Privacy and Security

We collect various types of information to provide, enhance, and secure our services, while ensuring compliance to data privacy regulations:

Personal Information

• Contact Details. Name, email address, phone number, and mailing address.
• Account Information. Username, password, and other credentials for secure account access.
• Payment Information. Credit card details and billing information for transactions.

Health and Genetic Information (collected and processed in compliance with HIPAA regulations)

• Genetic Data. DNA samples and resulting genomic data, processed with appropriate safeguards.
• Medical History. Health-related information provided by you or your healthcare provider.
• Family History. Health conditions in your family that you voluntarily provide.

Technical Information

• Device Data. IP address, browser type, operating system, and device identifiers.
• Usage Data. Pages visited, time spent on our website, and interaction patterns for service improvement and security monitoring.
• Cookies and Tracking Technologies. Data collected through cookies and similar technologies to enhance user experience and website functionality, while adhering to opt-out preferences.

We utilize the collected information for the following purposes:

• Service Delivery. To process your genetic tests, provide results, and deliver our services efficiently.
• Communication. To inform you about your test status, results, and relevant updates.
• Enhancement and Research. To improve our services, develop new features, and conduct research, while ensuring compliance with data privacy regulations.
• Compliance and Security. To adhere to legal obligations, regulatory requirements, and maintain system security.

We do not sell your personal or genetic information to third parties.

We respect your privacy, and share your information only under the following circumstances:

• With Your Consent. You may choose to share your information with healthcare providers, researchers, or others.
• Service Providers. Trusted third parties who assist in providing our services (e.g., laboratories, IT support), subject to strict confidentiality agreements and security protocols.
• Legal Compliance. When required by law, regulation, or legal process, we may disclose your information to comply with legal obligations, while ensuring minimum necessary disclosure.
• Business Transactions. In the event of a business merger, acquisition, or sale, we may share your information as part of due diligence, with appropriate safeguards in place.

We implement rigorous security measures to protect your information, including:

• Encryption. Secure encryption of data during transmission and storage.
• Access Controls. Restricted access to personal information for authorized personnel only, determined by role-based security measures.
• Monitoring and Audits. Regular security audits, monitoring of our systems for vulnerabilities, and proactive risk management.
• Incident Response. Established protocols for deleting, responding to, and mitigating security incidents, including breach notifications in compliance with applicable laws.

You have rights regarding your personal information, subject to applicable laws:

• Access. Request a copy of the personal information we hold about you.
• Correction. Request corrections to inaccurate or incomplete information.
• Deletion. Request deletion of your personal information, subject to legal and contractual constraints.
• Opt-Out. Choose to opt-out of optional data sharing, targeted marketing, or research initiatives.
• Data Portability. Request transfer of your personal data in a structured, commonly used format where technically feasible.
• Do Not Track Preferences. We honor legally required “Do Not Track” signals and similar privacy settings where applicable.

If you have questions or concerns about this privacy policy, or our data practices, please contact us at support@myome.com.