Last Updated: December 17, 2019
I. Information Collection
What Information We Collect?
General: When you visit and interact with our Site (including when you make a purchase through our Site), we may collect and you consent our collection of some or all of the following information directly from you and automatically as you use our Services:
- Personal Information that you voluntarily provide to us. “Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you (or your household). It includes such things as name, address, telephone number, email address, date of birth, purchase and ordering history, etc. but does not include publicly available information.
- Genetic and Health Information. When you purchase, access, and use our at-home test or diagnostic products, including Index, its accompanying saliva kit, and all the related platforms, applications and services (“Elysium Test”), you agree to provide and consent that we may collect the following Personal Information:
- Saliva sample. To access or use the Index, you must purchase, or receive as a gift, a testing kit, create an online account and register your kit, and ship your saliva sample to our partner laboratory (“Laboratory”). The Laboratory will extract your DNA from your saliva sample for analysis.
- Genetic Information. “Genetic Information” refers to the genetic and/or epigenetic data including those generated through processing of your saliva by us or by the Laboratory, our contractors, vendors, successors, or assignees, or otherwise processed by and/or contributed to us and includes the results reported to you as part of the Services.
- Health Data. Health Data refers to the following information you provide when using an Elysium Test or responding to a survey sent by us or our research collaborator, including ethnic origins, ancestry, demographics, health conditions, your family history of those conditions, medication history, known genetic mutations in you or your family members, and lifestyle information.
- Non-identifying information we collect when you use the Site. “Non-identifying Information” is information that alone cannot identify you and has not been associated with you. It includes such things as data from cookies or pixel tags, or data about the device you use to access, use, or interact with our Site, such as your IP address or the type of browser you are using.
Elysium Health may ask you to provide certain Personal Information and Genetic and Health Information at various times and places on the Site. For example, you have the option to provide us with information about yourself including your ethnicity, personal traits, prior medical history, health conditions or other health-related information, physical features such as eye color, behavioral information such as exercise habits, etc. If you provide such information, we will keep and store them and use in accordance with this policy unless and until you ask us to delete them. In some cases, if you choose not to provide us with the requested Personal Information and Genetic and Health Information, you may not be able to access all of the Site or participate in all of its features.
For example, we may collect Personal Information from you when you:
- Register, subscribe, or create an account with Elysium Health;
- Purchase products/services from Elysium Health through our Site or via other means;
- Open or respond to our offers;
- Contact customer service, or otherwise make use of our customer support tools;
- Sign-up for our updates, notifications and newsletters;
- Respond to our or our partners’ surveys or polls;
- Use our referral program;
- Use or access to the functions, services and pages of our Site;
- Connect, link or “share” our Site via social networking sites;
- Provide ratings or reviews of our products and services;
- Apply for a job at Elysium Health.
A “cookie” is a small text file that a website’s server places on a computer’s web browser. These cookies may be delivered in a first party or third party context. For example, we may collect information about your browser type and version, operating system, user language, ISP, viewed web pages, links that are clicked, IP address, the presence or absence of “flash” plugs-ins, screen resolution, connection type, sites visited before and after visiting our Site, details about items purchased, and emails we send that you open, forward, or click through to our Site.
By collecting this Non-Identifying Information we can:
- Better understand how you interact with us or our Site;
- Give you a more personal and optimized online experience by tracking your preferences;
- Improve our Site and services;
- Fulfill contracts with our business partners;
- Help confirm receipt of and response to our emails;
- Provide more effective customer service.
We also use this Non-Identifying Information for the same purpose as your Personal Information set out below.
We may tie your Non-Identifying Information to Personal Information that you provide to us. You can choose NOT to provide us with this Non-Identifying Information by disabling cookies according to the section under Cookies and Tracking, but please be aware that certain portions of the Site may not be available to you if you do so.
II. Information Use
How We Use Your Information?
General Use: We use the Personal Information and Non-Identifying Information we collect for various purposes, including to:
- Process online purchase orders and keep you informed about the status of your order;
- Provide customer service (for example, answering your questions or responding to a request);
- Verify your identity;
- Establish an online Elysium Health account for you;
- Operate, perform, analyze, maintain and improve the Site, our services, and our products;
- Develop new products and/or services;
- Process, analyze and deliver test results for the currently purchased tests and future applications;
- Conduct marketing campaigns and targeted online advertising;
- Communicate and provide additional information that may be of interest to you about Elysium Health and our third party partners (including updates and reminders to new research, future products, and special opportunities), administrative messages, and requested information;
- Identify your preferences so we can notify you of new or additional products, services, and promotions that might be of interest to you;
- Validate your ability to access and/or use certain products or services that may only be intended for individuals meeting certain eligibility requirements or criteria, such as health care professionals;
- Establish your eligibility for special offers or discounts;
- Determine your qualification for external services from partners;
- Recruit you for internal or external research;
- Allow us to use and share your Personal Information for research purposes;
- Perform analytics and conduct customer research;
- Allow you to interact with certain third party content providers (for example, to enable you to link to, or view content from, third party sites within our Site, or view our content on a third party site);
- Administer online surveys or special offers from us or through our third party business partners;
- Conduct surveys or polls, and obtain testimonials;
- Enhance other information we have about you to help us better understand you and determine your interests;
- Ensure network and information security;
- Determine whether you are a suitable candidate for any open jobs at Elysium Health;
- Manage our everyday business needs, such as administration of the Site, fulfillment, analytics, fraud prevention, and enforcement of our corporate reporting obligations and Terms of Services, or to comply with the law and regulation.
Use of Genetic and Health Information: We understand your Genetic and Health Information may be very sensitive to you, so we will handle such information with extra care. Notwithstanding the purposes for use set forth above, our use of such information is subject to the following restrictions:
- We may use your Genetic and Health Information for research purposes or to develop new products, but will only do so with your consent. You may refer to Section IV – Research Consent Form for further details.
- We will NOT use your Genetic and Health Information for marketing or advertising purposes, for example we will NOT use your Genetic and Health Information to conduct marketing campaigns and targeted online advertising, or to send you marketing notifications or special offers.
Resume Submission: Elysium Health may post available jobs on the Site and allows you to submit your resume to us. Elysium Health may ask for your name, street address, phone number, e-mail address, position applied for, education, work experience, skills, etc. (“Personal Recruitment Information”). The Personal Recruitment Information and the resume you submit will be used by Elysium Health to determine whether you would be a good candidate for the requested job. The Personal Recruitment Information may be saved in our files in case you would be a good candidate for a future job. The Personal Recruitment Information will be shared on a need-to-know basis, and will not be given to any third parties other than our service providers who process information on our behalf.
Social Networking: Certain social media features available on our Site may be hosted by third party sites. For example, some social networking services allow you to share products and services from our Site via your social networking profile. Our Site also allows you to apply for available jobs at Elysium Health through your LinkedIn account. If you choose to make use of third party social media services (such as Facebook, Twitter, or LinkedIn), we may receive Personal Information about you, such as your name and email address that you have made available through those services. We encourage you to visit those third party social networking services’ privacy policies and review your privacy settings directly on those services. Any information we receive through third party social media services may be used as described in this policy.
III. Information Disclosure
Under Which Circumstances Your Personal Information and the Non-Identifying Information May Be Shared?
Elysium Health is committed to keeping your Personal Information confidential. We do not sell to third parties your Personal Information collected on the Site.
We may share your Personal Information as required by law or as follows:
- With our vendors, contractors and partners (including Laboratory) as necessary for them to provide their services to us and help us perform, provide, analyze and improve our services and products, including without limitation processing and fulfilling orders, data analytics and storage;
- Assistance with our and third party partners’ direct marketing and advertising;
- Assistance with our distribution of emails and other communications, fraud prevention services, delivery and logistics, Site improvement and operation, and to accomplish the other purposes for information collection and use described above under Sections I and II;
- We may include your de-identified Personal Information in our research database;
- In the event we or any of our affiliates file for bankruptcy, or where there is a transfer of ownership (or assets) in connection with proposed or consummated corporate reorganizations of Elysium Health or any of our affiliates, such as mergers, acquisitions, or sales of business units;
- To comply with legal orders and government requests, or as needed to support auditing, compliance, and corporate governance functions;
- To combat fraud or criminal activity, and to protect our rights or those of our affiliates, users, and business partners, or as part of legal proceedings affecting Elysium Health;
- In response to a subpoena, court order, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States and other countries where we operate;
- With your consent, we may share your de-identified Personal Information in our research with third party collaborators. We may engage in research with third parties like universities, hospitals, health systems, government institutions, or private companies to develop new tests, applications, products or services, validate technologies, or improve existing technologies or processes.
- With your consent, we may also include your de-identified Personal Information in relevant publications.
- With your consent for other purposes.
We may also disclose Non-Identifying Information:
- For the same reasons we might share Personal Information;
- With third party partners for their own research, analysis and marketing purposes;
- With third-party advertisers or other vendors to place our advertisements on third-party sites, to facilitate targeted content, and to analyze the effectiveness of our advertisements.
Access to your Personal Information is limited by need. Only a restricted number of Elysium Health employees, and individuals and entities with whom Elysium Health contracts to carry out business will have access to your Personal Information for the purposes described above.
How Your Genetic Information Will Be Shared?
When we share your Genetic Information, we will de-identify such information by, for example, assigning a random ID. Without your express consent, we will NOT share any of your Genetic Information to any third parties for developing new products or research purposes. Even with your consent, we will only share the de-identified version of your Genetic Information for the aforementioned development and unless you agree otherwise.
IV. Research Consent Form
As mentioned above, we may use and/or share your de-identified Personal Information for internal and/or external research purposes with your consent. You may refer to the Research Consent Form by clicking here for details. If you consent to our use of your de-identified Personal Information for research purposes, we may use and aggregate it and may further use and share such de-identified and aggregated information for research purposes without separately obtaining your explicit consent. “Aggregate information” means information that relates to a group or category of consumers, from which your identity has been removed, that is not linked or reasonably linkable to you or your household. One example of the aggregate information would be “approximately one-third of the 11,432 participants in the National Health and Nutrition Examination Survey (NHANES IV) reported a cumulative biological rate of aging within 5% of their chronological age.”
V. Your California Privacy Rights
If you are a California resident, starting January 1, 2020, you are entitled under the law to request and obtain from us no more than twice in a twelve (12) month period information regarding the collection, use and disclosure (including the purposes) of your Personal Information. To make such a request, please send an e-mail to [email protected] with “Request for California Privacy Information” on the subject line or call (888) 220-6436.
Specifically, you are entitled to request and obtain from us the following information:
- The categories and specific pieces of your Personal Information that we collected;
- The categories of sources from which we collected your Personal Information;
- The categories of your Personal Information that we disclosed or shared;
- The business or commercial purposes for collecting or disclosing your Personal Information.
We will disclose and deliver the above information to you free of charge within 45 days of receiving a verifiable request from you. If reasonably necessary, we will extend the above time period to provide you the requested information by an additional 45 days, but before we do so, we will provide you a notice for the extension. Our disclosure will cover the 12-month period preceding our receipt of the verifiable request from you (e.g., requests made in January 2019 will receive information regarding the disclosure in 2018).
In some cases, we may be unable to fulfill your request because we have no way to verify your identity to the standard the law requires. For example (but without limitation), if you have visited our Site, but never left a comment, completed a purchase or a financial transaction with us, or interacted with us via email or other means, we probably do not have enough information to confirm your identity to even a reasonable degree of certainty. Also, applicable law may provide certain exemptions to the rights summarized herein (particularly with regard to the deletion of your personal information).
We are dedicated to treating your Personal Information with care and respect. We do not sell your Personal Information to third parties for their own direct marketing use.
Once you confirm your request, this process cannot be cancelled, undone, withdrawn, or reversed. When your account is deleted, all associated Personal Information is deleted and any stored samples are discarded, subject to the following limitations:
- Information Previously Included in Research. The saliva sample, Genetic Information and/or other information that you have previously provided and for which you have given consent to use in our research cannot be removed from completed studies that use that information. Your data will not be included in studies and research that start more than 30 days after your account is closed (it may take up to 30 days to withdraw your information after your account is closed).
- Legal Retention Requirements. Elysium Health, Laboratory and our partners/vendors will retain your Personal Information, Genetic Information, date of birth, sex, and other Personal Information as required for compliance with applicable legal obligations, including, as applicable, the federal Clinical Laboratory Improvement Amendments of 1988 (CLIA) and CA Business and Professional Code Section 1265 and CAP accreditation requirements. Elysium Health will also retain limited information related to your account and data deletion request, including but not limited to, your email address, account deletion request identifier, and record of legal agreements for a limited period of time as required by contractual obligations, and/or as necessary for the establishment, exercise or defense of legal claims and for audit and compliance purposes.
- Other Legally Allowed Purposes. We may also maintain your Personal Information in order to complete transaction for which your Personal Information is collected, detect illegal activity, debug to identity and repair errors, exercise right provided by law, or conduct any other activities permitted under the law.
Commercial Emails: You may choose to opt-out of receiving commercial emails from us by following the instructions contained in any of the commercial e-mails we send. Please note that even if you unsubscribe from commercial email messages, we may still email you non-commercial emails related to your account and your transactions on the Site. Also, please allow us 10 business days from when the request was received to complete the removal. You may update your account preferences at any time. If you wish to opt-out of receiving offers directly from our third-party business partners, you can follow the instructions in the emails that they send you.
Cookies and Tracking: You can disable cookies at any time by adjusting your browser settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available.
To disable “flash cookies,” you can adjust the setting of your Flash player to block Flash cookies using the tools contained in your website storage settings panel. More information can be found on Adobe’s website.
Please be aware, however, that if you turn off cookies, you will not be able to take full advantage of all of our Site features. For example, we will not be able to recognize you as a registered user to allow you access to your account information.
Access and Correction: If you wish to access, correct, modify or update any personal information we have received, please contact [email protected] or call (888) 220-6436. Also, if you are a registered user, you can access your account at any time to correct, modify or update your account information.
VII. Other Sites
Elysium Health takes appropriate steps to manage the privacy of your Personal Information, Genetic and Health Information and the security of the Site. We have implemented commercially reasonable administrative, technical, and physical security controls that are designed to safeguard Personal Information and Genetic and Health Information. Still, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, Elysium Health cannot guarantee that your Personal Information and Genetic and Health Information is under absolute security with the existing security technology. If you have any questions about the security of our Site, or wish to report a breach of your Personal Information, you can contact us at [email protected].
IX. Retention Policy
X. Children Privacy
Our Site, services and products are designed and intended for adults. By using our Site, you represent that you are at least 18 years old and understand that you must be at least 18 years old in order to create an account and purchase the products through our Site. If we obtain actual knowledge that an account is associated with a registered user who is not at least 18 years old, we will promptly delete information associated with that account. If you are a parent or guardian of a child under the age of 18 and believe he or she has disclosed personally identifiable information to us, please contact us at [email protected]. A parent or guardian of a child under the age of 18 may review and request deletion of such child’s personally identifiable information as well as prohibit the use thereof.
XI. International Users
The Site (including the relevant services) is only intended for the residents in the United States. If you reside in a country outside the United States, please note that the data protection and privacy laws of the United States may not be as protective as the laws in your country. You are solely responsible for compliance with foreign laws, not Elysium Health, when you provide your Personal Information and use the Site from outside the United States. You agree that the laws of the United States will govern the processing of your personal information, including any obligations of security and third-party sharing.
XII. Contact Us