Privacy Policy

Last Updated: December 17, 2019

This Privacy Policy applies to all who (i) visit and use our website, www.elysiumhealth.com, and online services as well as the websites and online services; and (ii) purchase, use or access any products or services, the mobile apps, software, platform and all other relevant services and products provided and offered by us, our affiliates and our partners (collectively the “Site” or “Services”).

This Privacy Policy explains how Elysium Health, Inc. (“Elysium Health”, “we”, “our”, or “us”) collects, uses, processes, and discloses your information.

This Privacy Policy is incorporated into our Terms of Services, which also apply when you use our Site.  By visiting, accessing, or using the Site or accessing, purchasing or using the Services, you agree to the terms in this Privacy Policy and consent to the collection, use, process, disclosure of your personal information and non-identifying information as described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, please cease visiting the Site, do not provide us with your personal information, or otherwise interact with us or the Site.

We reserve the right to modify this Privacy Policy at any time. If we make any material changes to our Privacy Policy, we will provide notice on this Site. We encourage you to periodically review the privacy policy for any modifications. Your use and continued use of any of our service after we post any amendments or modifications to this Privacy Policy will be deemed your acceptance of this Privacy Policy and its changes.  You can determine when this Privacy Policy was last revised by referring to the date it was “last updated” above.

I. Information Collection

What Information We Collect?

General: When you visit and interact with our Site (including when you make a purchase through our Site), we may collect and you consent our collection of some or all of the following information directly from you and automatically as you use our Services:

  • Personal Information that you voluntarily provide to us. “Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you (or your household). It includes such things as name, address, telephone number, email address, date of birth, purchase and ordering history, etc. but does not include publicly available information.
  • Genetic and Health Information. When you purchase, access, and use our at-home test or diagnostic products, including Index, its accompanying saliva kit, and all the related platforms, applications and services (“Elysium Test”), you agree to provide and consent that we may collect the following Personal Information:
    • Saliva sample. To access or use the Index, you must purchase, or receive as a gift, a testing kit, create an online account and register your kit, and ship your saliva sample to our partner laboratory (“Laboratory”). The Laboratory will extract your DNA from your saliva sample for analysis.
    • Genetic Information. “Genetic Information” refers to the genetic and/or epigenetic data including those generated through processing of your saliva by us or by the Laboratory, our contractors, vendors, successors, or assignees, or otherwise processed by and/or contributed to us and includes the results reported to you as part of the Services.
    • Health Data. Health Data refers to the following information you provide when using an Elysium Test or responding to a survey sent by us or our research collaborator, including ethnic origins, ancestry, demographics, health conditions, your family history of those conditions, medication history, known genetic mutations in you or your family members, and lifestyle information.
    DNA and information extracted from saliva sample, Genetic Information and Health Data information is referred to as “Genetic and Health Information”.
  • Non-identifying information we collect when you use the Site. “Non-identifying Information” is information that alone cannot identify you and has not been associated with you.  It includes such things as data from cookies or pixel tags, or data about the device you use to access, use, or interact with our Site, such as your IP address or the type of browser you are using.

Elysium Health may ask you to provide certain Personal Information and Genetic and Health Information at various times and places on the Site. For example, you have the option to provide us with information about yourself including your ethnicity, personal traits, prior medical history, health conditions or other health-related information, physical features such as eye color, behavioral information such as exercise habits, etc. If you provide such information, we will keep and store them and use in accordance with this policy unless and until you ask us to delete them. In some cases, if you choose not to provide us with the requested Personal Information and Genetic and Health Information, you may not be able to access all of the Site or participate in all of its features.

For example, we may collect Personal Information from you when you:

  • Register, subscribe, or create an account with Elysium Health;
  • Purchase products/services from Elysium Health through our Site or via other means;
  • Open or respond to our offers;
  • Contact customer service, or otherwise make use of our customer support tools;
  • Sign-up for our updates, notifications and newsletters;
  • Respond to our or our partners’ surveys or polls;
  • Use our referral program;
  • Use or access to the functions, services and pages of our Site;
  • Connect, link or “share” our Site via social networking sites;
  • Provide ratings or reviews of our products and services;
  • Apply for a job at Elysium Health.

Non-Identifying Information: We may use cookies, web beacons/pixel tags, and other technology (collectively “cookies”) to automatically collect anonymous, non-identifying information about you when you visit our Site or interact with us.

A “cookie” is a small text file that a website’s server places on a computer’s web browser. These cookies may be delivered in a first party or third party context. For example, we may collect information about your browser type and version, operating system, user language, ISP, viewed web pages, links that are clicked, IP address, the presence or absence of “flash” plugs-ins, screen resolution, connection type, sites visited before and after visiting our Site, details about items purchased, and emails we send that you open, forward, or click through to our Site.

It is possible that one or more of our Sites that link to the Privacy Policy utilize flash cookies, otherwise known as local shared objects, to store your preferences or display personalized content based upon what you view on our Site. “Flash cookies” use technology to remember settings, preferences, and usage similar to browser cookies but these are managed through a different interface than your browser and are not disabled from your normal browser settings. Cookie management tools provided by your browser will not remove Flash cookies. Please see the last section under Cookies and Tracking for information on how to disable Flash cookies.

By collecting this Non-Identifying Information we can:

  • Better understand how you interact with us or our Site;
  • Give you a more personal and optimized online experience by tracking your preferences;
  • Improve our Site and services;
  • Fulfill contracts with our business partners;
  • Help confirm receipt of and response to our emails;
  • Provide more effective customer service.

We also use this Non-Identifying Information for the same purpose as your Personal Information set out below.

We may tie your Non-Identifying Information to Personal Information that you provide to us. You can choose NOT to provide us with this Non-Identifying Information by disabling cookies according to the section under Cookies and Tracking, but please be aware that certain portions of the Site may not be available to you if you do so.

II. Information Use

How We Use Your Information?

General Use: We use the Personal Information and Non-Identifying Information we collect for various purposes, including to:

  • Process online purchase orders and keep you informed about the status of your order;
  • Provide customer service (for example, answering your questions or responding to a request);
  • Verify your identity;
  • Establish an online Elysium Health account for you;
  • Operate, perform, analyze, maintain and improve the Site, our services, and our products;
  • Develop new products and/or services;
  • Process, analyze and deliver test results for the currently purchased tests and future applications;
  • Conduct marketing campaigns and targeted online advertising;
  • Communicate and provide additional information that may be of interest to you about Elysium Health and our third party partners (including updates and reminders to new research, future products, and special opportunities), administrative messages, and requested information;
  • Identify your preferences so we can notify you of new or additional products, services, and promotions that might be of interest to you;
  • Validate your ability to access and/or use certain products or services that may only be intended for individuals meeting certain eligibility requirements or criteria, such as health care professionals;
  • Establish your eligibility for special offers or discounts;
  • Determine your qualification for external services from partners;
  • Recruit you for internal or external research;
  • Allow us to use and share your Personal Information for research purposes;
  • Perform analytics and conduct customer research;
  • Allow you to interact with certain third party content providers (for example, to enable you to link to, or view content from, third party sites within our Site, or view our content on a third party site);
  • Administer online surveys or special offers from us or through our third party business partners;
  • Conduct surveys or polls, and obtain testimonials;
  • Enhance other information we have about you to help us better understand you and determine your interests;
  • Ensure network and information security;
  • Determine whether you are a suitable candidate for any open jobs at Elysium Health;
  • Manage our everyday business needs, such as administration of the Site, fulfillment, analytics, fraud prevention, and enforcement of our corporate reporting obligations and Terms of Services, or to comply with the law and regulation. 

We also may use information collected as described in this Privacy Policy with your consent or as otherwise required or permitted by law.

Use of Genetic and Health Information: We understand your Genetic and Health Information may be very sensitive to you, so we will handle such information with extra care. Notwithstanding the purposes for use set forth above, our use of such information is subject to the following restrictions:

  • We may use your Genetic and Health Information for research purposes or to develop new products, but will only do so with your consent. You may refer to Section IV – Research Consent Form for further details.
  • We will NOT use your Genetic and Health Information for marketing or advertising purposes, for example we will NOT use your Genetic and Health Information to conduct marketing campaigns and targeted online advertising, or to send you marketing notifications or special offers.

Resume Submission: Elysium Health may post available jobs on the Site and allows you to submit your resume to us.  Elysium Health may ask for your name, street address, phone number, e-mail address, position applied for, education, work experience, skills, etc. (“Personal Recruitment Information”). The Personal Recruitment Information and the resume you submit will be used by Elysium Health to determine whether you would be a good candidate for the requested job.  The Personal Recruitment Information may be saved in our files in case you would be a good candidate for a future job. The Personal Recruitment Information will be shared on a need-to-know basis, and will not be given to any third parties other than our service providers who process information on our behalf.

Social Networking: Certain social media features available on our Site may be hosted by third party sites. For example, some social networking services allow you to share products and services from our Site via your social networking profile. Our Site also allows you to apply for available jobs at Elysium Health through your LinkedIn account. If you choose to make use of third party social media services (such as Facebook, Twitter, or LinkedIn), we may receive Personal Information about you, such as your name and email address that you have made available through those services. We encourage you to visit those third party social networking services’ privacy policies and review your privacy settings directly on those services. Any information we receive through third party social media services may be used as described in this policy.

III. Information Disclosure

Under Which Circumstances Your Personal Information and the Non-Identifying Information May Be Shared?

Elysium Health is committed to keeping your Personal Information confidential.  We do not sell to third parties your Personal Information collected on the Site.

We may share your Personal Information as required by law or as follows:

  • With any Elysium Health affiliate, which may only use your Personal Information for the purposes described in this Privacy Policy;
  • With our vendors, contractors and partners (including Laboratory) as necessary for them to provide their services to us and help us perform, provide, analyze and improve our services and products, including without limitation processing and fulfilling orders, data analytics and storage;
  • Assistance with our and third party partners’ direct marketing and advertising;
  • Assistance with our distribution of emails and other communications, fraud prevention services, delivery and logistics, Site improvement and operation, and to accomplish the other purposes for information collection and use described above under Sections I and II;
  • We may include your de-identified Personal Information in our research database;
  • In the event we or any of our affiliates file for bankruptcy, or where there is a transfer of ownership (or assets) in connection with proposed or consummated corporate reorganizations of Elysium Health or any of our affiliates, such as mergers, acquisitions, or sales of business units;
  • To comply with legal orders and government requests, or as needed to support auditing, compliance, and corporate governance functions;
  • To combat fraud or criminal activity, and to protect our rights or those of our affiliates, users, and business partners, or as part of legal proceedings affecting Elysium Health;
  • In response to a subpoena, court order, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States and other countries where we operate;
  • With your consent, we may share your de-identified Personal Information in our research with third party collaborators. We may engage in research with third parties like universities, hospitals, health systems, government institutions, or private companies to develop new tests, applications, products or services, validate technologies, or improve existing technologies or processes.
  • With your consent, we may also include your de-identified Personal Information in relevant publications.
  • With your consent for other purposes.

We may also disclose Non-Identifying Information:

  • For the same reasons we might share Personal Information;
  • With third party partners for their own research, analysis and marketing purposes;
  • With third-party advertisers or other vendors to place our advertisements on third-party sites, to facilitate targeted content, and to analyze the effectiveness of our advertisements.

Access to your Personal Information is limited by need. Only a restricted number of Elysium Health employees, and individuals and entities with whom Elysium Health contracts to carry out business will have access to your Personal Information for the purposes described above.

Our third party advertising, web analytics and other partners may use cookies to collect Non-Identifying Information about your visit to our Site and other sites. These advertisers and web analytics service providers collect Non-Identifying Information in order to, among other things, deliver ads that are targeted to your interests and to better understand the usage and visits to our Site and other websites tracked by these third parties.

This Privacy Policy does not cover the collection methods or use of the information collected by any third party companies (including third party advertisers and web analytics service providers), and Elysium Health is not responsible for cookies in third party ads. We encourage you to review the privacy policies or statements of these third party companies to learn more about their use of cookies and other similar technologies.

How Your Genetic Information Will Be Shared?

When we share your Genetic Information, we will de-identify such information by, for example, assigning a random ID. Without your express consent, we will NOT share any of your Genetic Information to any third parties for developing new products or research purposes. Even with your consent, we will only share the de-identified version of your Genetic Information for the aforementioned development and unless you agree otherwise.

IV. Research Consent Form

As mentioned above, we may use and/or share your de-identified Personal Information for internal and/or external research purposes with your consent. You may refer to the Research Consent Form by clicking here for details. If you consent to our use of your de-identified Personal Information for research purposes, we may use and aggregate it and may further use and share such de-identified and aggregated information for research purposes without separately obtaining your explicit consent. “Aggregate information” means information that relates to a group or category of consumers, from which your identity has been removed, that is not linked or reasonably linkable to you or your household. One example of the aggregate information would be “approximately one-third of the 11,432 participants in the National Health and Nutrition Examination Survey (NHANES IV) reported a cumulative biological rate of aging within 5% of their chronological age.”

V. Your California Privacy Rights

If you are a California resident, starting January 1, 2020, you are entitled under the law to request and obtain from us no more than twice in a twelve (12) month period information regarding the collection, use and disclosure (including the purposes) of your Personal Information. To make such a request, please send an e-mail to [email protected] with “Request for California Privacy Information” on the subject line or call (888) 220-6436.

Specifically, you are entitled to request and obtain from us the following information:

  • The categories and specific pieces of your Personal Information that we collected;
  • The categories of sources from which we collected your Personal Information;
  • The categories of your Personal Information that we disclosed or shared;
  • The business or commercial purposes for collecting or disclosing your Personal Information.

We will disclose and deliver the above information to you free of charge within 45 days of receiving a verifiable request from you. If reasonably necessary, we will extend the above time period to provide you the requested information by an additional 45 days, but before we do so, we will provide you a notice for the extension. Our disclosure will cover the 12-month period preceding our receipt of the verifiable request from you (e.g., requests made in January 2019 will receive information regarding the disclosure in 2018).

In some cases, we may be unable to fulfill your request because we have no way to verify your identity to the standard the law requires. For example (but without limitation), if you have visited our Site, but never left a comment, completed a purchase or a financial transaction with us, or interacted with us via email or other means, we probably do not have enough information to confirm your identity to even a reasonable degree of certainty. Also, applicable law may provide certain exemptions to the rights summarized herein (particularly with regard to the deletion of your personal information).

We are dedicated to treating your Personal Information with care and respect. We do not sell your Personal Information to third parties for their own direct marketing use.

VI. Choices

Withdrawal of Consent and Deletion: You may withdraw the consent to this Privacy Policy or to the collection, use, processing and disclosure of your Personal Information and request the deletion of your Personal Information and your account by contacting us at any time. If your Personal Information is deleted, you will no longer have access through the Site or Services to your Personal Information. Your withdrawal will not affect the lawfulness of our collection, use, processing and disclosure based on consent before your withdrawal (e.g. your information will not be removed from ongoing or completed research studies which started before we receive your request to delete your Personal Information).

Once you confirm your request, this process cannot be cancelled, undone, withdrawn, or reversed. When your account is deleted, all associated Personal Information is deleted and any stored samples are discarded, subject to the following limitations:

  • Information Previously Included in Research. The saliva sample, Genetic Information and/or other information that you have previously provided and for which you have given consent to use in our research cannot be removed from completed studies that use that information. Your data will not be included in studies and research that start more than 30 days after your account is closed (it may take up to 30 days to withdraw your information after your account is closed).
  • Legal Retention Requirements. Elysium Health, Laboratory and our partners/vendors will retain your Personal Information, Genetic Information, date of birth, sex, and other Personal Information as required for compliance with applicable legal obligations, including, as applicable, the federal Clinical Laboratory Improvement Amendments of 1988 (CLIA) and CA Business and Professional Code Section 1265 and CAP accreditation requirements. Elysium Health will also retain limited information related to your account and data deletion request, including but not limited to, your email address, account deletion request identifier, and record of legal agreements for a limited period of time as required by contractual obligations, and/or as necessary for the establishment, exercise or defense of legal claims and for audit and compliance purposes.
  • Other Legally Allowed Purposes. We may also maintain your Personal Information in order to complete transaction for which your Personal Information is collected, detect illegal activity, debug to identity and repair errors, exercise right provided by law, or conduct any other activities permitted under the law.

Commercial Emails: You may choose to opt-out of receiving commercial emails from us by following the instructions contained in any of the commercial e-mails we send.  Please note that even if you unsubscribe from commercial email messages, we may still email you non-commercial emails related to your account and your transactions on the Site.  Also, please allow us 10 business days from when the request was received to complete the removal.  You may update your account preferences at any time.  If you wish to opt-out of receiving offers directly from our third-party business partners, you can follow the instructions in the emails that they send you.

Cookies and Tracking: You can disable cookies at any time by adjusting your browser settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available.

To disable “flash cookies,” you can adjust the setting of your Flash player to block Flash cookies using the tools contained in your website storage settings panel.  More information can be found on Adobe’s website.   

Please be aware, however, that if you turn off cookies, you will not be able to take full advantage of all of our Site features. For example, we will not be able to recognize you as a registered user to allow you access to your account information.

Access and Correction: If you wish to access, correct, modify or update any personal information we have received, please contact [email protected] or call (888) 220-6436. Also, if you are a registered user, you can access your account at any time to correct, modify or update your account information.

VII. Other Sites

This Privacy Policy only addresses the collection, use, and disclosure of information by Elysium Health through your visit, use and interaction with the Site. However, our Site may contain links to other sites that are not owned or controlled by us, such as social networking sites, and links to retailers’ sites and e-commerce sites that sell our products or services. The Privacy Policy does not address nor do we control or have responsibility for the policies or practices of any third parties or any third-party sites to which this Site links. If you provide any information to such third parties, different rules regarding the collection, use and disclosure of your personal information may apply.  We strongly suggest you review such third party's privacy policies before providing any data to them. These other sites may send their own cookies or clear GIFs to users, collect data or solicit personal information.  We cannot control this collection of information. You should contact these entities directly if you have any questions about their privacy practices.

VIII. Security

Elysium Health takes appropriate steps to manage the privacy of your Personal Information, Genetic and Health Information and the security of the Site. We have implemented commercially reasonable administrative, technical, and physical security controls that are designed to safeguard Personal Information and Genetic and Health Information.  Still, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, Elysium Health cannot guarantee that your Personal Information and Genetic and Health Information is under absolute security with the existing security technology. If you have any questions about the security of our Site, or wish to report a breach of your Personal Information, you can contact us at [email protected].

IX. Retention Policy

Elysium Health retains your Personal Information and Genetic and Health Information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law or to fulfill a legal obligation. For customers purchasing, accessing, and using Elysium Test, Laboratory stores de-identified raw data generated from your saliva samples for 3 months before the samples are destroyed (after we ensure quality control) and we will store your data (including your Genetic Information) permanently or as permitted by the law, but you may request deletion of your data as set forth under this Privacy Policy at any time. You consent to sample and data storage and additional analyses by us and our third party partners (including Laboratory).

X. Children Privacy

Our Site, services and products are designed and intended for adults. By using our Site, you represent that you are at least 18 years old and understand that you must be at least 18 years old in order to create an account and purchase the products through our Site. If we obtain actual knowledge that an account is associated with a registered user who is not at least 18 years old, we will promptly delete information associated with that account. If you are a parent or guardian of a child under the age of 18 and believe he or she has disclosed personally identifiable information to us, please contact us at [email protected]. A parent or guardian of a child under the age of 18 may review and request deletion of such child’s personally identifiable information as well as prohibit the use thereof.

XI. International Users

The Site (including the relevant services) is only intended for the residents in the United States. If you reside in a country outside the United States, please note that the data protection and privacy laws of the United States may not be as protective as the laws in your country. You are solely responsible for compliance with foreign laws, not Elysium Health, when you provide your Personal Information and use the Site from outside the United States. You agree that the laws of the United States will govern the processing of your personal information, including any obligations of security and third-party sharing.

XII. Contact Us

If you have any questions, comments or complaints about our privacy practices or this Privacy Policy, please contact us by calling (888) 220-6436, by email at [email protected], or by direct mail at Elysium Health at 434 Broadway, 2nd Floor, New York, NY 10013.