Your privacy is very important to us. Our privacy policy (“Policy”) explains the information that RxGenomix, LLC (“RxGenomix”) gathers from your use of the our pharmacogenomics services (the “Services”) and our website (including any related websites, the “Site”), how we use, disclose, and protect that information, your choices, and some other important information. Before using the Service, you must review and agree to the Terms of Service (“Terms of Service”), along with RxGenomix’s informed consent (“Informed Consent”). Capitalized terms used but not defined in this Policy have the meaning given to them in the Terms of Service. Your use of the Services and the Site, and your provision of information to us, is subject to the laws and regulations of the state of Tennessee, USA, where RxGenomix is located.
The specific categories of information we collect include:
When you set up a RxGenomix account or purchase a Test, we collect what is generally called “personally identifiable information” or “PII”, which is information that specifically identifies you as an individual. Examples of PII we collect may include your name, email address, mailing address, phone number, credit card, or other billing information. We may also collect information such as date of birth or sex that, when linked to other information that identifies a specific individual, is considered PII.
To provide meaningful Results, we request certain information about you such as age, ethnicity, and biological sex. Personal Health Information also includes information about your history of certain health conditions, your medication history, and any known genetic mutations in you. For the Service to perform as intended, it’s important that you provide the most accurate information possible.
Individuals who use the Service may also provide us with information about their healthcare providers. Healthcare providers using the Service may provide us with information about patients for whom they are ordering a Test and information related to their medical practices, including the health system or clinic where they practice, NPI numbers, e-mail addresses, fax numbers, and the name, job title, and contact information of other providers involved in an individual’s care.
You may only share with RxGenomix PII about someone else and their protected health information with the full and express consent of that other individual, for example, to purchase a Test for someone else. We reserve the right to require proof of such consent. We will only use the information for the specific reason that it was provided to us and pursuant to the terms of this Policy, our Terms of Service, and if applicable, Informed Consent.
To use the Service, we require a biological sample such as a saliva sample. Please carefully review our Terms of Service and Informed Consent for a description of how we handle your sample.
Please refer to the section below entitled “Cookies and Third-Party Services” for more information.
In general, we use the information that we collect to provide the Services you request, to help improve our services and client experiences, and to help advance genetic research and science. Specifically, we may use the information as follows:
When you use online services in connection with RxGenomix’s Service and/or Site, the following information may be collected, stored, and used:
This section describes the circumstances under which we may share your information with third parties. For additional details, please review the Informed Consent.
To provide the Services.
For research, development, and analytics.
For RxGenomix’s purposes.
For security or legal purposes.
We use physical, managerial, and technical safeguards that are designed to improve the integrity and security of your information. All information on our servers is encrypted when it is at rest or in transit. All personal information (genetic or otherwise) is encrypted with AES-256 when it’s stored on our servers and is always transmitted over SSL. Internally, strict guidelines and access controls protect your PII and PHI.
We cannot, however, ensure or warrant the security of any information you transmit to us or store in connection with the Services, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards. You agree that RxGenomix is not liable for the unauthorized release of your PII or PHI, unless such release was the result of gross negligence or willful misconduct on the part of RxGenomix. If you choose to share PII or PHI with us via the internet or wireless connection (for example, via email messages), you do so at your own risk. If you choose to share your Results, designated record set or other data obtained from RxGenomix, or any of your PII or PHI with anyone outside of RxGenomix, you do so at your own risk, and RxGenomix has no control over the security of such sharing.
RxGenomix complies with the Health Insurance Portability and Accountability Act of 1996 and the regulations thereunder (as in effect from time to time, “HIPAA”) to maintain the privacy and security of your PHI. If a breach occurs that may have compromised the privacy or security of your PHI, we will let you know promptly. We will follow the duties and privacy practices described in this Policy, our Notice of Privacy Practices, the Informed Consent, and Terms of Service.
This Privacy Policy is in addition to and does not replace our Notice of Privacy Practices, which explains how we handle PII and PHY that is covered by HIPAA.
If you receive marketing emails from us, you can unsubscribe from that particular type of marketing email by following the instructions contained within the email. Because we offer different types of marketing emails — (1) product news and feedback surveys, (2) health newsletters, (3) marketing promotions, and (4) research invitations — if you click “unsubscribe” from one type of email, due to system limitations, you will only be opted out of that type of commercial email; you will not automatically be unsubscribed from other email communication types. You can opt out of receiving all types of marketing emails from us by modifying your account settings or sending your request to us by email at support@RxGenomix.com. Please be aware that if you opt out of receiving marketing emails from us or otherwise modify the nature or frequency of marketing communications you receive from us, it may take up to ten (10) business days for us to process your request, during which time you might receive marketing communications from us that you have already opted out from. Finally, while you may opt out of receiving marketing emails from us, you will continue to receive administrative communications from us regarding the Services.
You may, of course, decline to share certain information with us, in which case we might not be able to provide you with some or all of the features and functionality of the Services and our Site. If you want to access or amend information we hold about you, you may do so through your account settings or contact us at support@RxGenomix.com. At any time, you may also request that we deactivate your account by contacting us at support@RxGenomix.com. If you choose to deactivate your account, you will be unsubscribed from all marketing emails; your sample and PII will no longer be shared for research (if you have opted into such research or sample storage); and we will not provide you with any of the Services going forward (including, without limitation, any Results that have not yet been reported, or any updates or changes to your Results). Although we can remove your information from our active databases, some or all information from deactivated accounts will remain in our inactive database for compliance with legal, regulatory, and other requirements. Please also note that information that has already been de-identified, anonymized, aggregated, published, and/or shared with third parties as set forth in this Policy prior to an account deactivation request may not be retrievable or traced back for destruction, deletion, or amendment.
Please do not use or access any part of the Site or the Service if you are under 16 years of age. If you’re a parent or guardian and discover that your child under 16 has obtained an account on the Site, please alert us promptly at support@RxGenomix.com so we can take action to prevent access.
The Services and Site are hosted in the United States (US). If you choose to use the Services and/or Site from other regions of the world, then by your use of the Service and/or Site you acknowledge and agree that: (i) you are transferring your personal information outside of those regions to the US for genetic analysis, storage, and processing as required for us to perform our contractual obligations to you; (ii) the laws and regulations of the US shall govern your use of the Services and provision of your information, and may differ from those of your country of residence; and (iii) as per your acceptance of the Informed Consent, you permit your personal information to be used for the purposes set forth therein. Also, we may transfer your data from the US to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services as required for us to perform our contractual obligations to you. By providing any information, including personal information, on or to the Services and/or the Site, you consent to such use, transfer, storage, and processing. While there is no statutory or contractual requirement for you to provide this information, some information is necessary for us to be able to provide the requested services. Failure to provide such information will make it impossible for you to use the Services. We will retain your personal information only for as long as is necessary to carry out the function for which the information is being used, as consented by you in the Informed Consent, and to comply with applicable laws and regulations. You further agree that by providing your sample, you are not violating any export ban or other legal restriction in the country of your residence.
Clients who live outside of the US in certain jurisdictions may have the option of requesting that their personal information be accessed, updated, and/or removed at any time from our active databases, subject to the applicable laws and regulations of such jurisdictions. Such clients may also have the right to object to our processing of their personal information and/or request that we provide their personal information to another third party. We may require that such request be provided in writing, subject to applicable laws and regulations with respect to the transfer of medical information. If you would like to access, update, object to processing, request provision to a third party, and/or request removal from our active database of your personal information, please contact us at support@RxGenomix.com. Any such requests will be honored within one month.
If you believe RxGenomix’s processing of your personal information is inappropriate, you have the right to lodge a complaint with a supervisory authority or to contact RxGenomix’s Privacy Officer at privacy@RxGenomix.com.
With respect to requests to remove or halt the processing of personal information, such requests received prior to initiation of the Services will result in a cancellation of the Service, and no Results will be provided to you or your healthcare provider. Please also refer to the section above entitled “Your Choices” to understand how requests to remove personal information are handled.
If you’re a resident of the EU, we will only send you marketing communications if you’ve opted in. If you are an EU resident and you didn’t opt in but you’re receiving marketing communications anyway, please contact us at support@RxGenomix.com so we can promptly correct your preferences in our systems.
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we’ll make it available through the Site, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of this change, for example, by sending a message to your email address on file with us. Your continued use of the Site and/or Service after the revised Policy becomes effective indicates that you have read, understood, and agreed to the current version of the Policy.
Please contact us with any questions or comments about this Policy, your personal information, our use and disclosure practices, or your consent choices by email at support@RxGenomix.com.