Privacy and Security Policy
Generally speaking, personal information is any data that can be used to identify or contact you. However, while our Policy broadly addresses all types of personal information that we may collect, some of the data we describe below may not be considered personal information according to the data protection laws of the jurisdiction in which you reside. Therefore, you should understand that certain parts of this Policy will not apply to you depending on the laws of the jurisdiction in which you reside.
Depending on the Services you use and the jurisdiction in which you reside, we collect different kinds of personal information from you. Examples of personal information include: name, address, email address, phone number, social security number or credit card number. Some examples of personal information that Counsyl may collect include:
- Registration information. You will need to register for a user account for Counsyl to seek your physician’s authorization for our Services or to access test results that your physician previously ordered. To create a user account or verify your identity, you must provide us with, at least but not limited to, your name, email address, date of birth, phone number and/or password.
- Medical history and test result information. We collect personal information from you or your physician about your personal and family history and eligibility for genetic testing, your insurance information, and other information we may need to perform Services or issue test results. Additionally, we collect information about your interactions with our support services and notes from any genetic counseling sessions you may have with our Genetic Counselors. In some instances, your test results may be made available to you through the Site.
- Payment information. For instance, when you order a test, you will need to provide us with either credit card or health insurance information for payment, a billing address, the name and location of your physician.
- Additional information you provide to us. We collect any information you voluntarily provide to us when you use our Services. For example, we may collect information when we receive a request for a kit or financial assistance, from your use of our Sites or Services, or from your healthcare provider as authorized by you. When we require certain data fields to be completed, it is because they are relevant to providing you with the assistance that you are requesting – any information you provide to us that is not required is voluntary.
We receive and store certain types of information automatically, such as whenever you interact with the Site or use the Services. For example, we automatically receive and record information on our server logs from your browser, including your IP address, and the page you requested. We may use identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third party site or in a Counsyl-generated email presented to you. Depending on the jurisdiction in which you reside, this information may or may not be considered personal information.
To collect information about you automatically, we and our third party service providers may use a variety of tracking technologies (often referred to as “Cookies”) to enhance the user experience of our Sites, to help us improve our Sites and Services, and to perform certain functionalities as a part of our Services. Such tracking technologies may collect and store information about your use of our Services, such as log data, device information, and location information. This information may be stored or accessed using technologies that may be downloaded to your computer or mobile device whenever you visit or interact with the Site or Services.
Here are some of the ways we use your personal information:
- Providing, developing and improving our Services. When we collect registration information or other information about your use of our Services, we use this information to provide, further develop, and improve our Services. Some of the ways we use your information include, but are not limited to:
- We use your registration information to create your account, verify your identity, acquire authorization from your physician, and to assist us in providing a comprehensive genetic report;
- We use your account information to communicate with your healthcare provider to facilitate the use of our Services, or to determine the adequate course of care for you, to facilitate the submission of your claim, or to provide you with your test report;
- We use your billing information to process claims with your insurer and pay for Services, if you have instructed us to do so;
- We use your contact information to communicate with you;
- We use your survey information to allow your physician to make an assessment of your inherited genetic risk factors;
- We use payment information to process your payment by credit card or by insurance carrier, and to send the test kit to you.
- Communications with you. Our communications with you are often transactional or relationship messages, such as communications about billing, genetic counseling appointments, screen results, surveys, customer service, support, or other Service-related notifications. You may not be able to opt-out of receiving certain important Service-related messages that are specific to your results or account. If you sign up to receive marketing or informational announcements from us, such emails will include the capability to opt-out of receiving such e-mails in the future.
- Advertising. To better advertise our Services, we use your personal information to measure the success of certain ads or services.
- Improving safety and security. We will use your personal information to generally improve the safety and security of our Services. In addition, we may use your personal information to verify an account, or investigate a complaint, violation of our policies or suspicious activities.
As mentioned above, Counsyl collects cookies. Cookies are small files, typically of letters and numbers, downloaded onto your computer or mobile device when you visit certain websites. When you return to these websites — or visit other websites that use the same cookies — the websites recognize these cookies and your browsing device.
- Make the Services work properly for you and enable you to make use of the secure Services that we provide;
- Collect data about your use of the Services which is used to help us improve our Services;
- Remember your preferences and make the Services easier for you to use.
In addition, our Services include cookies that are placed by third-party service providers to enhance the information we present online. We do not control the types of information collected and stored by these third-party cookies.
You can learn about the cookies we use and how to manage them below.
- Strictly Necessary Cookies. These cookies are essential, as they enable you to move around our Services, and use its features, such as accessing secure areas. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing or for remembering where you have been on the internet. This category of cookie is essential for Counsyl Services to work, thus they cannot be disabled.
- Performance/Analytics Cookies. These cookies collect information about how you use a website. For example, the cookies will collect which pages you go to most often and if you get error messages from certain pages. These cookies do not gather information that identifies you. The information these cookies collect is anonymous and is only used to improve how our Services work. These cookies are not used to target you with online marketing. Without these cookies we can’t learn how our Services are performing and make relevant improvements that could better your browsing experience.
- Functionality Cookies. These cookies allow us to remember choices you make and tailor our Services to provide enhanced features and content to you. For example, these cookies can be used to remember your user name, language choice or country selection.These cookies are not used to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
- Targeting/Advertising Cookies. These cookies are used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement, as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information may be shared with other organizations, such as advertisers. This means that after you have been to our Services, you may see some advertisements about our Services elsewhere on the Internet.
- 1.Our Cookies (first party cookies). You can use the browser with which you are viewing this website to enable, disable or delete cookies. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of the website. Also, if you disable cookies other parts of the Services may not work properly. You can find more information about how to change your browser cookie settings at http://www.allaboutcookies.org.
- Third-Party Cookies. For more information about third-party advertising networks and similar entities that use these technologies, see http://www.aboutads.info/consumers,and to opt-out of such ad networks’ and services’ advertising practices, go to http://www.aboutads.info/choices. Once you click the link, you may choose to opt-out of such advertising from all participating advertising companies or only advertising provided by specific advertising companies.
We understand how important your privacy is, which is why we take care in safeguarding your personal information. Counsyl employs physical, technical and administrative safeguards to secure the personal information you entrust to us and protect it from unauthorized access, use, disclosure, alteration, or destruction. For example, personal information you provide to Counsyl through our website is encrypted using industry standard Secure Socket Layer (“SSL”) technology.
We will only share your personal information if we receive your consent, or in the following circumstances:
- Healthcare provider or other entities authorized by you. We will share your personal information on your behalf with any healthcare provider, entity, or person authorized by you. Some examples of the types of sharing we will do on your behalf include, but are not limited to, sharing your: (i) test with your healthcare provider if they have requested your test results, and have authorization to do so; (ii) applicable information with your insurer if you have identified them as the billing party, and (iii) your partner with whom you’ve merged your results and/or your partner’s healthcare provider.
- Third-party vendors and service providers. We contract with third-party vendors and service providers so they can provide services that are necessary to our provision of Services. Without specific authorization and/or consent, we limit the rights of our agents to use any personal information we share with them to that which is minimally necessary to assist us. These third-parties are required by contract and, in some cases, state and/or federal law, to protect the personal information we share with them and only use it for that purpose.
- Affiliated businesses we own. We may provide your personal information to affiliated business we own in order to provide you with Services or to assist or improve our Services.
- Affiliated businesses we do not control. In order to provide you with the optimal user experience, we anticipate that we may become affiliated and work closely with a variety of third party businesses. In certain situations, these businesses may sell products or services to you through the Sites. In other situations, we may provide services, or sell products, jointly with affiliated businesses. If or when we would like to share your personal information for such marketing purposes with affiliated parties, we will ask for your consent.
- Protect Counsyl and comply with legal obligations. We may disclose your personal information if we believe, after due consideration, that doing so is reasonably necessary to enforce or apply our conditions of use and other agreements, to protect the rights, property, security, or safety of Counsyl, our employees, our users, or others, or to comply with a law, regulation, valid legal process, or law enforcement requests or investigations. This includes exchanging information with other companies and organizations for fraud protection, security, spam, detection or suppression, and credit risk reduction. If we are going to release your personal information, we will do our best to provide you with notice in advance, unless we are prohibited by a law enforcement agency or court order from doing so.
- Merger, bankruptcy or corporate reorganization. In a business transaction, such as a merger, acquisition, bankruptcy, consolidation, sale of assets, or corporate reorganization, we may transfer or sell your personal information as an asset to such transaction. In the event this happens, this Policy will continue to apply to the personal information collected
Counsyl does not track its customers over time and across third party websites to provide targeted advertising and therefore the Site does not currently respond to a Do Not Track (“DNT”) or similar signals.
We are subject to multiple laws on the retention of data. Accordingly, we retain any personal information collected about you for as long as we are required to maintain it for regulatory and compliance purposes or for a legal or business necessity.
Children under the age of 16 may not use this Site. If you are aware of a child under the age of 16 accessing this Site, please contact us at firstname.lastname@example.org so we can take action to prevent such access.
Our Services have links to other websites that we do not own or control. We are not responsible for the content on those websites, nor do we review or endorse such websites. You are strongly encouraged to read the privacy policies of such third parties to understand how they handle your personal information.
Pursuant to the Privacy Shield Principles, we will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take all reasonable steps to ensure that personal information we process is limited to only what is relevant to the purposes for which it was collected and that it is accurate, complete, and up-to-date.
If you are a European data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. Our independent dispute resolution mechanism is the International Centre for Dispute Resolution (“ICDR”), operated by the American Arbitration Association (“AAA”). For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Framework.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
For EU data subjects, any cases of onward transfer of personal information to third parties pursuant to Privacy Shield may mean Counsyl is potentially liable.
Thus, when Counsyl contracts with third parties and service providers, we make sure that our agreements limit and specify the purpose(s) for processing your personal information consistent with any notice provided to you and your consent. In addition, third parties will be contractually required to provide the same level of protection as the Principles and this Policy, or they will have to notify us if they can no longer meet these obligations.
If the third party is an agent, then Counsyl will also take reasonable and appropriate steps to ensure that the agent effectively processes your personal information consistent with the Principles and this Policy. In the event that a third party cannot provide the same level of protection, then Counsyl will require that the third party cease processing your personal information or take reasonable and appropriate steps to remediate.
Upon request by the Department of Commerce, Counsyl will also provide a summary or a representative copy of the relevant privacy provisions of its agreement with a third-party agent.
We will investigate and work expeditiously to resolve any complaints or disputes in accordance this Policy.
We will conduct compliance audits of our relevant privacy practices to verify adherence to this Policy and the Principles. Any employee that we determine is in violation of this Policy and the Principles will be subject to disciplinary action up to and including termination of employment.
To extent European data subjects are not satisfied with the way we have handled their matter, they should contact the ICDR/AAA, our independent dispute resolution mechanisms identified above. The services of the Privacy Shield recourse mechanism are provided to you at no cost. We promise to do our best to remedy any problems arising out of the failure to comply with the Principles, including taking responsibility for a third-party agent’s processing of personal information received under the Privacy Shield.
All users are able to add, update, or delete certain personal information we have collected about them or their use of the Site or Services. If you would like us to add, update, or remove your personal information from our system, please send an e-mail to email@example.com. We will process your request within a reasonable time.
In addition, we will take reasonable steps to permit European data subjects to correct, amend, or delete information that is inaccurate, incomplete, or has been processed in violation of Privacy Shield Principles (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the individual’s privacy, or where the rights of persons other than the individual requesting the data would be violated). We will take all reasonable steps to facilitate amendments to information provided by our customers if an individual raises a query. For Counsyl to comply with such requests, a European data subject will need to provide us with sufficient information so that we can identify and verify the European data subject’s identity.
We may change our policies at any time and the changes will apply to any personal information we already hold and to any new personal information collected after the change occurs. Before we make a significant change, we will post the new notice on our website at counsyl.com/policies or email you notice of the change if we have your email contact information. Your continued use of our Services after the policy effective date constitutes an acceptance of the amended terms.
We invite you to contact us as follows:
180 Kimball Way
South San Francisco, CA 94080
Phone: 1-888-COUNSYL (1-888-268-6795)
This notice is effective: August 24, 2017