By using the Application, you are expressing your agreement to this Policy and the processing of your data, including your personal information, in the manner provided in this Policy. If you do not agree to these terms, please do not use the Application.
PatientMD may amend this Policy at any time without notice. Changes to this Policy may affect our use of personally identifiable information that you provided us prior to our notification to you of the changes. Please visit our website or Application to obtain current information about our Policy.
In order to facilitate your interaction with health care service providers in the Application, you may authorize PatientMD to receive, store, and transmit your Protected Health Information (PHI), as such term is defined by the Health Insurance Portability and Accountability Act of 1996 and its regulations (HIPAA) for purposes of utilizing the direct messaging with health care service providers platform in the Application. Any such use or disclosure of your PHI by PatientMD shall be governed by, and limited to, the terms of your Patient Authorization.
The information we collect generally includes: (1) Personal information you supply, and (2) Tracking information collected as you navigate through the (Site) Application.
PatientMD will not collect any personally identifiable information about you unless you voluntarily provide it to us, such as when you post to the Application or email us. We may collect and store personally identifiable information (such as your name, mailing address, e-mail address, telephone number, and/or mobile phone number) whenever you do the following:
- Post or transmit information through the Application.
- Utilize Social Media/Platforms/Marketplaces/Services available through the Application.
- Complete the registration process for the Application.
We also collect personal and family health information. This is done so that we are able to provide results which are relevant, meaningful and medically actionable. There might also be a need for you to provide information such as your race/ ancestry, age and sex. Personal and Family Health Information also includes the information about your health conditions and genetic mutations. It is of utmost importance that you provide the most accurate information possible.
With your consent, we extract your DNA from your saliva sample and analyse it to derive your Genetic Information (the As, Ts, Cs and Gs at particular locations in your genome) in order to provide you with your PatientMD reports and tools.
When you use the Application, we may collect tracking information such as your browser type, the type of operating system you use, the domain name of your internet service provider, and pages, sections, features, or items visited/viewed through the Application. We collect this information for aggregate reporting on Application activity. For example, we may want to know how long the average user spends using the Application or which pages or features get the most attention.
When we collect this information we endeavor to de-identify any personally identifiable information by combining it with information about other individuals/users (“aggregating”) or by removing characteristics that make the information personally identifiable to you. PatientMD reserves the right to share with third parties de-identified, aggregated information about you and other users of our Application. We share this information in order to improve our Application and develop content and services that may be of interest to you.
To help you personalize your online experience using the Application, we may use "Cookies." "Cookies" are small files that are transferred to your hard drive for record-keeping purposes. One of the primary purposes of Cookies is to provide a convenience feature to save you time. For example, Cookies help to recognize you when you re-enter the Application so that you will not have to log in each time you visit. Cookies also help to collect anonymous traffic data, such as the number of unique and return visitors who use our Application. In addition, Cookies may be placed with users visiting through advertising banners and hyperlinks on other sites or through other applications to track the success of a particular advertising campaign or marketing program.
A “Session Cookie,” which is not placed on your hard drive, may also be used. A Session Cookie is a piece of identification between your browser and the server that keeps track of the items in, for example, your shopping cart and other information about your current session or use of the Application. A Session Cookie is automatically deleted when the session expires, when you log out of the Application, or when you close your browser.
PatientMD generally collects information to create your account, provide the Application to you, improve our Application, contact you, conduct research, and create reports for internal use. We use information collected through our Application for purposes described in this Policy or disclosed to you in connection with our Application. For example, we may use your information to:
- identify and suggest connections with other Application users;
- operate and improve our Application;
- understand you and your preferences to enhance your experience and enjoyment using our Application;
- respond to your comments and questions and provide customer service;
- provide and deliver products and services you request;
- send you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages;
- communicate with you about promotions, rewards, upcoming events, and other news about products and services offered by us and our selected partners;
- enable you to communicate with other users; and
- link or combine it with other information we get from third parties, to help understand your preferences and provide you with better services.
We store information on servers located in the United States and may store information on servers and equipment in other countries. We do not undertake to maintain any information about you for a duration greater than necessary to provide services to you or as provided by law, rule or regulation.
PatientMD currently, and will at all times, maintain reasonable security measures to protect the personal information that we collect and store from unauthorized access, acquisition, destruction, use, modification, or disclosure.
Any PHI that you disclose to a health care service provider through the Application shall be maintained in accordance with the requirements of HIPAA and with the terms of your Patient Authorization. In no event will PatientMD use or disclose your PHI to any individual or entity not included under your Patient Authorization.
We may share your personal information with our authorized service providers that perform certain services on our behalf. These services may include, among others, fulfilling orders, processing credit card payments, delivering packages, providing customer service, performing business and sales analysis, supporting our Application functionality, and other features offered through our Application. These service providers may have access to personal information needed to perform their functions but the access is limited to what is required and necessary for the service providers to perform those functions and they are not authorized to modify, share, or use such personal information for any other purposes. In no event shall these authorized service providers have access to any PHI disclosed through the Application pursuant to the terms of your Patient Authorization.
PatientMD requires that any such service providers to whom it allows access to its collected and stored information implement and maintain reasonable security measures to protect your personal information from unauthorized access, acquisition, destruction, use, modification, or disclosure.
We may also transfer user or customer information, including personally identifiable information, in connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale.
We may disclose specific information in response to a valid court order, subpoena, government investigation, or as otherwise required by law, to enforce our Application policies and Terms, or to protect our or others' rights, property, or safety. We reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful.
We may share information:
- With service providers that includes our sequencing laboratory as their services are required by us.
- With other PatientMD customers provided you request us so. For example, when you send message related to DNA or when you add your information to a public profile.
- With research collaborators, provided you have given your consent explicitly.
We may share information to prevent illegal uses of the Application or violations of the Terms, or defend ourselves against third-party claims. We may also share information with companies assisting in fraud protection or investigation. We do not provide information to these agencies or companies for marketing or commercial purposes.
If you do not want to receive email from us, or you want to prevent your information from being used for purposes other than those for which it was originally collected, please let us know by sending an email to this address email@example.com.
PatientMD gives you the ability to share information in a number of ways. You may choose:
- To store or discard your saliva sample after it has been analysed for genetic sequencing.
- When and with whom you share your information, including family members, friends, healthcare professionals and other individuals who are not included in our service. This also includes the third-party services that accepts the data and social networks of PatientMD.
- To choose to give consent or decline consent for scientific research purposes through PatientMD Research by agreeing to the Individual Data Sharing Consent, Research Consent Document or while participating in a PatientMD community.
- Opt out from storing your saliva sample after it has been analysed.
Due to production, mailing, and system timelines, it may take some time to process your request. In addition, we may still use your information to communicate with you for other purposes, such as your orders and purchases, for customer service, or regarding contests or sweepstakes you may have entered.
We do not knowingly solicit or collect information from persons under the age of 13. We do not have a mechanism for determining the age of the users of our Application. If you are under 13, please do not attempt to use our Application or send any information about yourself to us, including your name, address, telephone number, or email address. No one under the age of 13 may provide any personally identifiable information. In the event that we learn that we have collected personally identifiable information from a child under age 13, we will delete that information as quickly as possible.
Our Application may also contain links to other third party websites that are not under our control. These websites may or may not have their own policies regarding privacy. You should seek and review these policies before providing information to these websites. PatientMD has no responsibility for linked websites and provides these links solely for the convenience and information of our visitors. PatientMD also maintains a strict "no-spam" policy and fully complies with CAN-SPAM Act regulations.
Your individual-level information will not be sold, given on lease or rented for any research purposes without your explicit consent.
- Our customer data will not be shared with any public database.
- Any person’s data (whether genetic or non-genetic) will not be shared with any insurance company or employer.
- The data will not be given to any law enforcement authority unless it is required by the law.
How is your information secured?
We at PatientMD implement such measures and systems that will ensure that the confidentiality, integrity and the availability of PatientMD data is maintained at all times.
- De-identification/ Pseudonymization, encryption and data segmentation: We strip registration information from sensitive information and this also include genetic and phenotypic data. We then assign this data with a randomly generated ID that is not easily identifiable.
- Limiting access to essential personnel: the access of your information is limited to authorized personnel only. The access controls of PatientMD includes multi-factor authentication, single sign-on as well as strict least-privileged authorization policy.
- Threat detection and vulnerability management: At PatientMD, we use detection and prevention methods so that any potential attacks in the network can be prevented. Third party security experts are engaged so that regular penetration tests can be conducted.
There is always a chance for consequences when you use our services which you might not have considered.
- You may know about some information about yourself and your family members that might upset you and it may cause some anxiety and the situation might be beyond your control.
- You may learn about some relatives who were previously unknown to you or you may also find out that you do not have any biological connection with some of your relatives.
- In case there is a breach of data and if the data is associated with your identity, and such can be used unethically.
If you choose to use the Application, your use and any dispute over privacy is subject to this Policy and our Terms, including limitations on liability and damages, application of the law of the State of Illinois and resolution of any disputes in Illinois.
If you have any concern about privacy about your:
- Genetic information: information about genotypes (As, Ts, Cs, and Gs) that are generated by way of processing your saliva.
- Self-reported information: Information that is provided directly to us such as information of disease conditions, traits, family background and all other such information that you enter into the surveys, forms and so on.
Then please contact us with a thorough description, and we will make all reasonable attempts to resolve it.
Our business changes constantly, and this Policy, the Terms, and the Application will continue to change. You should check the Application frequently to see recent changes such as information related to the genetic testing services, saliva sampling and biobanking and other services offered by the app. Unless stated otherwise, any revised Policy will replace the prior Policy and will apply to past and current visitors.
Information that is related to genetic services:
- Saliva sample collection: In order to use our genetic testing services, you are required to register with us and then complete your profile. After this you purchase our genetic testing kit, fill up the form and then follow the instructions in the test kit.
- Genetic information: Information about your genotype (As, Ts, Cs, and Gs) which is generated when we analyse your saliva sample or when you provide your information through our services. This also includes the genetic test result which might be used for other purposes as well.
Providing additional consent for our research on next generation healthcare
Whether or not you allow us to share your Personal Information for our Research purposes You have the choice to participate in PatientMD Research for the service of mankind by providing your consent. "PatientMD Research" refers to research works aimed at publication in peer-reviewed journals and other research funded by the Government or other academic Institutes conducted by PatientMD.
Third parties such as not-for-profit organizations, pharmaceutical or biotechnology companies or academic institutions, might sponsor the research that we will conduct. The Research might also include the study of a specific group of individual or population along with therapeutics development for identifying potential cases or targets. It might also conduct or support the design and development of drugs, diagnostics or devices to diagnose so as to predict or treat medical conditions and be able to work with other public, private and/or not-for-profit entities on research initiatives. The same information might also be used to create, commercialize, and apply to improve health care. PatientMD Research may use aggregate and/or individual-level information (whether genetic or self-reported) as specified in the appropriate Consent Document(s), filled up during ordering of the test by the individual. We at PatientMD may use your De-identified Genetic and Self-Reported Information for Research purpose and it is only after you have consented to this use (by clicking an appropriate checkbox in a consent Document which is optional in nature). If you have consented to this Research Consent:
- Your Information (whether genetic or self-reported) will be used for research purposes, but we will de-identify it and we will not be link it to your Registration Information.
- Your information might be used internally by us at PatientMD for Research as well as quality control purposes.
- We may share a few summary statistics with our qualified research collaborators that do not reveal the identity of any individual.
If you have completed our research consent form, we may share De-identified Individual-level information with selected third-party research collaborators or our partners for Research purposes.
You have the right to withdraw your consent regarding your participation in our research at any time. This can be done just by way of changing the consent status and emailing us at firstname.lastname@example.org. We will not include your information in any new research that occurs after 30 days from the receipt of your request. However, if any research has been conducted with your data prior to your request, we will not reverse it, undo it, or withdraw it.
If you do not wish to check the box that is required to know about your agreement for participating in research in the Consent Document, we will not use your personal information for research purposes. However, we might still use your information and share it with our third-party service providers as has been outlined in this Privacy Statement.
One of the important aspects of PatientMD is our research and we want to ensure that the interested participants are aware of additional opportunities to contribute to interesting, novel scientific research conducted by academic institutions, healthcare organizations, pharmaceutical companies, and other groups for the benefit of mankind. After you have chosen to participate in our research, we may inform you of any third-party research opportunities whichever might be eligible. However, we will not share any information with any third party without your consent. In case you do not want to receive any of the alerts, you can send us an email at email@example.com.
When you contact our customer care, you may be required to provide your information so that we are able to answer your questions and resolve your disputes if any.
We value your feedback and so we may send you surveys, polls, or requests for testimonials so that we are able in improving and optimizing our services. You are however in control of what you would like to share with us. If case you do not want to receive such requests from us then you can email us at firstname.lastname@example.org. Seven working days might be required for the affect
For Designated Countries: In order to process your information, we require your consent. You may withdraw your consent at any time. Such withdrawal might not affect the lawfulness of processing of your information that is based on your consent before the withdrawal.
When you create a PatientMD account, it means that you are agreeing to our offer of sending you product and promotional emails or any notification about our services, and the offers on any new products, services, promotions or contests. You will have the option of unsubscribing from such marketing communications at your desirable time. To unsubscribe, just click the “unsubscribe” link or email us at email@example.com. You may not want to opt-out of receiving non-promotional messages such as service-related emails.