Effective as of May 9, 2022.
Please click here to view the previous version of our Privacy Policy.
This Privacy Policy describes how Personal Genome Diagnostics Inc. (“PGDx,” “we”, “us” or “our”) handles personal information that we collect through our digital properties that link to this Privacy Policy, including our website, www.personalgenome.com, our products and services, as well as through social media, our marketing activities, and other activities described in this Privacy Policy (collectively, the “Service”). The purpose of this Privacy Notice is to provide you with clear explanation of what personal information we collect, when, why and how we collect, use and share your personal information and it explains your statutory rights.
PGDx may provide additional or supplemental privacy policies to individuals for specific products or services that we offer at the time we collect personal information.
You can download a printable copy of this Privacy Policy here:
Information you provide to us. Personal information you may provide to us through the Service or otherwise includes:
Contact data, such as your first and last name, email address, billing and mailing addresses, professional title and company name, and phone number.
Demographic Information, such as your city, state, country of residence, and postal code.
Profile data, such as the email address and password that you may set to establish an online account on the Service, biographical details, interests, preferences, information on whether you currently utilize NGS-based oncology assays, and any other information that you add to your account profile.
Communications that we exchange with you, including when you contact us through the Service (such as by using the “Product and Services Support” or “Contact Us” forms on our website), social media, or otherwise.
Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them and when you sign up for our newsletter.
Professional information, such as your application (cover letter and resume) and any information you voluntarily provide to us.
Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
Location data when you authorize the Service to access your device’s location.
Cookies and similar technologies. Some of our automatic data collection is facilitated by cookies and similar technologies. For more information, please review our Cookie Notice.
We may use your personal information for the following purposes or as otherwise described at the time of collection:
Service delivery. We may use your personal information to:
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business.
Marketing and advertising. We, our service providers and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
To manage our recruiting and process employment applications. We may use personal information, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, and monitoring recruitment statistics.
Compliance and protection. We may use your personal information to:
With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.
To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
Cookies and similar technologies. We may use these for the purposes outlined in our Cookie Notice.
Retention. We generally retain personal information to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we may consider factors such as the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Access or update your information. If you have registered for an account with us through the Service, you may review and update certain account information by logging into the account.
Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by emailing us at marketing@pgdx.com. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.
The Service is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Service. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Website or on or through any of its features. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at:
From time to time, we may revise this Privacy Policy. Any such changes to this Privacy Policy will be reflected on this page. We recommend that you review this Privacy Policy regularly for any changes. The date on which this notice was last revised is located at the top of this notice.
This section describes how we collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act (“CCPA”) and their rights with respect to that Personal Information. For purposes of this section, the term “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.
Your California privacy rights. California residents have the rights listed below under the CCPA. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.
Exercising your right to information, access and deletion. You may submit requests to exercise your right to information, access or deletion by calling us toll free at 855−743−9669 or via email to marketing@pgdx.com.
Notice of right to opt-out of the “sale” of your Personal Information. Like many companies, we use services that help deliver interest-based ads to you. Our use of some of these services may be classified under California law as a “sale” of your Personal Information to the advertising partners that provide the services because they collect information from our users (e.g., device data and online activity data) to help them serve ads more likely to interest you. You can request to opt-out out of this “sale” of your personal information here: Do Not Sell My Personal Information.
We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
We will need to verify your identity to process your information, access and deletion requests and reserve the right to confirm your California residency. To verify your identity, we may require government identification, a declaration under penalty of perjury or other information.
Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of a valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000 – 4465. If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with confirmation that you have given the authorized agent permission to submit the request.
Personal information that we collect, use and disclose. The chart below summarizes the Personal Information we collect by reference to the categories of Personal Information specified in the CCPA (Cal. Civ. Code §1798.140), and describes our practices currently and during the 12 months preceding the effective date of this Privacy Policy. The terms in the chart refer to the categories of information, sources, purposes and third parties described above in this Privacy Policy in more detail. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
May be derived from:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Personal Information we collect in this category:
Source of PI:
Business/commercial purpose for collection:
Categories of third parties to whom we “disclose” PI for a business purpose:
Categories of third parties to whom we “sell” PI:
Your California privacy rights. Under California’s Shine the Light law (California Civil Code Section 1798.83), California residents may ask companies with whom they have formed a business relationship primarily for personal, family or household purposes to provide the names of third parties to which they have disclosed certain personal information (as defined under the Shine the Light law) during the preceding calendar year for their own direct marketing purposes and the categories of personal information disclosed. You may send us requests for this information to marketing@pgdx.com. In your request, you must include the statement “Shine the Light Request,” and provide your first and last name and mailing address and certify that you are a California resident. We reserve the right to require additional information to confirm your identity and California residency. Please note that we will not accept requests via telephone, mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.
The information provided in this “Notice to European users” section applies only to individuals in the United Kingdom, Switzerland, and the European Economic Area (hereafter collectively referred to as “Europe”).
Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.
Controller. PGDx is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation.
EU/UK Representative. Our data protection representative in the European Union/United Kingdom pursuant Art. 27 GDPR is: PLANIT // LEGAL, Attn: Personal Genome Diagnostics EU Representative (Art. 27 GDPR), Jungfernstieg 1, 20095 Hamburg, Germany, E‑Mail: [email protected]
Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal information”.
Processing is necessary to perform the contract governing our provision of our services or to take steps that you request prior to signing up for the services. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the services you access and request.
These activities may constitute our legitimate interests, may be necessary to perform the contract governing our provision of our services or to take steps that you request prior to signing up for the services, or may be based on your consent. To the extent that these activities constitute our legitimate interests, we do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Processing is necessary to comply with our legal obligations.
Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the services.
Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
Retention. We retain personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for Compliance and protection purposes.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.
Sensitive personal information. We ask that you not provide us with any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the services, or otherwise to us.
If you provide us with any sensitive personal information to us when you use the services, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our services.
Your rights. European data protection laws give you certain rights regarding your personal information. If you are located in Europe, you may ask us to take the following actions in relation to your personal information that we hold:
You may submit these requests by email to marketing@pgdx.com or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Cross-border data transfer. If we transfer your personal information from Europe to another country such that we are required to apply appropriate safeguards to your personal information under European data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.