Effective Date: December 10, 2017
This privacy statement applies to all websites owned and operated by Dante Labs Inc. (“Dante Labs”) including www.dantelabs.com. Our Privacy Statement is designed to help you better understand how we collect, use, store, process, and transfer your information when operating our website, mobile apps, products, software and other services (collectively "Service" or "Services").
1. Key Definitions
- Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
- Anonymized Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual.
- Individual-level Information: information about a single individual's genotypes, diseases or other traits/characteristics, but which is not necessarily tied to Registration Information.
- Personal Information: information that can be used to identify you, either alone or in combination with other information. Dante Labs collects and stores the following types of Personal Information:
- Registration Information: information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, address, user ID and password, and payment information).
- Genetic Information: information regarding your genotype (e.g. the As, Ts, Cs, and Gs at particular locations in your genome), generated through processing of your saliva by Dante Labs or by its contractors, successors, or assignees; or otherwise processed by and/or contributed to Dante Labs.
- Self-Reported Information: all information about yourself, including your disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your Dante Labs account.
- Sensitive Information: information about your health, Genetic Information, and certain Self-Reported Information such as racial and ethnic origin and sexual orientation.
- User Content: all information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials - other than Genetic Information and Self-Reported Information-generated by users of Dante Labs Services and transmitted, whether publicly or privately, to or through Dante Labs.
- Web Behavior Information: information on how you use the Dante Labs website (e.g. browser type, domains, page views) collected through log files, cookies, and web beacon technology.
- Service or Services: Dante Labs' products, software, services, and website (including but not limited to text, graphics, images, and other material and information) as accessed from time to time by the user, regardless if the use is in connection with an account or not.
The following are our core privacy principles:
- We collect and handle information (i) to provide, analyze and improve our Services, (ii) as we reasonably believe is permitted by laws and regulations, including for marketing and advertising purposes, (iii) to protect the security and safety of our company, employees, customers, as we reasonably believe is permitted by laws and regulations, (iv) to comply with laws and regulations we are subject to, and (v) when you consent, for research purposes, the results of which could be used to develop therapeutics.
- We will not sell, lease, or rent your individual-level information (i.e., information about a single individual's genotypes, diseases or other traits/characteristics) to any third-party or to a third-party for research purposes without your explicit consent.
- We understand and respect the sensitive nature of the information you may provide to us, including information about your genetic characteristics, disease conditions, racial and ethnic origin, etc. To that end, we strive to be transparent in our collection, use and disclosure of this information and to ask for your explicit consent to share such sensitive information with third-parties. Please see below to learn more about our sharing and consent practices.
- We are committed to providing a secure and safe environment for our Services.
Please review this Privacy Statement and our Terms of Service. By using our Services, you agree to all of the policies and procedures described in the foregoing documents. Dante Labs is headquartered at 379 West Broadway, Suite 538, New York NY 10012, USA and is referred to herein as Dante Labs (or "we," "us," "our") and includes all of our commonly owned companies.
3. What information we collect
- Information you provide directly to us
- Registration Information. When you register an account with us or purchase our Services, we collect personal information, such as your name, date of birth, billing and shipping address, payment information (e.g., credit card) and contact information such as your email and phone number and license number.
- Self-Reported Information. You have the option to provide us with additional information about yourself through surveys, forms, features or applications. For example, you may provide us with information about your personal traits (e.g., eye color, height), ethnicity, disease conditions (e.g. Type 2 Diabetes), other health-related information (e.g. pulse rate, cholesterol levels, visual acuity), and family history information (e.g. information similar to the foregoing about your family members). Where you are disclosing information about a family member, you should make sure that you have permission from the family member to do so.
- User Content. Some of our Services allow you to create and post or upload content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission ("User Content"). For example, User Content includes any post or message you place on Dante Labs's community forums.
- Blogs. Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request that we remove or anonymize your personal information from our blog or community forum, contact us at firstname.lastname@example.org. Please note that whenever you post something publicly, it may sometimes be impossible to remove the information, for example, if someone has taken a screenshot of your posting. Please exercise caution before choosing to share personal information publicly on our blogs, community forums or in any other posting. Note also that you may be required to register with a third-party application to post a comment. To learn how the third-party application uses your information, please review their privacy statement.
- Social Media Features and Widgets. Our website includes Social Media Features, such as the Facebook Like or Share button and Widgets, and the LinkedIn Open ID application ("Features"). These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. They may also allow third-party social media services to provide us information about you, including your name, email address, and other contact information. For example, if you use LinkedIn to sign in to our career portal, LinkedIn may import personal information from your LinkedIn profile in order to populate your job application. The data we receive is dependent upon your privacy settings with the social network. Features are either hosted by a third-party or hosted directly on our site. Your interactions with these Features are governed by the privacy statement of the company providing it. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service.
- Referral Information and Sharing. When you refer a person to Dante Labs or choose to share results information with another person, we will ask for that person's email address. We will use the email address solely, as applicable, to make the referral or to share your results information, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for Dante Labs to communicate (e.g., via email) with him or her. The person you referred may contact us at email@example.com to request that we remove this information from our database.
- Address books. If you choose to use your computer's or mobile device's address book in connection with our Services to make referrals or to request that we communicate with another person, we may collect the names and contact information of those persons for these purposes only.
- Third-party services (e.g., social media). If you use a third-party site, such as Facebook or Twitter, in connection with our Services to communicate with another person (e.g., to make or post referrals or to request that we communicate with another person), then in addition to that person's name and contact information, we may also collect other information (e.g., your profile picture, network, gender, username, user ID, age range, language, country, friends lists or followers) depending on your privacy settings on the third-party site. We do not control third-party site's information practices, so please review their privacy policies and your settings on those sites carefully.
- Gifts. If you provide us personal information about others, or if others give us your information for purposes of ordering the Service as a gift, we will only use that information for the specific reason for which it was provided to us. Once a gift recipient registers for his or her Services and agrees to our Privacy Statement, our Terms of Service, and if applicable, Consent Document, his or her information will be used consistent with this Privacy Statement and those agreements, and we will not share any of the gift recipient's personal information with the user who purchased the gift.
- Customer service. When you contact our Customer Care center or correspond with us about our Service, we collect information to: track and respond to your inquiry; investigate any breach of our Terms of Service, Privacy Statement or applicable laws or regulations; and analyze and improve our Services.
- Information related to our genetic testing services
- Saliva sample and bio-banking. To use our genetic testing services, you must purchase, or receive as a gift, a Dante Labs testing kit, register an online account, and ship your saliva sample to our third-party laboratory. Once received, your saliva sample will be identified by its unique barcode, along with your gender and your date of birth. The barcode label identifies you to us but not to our third-party laboratory. Unless you choose to store your sample with Dante Labs (called consent to "bio-banking", which can be found here and changed in your settings), your saliva samples and DNA are destroyed after the laboratory completes its work, unless the laboratory's legal and regulatory requirements require it to maintain physical samples.
- Genetic Information. Genetic Information refers to features of your DNA that distinguish you from other people (e.g. the As, Ts, Cs, and Gs at particular locations in your genome) and is generated when we analyze and process your saliva sample, or when you otherwise contribute or access your Genetic Information through our Services. Genetic Information includes the Dante Labs Results information reported to you as part of our Services, and may be used for other purposes, as outlined in Section 4 below.
Information collected through tracking technology (e.g. from cookies and similar technologies)
- Google Analytics. Google Analytics is used to perform many of the tasks listed above. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions). We have enabled the following Google Analytics Advertising features: Remarketing, Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting, and DoubleClick Campaign Manager integration. We do not merge information collected through any Google advertising product with individual-level information collected elsewhere by our service.
- Other types of information. We are always working to enhance our Services with new products, applications and features that may result in the collection of new and different types of information. We will update our privacy statement, as needed.
4. How we use and share information
Dante Labs will use and share your personal information with third-parties only in the ways that are described in this privacy statement.
- Using information to provide, analyze and improve our Services. We use the information described above in Section 3 to operate, provide, analyze and improve our Services. These activities may include, among other things, using your information in a manner consistent with other commitments in this privacy statement, to:
- open your account, enable purchases and process payments, communicate with you, and implement your requests (e.g., referrals);
- host our website, run our mobile application(s), authenticate your visits, provide custom, personalized content and information, and track your usage of our Services;
- conduct analytics to improve and enhance our Services;
- offer new products or services to you, including through emails, promotions or contests;
- implement online marketing campaigns and targeted advertising, including by utilizing third-party ads (subject to your cookie settings and preferences), and to measure the effectiveness of our marketing and targeted advertising;
- conduct surveys or polls, and obtain testimonials;
- process and deliver your genetic testing results;
- perform research & development activities, which may include, for example, conducting data analysis and research in order to develop new or improve existing products and services, and performing quality control activities.
- Consent process for research. Your Genetic and Self-Reported Information may be used for Dante Labs Research only if you have consented to this use by completing a Consent Document. If you have completed a Consent Document:
- Dante Labs may use individual-level Genetic Information and Self-Reported Information internally at Dante Labs for Research purposes. In addition, we may allow select third-party research contractors to access your individual level Genetic and/or Self-Reported Information onsite at Dante Labs's offices for the purpose of conducting scientific research, provided that all such research contractors will be supervised by Dante Labs and subject to Dante Labs' access rules and guidelines.
- When your Genetic Information and/or Self-Reported Information is being used for research purposes, it will not be linked to your Registration Information.
Withdrawing your Consent.
You may withdraw your consent to participate in Research at any time by changing your consent status within your Dante Labs Account Settings. If you experience difficulties changing your consent status, contact the Human Protections Administrator at firstname.lastname@example.org. Dante Labs will not include your Genetic Information or Self-Reported Information in new research occurring after 30 days from the receipt of your request. Any research involving your data that has already been performed or published prior to our receipt of your request will not be reversed, undone, or withdrawn. You may also discontinue your participation in research by closing your Personal Genome Service account. If you withdraw your consent for research your Genetic Information and Self-Reported Information may still be used by us and shared with our third-party service providers to provide and improve our Services (as described in Section 4.a), and shared as Aggregate Information that does not identify you as an individual (as described in Section 4.d).
What happens if you do NOT consent to Dante Labs Research?
If you do not complete a Consent Document or any additional consent agreement with Dante Labs, your information will not be used for Dante Labs Research. However, your Genetic Information and Self-Reported Information may still be used by us and shared with our third-party service providers to provide and improve our Services (as described in Section 4.a), and shared as Aggregate or Anonymous Information that does not reasonably identify you as an individual (as described in Section 4.d).
3. Recruiting for external research
Academic institutions, healthcare organizations, and other groups are always conducting interesting new research projects. We want to make you aware of these opportunities. While we do not share individual-level Genetic Information or Self-Reported Information with third-parties without your consent, from time to time we may inform you of third-party research opportunities for which you may be eligible. For example, if a university tells us about a new cancer research project, we may send an email to Dante Labs members who potentially fit the relevant eligibility criteria based on their Self-Reported Information to make them aware of the research project and provide a link to participate with the research organization conducting the study. If you do not wish to receive these alerts, you can manage them in your settings.
4. Information we share with third-parties
- General service providers. We share the information described above in Section 3 with our service providers, as necessary to provide their services to us. Service providers are third-parties (other companies or individuals) that help us to provide, analyze and improve our Services. For example, we work with third-party laboratories and contractors to process and analyze your saliva sample for purposes of generating your Genetic Information. NOTE: Our service providers act on Dante Labs' behalf. While we implement procedures and contractual terms to protect the confidentiality and security of your information, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically. When you purchase a testing kit from Dante Labs, you are instructed to send a saliva sample to our third-party laboratory with a unique barcode label. The unique barcode identifies you to us but not to the laboratory. We are also required to provide to the laboratory, your sex and date of birth or age pursuant to clinical laboratory requirements such as the Clinical Laboratory Improvement Amendments (CLIA). No other Registration Information (such as your name, address, email, phone number or other contact information) is required or provided to the laboratory. The receiving personnel at the laboratory will remove and discard your "sender information" from the packaging (e.g., name, address) before testing personnel receive the samples for processing. Receiving personnel do not perform testing, and testing personnel handle saliva samples that are labeled only with the unique barcode. Unless you choose to store your sample, DNA and saliva samples are destroyed after the laboratory completes its work, provided that laboratory legal and regulatory requirements no longer require the actual samples to be maintained. A de-identified copy of genotyping data will be kept in accordance with CLIA. The laboratory securely sends the resulting Genetic Information to us along with your unique barcode. Genetic Information is stored securely on our servers; the laboratory also stores your Genetic Information, but again, labeled only with the barcode.
- Aggregate information. We may share aggregate information with third-parties, which is any information that has been stripped of your Registration Information (e.g., your name and contact information) and aggregated with information of others so that you cannot reasonably be identified as an individual ("Aggregate Information"). This Aggregate Information is different from "individual-level" information. Individual-level Genetic Information or Self-Reported Information consists of data about a single individual's genotypes, diseases or other traits/characteristics information. For example, Aggregate Information may include a statement that "30% of our female users share a particular genetic trait," without providing any data or testing results specific to any individual user. We may provide such Aggregate Information in commercial arrangements with our business partners. In contrast, individual-level Genetic Information could reveal whether a specific user has a particular genetic trait, or all of the Genetic Information about that user. Dante Labs will ask for your consent to share individual-level Genetic Information or Self-Reported Information with any third-party, other than our service providers as necessary for us to provide the Services to you.
- Information we share with commonly owned entities. We may share some or all of your information with other companies under common ownership or control of Dante Labs, which may include our subsidiaries, our corporate parent, or any other subsidiaries owned by our corporate parent in order to provide you better service and improve user experience. We may provide additional notice and ask for your consent if we wish to share your information with our commonly owned entities in a materially different way than discussed in this Privacy Statement.
Under certain circumstances your information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders, or in coordination with regulatory authorities, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Dante Labs will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Dante Labs may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Dante Labs Terms of Service and other policies; (c) respond to claims that any content violates the rights of third-parties; or (d) protect the rights, property, or personal safety of Dante Labs, its employees, its users, its clients, and the public.
5. Your choices
- Privacy Shield
Dante Labs participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Dante Labs is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles.
To contact the organizations with any inquiries or complaints, including any relevant establishment in the EU, please visit U.S. Department of Commerce's Privacy Shield List.
Dante Labs is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Dante Labs complies with the Privacy Shield Principles to the Department of Commerce (or its design) for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Dante Labs is subject to the investigatory and regulatory enforcement powers of the U.S. Federal Trade Commission (the “FCT”). In certain situations, Dante Labs may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact the independent dispute resolution body designed to address complaints and provide appropriate recourse free of charge to the individual. Particularly, Dante Labs cooperates and complies with the EU data protection authorities (DPAs) with respect to all types of data. For more information about DPAs, please click here.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
2. Security measures
Dante Labs takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of information, Dante Labs uses a range of physical, technical, and administrative measures to safeguard your Personal Information. In particular, all connections to and from our website and mobile application are encrypted using Secure Socket Layer (SSL) technology.
Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access our Services. You should not disclose your authentication information to any third-party and should immediately notify Dante Labs of any unauthorized use of your password. Dante Labs cannot secure Personal Information that you release on your own or that you request us to release.
Your information collected through the Service may be stored and processed in the United States or any other country in which Dante Labs or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.
3. Business transactions
In the event that Dante Labs goes through a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets, your information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
4. Linked websites
Dante Labs provides links to third-party websites operated by organizations not affiliated with Dante Labs. Dante Labs does not disclose your information to organizations operating such linked third-party websites. Dante Labs does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by Dante Labs.
5. Children's privacy
Dante Labs is committed to protecting the privacy of children as well as adults. Neither Dante Labs nor any of its Services are designed for, intended to attract, or directed toward children under the age of 13. A parent or guardian, however, may collect a saliva sample from, create an account for, and provide information related to, his or her child. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to Dante Labs about his or her child is kept secure and that the information submitted is accurate.
6. Changes to this Privacy Statement
Whenever this Privacy Statement is changed in a material way, a notice will be posted as part of this Privacy Statement and on our customers' account login pages for 30 days. After 30 days the changes will become effective. In addition, all customers will receive an email with notification of the changes prior to the change becoming effective.
7. Contact Information
If you have questions about this Privacy Statement, please email Dante Labs' Privacy Administrator at email@example.com, or send a letter to:
Dante Labs Inc.
325 5th Ave., Suite 38A, New York, NY 10016