Privacy Policy

This Privacy Policy (“Notice”) is being provided to you by Karius, Inc. (“Karius”, “us”, “we” or “our”). This Notice describes the ways in which we collect, use, and disclose personally identifiable information (“PII”), including personal health information, that we receive through www.kariusdx.com and other online platforms and mobile applications that we operate and that link to this Notice (the “Site”). The Notice applies to our website at www.kariusdx.com (the “Site”), use of the online portal available via the Site, the Karius mobile application (the “App”) and all of the services available therein (collectively referred to in this Notice as the “Karius Service”) that may be provided by us or our affiliates.Please read it carefully.

As described in Section 8 below, we reserve the right to change the terms of this Notice from time to time and to make the revised Notice effective for all PII we maintain.

1. What information do we collect?

Karius collects some information from everyone who uses the Karius Service — even if you don’t have a Karius account. This includes log data that automatically records information about your use of the Karius System. Log data includes information such as your operating system, the different actions you performed, and the IP address you used to access the Karius Service. We use this type of information to provide you with an experience that’s relevant to your location based on the IP address, to prevent Karius Service misuse, and to ensure the Karius Service is working properly. We also collect data from cookies. To see the full list of cookies we use and how we use them, please read our Cookie Policy below.

If you are a medical professional (e.g. clinician, doctor, nurse, etc.) requesting a Karius Test™ for your patient, we will collect PII such as your name, email address and phone number so that we can contact you with regards to your use of the Karius Service. In performing the test, we collect the patient’s name, birthdate, medical record number, and possibly other types of PII.

When you use the Karius Service, we will indicate if the collection and provision of certain categories of PII is mandatory. For any such categories, we may not be able to provide you with access to the Karius Service if you do not provide us with the required information.

During a verbal clinical consultation between a Karius Medical Director and the treating physician, we may collect additional information that personally identifies patients.

Please see below for more details on the types of PII that we may collect.

When you create a Karius account

When you create a Karius account, we ask for some PII, including your name, email address, and telephone number.

When you contact us for help

Whenever you contact Karius for help, we collect your name and email address along with additional information you provide in your request so that we can provide you with assistance and improve the Karius Service.

Information from third parties

We may obtain PII from third party sources (e.g. healthcare providers, insurance providers, etc.) that is necessary to provide you with the Karius Service. Examples of such PII we may obtain from third party sources include your name and contact details.

2. How we use your PII

If you are a user of the Karius Service, Karius will process PII to perform our obligations in providing the Karius Service to you or such other person or entity on whose behalf you are using the Karius Service.That generally will include using your PII to:

  1. Verify your identity to provide you with access to the Karius Service (e.g. generating one-time passwords); and
  2. Facilitate your creation of a Karius account.

We may also (i) use some anonymized and de-identified data to research, understand and improve the Karius Service; to detect and protect against error, fraud or other criminal activity; and to protect the security or integrity of the Karius Service; and (ii) use and disclose aggregated, de-identified data with partners and the public in a variety of ways. If we provide this information, we use appropriate procedures so that the data does not identify you and we contractually prohibit recipients of the data from re-identification.

3. Retention of PII

We will retain PII for as long as we have a legitimate need to use or share it.

4. Deletion of PII

If you seek to have us deleted your PII, you should note that deletion of your account with us will not automatically delete the PII that was associated with your account. If you would like to request that we delete all PII together with the deletion of your account, please contact us at legal@kariusdx.com. Our ability to comply with your deletion request is subject to any applicable legal, contractual or other requirement to maintain certain records of PII. In that regard, please note that the deletion of PII from our database will result in us not being able to provide you with the Karius Service.

5. Storage and security of PII

We use reasonable controls and procedures to maintain the security of PII and protect it from misuse, interference and loss and against unauthorized collection, copying, access, modification or disclosure. Where you have chosen a password to access the App, you are responsible for keeping your password confidential. Do not share your password with anyone.

Due to the nature of the Internet, we do not provide any guarantee or warranty regarding the security of any PII during transmission to or storage by us and you acknowledge that the disclosure of PII to us is at your own risk. Please contact us immediately if you become aware or have reason to believe there has been any unauthorized use of PII in connection with the Karius Service.

The PII you provide to us or that is disclosed to us by our covered entity clients may be transferred to and stored with a cloud service provider with servers that are located in various jurisdictions. Some of these jurisdictions may not have the same or substantially similar privacy laws than those of your home jurisdiction.

6. Risks Associated with Electronic Communications and the Storing of Your PII Electronically

We understand the importance of protecting PII and take our security obligations seriously. We take a number of steps to safeguard the privacy and security of PII. However, any device or application connected to the Internet is susceptible to a security breach, despite the level of administrative, technical, and physical safeguards employed. This means that there is a risk that unauthorized persons may be able to access and read PII. By using the Karius Services, you agree that you have read, understand, and accept this risk.

7. Cookie Policy

Some of the information that we collect will not personally identify you but will instead track your use of the Karius Service so that we can better understand how the Karius Service is used by end users and in turn enhance and improve your experience in using the Karius Service. This information can be obtained through the use of cookies. Cookies are a small data file transferred to your device that recognizes and identifies your device and allows your device to ‘remember’ information from the Karius Service for future use. We may collect technical information from your web browser or mobile device or your use of our services through a web browser or mobile device, for example, location data and certain characteristics of, and performance data about your device, carrier/operating system including device and connection type and IP address. Unless you have elected to remain anonymous through your device and/or the web browser, the above-mentioned information may be collected and used by us automatically through your use of the Karius Service or the App.

You have a number of options to control or limit how we and our partners use cookies and similar technologies, including for advertising.

  • Although most browsers and devices accept cookies by default, their settings usually allow you to clear or decline cookies. If you disable cookies, however, some of the features of the Karius Service may not function properly.
  • To prevent your data from being used by Google Analytics, you can install Google’s opt-out browser add-on by visiting https://tools.google.com/dlpage/gaoptout.
  • To opt out of ads on platforms that are targeted to your interests, based on your platform settings, check your mobile device for settings that control ads based on your interactions with the applications on your device. For example, on your iOS device, enable the “Limit Ad Tracking” setting, and on your Android device, enable the “Opt out of Ads Personalization” setting.

The Karius Service does not respond to Do-Not-Track signals because we do not track our users over time and across third-party websites to provide targeted advertising. However, we believe that you should have a choice regarding interest-based ads served by our partners, which is why we outline the options available to you above.

8. Changes to our Privacy Policy/Notice

Karius reserves the right to amend all or any part of this Notice. If we make material changes to the Notice, we will inform you through the Karius Service that the Notice has been updated. Your continued use of the Karius Service with us after any such changes are communicated to you constitutes your agreement to this Notice as amended.

9. Other Applications

The Karius Service may have links to other apps or websites. We are not responsible for the security or privacy of any information collected by such apps or websites and, while we do not permit those apps or websites to track your use of the Karius Service, we are unable to control whether such tracking mechanisms are implemented by those apps or websites. You should exercise caution and review the privacy statements applicable to the third-party websites and services you use. The use of online tracking mechanisms by those third-party websites and services is subject to those third parties’’ own privacy policies, and not this Notice.

10. Effect of Notice

This Notice applies in conjunction with any other policies, notices, contractual clauses and consent statements that apply in relation to the collection, use and disclosure of your PII by us.

11. Contact Us

All comments, queries and requests relating to our use of your PII are welcomed and should be addressed to our Privacy Officer at legal@kariusdx.com. If you believe that your privacy rights have been violated, please contact us.