- interact or use our Website; or
- if you use any of our products, services or our Website (including any trial) (collectively the “Services”) in any manner.
PLEASE NOTE THAT WE DO NOT SELL AND WILL NOT SELL ANY OF YOUR PERSONAL DATA.
This policy covers any services being provided by Company.
Company will ensure that all personal data that it holds will be:
- processed lawfully, fairly and in a transparent manner;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary;
- accurate and kept up to date;
- kept in a form which permits identification of data subjects for no longer than is necessary;
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.
2.1 Types of information we collect
When you visit our Website, we may collect personal data from you in order to allow us to provide certain Services and to communicate with you including but limited to responding to your questions or to provide general information to you and for you regarding our Services or products. We will use this data in connection with your visit to our website(s).
You may, for example, provide us with your personal data when you:
- communicate with us through the “Contact Us” link on our Website;
- information you provide on product order forms; and
- register with us through the Website.
The personal data that we collect from you include: your name; email address; telephone number; and shipping address for product delivery. We may also collect medical data or data relating to your medical history that you voluntarily provide during the Services.
If you buy our Services, we will also collect certain health, test, and biometric information, including, but not limited to, blood biomarker data, blood test results, height, weight, ethnicity, and heart rate.
We may also automatically collect data about you, such as technical information about your computer or internet browser. Data may also be collected about you indirectly through monitoring activities which will be conducted by or on our behalf in accordance with relevant legislation or regulatory requirements (for example, monitoring e-mails that we receive from you or recording telephone calls when you contact us).
We will process your personal data for the purposes listed above on the basis of one or more of the following:
- the processing is necessary for the performance of a contract or for entering into a contract with you. Please note that where this is the case, we may not be able to perform or enter into a contract with you unless you provide your personal data;
- the processing is necessary to comply with a legal obligation; and
- you have given your consent (where we rely on this legal basis, we will always seek to obtain your consent separately as and when necessary).
2.2 Information collected while using our products
As part of some of our biomarker testing Services, you must purchase or, as the case may be, receive as a gift, one of our test kits. After receipt of the test, you must ensure that you have registered for Services using the Website and you must also ship your biologic specimen to us or our designated recipient. As part of the registration process and participation in the Services, you will be asked to review our Informed Consent. You may also upload existing blood test results from tests ordered by your doctor or primary care provider.
Please note that during the Services, your biologic specimen, for which you have voluntarily provided to us, will be analyzed for the evaluation of the biomarkers related to aging and age-related diseases. The results of your testing will be reported to you as part of the Services and such results may also be used for purposes and in a format as described herein and in the Informed Consent. We may use the results in a de-identified, aggregated way for our own research.
If you have purchased our Services as a gift for a third-party, any information you provide about the gift recipient will be used only as needed to deliver the gift. Your gift recipient must register on their own for the Services. The gift recipient also must provide their own biologic specimen or data depending on the Service selected. The gift recipient must provide their own consent. No one else can consent for them. We will not share any personal data of the gift recipient with you.
2.3 How we collect your information
Purposes of collection of personal data:
- Providing our product and Services
- Improving and personalizing services
- Marketing Services
- Market research
- For purposes as described in the Informed Consent Form
Company collects information in different ways. Directly from you or from your company. For example, when you:
- Log into your Company account
- Make a purchase on our Website
- Sign up to receive promotional emails or text messages (including offers and sales alerts).
- Participate in one of our surveys or focus groups.
- Use the Ratings & Reviews or related services and features.
- Submit a request to our Customer Service team.
- Visit and navigate Company’s Website on any device.
- Interact with Company’s social media pages, including but not limited to Facebook, Twitter, YouTube and Instagram.
- Combine information we collect about you from the different devices you use to access our Website.
2.3.1 Collection of personal data by automated means
Information that is passively collected:
Cookies and similar technologies:
- These “cookies” and other similar technologies like pixels, web beacons (also known as “clear GIFs”) and local storage may be used to collect information about how you use the Services and provide features to you.
- Information provided by these cookies are essential to help us provide the Services in a manner that is adapted to each user’s specific needs. We believe that such means are fair, lawful, and proportional to the legitimate interest and needs of our business, and that our methodology fairly addresses each user’s legitimate rights and expectations in view of the context and purpose for the collection and use of the information collected.
Mobile Device Unique Identifier
- When you use a mobile device to connect to our Services or Website via a service provider that uniquely identifies your mobile device, we may use this unique identifier to offer you extended services and/or functionality. Certain Services may require the collection of your mobile phone number. We may associate that mobile phone number with the mobile device unique identifier.
Log file information:
- Log file information may be automatically reported by your browser each time you make a request to access (i.e., visit) the Services. It can also be provided when the content of the Services is downloaded to your browser or device.
- When you use the Website, our servers automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Website domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent to our Users which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Services.
Strictly Necessary Cookies:
- Necessary cookies are used for the purpose of authentication and providing data security. These cookies are necessary for Our Website to work and enable us to distinguish users and enable you to use its services and features. Disabling these cookies will encumber Our Website’s performance and may make these services and features unavailable. These cookies may include the following:
- These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
Analytics or Performance Cookies:
- These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Website. They help us to know which pages are the most and least popular and see how visitors move around the Website All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our Website and will not be able to monitor its performance.
Targeting or Advertising Cookies
- These cookies will usually be third-party cookies, although if a user is visiting the advertising network’s own website it is technically possible these could be first party. They will always be persistent but time-limited cookies. These cookies can be associated with services provided by the third-party, but this is not always the case. These cookies contain a unique key that is able to distinguish individual user’s browsing habits or store code that can be translated into a set of browsing habits or preferences using information stored elsewhere.
2.4 How we use your information
The following are the examples of how we may use your information for the legitimate interest of our business which include:
- To Understand Your Interests. For example, we may use your information to better understand what products interest you based on information we collect about you and your household.
- To Improve Our Products and Services. We may use your information to enhance our Platforms and services to serve you better.
- To Respond to Your Requests or Questions. This may include responding to your customer feedback.
- For Security Purposes. This could include protecting our company and our customers. It may also include protecting our Platforms.
- For Marketing Purposes. We may provide you with information about new products and special offers. We may use your information to serve you ads about products and offers. We may tell you about new features or updates. These might be third-party offers or products we think you might find interesting.
- To Support Our Products and Services. This could include fulfilling your requests for products or services. It could also include processing purchases.
- Law or regulatory obligations. Certain laws and regulations require us to maintain and disclose collected information.
- Direct Sellers’ customer component
- As described in the Informed Consent Form
As detailed above in the “Information collected while using our products” Section, after you have registered for the Services and returned your biologic specimen to us or our designated recipient, we will evaluate your biologic specimen. For clarity, this biologic specimen will be used for the evaluation of the biomarkers related to aging and age-related diseases. We may further analyze such information resulting from the Services to provide you with our health and biomarker reports depending on the Service you have purchased from us. If you are eligible to receive additional reports or updates in the future, you may be notified of or may directly access these updates.
For individuals located in jurisdictions requiring a legal basis for the processing of your sensitive information, we will rely on your consent. You may withdraw your consent at any time by contacting us using the information provided below in the “How to Contact Us Section”; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
We may use non-identifiable, anonymous data that is based on users’ access or use of the Services (which shall include anonymized information generated from your biological specimen and any self-reported information) that may be used by us to improve the Services. We may also use anonymized data based on your use of the Services, including de-identified health data and combine such de-identified data with data or other anonymous data (“Aggregate Data”). Aggregate Data may include information that describes the habits, usage patterns, survey responses and/or demographic information of users as a group but does not identify any particular users. We may provide anonymized data and Aggregate Data to our third-party collaborators and partners. For clarity, no identifying information will be shared without your prior knowledge and consent.
2.5 How we share your information
We, like many businesses, operate back office IT functions. From time to time, we may also need to transfer your personal data to third parties in other countries where we do business or have a service provider. Such countries may not have the same data protection laws as the USA or European Union or the country in which you reside.
When transferring your personal data, we will take all appropriate steps to provide an adequate level of protection for your personal data in accordance with relevant legislation. These steps may include exercising audit and inspection activities in respect of the actions of those third parties in connection with the use of your personal data.
If at any time you wish that we cease any activity that affects you, please contact us as indicated in the “How to Contact Us” Section below.
We may disclose/share your information in the following ways:
- On our Platforms. For example, we may display information you post on our Ratings & Reviews feature.
- With Our Business Partners. For example, this may include third parties that provide products and services related to our business. It may also include a third party that co-sponsors a contest or promotion.
- With Third Parties for Marketing Purposes. This may include third parties in whose products or services we believe you may be interested. These third parties may also share your information with others.
- With Our Service Providers. We may share your information with third parties who perform services on our behalf. For example, this may include vendors and payment processors. It may also include companies that send emails on our behalf.
- Government, courts, and Law enforcement. We will access, preserve, and share any information about you, without your consent, to government or law enforcement officials or private parties as we in good faith believe necessary or appropriate to respond to claims and legal process (including, but not limited to, subpoenas), to comply with applicable laws, to protect the property and rights of Company, you or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to pose a risk of being, or is illegal, unethical or legally actionable. This may include responding to legal requests from jurisdictions outside of the United States where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm
2.6 How we store your information
Although we implement reasonable administrative, physical and electronic security measures designed to protect your personal data from unauthorized access, we cannot ensure the security of any information you transmit to or guarantee that this information will not be accessed, disclosed, altered, or destroyed. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored personal data. To the extent the law of your jurisdiction allows for notification of a breach via e-mail or conspicuous posting on the Services, you agree to accept notice in that form.
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulation may set a minimum period for which we have to keep your personal data.
2.7 How we protect your information
While no data transmission over the internet is 100% secure, we are committed to protecting the information we receive from you. We take appropriate security measures to protect your information against unauthorized access to or unauthorized alteration, disclosure or destruction of data. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we maintain appropriate physical, electronic, and managerial procedures to safeguard and secure the information and data stored on our system.
Our staff are trained in how to keep your information safe and secure. We use secure systems and buildings to hold your information. We aim to only keep your information for as long as we need it.
We will maintain data security by protecting the confidentiality, integrity and availability of the Personal Data, defined as follows:
Confidentiality: only people who are authorized to use the data can access them;
Integrity: Personal Data should be accurate and suitable for the purpose for which they are processed;
Availability: authorized users should be able to access the data if they need it for authorized purposes.
2.8 How we dispose your information
Our goal is to retain your information for “no longer than necessary for the purposes that we collect and use data”; Upon the expiry of such data retention period, or when a data subject exercises their right to have their personal data erased, we shall use commercially reasonable efforts to delete, destroy, or otherwise securely dispose of personal data of as follows:
- Personal data stored electronically (including any and all backups thereof) shall be deleted.
- Special category personal data stored electronically (including any and all backups thereof) shall be deleted.
- Personal data stored in hardcopy form shall be shredded if not required.
- Special category personal data stored in hardcopy form shall be shredded straight away if no longer required.
2.9 Individual’s rights (Data subject rights)
The EU General Data Protection Regulation (GDPR) grants individuals who are in the European Union and European Economic Area (EU/EEA) the certain rights, with some limitations. The Data Protection Officer will establish a system to enable and facilitate the exercise of data subject rights related to:
- Information access;
- Objection to processing;
- Objection to automated decision-making and profiling;
- Restriction of processing;
- Data portability;
- Data rectification;
- Data erasure.
The California Consumer Privacy Act (CCPA) provides California consumers with the right to request access to their personal data, additional details about our information practices and deletion of their personal data (subject to certain exceptions). California consumers also have the right to opt out of sales of personal data, if applicable. We describe how California consumers can exercise their rights under the CCPA below. Please note that you may designate an authorized agent to exercise these rights on your behalf by providing written materials demonstrating that you have granted the authorized agent power of attorney. Please note that if an authorized agent submits a request on your behalf, we may need to contact you to verify your identity and protect the security of your personal data. We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify you are the consumer about whom we collected personal data. We will not discriminate against you if you choose to exercise your rights under the CCPA.
You may request, no more than twice in a 12-month period, access to the specific pieces of personal data we have collected about you in the last 12 months. You may also request additional details about our information practices, including the categories of personal data we have collected about you, the sources of such collection, the categories of personal data we share for a legitimate business or commercial purposes, and the categories of third parties with whom we share your personal data. You may make these requests by contacting using the contact information provided below in the “Contact Information” Section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
You may request, no more than twice in a 12-month period, transportable copies of your personal data that we have collected about you in the last 12 months. You may make these requests by contacting using the contact information provided below in the “Contact Information” Section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
You may request that we delete the personal data we have collected about you. Please note that we may retain certain information as required or permitted by applicable law. You may make these requests by contacting us using the contact information provided below in the “How to contact us” Section below. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.
If you would like to exercise above EU General Data Protection Regulation (GDPR) rights about your Personal data we hold about you, or exercise any other data subject right available to you under California Consumer Privacy Act (CCPA), please submit a written request to: email@example.com or contact use using the information provided in the “How to Contact Us” section below. Our privacy team will examine your request and respond to you as quickly as possible.
Please note that we may still use any aggregated and de-identified Personal data that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
California residents are entitled to ask us for a notice identifying the categories of Personal data which we share with our affiliates and/or third parties for marketing purposes and providing contact information for such affiliates and/or third parties.
2.9.1 Children’s Privacy
Company does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and their content are not directed at children under the age of 18. In the event that we learn that we have collected personal information from a child under age 18 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact Company at (insert email here).
If you are a California resident under the age of 16, do not share any personal data without parental consent. Contact us at (insert email here). for assistance.
2.10 Your choices about your information
You may opt-out of receiving text messages by replying “STOP” to any text message received.
- In all promotional emails, you will be given the opportunity to opt-out of receiving such messages in the future by clicking on the link at the bottom of the email that says “unsubscribe.”
- Please note, we reserve the right to send you Services-related communications (e.g., account verification, payment confirmations, technical and security notices) that you may not opt out of.
Mobile device unique identifier
Unless you choose to opt out, we may also share your mobile phone number with certain select third parties. You can opt out by changing the privacy settings on your profiles/devices.
2.11 International Data Transfers
Personal data you submit on the Website or through the Services may be sent to the other countries, on our service providers’ cloud servers. We will always protect your information in accordance with this Privacy Notice wherever it is processed. We are a US based company and by accessing Our Website, you grant us expressed consent to transfer your Personal data to US servers. If you do not wish for us to transfer your Personal data to the US, please contact us using the information in the “How to Contact Us” section below.
This section sets out the privacy principles we follow with respect to transfers of Personal data from the European Economic Area (EEA) to the United States, including Personal data we receive from individuals residing in the EEA who visits our Websites and/or who may use of our Services or otherwise interact with us.
Please note that for users located in the EEA, the term Personal data used in this privacy is equivalent to the term “personal data” under applicable European data protection laws.
3. CAN-SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
To be in accordance with CAN-SPAM Act, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
4. California Residents
Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. California law requires that we disclose to users how we treat do-not-track requests. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. Due to the lack of guidance, we have not yet developed features that would recognize or respond to browser initiated Do Not Track signals in response to California law.
For a description of how we handle CCPA requests please see Section 2.8 above.
6. How to contact us
If you wish to contact us to update your information or complaints, please feel free to contact us: by telephone at 1-551 243 7283 by email at firstname.lastname@example.org.