking technologies when you use and access our Site (our website, products, and other services).
Doctor Directed also collects information you share directly with us. We collect and process your information when you or your healthcare provider place an order for one of our products or services, create an account, complete research surveys, contact Doctor Directed, or when you are contacted by Doctor Directed. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content.
Doctor Directed or its affiliates, contractors, and assignees may collect information from DNA testing services offered through the Site. With your consent, you, we or our affiliates, extract your DNA from your Test Kits and analyze it to produce your Genetic Information in order to provide you or your doctor with the results for the ordered product.
HOW WE USE INFORMATION
We generally process Personal Information for the following reasons:
To provide our Services. We process Personal Information in order to provide our Service, which may include, without limitation, processing payments, shipping kits to you or your doctors, creating customer accounts and authenticating logins, analyzing buccal swab samples and DNA, generating test reports, and delivering results.
To analyze and improve our Services. We constantly work to improve and provide new reports, tools, and Services. We may also need to fix software bugs or issues, analyze use of our website to improve the customer experience or assess our marketing campaigns.
For Doctor Directed Research. Doctor Directed researchers can include your de-identified Genetic Information and Self-Reported Information in a large pool of customer data for analyses aimed at making scientific discoveries so we can continue to help improve patient outcomes.
For Interest-based Advertising, with the ability to opt out. We use third parties such as network advertisers to serve advertisements on third-party websites or other media (e.g., social networking platforms). This enables us and these third parties to target advertisements to you for products and services in which you might be interested. Users in the United States may opt out of many third-party ad networks.
ACCESS TO YOUR INFORMATION
Your Personal Information may be shared information in the following ways:
With our service providers, as necessary for them to provide their services to us.
With research collaborators, only if you have given your explicit consent.
With third party advertising networks, as necessary for them to accurately target you with advertising based on your interests.
Doctor Directed will not sell, lease, or rent your identifiable individual information to any third party without your explicit consent.
HOW WE SECURE INFORMATION
Doctor Directed implements reasonable and appropriate measures and systems to ensure confidentiality, integrity, and availability of Doctor Directed data, in compliance with applicable laws. In particular, the connections to and from our website where we collect and exchange data are encrypted using Apollo LIMS technology. We also ensure that all data collected is stored in accordance with HIPAA and other healthcare laws and regulations.
INFORMATION SHARED WITH THIRD PARTIES
General service providers. We share the information described above with our third party service providers, as necessary for them to provide their services to us and help us perform our contract with you. Service providers are third parties (other companies or individuals) that help us to provide, analyze and improve our Services. While Doctor Directed directly conducts the majority of data processing activities required to provide our Services to you, we engage some third party service providers to assist in supporting our Services, including in the following areas:
Cloud storage, IT, and security. Our cloud storage providers provide secure storage for information in Doctor Directed databases, ensure that our infrastructure can support continued use of our Services by Doctor Directed customers, and protect data in the event of a natural disaster or other disruption to the Service. NOTE: Our service providers act on Doctor Directed’s behalf. We implement procedures and maintain contractual terms with each service provider to protect the confidentiality and security of your information. However, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically.
Aggregate information. We may share Aggregate Information, which is information that has been stripped of your name and contact information and combined with information of others so that you cannot reasonably be identified as an individual, with third parties. This Information is different from “Individual-level” information and is not Personal Information because it does not identify any particular individual or disclose any particular individual’s data.
Information we share with commonly owned entities. We may share some or all of your Personal Information with other companies under common ownership or control of Doctor Directed, which may include our subsidiaries or affiliates, in order to provide you better service and improve user experience. Generally, sharing such information is necessary for us to perform our contract with you. We may provide additional notice and ask for your prior consent if we wish to share your Personal Information with our commonly owned entities in a materially different way than discussed in this Privacy Statement. As required by law. Under certain circumstances, your Personal Information may be subject to processing pursuant to laws, regulations, judicial or other government subpoenas, warrants, or orders. Doctor Directed will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Doctor Directed may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Doctor Directed Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of Doctor Directed, its employees, its users, its clients, and the public.
Business transactions. In the event that Doctor Directed goes through a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets your Personal Information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement. Third Party and Digital Advertising. We may partner with third-party advertising networks to manage our advertising on other sites. We may also share information about you with third parties only in ways expressed in this statement. We do this in order to have those third parties, directly serve advertising to you on their websites on our behalf. SECURITY
Doctor Directed takes seriously the trust you place in us. In order to maintain data accuracy, and to ensure the appropriate use of information, Doctor Directed uses a variety of reasonable technical, physical and administrative measures to safeguard your Personal Information, in accordance with current technological standards, and in full compliance with applicable Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Genetic Information Nondiscrimination Act of 2008 (GINA) requirements. While we use commercially reasonable and appropriate means to protect your personal information, we cannot guarantee its absolute security.
Your information collected through the Service may be stored and processed in the United States or any other country in which Doctor Directed or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions, which may be different from the laws of your country of residence.
Doctor Directed is committed to protecting the privacy of children as well as adults. Neither Doctor Directed nor any of its Services are designed for, intended to attract, or directed toward children under the age of 18. A parent or guardian, however, may collect a buccal swab sample from, and provide information related to, his or her child who is under the age of 18. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to Doctor Directed about his or her child is kept secure and that the information submitted is accurate.