Table of Contents
a. We generally collect the following information:
a. We generally process Personal Information for the following reasons:
i. To provide our Services. This includes processing payments, creating customer accounts and authenticating logins, and delivering results and powering tools.
ii. To analyze and improve our Services. We constantly work to improve and provide new reports, tools, and Services. For example, we are constantly working to improve our ability to relate different scientific discoveries to your DNA segments and maximize the granularity of our results. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience, or assess our marketing campaigns.
iii. For Sequencing Research, with your consent. If you choose to consent to participate in Sequencing Research, our researchers can include your de-identified Genetic Information and Self-Reported Information in a large pool of customer data for analyses aimed at making scientific discoveries.
a. You have the ability to make decisions about how your data is shared and used. You choose:
i. Which health report(s) you view and/or opt-in to view.
ii. When and with whom you share your information, including friends, family members, health care professionals, or others outside our Services, including through third party services that accept Sequencing data and social networks.
iii. To give or decline consent for Sequencing Research. By agreeing to the Research Consent Document, Individual Data Sharing Consent Document, or by participating in a Sequencing Research Community, you can consent to the use of your de-identified data for scientific research purposes.
iv. To delete your Sequencing account and data, at any time.
a. Your Personal Information may be shared in the following ways:
i. With our service providers, allowing them to provide their services to us.
ii. With qualified research collaborators, only if you provide your explicit consent.
b. Sequencing will not sell, lease, or rent your individual-level information to a third party for research purposes without your explicit consent.
c. We will not share your data with any public databases.
d. We will not provide any person’s data (genetic or non-genetic) to an insurance company or employer.
e. We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information.
a. Sequencing implements measures and systems to ensure confidentiality, integrity, and availability of Sequencing data. Our team regularly reviews and improves our security practices to help ensure the integrity of our systems and your information. These practices include, but are not limited to, the following areas:
i. Independent security certification and audit. Our information security management system, which protects Sequencing information assets supporting our Services, has been certified under the internationally recognized ISO/IEC 27001:2013 standard. Some of those controls are described below.
ii. Encryption. Sequencing uses industry standard security measures to encrypt Sensitive Information both when it is stored and when it is being transmitted.
iii. Limited access to essential personnel. We limit access of information to authorized personnel, based on job function and role. Sequencing access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.
a. There may be some consequences of using our Services that you haven't considered. You may discover things about yourself and/or your family members that may be upsetting or cause anxiety and that you may not have the ability to control or change.
b. You may discover relatives who were previously unknown to you, or may learn that someone you thought you were related to is not your biological relative.
c. In the event of a data breach, it is possible that your data could be associated with your identity, which could be used against your interests.
We discuss these risks in greater depth in section 5 of our Terms of Service.
1. Key Definitions
a. Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
b. De-identified Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual, also known as pseudonymized information.
c. Individual-level Information: information about a single individual's genotypes, diseases or other traits/characteristics, but which is not necessarily tied to Registration Information.
d. Personal Information: information that can be used to identify you, either alone or in combination with other information. Sequencing collects and stores the following types of Personal Information:
i. Registration Information: information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, address, user ID and password, and payment information).
ii. Genetic Information: information regarding your genotypes (i.e. the As, Ts, Cs, and Gs at particular locations in your genome) contributed to Sequencing.
iii. Self-Reported Information: information you provide directly to us, either through the Services or through a third party, including your disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your Sequencing account.
iv. Sensitive Information: information about your health, Genetic Information, and certain Self-Reported Information such as racial and ethnic origin, sexual orientation, and political affiliation.
v. User Content: information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials—other than Genetic Information and Self-Reported Information—generated by users of Sequencing Services and transmitted, whether publicly or privately, to or through Sequencing.
vi. Inferences and Derived Data: information, data, assumptions, or conclusions that are derived directly or indirectly from another source of Personal Information. For example, we may use statistical techniques to infer additional genetic information based on genetic information submitted.
vii. Web-Behavior Information: information on how you use our Services collected through log files, cookies, web beacons, and similar technologies, (e.g., device information (device identifiers), IP address, browser type, domains, page views).
2. Information we collect
a. Information you provide directly to us or through a third party
i. Registration Information. When you purchase our Services or create a Sequencing account, we collect Personal Information, which may include your name, date of birth, billing and shipping address, payment information (e.g., credit card) and contact information (e.g. email, phone number and license number).
ii. Self-Reported Information. You have the option to provide us with additional information about yourself through surveys, forms, features and applications. For example, you may provide us with information about your personal traits (e.g., eye color, height), ethnicity, disease conditions (e.g., Type 2 Diabetes), other health-related information (e.g., pulse rate, cholesterol levels, visual acuity), and family history information (e.g., information similar to the foregoing about your family members). Before you disclose information about a family member, you should make sure you have permission from the family member to do so.
iii. User Content. Some of our Services allow you to create and post or upload content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission ("User Content"). For example, User Content includes any discussions, posts, or messages you send on our Forums.
f. Referral information and sharing. When you refer a person to Sequencing or choose to share your Sequencing results with another person, we will ask for that person's email address. We will use their email address solely, as applicable, to make the referral or to communicate your sharing request to them, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for Sequencing to communicate (e.g. via email) with him or her. The person you referred may contact us at [email protected] to request that we remove this information from our database. For more information on our referral program, see here.
i. help us recognize you when you use our Services;
ii. customize and improve your experience;
iii. provide security;
iv. analyze usage of our Services (such as to analyze your interactions with the results, reports, and other features of the Service);
v. gather demographic information about our user base;
vi. offer our Services to you;
vii. monitor the success of marketing programs; and
viii. serve targeted advertising on our site and on other sites around the Internet.
j. We may receive reports based on the use of these technologies from third party service providers as de-identified, Individual-level Information, or as Aggregate Information.
k. Google Analytics. Google Analytics is used to perform many of the tasks listed above. We use the User ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions). We have enabled the following Google Analytics Advertising features: Remarketing, Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting, and DoubleClick Campaign Manager integration. We do not merge information collected through any Google advertising product with individual-level information collected elsewhere by our Service. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings. To opt out of Google Analytics entirely please use this link.
3. How we use your information
i. open your account, enable purchases and process payments, communicate with you, and implement your requests (e.g. referrals);
ii. enable and enhance your use of our website and mobile application(s), including authenticating your visits, providing personalized content and information, and tracking your usage of our Services;
iii. contact you about your account and any relevant information about our Services (e.g. policy changes, security updates or issues, etc.);
iv. enforce our Terms of Service and other agreements;
v. monitor, detect, investigate, and prevent prohibited or illegal behaviors on our Services, to combat spam and other security risks; and
vi. perform research & development activities, which may include, for example, conducting data analysis in order to develop new or improve existing products and services, and performing quality control activities.
For individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland (collectively the “Designated Countries”): We process your Personal Information in this way to provide our Services to you in accordance with our Terms of Service:
To process, analyze and deliver your genetic testing results. As described above, to receive results through our services, you must create a Sequencing account and upload Genetic Information data to your account. Once uploaded, we further analyze your Genetic Information to provide you with our health and/or ancestry reports, depending on the Service purchased. Sequencing continuously works to improve our Services based on our research and product development, and genetic associations identified in scientific literature. If you are eligible to receive additional reports or updates in the future, you may be notified of or may directly access these updates.
For individuals located in the Designated Countries: Our legal basis for processing your Sensitive Information for the purposes described above is based on your consent. You may withdraw your consent at any time by deleting your Account via your Sequencing Account Settings, however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
c. To allow you to share your Personal Information with others. Sequencing gives you the ability to share information, including Personal Information, through the Services. You have the option to share directly with individuals with Sequencing accounts through (i) our Forums, and (ii) other sharing features and tools. You may also have the ability to share information directly with individuals who have not participated in our Service via a unique, shareable URL or through a social media platform (such information is "User Content"). Some sharing features, including receiving sharing invitations, may require that you opt-out, however, you will always be required to take a positive action, such as opting in, to share Sensitive Information.
d. You should be thoughtful about your sharing choices. Once you have chosen to share any Personal Information, the individuals with whom you share this information may also use or share your Personal Information, including any Sensitive Information you choose to share.
For individuals located in the Designated Countries: Our legal basis for processing your Personal Information for the purpose described above is based on your consent. You may withdraw your consent at any time, however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
e. To allow you to share your Personal Information for Sequencing Research purposes. You have the choice to participate in Sequencing Research by providing your consent. "Sequencing Research" refers to research aimed at publication in peer-reviewed journals and other research funded by the federal government (such as the National Institutes of Health (“NIH”)) conducted by Sequencing.
f. Sequencing Research may be sponsored by, conducted on behalf of, or in collaboration with third parties, such as non-profit foundations, academic institutions or pharmaceutical companies. Sequencing Research may study a specific group or population; identify potential areas or targets for therapeutics development; conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions,; work with public, private and/or non-profit entities on genetic research initiatives; or otherwise create, commercialize, and apply this new knowledge to improve health care. Sequencing Research uses Aggregate and/or Individual-level Genetic Information and Self-Reported Information as specified in the appropriate Consent Document(s), as explained in greater detail below.
g. Your De-identified Genetic and Self-Reported Information may be used for Sequencing Research only if you have consented to this use by completing a Consent Document. If you have completed the main Research Consent Document:
i. Your Genetic Information and/or Self-Reported Information will be used for research purposes, but it will be de-identified and will not be linked to your Registration Information.
ii. Sequencing may use individual-level Genetic Information and Self-Reported Information internally at Sequencing for research purposes.
iii. Sequencing may share summary statistics, which do not identify any particular individual or contain individual-level information, with our qualified research collaborators.
iv. If you have completed the Individual Level Data Sharing Consent, or additional consent agreement, in addition to the uses above under the main Research Consent Document, Sequencing may share De-identified Individual-level Genetic Information and Self-Reported Information with select third party research collaborators for Sequencing Research purposes.
h. Withdrawing your Consent. You may withdraw your consent to participate in Sequencing Research at any time by changing your consent status within your Sequencing Account Settings. If you experience difficulties changing your consent status, contact the Human Protections Administrator at [email protected] . Sequencing will not include your Genetic Information or Self-Reported Information in studies that start more than 30 days after you withdraw (it may take up to 30 days to withdraw your information after you withdraw your consent). Any research involving your data that has already been performed or published prior to your withdrawal from Sequencing Research will not be reversed, undone, or withdrawn. You may also discontinue your participation in Sequencing Research by deleting your Sequencing account (as described in Section 5.e.).
For individuals located in the Designated Countries: Our legal basis for processing your Sensitive Information for the purpose described above is based on your consent. You may withdraw your consent at any time, however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
i. To recruit you for external research. Research is an important aspect of our Services and we want to ensure interested participants are aware of additional opportunities to contribute to interesting, novel scientific research conducted by academic institutions, healthcare organizations, pharmaceutical companies, and other groups. If you have chosen to participate in Sequencing Research, from time to time we may inform you of third party research opportunities for which you may be eligible. For example, if a university tells us about a new cancer research project, we may send an email to Sequencing research participants who potentially fit the relevant eligibility criteria to make them aware of the research project and provide a link to participate with the research organization conducting the study. We will not share Individual-level Genetic Information or Self-Reported Information with any third party without your explicit consent. If you do not wish to receive these notifications, you can manage them by editing your preferences in your Sequencing Account Settings.
j. For individuals located in the Designated Countries: Our legal basis for processing your Sensitive Information for the purpose described above is based on your consent. You may withdraw your consent at any time, however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
k. To provide customer support. When you contact Customer Care, we may use or request Personal Information, including Sensitive Information, as necessary to answer your questions, resolve disputes, and/or investigate and troubleshoot problems or complaints. In some instances, we may be required to process one customer’s Personal Information to resolve another customer’s dispute or request. For example, if a customer reports behavior that violates our Terms of Service, we will separately process both customers’ Personal Information and respond separately to each individual as appropriate. We will not share your Personal Information with another customer without your consent.
For individuals located in the Designated Countries: Our legal basis for processing your Personal Information for the purpose described above depends on the nature of the customer support request or to satisfy our contractual or legal obligations and/or our legitimate interest to improve our Services.
l. To conduct surveys or polls, and obtain testimonials. We value your feedback and may send you surveys, polls, or requests for testimonials to improve and optimize our Services. You are in control of the information you would like to share with us. If you do not wish to receive these requests, you can manage them in your Sequencing Account Settings.
m. For individuals located in the Designated Countries: Our legal basis for processing your Personal Information for the purpose described above is based on our legitimate interest. We think it is important to continue improving our Services to ensure you derive value from the knowledge contained herein.
n. To provide you with marketing communications. By creating a Sequencing account, you are agreeing that we may send you product and promotional emails or notifications about our Services and offers on new products, services, promotions, or contests. You may also opt in to receiving similar notifications on the website or mobile application(s). You can unsubscribe from receiving these marketing communications at any time. To unsubscribe, click the email footer “unsubscribe” link or go to the “Preferences” section of your Sequencing Account Settings to edit your email notification preferences. To opt out of receiving website and mobile notifications, you may do so within your browser or device settings. Please note, the opt-out process differs between web browsers and mobile devices. You may not opt out of receiving non-promotional messages regarding your account, such as technical notices, purchase confirmations, or Service-related emails.
o. Individuals located in Designated Countries should review Sections 10.f-h. to understand our marketing practices in relation to the Designated Countries.
4. Information we share with third parties
a. General service providers. We share the information described above in Section 2 with our third party service providers as necessary for them to provide their services to us and help us perform our contract with you. Service providers are third parties (other companies or individuals) that help us to provide, analyze, and improve our Services. While Sequencing directly conducts the majority of data processing activities required to provide our Services to you, we engage some third party service providers to assist in supporting our Services, including in the following areas:
i. Order fulfillment. Our payment processor processes certain Registration Information, such as your billing address and credit card information, as necessary to enable you to purchase from the Sequencing.com online store.
ii. Customer Care support. Our Customer Care team uses a number of tools to help organize and manage the requests we receive. These tools help to ensure we provide timely, high quality support.
iii. Cloud storage, IT, and Security. Our cloud storage providers provide secure storage for information in Sequencing databases, ensure that our infrastructure can support continued use of our Services by Sequencing customers, and protect data in the event of a natural disaster or other disruption to our Service. Our IT and security service providers assist with intrusion detection and prevention measures to stop any potential attacks against our networks. Our third party experts perform regular penetration tests and periodically audit Sequencing’s security controls.
NOTE: Our service providers act on Sequencing's behalf. We implement procedures and maintain contractual terms with each service provider to protect the confidentiality and security of your information. However, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically.
For individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland (collectively the “Designated Countries”): Where Personal Information are transferred to a third country or to an international organization, Sequencing implements appropriate safeguards, such as contractual obligations, relating to the transfer.
c. Aggregate information. We may share Aggregate Information, which is information that has been stripped of your name and contact information and combined with information of others so that you cannot reasonably be identified as an individual, with third parties. This Information is different from "Individual-level" information and is not Personal Information because it does not identify any particular individual or disclose any particular individual’s data. For example, Aggregate Information may include a statement that "30% of our female users share a particular genetic trait," without providing any data or testing results specific to any individual user. In contrast, Individual-level Genetic Information or Self-Reported Information consists of data about a single individual's genotypes, diseases or other traits/characteristics information and could reveal whether a specific user has a particular genetic trait, or consist of all of the Genetic Information about that user. Sequencing will ask for your consent to share Individual-level Genetic Information or Self-Reported Information with any third party other than our service providers as necessary for us to provide the Services to you.
e. As required by law Under certain circumstances, your Personal Information may be subject to processing pursuant to laws, regulations, judicial, or other government subpoenas, warrants, or orders. For example, we may be required to disclose Personal Information in coordination with regulatory authorities in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Sequencing will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Sequencing may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Sequencing Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of Sequencing, its employees, its users, its clients, and the public.
NOTE: If you are participating in Sequencing Research, Sequencing will withhold disclosure of your Personal Information involved in such Research in response to judicial or other government subpoenas, warrants, or orders in accordance with any applicable Certificate of Confidentiality that Sequencing has obtained from the National Institutes of Health (NIH).
f. Business transactions. In the event that Sequencing goes through a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets, your Personal Information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
5. Your choices
a. Access to your account. We provide access to your Sequencing data within your Sequencing account. You can access and download data within your Account Settings and within applicable Reports, Tools, and features. If you lose access to your Sequencing account or account email address, please contact Customer Care for assistance. If you lose access to your Sequencing account, in certain circumstances, we may require that you submit additional information sufficient to verify your identity before providing access or otherwise releasing information to you. If you choose not to submit the required documentation, or the information provided is not sufficient for the purposes sought, Sequencing will not be able to sufficiently verify your identity in order to complete your request. You may access, correct, or update most of your Registration Information on your own within your Sequencing Account Settings. You may be able to correct Self-Reported Information entered into a survey, form, or feature within your account, such as on the surveys page, by clicking “Edit your answers here.” Please note that you may not be able to delete User Content that has been shared with others through the Service and that you may not be able to delete information that has been shared with third parties. Individuals located in Designated Countries should review Section 11 to understand their rights to access Personal Information.
b. Marketing communications. You may be asked to opt in to receive product and promotional emails or notifications when creating your Sequencing account or when using our Services. You may view or update your notification preferences for marketing communications by visiting your Sequencing Account Settings, opting out at the browser or device level, or by contacting our Privacy Administrator at [email protected] You can also click the "unsubscribe" button at the bottom of promotional email communications, as applicable.
d. In general, it can be difficult to contain or retrieve Personal Information once it has been shared or disclosed. Sequencing will have no responsibility or liability for any consequences that may result because you have released or shared Personal Information with others. Likewise, if you are reading this because you have access to the Personal Information of a Sequencing customer through a multi-profile account, we urge you to recognize your responsibility to protect the privacy of each person within that account. Users with multi-profile accounts (i.e. where multiple family members upload their Genetic Information data) should use caution in setting profile-level privacy settings.
e. Account deletion. If you no longer wish to participate in our Services, or no longer wish to have your Personal Information be processed, you may delete your Sequencing account and Personal Information within your Sequencing Account Settings. Once you submit your request, we will send an email to the email address linked to your Sequencing account detailing our account deletion policy and requesting that you confirm your deletion request. Once you confirm your request to delete your account and data, your account will no longer be accessible while we process your request. Once you confirm your request, this process cannot be canceled, undone, withdrawn, or reversed. When your account is deleted, all associated Personal Information is deleted and any stored samples are discarded, subject to the following limitations:
f. Information previously included in Sequencing Research. As stated in any applicable Consent Document, Genetic Information and/or Self-Reported Information that you have previously provided and for which you have given consent to use in Sequencing Research cannot be removed from completed studies that use that information. Your data will not be included in studies that start more than 30 days after your account is closed (it may take up to 30 days to withdraw your information after your account is closed).
g. Legal Retention Requirements. Sequencing and/or our contracted genotyping laboratory will retain your Genetic Information, date of birth, and sex as required for compliance with applicable legal obligations, including the federal Clinical Laboratory Improvement Amendments of 1988 (CLIA), California Business and Professions Code Section 1265, and College of American Pathologists (CAP) accreditation requirements. Sequencing will also retain limited information related to your account and data deletion request, including, but not limited to, your email address, account deletion request identifier, communications related to inquiries or complaints and legal agreements for a limited period of time as required by law, contractual obligations, and/or as necessary for the establishment, exercise, or defense of legal claims and for audit and compliance purposes.
6. Security measures
a. Sequencing takes seriously the trust you place in us. Sequencing implements physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your Personal Information. Our team regularly reviews and improves our security practices to help ensure the integrity of our systems and your information. These practices include, but are not limited to, the following areas:
i. Encryption. Sequencing uses industry standard security measures to encrypt Sensitive Information both at rest and in transit.
ii. Limited access to essential personnel. We limit access to Sensitive Information to authorized personnel, based on job function and role. Sequencing access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.
b. Your Responsibility. Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password and other authentication information you use to access our Services. You should not disclose your authentication information to any third party and should immediately notify Sequencing of any unauthorized use of your password. Sequencing cannot secure Personal Information that you release on your own or that you request us to release.
c. Your information collected through the Service may be stored and processed in the United States or any other country in which Sequencing or its subsidiaries, affiliates, or service providers maintain facilities, and therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.
Notwithstanding anything set forth above to the contrary, Sequencing shall comply to the extent applicable with the 1996 Health Insurance Portability and Accountability Act (HIPAA) and the 2008 Genetic Information Nondiscrimination Act (GINA).
8. Children's privacy
Sequencing is committed to protecting the privacy of children as well as adults. Neither Sequencing nor any of its Services are designed for, are intended to attract, or are directed toward children under the age of 18. A parent or guardian, however, may create an account for, and provide information related to, his or her child who is under the age of 18. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to Sequencing about his or her child is kept secure and that the information submitted is accurate.
9. Linked websites
10. Application Programming Interface
a. Sequencing’s application programming interface (“API”) allows software application developers (“App Developers”) to access the Site to utilize Sequencing’s software application technology to develop their own software applications (“Apps”). All such access is secure and requires App Developers to specifically register with Sequencing prior to their accessing the API and to comply with Sequencing’s stringent security standards and protocols.
b. Real-Time Personalization Technology API. Through this API, App Developers may utilize Sequencing technology, such as Sequencing’s Real-Time Personalization® Technology, to develop their own mobile and web-based applications. These mobile and web-based Apps will not have access to your Personal Information, unless you specifically and affirmatively authorize Sequencing to provide App Developers with such access to your Personal Information. This authorization may be in the form of a Request to Access, which will require you to affirmatively authorize access by clicking “Accept” or “Authorize” or “Yes” on the Request to Access interface provided by Site or App. Upon providing an affirmative response to a Request for Access, Sequencing will provide only that portion of your Personal Information necessary for the App’s purposes. Sequencing does not, and will not, provide your entire genome to any App or App Developers. Sequencing cannot control any Personal Information sent to Apps hosted outside of the Site. You agree to allow such access at your own risk.
c. App Market API. Through this API, App Developers may utilize Sequencing technology, such as Sequencing's App marketplace, to make their applications available to you for use. When you use an App in Sequencing's App marketplace that was created by App Developers, you authorize Sequencing to provide the App Developers with access to some of your Personal Information. Sequencing will provide only that portion of your Personal Information necessary for the App’s purposes. Sequencing does not, and will not, provide your entire genome to any App or App Developers. Sequencing cannot control any Personal Information sent to Apps hosted outside of the Site. You agree to allow such access at your own risk.
11. Information for Customers in Designated Countries
Section 11 only applies to individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland (the “Designated Countries”).
a. International Transfers Your Personal Information will likely be transferred to, stored, and processed in the U.S. and other countries outside of where you live. When we conduct such transfers, we rely on various legal bases to lawfully transfer Personal Information around the world, including the European Union Commission approved model contractual clauses.
c. With respect to Personal Information received or transferred pursuant to the Privacy Shield Frameworks, Sequencing is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Sequencing may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have questions about our Privacy Shield certification, we encourage you to contact us [email protected]
d. Our relationship with you. We are the “controller” with respect to your Personal Information because we determine the means and purposes of processing your information when using our Services.
f. Direct Marketing. We will obtain your consent where required to send you marketing communications using electronic means. You may withdraw your consent at any time within your Sequencing Account Settings or by emailing [email protected] We will only contact you by electronic means (email, push notification, SMS, etc.) with information about our Services that are similar to those which were the subject of a previous sale or negotiation of a sale to you.
g. We will only share your Personal Information with third parties for marketing purposes with your explicit consent. If you do not want us to use your Personal Information in this way, please review and update your Sequencing Account Settings as necessary or contact us at [email protected] You may raise such objections with regard to initial or further processing for purposes of direct marketing at any time and free of charge. The withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
h. Other marketing activities will happen based on the legitimate interests of Sequencing. E.g. where we tailor marketing communications or send targeted marketing messages via post, phone, or social media and other third party platforms; and in providing existing customers with information (via email or other channels) about similar products and services.
i. Privacy Rights. You can exercise your privacy rights by following the instructions below or contacting us at [email protected]encing.com. We will handle your request under applicable law. When you make a request, we may verify your identity to protect your privacy and security.
j. Right to withdraw consent. To the extent Sequencing requests and you provide your consent to the processing of your Personal Information, you can withdraw your consent at any time. Your withdrawal will not affect the lawfulness of our processing based on consent before your withdrawal.
k. Right of access to and rectification of your Personal Information. Our site allows you to access and rectify certain Registration Information within your Sequencing Account Settings, and your Self-Reported Information by going to the surveys page, and other information as required by applicable law. You can download your raw Genetic Information within your Sequencing Account Settings or by going to the applicable tool in “Tools.” If you would like to access or rectify any other information, contact Customer Care and we will do our best to assist you without undue delay. We may reject part or all of your request if responding to your request could adversely affect the rights and freedoms of others.
l. Right to erasure (or, “Right to be Forgotten”). As explained under Section 5.e. (Account Deletion), we allow you to delete your account at any time. You can request erasure of Personal Information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing to which you previously consented, but later withdrew such consent; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. If we have made your Personal Information public and we are required to erase such Personal Information, we will take reasonable steps, including technical measures, to inform controllers that are processing any links to or copies or replications of your Personal Information of your erasure request. Our assistance with your request for erasure is subject to limitations by relevant data protection laws, available technology, and the cost of implementation.
m. Right to data portability. If we process your Personal Information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request your Personal Information in a structured, commonly used, and machine-readable format. You may also request the transfer of your Personal Information directly to another controller, where technically feasible, unless choosing to exercise this right adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which alone or jointly with others, determines the purposes and means of the processing of your Personal Information.
n. Right to restriction of our processing. You can restrict our processing of your Personal Information where one of the following applies: (a) you dispute the accuracy of Personal Information processed by Sequencing (for a period enabling us to verify its accuracy); (b) the processing is unlawful and you oppose the erasure of the Personal Information and request the restriction of its use instead; (c) Sequencing no longer needs the Personal Information for the purposes of the processing, but it is required by you for the establishment, exercise, or defense of legal claims; and (d) you have objected to certain processing relying on legitimate interest, pending the verification whether Sequencing’s legitimate grounds override your rights. Restricted Personal Information shall only be processed with your consent or for the establishment, exercise or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest. We will notify you if the restriction is lifted.
o. Notification of erasure, rectification and restriction. We will provide notice to each recipient that we disclosed your Personal Information to regarding any rectification or erasure of Personal Information or restriction of processing, unless you initiated the disclosure or providing notice proves impossible or involves disproportionate effort. Upon your request, we will share the list of recipients with you.
p. Right to object to processing. Where the processing of your Personal Information is based on consent, contract, or legitimate interests described under the Legal Bases for Processing heading above, you may restrict or object, at any time, to the processing of your Personal Information as permitted by applicable law. We may continue to process your Personal Information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
q. Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects on you, except as allowed under applicable data protection laws.
r. Retention of your Personal Information. Unless you delete your account or delete certain Personal Information (i.e. User Content, etc.), we will store your Personal Information as long as your account is open. If you delete your account, we will take the steps described under “Your Choices – Account Deletion” (Section 5.e.) and delete all your Personal Information, unless a longer retention period is required or permitted by law.
s. The rights described above may be limited by local laws. Further, your right of access and deletion is not absolute and may not be available if fulfillment of such right would, among other things:
i. cause interference with execution and enforcement of the law and legal private rights (such as in the case of the investigation or detection of legal claims or the right to a fair trial);
ii. breach or prejudice the rights of confidentiality and security of others;
iii. prejudice security or grievance investigations, corporate reorganizations, future and ongoing negotiations with third parties, the compliance with regulatory requirements relating to economic and financial management; or
iv. otherwise violate the interests of others or where the burden or cost of providing access would be disproportionate.
Complaints. If you believe that we have infringed your rights, we encourage you to contact us so that we can try to address your concerns or dispute informally. Our contact information is:
401 E. 8th St. #214-900
Sioux Falls, SD 57103
t. Sequencing’s commitment to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks entitle you to lodge a complaint via our Privacy Shield independent dispute resolution mechanism. To send your privacy complaints under the Privacy Shield Principles, please contact the BBB EU Privacy Shield, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and/or to file a complaint.
u. As a last resort and under limited circumstances, individuals from Designated Countries with residual privacy complaints may invoke a binding arbitration option before the Privacy Shield Panel.
v. You also have a right to lodge a complaint with a competent supervisory authority situated in the country of your habitual residence, place of work, or place of alleged infringement. You can find the relevant supervisory authority name and contact details here: https://commission.europa.eu/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.
12. US Resident Additional Privacy Statement
a. Categories of Personal Information
Sequencing collects, and has collected in the 12 months prior to the effective date of this US Statement, the following categories of Personal Information:
Identifiers, such as name, username, postal address, unique personal identifier, online identifier, IP address, your mobile device identifier, email address, account name.
Personal information described in subdivision (e) of California Civlil Code section 1798.80 not covered by an existing category (physical characteristics or descriptions).
Characteristics of protected classifications under applicable state or federal law, such as assigned sex at birth and year of birth. This also includes content you choose to share with us that is considered a legally protected class under applicable state or federal law.
Commercial information, such as products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
Biometric information, such as DNA Data (defined above).
Internet usage information, such as your browsing history, search history, and information regarding your interaction with our sites and advertisements.
Geolocation data, such as location of your device or computer and any metadata associated with digital photographs uploaded to Find a Grave, including the location, date, and time the photo was taken.
Sensory data, such as audio, electronic, and visual information (e.g., audio or video recordings you upload, recordings of calls with Sequencing Member Services or information you voluntarily share when doing consumer insights research with us).
Inferences derived from Personal Information, such as to suggest familial relationships and to create consumer profiles for the purposes of research, product development and marketing. Please note as stated in Section 12.g below, we do not sell your Personal Information.
Sensitive Personal Information, such as account login information, racial or ethnic origin, and genetic data.
Note that some categories of information are collected only if you use certain of our Services.
b. Business Purposes
Sequencing uses the categories of Personal Information described in Section 1 for the following business purposes:
Providing, personalizing, improving, updating, and expanding Sequencing’s Services;
Communicating to you about the Services;
Helping to ensure security and integrity of the Services; and
Marketing new products and offers from us or our business partners based on your interests.
c. Categories of Sources of Personal Information
Sequencing collects, and has collected in the 12 months prior to the effective date of this US Statement, categories of Personal Information described in Section 1 from the following categories of sources:
You —this source of Personal Information depends on your use of the Services, including when you submit content; and,
d. Disclosure of Personal Information for Business Purposes
Sequencing shares, and has shared in the 12 months prior to the effective date of this US Statement, with the following categories of third parties the correlating categories of Personal Information for a business purpose:
Categories of Third Parties
The Categories of Personal Information We Share
Other Sequencing Users (if you shared your Personal Information on Sequencing)
Refer to the information that is shared with research partners, which may include:
Law Enforcement or Other Regulatory Bodies
We do not voluntarily share your Personal Information with law enforcement or regulatory bodies. We require a valid legal process before we would provide any data to law enforcement.
e. Sharing and Advertising Preferences
f. Exercising Your Rights.
i. Right to Know. You may have the right to request that we disclose what Personal Information we collect, use, disclose, share, or sell. This includes the right to request the categories of Personal Information we have collected about you, the categories of sources of Personal Information, the business purpose for collecting Personal Information, the categories of third parties with whom we share categories of Personal Information, and the specific pieces of Personal Information we have collected about you.
If you are submitting a request to know on your own behalf, there are two ways to make your request: online or by email. To email your request to know, email us at [email protected]. We are required to verify your identity before providing you with a copy of your data. We will require you to provide proof of identity and current address (e.g., you may be required to provide a copy of your government-issued ID, which will be used solely to verify your identity and address).
If you are an “Authorized Agent” pursuant to the CCPA/CPRA and are submitting a request to know on behalf of one of our users, see Section 12.f.iii below.
ii. Right to Delete. You may have the right to request that we delete your Personal Information.
Note that to delete your Personal Information, you must delete your account and that once an account deletion request is completed, this process is irreversible. Your information (including, but not limited to records and DNA Data) will be permanently deleted.
To email your request to delete, email us at [email protected]. We are required to verify your identity before we delete your data. We will require you to provide proof of identity and current address (e.g., you may be required to provide a copy of your government-issued ID, which will be used solely to verify your identity and address).
If you are an “Authorized Agent” pursuant to the CCPA/CPRA and are submitting a request to know on behalf of one of our users, see Section 12.f.iii below.
iii. Authorized Agents. California residents can use “authorized agents” to make requests to know and requests for deletion. To use an authorized agent, email us at [email protected] Note that even if a consumer chooses to use an authorized agent for a request, the consumer will still need to work directly with us to provide item 3 below:
1. Proof that the authorized agent is registered with the Secretary of State to conduct business in California.
2. Signed permission from the consumer allowing the authorized agent to act on the consumer’s behalf.
3. Verification of the consumer’s identity (to be made directly by the consumer to us). We will require proof of identity and California address (e.g., a copy of your government-issued ID, which will be used solely to verify your identity and address).
Please note: The report will be delivered to the consumer via the email address registered to their Sequencing account. Also note that the report does not include a copy of the consumer’s DNA Data. If the consumer wants to download their DNA Data, see Section 12.f.i above.
iv. Right to Appeal. If you are a Colorado, Connecticut, or Virginia resident and your request to know or delete your data is denied, you have the right to appeal. You can do so by contacting us at [email protected]
h. Sensitive Personal Information. We process sensitive personal information collected about you only to provide the Services, including to:
Maintain the quality and safety of the Services;
Improve the Services;
Detect security incidents;
Resist and prosecute malicious, deceptive, fraudulent, or illegal actions directed at Sequencing, and;
Maintain or service accounts, provide customer service, process or fulfill orders and transactions, verify customer information, process payments, provide analytic services, and provide storage.
We may also process this sensitive personal information as needed to help ensure people’s physical safety and as required by applicable law.
i. Non-discrimination. We will not discriminate against you for exercising any of your rights under applicable US privacy regulations.
j. California’s Shine the Light Law. California Civil Code section 1798.83, known as the “Shine the Light” law, permits Users who are California residents to request and obtain from us a list of what Personal Information (if any) we disclosed to third parties for their direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under California Civil Code section 1798.83, Sequencing currently does not share any Personal Information with third parties for their own direct marketing purposes.
k. Contact Us. If you have questions about our US-related privacy policies or practices, please contact us at [email protected]
12. Nevada Residents
Pursuant to Nevada law, you may direct a business that operates an internet website not to sell certain Personal Information a business has collected or will collect about you. Sequencing does not sell your Personal Information pursuant to Nevada law. For more information about how we handle and share your Personal Information or your rights under Nevada law, contact us at [email protected]
13. Do Not Track Statement
Some browsers have a ”do not track” feature that allows you to tell websites that you do not want to have your online activities tracked. At this time, due to a lack of industry standards, we do not respond to browser ”do not track” signals. To learn more about interest-based advertising or to opt-out of this type of advertising, visit the Network Advertising Initiative website and the Digital Advertising Alliance website. Options you select are browser- and device-specific.
c. We also may provide additional "just-in-time" disclosures or additional information about the data collection, use, and sharing practices of specific Services. Such notices may supplement or clarify our privacy practices or may provide you with additional choices about how Sequencing processes your Personal Information.
15. Contact Information
401 E. 8th St. #214-900
Sioux Falls, SD 57103
1-833-544-0001 toll free Mon-Fri, 9am – 5pm (EST)