As described in Section 8 below, we reserve the right to change the terms of this Notice from time to time and to make the revised Notice effective for all PII we maintain.
1. What information do we collect?
If you are a medical professional (e.g. clinician, doctor, nurse, etc.) requesting a Karius Test™ for your patient, we will collect PII such as your name, email address and phone number so that we can contact you with regards to your use of the Karius Service. In performing the test, we collect the patient’s name, birthdate, medical record number, and possibly other types of PII.
When you use the Karius Service, we will indicate if the collection and provision of certain categories of PII is mandatory. For any such categories, we may not be able to provide you with access to the Karius Service if you do not provide us with the required information.
During a verbal clinical consultation between a Karius Medical Director and the treating physician, we may collect additional information that personally identifies patients.
Please see below for more details on the types of PII that we may collect.
When you create a Karius account
When you create a Karius account, we ask for some PII, including your name, email address, and telephone number.
When you contact us for help
Whenever you contact Karius for help, we collect your name and email address along with additional information you provide in your request so that we can provide you with assistance and improve the Karius Service.
Information from third parties
We may obtain PII from third party sources (e.g. healthcare providers, insurance providers, etc.) that is necessary to provide you with the Karius Service. Examples of such PII we may obtain from third party sources include your name and contact details.
2. How we use your PII
If you are a user of the Karius Service, Karius will process PII to perform our obligations in providing the Karius Service to you or such other person or entity on whose behalf you are using the Karius Service.That generally will include using your PII to:
- Verify your identity to provide you with access to the Karius Service (e.g. generating one-time passwords); and
- Facilitate your creation of a Karius account.
We may also (i) use some anonymized and de-identified data to research, understand and improve the Karius Service; to detect and protect against error, fraud or other criminal activity; and to protect the security or integrity of the Karius Service; and (ii) use and disclose aggregated, de-identified data with partners and the public in a variety of ways. If we provide this information, we use appropriate procedures so that the data does not identify you and we contractually prohibit recipients of the data from re-identification.
3. Retention of PII
We will retain PII for as long as we have a legitimate need to use or share it.
4. Deletion of PII
If you seek to have us deleted your PII, you should note that deletion of your account with us will not automatically delete the PII that was associated with your account. If you would like to request that we delete all PII together with the deletion of your account, please contact us at firstname.lastname@example.org. Our ability to comply with your deletion request is subject to any applicable legal, contractual or other requirement to maintain certain records of PII. In that regard, please note that the deletion of PII from our database will result in us not being able to provide you with the Karius Service.
5. Storage and security of PII
We use reasonable controls and procedures to maintain the security of PII and protect it from misuse, interference and loss and against unauthorized collection, copying, access, modification or disclosure. Where you have chosen a password to access the App, you are responsible for keeping your password confidential. Do not share your password with anyone.
Due to the nature of the Internet, we do not provide any guarantee or warranty regarding the security of any PII during transmission to or storage by us and you acknowledge that the disclosure of PII to us is at your own risk. Please contact us immediately if you become aware or have reason to believe there has been any unauthorized use of PII in connection with the Karius Service.
The PII you provide to us or that is disclosed to us by our covered entity clients may be transferred to and stored with a cloud service provider with servers that are located in various jurisdictions. Some of these jurisdictions may not have the same or substantially similar privacy laws than those of your home jurisdiction.
6. Risks Associated with Electronic Communications and the Storing of Your PII Electronically
We understand the importance of protecting PII and take our security obligations seriously. We take a number of steps to safeguard the privacy and security of PII. However, any device or application connected to the Internet is susceptible to a security breach, despite the level of administrative, technical, and physical safeguards employed. This means that there is a risk that unauthorized persons may be able to access and read PII. By using the Karius Services, you agree that you have read, understand, and accept this risk.
- Although most browsers and devices accept cookies by default, their settings usually allow you to clear or decline cookies. If you disable cookies, however, some of the features of the Karius Service may not function properly.
- To prevent your data from being used by Google Analytics, you can install Google’s opt-out browser add-on by visiting https://tools.google.com/dlpage/gaoptout.
- To opt out of ads on platforms that are targeted to your interests, based on your platform settings, check your mobile device for settings that control ads based on your interactions with the applications on your device. For example, on your iOS device, enable the “Limit Ad Tracking” setting, and on your Android device, enable the “Opt out of Ads Personalization” setting.
The Karius Service does not respond to Do-Not-Track signals because we do not track our users over time and across third-party websites to provide targeted advertising. However, we believe that you should have a choice regarding interest-based ads served by our partners, which is why we outline the options available to you above.
Karius reserves the right to amend all or any part of this Notice. If we make material changes to the Notice, we will inform you through the Karius Service that the Notice has been updated. Your continued use of the Karius Service with us after any such changes are communicated to you constitutes your agreement to this Notice as amended.
9. Other Applications
The Karius Service may have links to other apps or websites. We are not responsible for the security or privacy of any information collected by such apps or websites and, while we do not permit those apps or websites to track your use of the Karius Service, we are unable to control whether such tracking mechanisms are implemented by those apps or websites. You should exercise caution and review the privacy statements applicable to the third-party websites and services you use. The use of online tracking mechanisms by those third-party websites and services is subject to those third parties’’ own privacy policies, and not this Notice.
10. Effect of Notice
This Notice applies in conjunction with any other policies, notices, contractual clauses and consent statements that apply in relation to the collection, use and disclosure of your PII by us.
11. Contact Us
All comments, queries and requests relating to our use of your PII are welcomed and should be addressed to our Privacy Officer at email@example.com. If you believe that your privacy rights have been violated, please contact us.