- Key definitions
“Aggregate Information” is information about multiple individuals that we have combined so that no specific individual may be identified. Aggregate Information is not Personal Information because it cannot be used to identify you. For example, Aggregate Information may include a statement that “30% of our female users share a particular genetic trait,” without providing any data or testing results specific to any individual user.
“TRAITDNA” means Traitdna, Inc. We will refer to TRAITDNA as “we”, “us” and “our” throughout this Statement.
“Cookie” is a text file that is placed on your hard disk by a web server. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. To learn more about Cookies, visit www.allaboutcookies.org.
“Data Collection Technologies” refer to Cookies, pixel tags, web beacons, and other technologies that we or third parties use on our websites and other digital services to collect information about your use of these services.
“Designated European Countries” means countries the European Economic Area, the United Kingdom, and Switzerland.
“DNA” stands for deoxyribonucleic acid, which is the molecule that contains your genetic information. Your DNA is what makes you uniquely you.
“Personal Information” is information that can be used to identify you, either alone or in combination with other information.
“Raw Data” means information about your genotypes that is generated through the processing of your saliva or blood by us or by Third Party DNA Services. Your Raw Data contains the “letters” (nucleotides A, C, G, T) that comprise DNA.
“Sensitive Information” is a subcategory of Personal Information that includes your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information, and information concerning your health, sex life, or sexual orientation.
“Service” means the TraitDNA service, associated websites (https://traitdna.com) and mobile applications, and other ancillary or related services we offer from time to time.
“Third Party DNA Services” means companies and organizations not related to or operated by us that you may use to obtain DNA testing and results.
“Traits” means the characteristics or attributes that may be influenced by your DNA. Your Traits may include your preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. The traits we analyze as part of the Service are personal – not medical – in nature.
- Information we collect
Depending on how you interact with or use the Service, we may collect the following categories of Personal Information about you:
- Identifiers, such as your name, postal address, email address, phone number, account username and password, image, and date of birth.
- Genetic information, including the information contained in your Raw Data and any Trait analysis we have performed on your Raw Data.
- Demographic information, such as your race, ethnicity, gender, sexual orientation, and age.
- Physical and health-related information, such as your height, weight, and medical history.
- Social media information, such as your social media handle and related profile information. We typically only collect your social media information if you connect your social media account to the Service or otherwise interact with the Service using your social media account.
- Device and other internet information, such as your browsing history, search history, and the IP address, geolocation, and identification number of the device that you use to access the Service.
- Financial information, such as your payment card information and billing/shipping address. We have engaged a third party payment processor to collect and process your payments on our behalf. We do not process or otherwise maintain your financial information on our systems or servers.
We may collect your Personal Information directly from you, such as when you register for a Genomelink account, submit your saliva for testing, complete a family history questionnaire, survey or form, contribute to blogs and forums, or contact us with a question.
We may also collect your Personal Information from third party sources, such as Third Party DNA Services, social media platform providers, or your friends and family who refer our Service to you. The Personal Information we collect from these third parties sources typically depends on the privacy settings or permissions that you have communicated with these third parties or otherwise set on their platforms.
Non-Personal Information. We may also collect information that cannot be used to identify you. This non-Personal Information may include Aggregate Information about our users browser types, device types, and pages clicked. We collect this non-Personal Information through server logs and Data Collection Technologies. We may associate this information with the Personal Information that we collect about you — if we do, we will treat the combined information as Personal Information.
- How we use your Personal Information
We may use your Personal Information for the following purposes:
- To personalize the Service. We use your Personal Information to personalize and enhance your use of the Service, including to remember your preferences, provide personalized content and information, and track your use of the Service. For individuals located in the Designated European Countries, our legal basis for processing your Personal Information is our legitimate interest in delivering relevant and personalized content.
- To market to you. We use your Personal Information to send you promotional or marketing messages, such as discounts, newsletters, and invitations to participate in surveys. You can unsubscribe from receiving these marketing communications by clicking the “unsubscribe” link in any marketing email we send you. You can also change your communication preferences in your Genomelink account. Unsubscribing from marketing emails will not unsubscribe you from receiving non-marketing messages regarding your account, such as technical notices, purchase confirmations, or Service-related emails. If you are located in a Designated Eurpean Country, our legal basis for processing is our legitimate interest in providing information that may interest you, or otherwise your consent.
- To improve and develop the Service. We analyze your Personal Information to perform quality control activities, help us build new products, and improve the existing Service. We may also send you surveys, polls, or requests for testimonials to improve and optimize the Service. For individuals located in the Designated European Countries, our legal basis for processing your Personal Information is based on our legitimate interest. We think it is important to continue improving our Services to ensure your continued enjoyment.
- To recruit you for research opportunities. We may use your Personal Information to ask you if you would like to participate in research opportunities with us or our partners. If you decide to participate in a research opportunity, you will be asked to sign an Informed Consent to Research. For individuals located in the Designated European Countries, our legal basis for processing your Sensitive Information is based on your consent.
- To provide customer support. If you contact us with a request, question or concern, we use your Personal Information, including Sensitive Information, as necessary to answer your questions, resolve disputes, and/or investigate and troubleshoot problems or complaints. For individuals located in the Designated European Countries, our legal basis for processing your Personal Information can be to satisfy our contractual or legal obligations and/or our legitimate interest to improve our Services, depending on the nature of your request.
If we need to collect Personal Data by law or under the terms of a contract we have with you and you fail to provide us with the information when requested, we may not be able to perform the contract we have, or are trying to enter into, with you. We will inform you of any Personal Information we require from you and the consequences if you fail to provide it.
Special Categories: We only process Special Categories of Personal Information if you give us your explicit consent (such as through our informed consent), the processing is necessary to meet a legal or regulatory obligation, the processing is in connection with the establishment, exercise or defense of legal claims, or is otherwise expressly permitted by law. Special Categories of Personal Information includes information about your racial or ethnic origin, genetic data (such as Raw Data), and data concerning health, sex life, and sexual orientation.
Other Uses: Any other purposes for which we wish to use your Personal Information that are not listed above, or any other changes we propose to make to the existing purposes will be notified to you by amending this Statement in accordance with the Section 12.
- When we share your Personal Information
We may share your Personal Information in the following circumstances:
- With service providers. We may share your Personal Information with contractors and third-party service providers who help us to provide the Service and to understand how you use it (each, a “Subprocessor”). For example, we work with third-party laboratories and contractors to process and analyze your saliva or blood sample for purposes of generating your genetic information. Other categories service providers we use include marketing, operations, payment processing, and technology vendors. The list of Subprocessor is found here.
- With research partners. We may share your Personal Information with research partners only when you provide us with your express consent to do so through our Informed Consent to Research. Our research partners may include commercial or non-profit organizations that conduct or support scientific research, develop drugs or medical devices, or are generally interested in DNA analysis. In some circumstances, a research partner may have a financial interest in the research arrangement.
- As part of a business transaction. In the event that TRAITDNA is involved in a business transaction such as a merger, acquisition, or sale of all or a portion of its assets, your Personal Information will likely be among the assets transferred. In such case, your Personal Information will remain subject to the provisions of this Statement.
Sharing Aggregate Information. We may share Aggregate Information with third parties or the general public for our marketing or research purposes. For example, we may provide Aggregate Information in commercial arrangements with our business partners so that they may develop new research or products. We may also provide Aggregate Information to advertisers so they may tailor marketing messages or advertisements to our general user demographics. Disclosures for these purposes will never contain your Personal Information.
- Your rights and choices
You can log into your Genomelink account and view or amend the Personal Information associated with your account at any time. Please note that if you amend the Personal Information in your account information, our servers may retain such information as part of our logs and backups.
Individuals located in Designated European Countries: If you are located in the European Economic Area and we maintain your Personal Information, you have the following additional rights (under the European Union’s General Data Protection Regulation (the “GDPR”) with regard to your Personal Information:
- Right to access and receive: You may request a copy of or access to the Personal Information we hold about you. You may also request that we transfer your Personal Information to a third party in a machine-readable format.
- Right to correct: You may ask us to update or correct inaccurate or incomplete Personal Information we hold about you.
- Right to limit or restrict: You may have the right to request that we stop using all or some of your Personal Information or to limit our use of it.
- Right to erase: You may have the right to request that we delete all or some of your Personal Information. This right may be limited if we have collected your Personal Information for research purposes.
- Right to withdraw consent: You have the right to withdraw any consent you have previously given to us at any time. Your withdrawal of consent does not affect the lawfulness of our collecting, using, and sharing of your Personal Information prior to the withdrawal of your consent. Even if you withdraw your consent, we have the right to use your Personal Information if it has been fully anonymized and cannot be used to personally identify you.
- Right to complain: You have the right to lodge a complaint with your Supervisory Authority if you are unhappy with how we process your Personal Information. You can find contact information for your Supervisory Authority on the European Commission Data Protection Authorities webpage or through other publicly available sources.
Please note that if you decide to exercise some of your rights, we may be unable to provide you with certain services, or you may not be able to use or take full advantage of the services we offer. We may charge you a reasonable fee if you request additional copies of your Personal Information or make other requests that are manifestly unfounded or excessive. If we are unable to honor your request, or before we charge a fee, we will let you know why.
Your California Rights. California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of certain categories of Personal Information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us using the information in Section 13. This request may be made no more than once per calendar year, and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below.
We use both session and persistent Cookies on our digital Service to improve your online experience. Session Cookies are stored on your device during a single visit to the website, and they are deleted as soon as you close your browser. Persistent Cookies remain on your device until they expire or you choose to delete them from your browser cache, and they are reactivated each time you visit the website that created them. You can find out more about Cookies, learn about what cookies have been set, and how you can manage and delete them at http://www.allaboutcookies.org.
- Authentication. These Cookies help us ensure that your password works and that you stay logged in when you move between pages on the website. They also keep you secure while you are logged in and help to ensure the digital Service looks consistent during your visit.
- Analytics. We use analytics Cookies to collect information about how you use our digital Service, such as which pages you visit and if you experience any errors. Analytics Cookies collect only Aggregate Information and we use them to improve how our digital Service works, understand what interests our users, and measure how effective our content is. For example, we use Google Analytics to help us track and understand how users use our websites. For information about how Google uses the information it collects, please visit Google’s Terms of Service.
- Advertising. Advertising Cookies collect information about your browsing habits. We use them to tailor our advertising to your perceived interests. We work with third party partners to help us advertise around the Internet, as well as to allow advertisements to be placed on our digital Service. To opt out of some targeting cookies, see the Section titled “Online behavioral advertising” below.
- Measurement. We use other Data Collection Technologies to help us manage content on our digital Service by informing us what content is effective. We also use Data Collection Technologies in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications.
Controlling Cookies: You can manage and block cookies by adjusting the settings in your web browser. You can also set your browser to alert you every time a website sets a Cookie. Each browser works differently, so please refer to your browser’s help menu. Unless you have adjusted your browser settings, our system will issue cookies as soon as you visit our digital Service. If you change your browser settings to block all cookies (including essential ones) you may not be able to access some or all parts of our digital Service.
DNT signals: Some web browsers incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. Although we do our best to honor your privacy preferences,, we do not respond to DNT signals from your browser at this time due to the lack of an established industry standard.
We maintain reasonable and appropriate safeguards designed to protect your Personally Information from unauthorized access, use, disclosure, alteration or destruction. For example, we limit our collection and use of your Personal Information to the extent necessary to provide you with the Service. However, we cannot guarantee the security of our systems or your Personal Information, and we encourage you to take reasonable precautions to safeguard your Personal Data.
- Data retention
We will keep your Personal Information for as long as necessary to fulfill the purposes for which we collected it, including any legal, professional, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information, whether we can achieve those purposes through other means, and all applicable legal requirements.
- Users outside of the U.S.
We are committed to complying with this Statement and the data protection laws, including those outside of the United States, that apply to our collection and use of your Personal Information. We are located in the U.S. and may use facilities in the United States and other countries. When you provide us with your Personal Information or use the Service, we will process and store your Personal Information in the United States and such other countries where we have facilities. We recognize that the laws in the United States and such other countries may be different and, in some cases, not as protective as the laws where you are located. By providing us with your Personal Information or using the Service, you acknowledge that your Personal Information will be transferred to and processed where we operate.
- Children’s privacy
Our services are not directed to or intended for use by children. If we learn that we have received Personal Information directly from a child without his or her parent or legal guardian’s verified consent (where required by law), we will use that Personal Information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use our services. Subsequently, we will delete such Personal Information.
- Third party websites and services
- Effective date; changes
The effective date of this Statement is posted at the top of this page. We may update this Statement from time to time to reflect changes in our practices, our industry, or applicable laws. When we make material changes to this Statement, we will give you advance notice by posting an alert through the Service or by sending you an email to the email address we have on file. The amended Statement will apply on a go-forward basis to the Personal Information we already collected about you, as well as any Personal Information we may collect in the future. If you disagree with any changes, please let us know by contacting us using the information in Section 13.
- Contact us
If you have any questions or comments about this Statement or our information practices, please contact us using the following information: [email protected]