NIRVANABIOME

PRIVACY POLICY

 

Effective Date: October 20, 2020

Version: 1.0


At NirvanaBiome your privacy is important to us, so we strive to be transparent about how we collect, use and share information about you. This policy is intended to help you understand:

  1. WHAT INFORMATION WE COLLECT

  2. HOW WE USE INFORMATION

  3. HOW WE SHARE INFORMATION

  4. HOW WE STORE INFORMATION

  5. HOW TO ACCESS AND CONTROL YOUR INFORMATION

  6. ADDITIONAL IMPORTANT PRIVACY MATTERS

  7. HOW TO CONTACT US

Please take a moment to read this privacy policy carefully so that you can understand your rights and our responsibilities regarding your information. This policy also explains your choices about how we use information about you. By using the Service, you consent to the collection and use of information in accordance with this Privacy Policy.

This Privacy Policy (this “Privacy Policy”) governs your use of the NirvanaBiome testing and website (the “Services”) that was developed by NirvanaBiome (the “Company”). The Company is sometimes referred to herein as “we,” “us,” or “our” and the you or your child (collectively the “User”) (as defined below) is sometimes referred to as “you,” “your,” or “customer. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Service.


1. WHAT INFORMATION WE COLLECT

1.1 Definitions. We require certain information to provide our services to you. For example, you must have an account in order to purchase or interact with the Services. When you choose to share the information below with us, we collect and use it to operate our Services. "Personal Data" means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, travel preferences, specific expenses, as well as any other non-public information about you that is associated with or linked to any of the foregoing data. "Anonymous Data" means data that is not associated with or linked to your Personal Data; Anonymous Data has been stripped of your Personal Information (e.g., your name and contact information) and aggregated with the information of others so that you cannot reasonably be identified as an individual. We collect Personal Data and Anonymous Data, as described below. 

 

1.2 Information You Provide. When you use the Services, you will provide information that could be Personal Data, such (a) your name, email address, mobile telephone number, password, date of birth, tax identification number, schedule, picture, and other registration information; (b) information you provide us when you contact us for help; (d) credit card or banking information for making payments to and receiving payments from other Users or contacts; and (e) any other information you enter into the Services.

1.2.1 User Content. The Services may include publicly accessible blogs, community forums, or private messaging features. The Services may also contain links and interactive features with various social media platforms (e.g., widgets). If you already use these platforms, their cookies may be set on your device when using our Services or other services. You should be aware that Personal Data which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Data provided by you may be viewed and used by third parties for any number of purposes.

1.2.2 Payment Information. Our online store is hosted on Shopify Inc. Shopify provides us with an online e-commerce platform that allows us to sell our products and services to you. In providing information in our online store, you may be also providing that information to Shopify. Information collected by Shopify is subject to their Terms of Service and Privacy Policy. We may also share information with Shopify for the purpose of providing you with our products and services.

 

1.3 Information We Collect Automatically. We automatically receive and record information from your use of the Services, including but not limited to: Services usage, your IP address browser type, Internet service provider, referring/exit pages, operating system, date/time stamp, clickstream data, and cookie information. This information is used to optimize your user experience. Generally, the Services automatically collect usage information, such as the number and frequency of users of the Services. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify you personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Services so that we can analyze and improve them.

1.3.1 Cookies. Cookies are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer/mobile phone until you delete them) to provide you with a more personal and interactive experience on our Site.  We use cookies to enable our servers to recognize your web browser and tell us how and when you use the Services. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. We strongly recommend that you leave cookies active, because they enable you to take advantage of the most attractive features of the Services.

1.3.2 Pixel Tags. Pixel Tags (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of Web users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in Web pages. Pixel Tags also allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. Advertisements served through the Services may be targeted to users who fit a certain general profile category may be based on Anonymous Data inferred from information provided to us by a user, may be based on the Services usage patterns of particular users, or may be based on your activity on Third Party Services. We currently do not provide Personal Data to any ad networks for use outside of the Services. To increase the effectiveness of ad delivery, we may deliver a file pixel tag from an ad network to you through the Services. These pixel tags allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Web beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Because your web browser must request these advertisements and pixel tags from the ad network’s servers, these companies can view, edit or set their own cookies, just as if you had requested a web page from their site. 

1.3.3 Social Media Widgets. Our Website includes social media features such as the Facebook “Like” button that might include widgets such as the share this button or other interactive mini-programs. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. These social media features are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.

1.3.4 Mobile Services. We may also collect Anonymous Data from your mobile device. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your geographic location, how you use the Services, and information about the type of device you use. In addition, in the event our Services crash on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our Services. This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.

1.3.5 Analytics. We use third party analytics services, including but not limited to Google Analytics ("Analytics Services"), to help analyze how users use our Site and Services. We use the information we get from Analytics Services only to improve our Site and Services. The information generated by the Cookies or other technologies about your use of our Site and Services (the "Analytics Information") is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer the Analytics Information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Service’s ability to use and share Analytics Information is restricted by such Analytics Service’s Terms of Use and Privacy Policy. By using our Site and Services, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. For a full list of Analytics Services, please contact us at privacy@nirvanabiome.com.

1.3.6 Third Party Data. We may receive Personal and/or Anonymous Data about you from companies that provide our Services by way of a co-branded or private-labeled website or companies that offer their products and/or services on our Services. These third party companies may supply us with Personal Data. We may add this information to the information we have already collected from you via our Services in order to improve the Services we provide.

 

1.4 Anonymous Data. We will not sell, lease or rent your Personal Data to any third party or to a third party for any purposes without your explicit consent. However, we do use and share Aggregate Information with third parties in order to perform business development, for research, optimization, improvement and any other legitimate business purposes. By using the Services you grant us permission to process Anonymous Data, which has no personally identifiable information, during and after your use of the Services.


2. HOW WE USE THE INFORMATION

While we consider the collection and processing of your information to be in our legitimate business interest we take your privacy rights seriously. We use information about you for a number of purposes. Below are the specific purposes for which we use the information we collect about you.

2.1 To provide the Services and personalize your experience. We use information about you to provide the Services to you, including to process payment transactions with you, authenticate you when you log in, provide customer support, and operate and maintain the Services.

2.2 To Improve Services.  We are always looking for ways to make our Services smarter, faster, more secure, integrated and useful to you. To that end, we use collective learnings about how people use our Services and feedback provided directly to us to improve our Services, algorithms, predictions, sequencing quality, to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services.

2.3 To communicate with you about the Services.  We use your contact information to send transactional communications via email or chat and within the Services, including confirming your purchases, reminding you of subscription expirations, ensuring accurate and timely payments are processed, responding to your comments, questions and requests, providing customer support, and sending you technical notices, product updates, security alerts, and administrative messages.

2.4 To market, promote, and drive engagement with the Services.  We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying ads on other companies' websites and applications, as well as on platforms like Facebook and Google. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, events and other information we think may be of interest to you. We also communicate with you about new product offers, promotions and contests.

2.5 Conducting surveys and collecting feedback about our Services. We do this to pursue our legitimate interests to understand if the Services are helpful to you and to evaluate the effectiveness of any updates we provide.

2.6 Customer support. We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.  We also use your information to provide requested assistance (either originated from you, or a person acting legitimately on your behalf) and to offer proactive support in case of itinerary changes.

2.7 For safety and security. We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

2.8 To protect our legitimate business interests and legal rights. Where required by law, where we believe it is in our legitimate business interest, or where it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

2.9 To allow you to share your Personal Data with others. We give you the ability to share information, including Personal Data, through the Services. You have the option to share directly with individuals with accounts on the Services through (i) our Forums, and (ii) other sharing features and tools. You may also have the ability to share information directly with individuals who have not participated in our Service via a unique, shareable URL or through a social media platform (such information is "User Content"). Some sharing features, including receiving sharing invitations, may require that you opt-out, however you will always be required to take a positive action, such as opting in, to share Personal Data. You should be thoughtful about your sharing choices. Once you have chosen to share any Personal Data, the individuals with whom you share this information, may also use or share your Personal Data, including any Sensitive Information you choose to share.

2.10 To allow you to share your Personal Data for research purposes. You have the choice to participate in research aimed at publication in peer-reviewed journals and other research funded by the federal government (such as the National Institutes of Health (“NIH”)) conducted by us (“Company Research”). Company Research may be sponsored by, conducted on behalf of, or in collaboration with third parties, such as non-profit foundations, academic institutions or pharmaceutical companies. Company Research may study a specific group or population, identify potential areas or targets for therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on genetic research initiatives, or otherwise create, commercialize, and apply this new knowledge to improve health care. Company Research uses aggregate Personal Data or Anonymous Data. While you give us permission to use Anonymous Data in Company Research, we will only use Personal Data if you opt in to Company Research and have completed the research consent document. You may withdraw your consent to participate in Company Research at any time by changing your consent status by contacting hello@nirvanabiome.com.  We will not include your information in studies that start more than 30 days after you withdraw (it may take up to 30 days to withdraw your information after you withdraw your consent). Any research involving your data that has already been performed or published prior to your withdrawal will not be reversed, undone, or withdrawn. 

2.11 With your consent. We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.

2.12 Additional purposes. We may process your information for any other purpose disclosed to you in connection with our Services from time to time. If we intend to process your personal data for a purpose other than that set out above, we will provide you with information prior to such processing and will obtain your consent where necessary.

 


3. HOW WE SHARE INFORMATION

We may share your information with our third-party service providers, to comply with legal obligations, to protect and defend our rights and property, or with your permission. Below are the specific ways we share information we collect about you.

3.1 Qualified Research Collaborators. If you provide explicit consent we will share your information with research collaborators. We will not sell, lease, or rent your Personal Data to a third party for research purposes without your explicit consent.

3.2 Mobile Communications. As part of the Services, you will receive text, email and other communications from other Users or us. In the event that you communicate through text, standard messaging rates apply.

3.3 User Profile Information. User profile information including your username and other information you enter may be displayed to other users to facilitate user interaction within the Services. We will not directly reveal user email addresses to other users.

3.4 Company. In the event that you use the Services in connection with a company, we may share your Personal Data with the company and the company administrator(s).

3.5 Information Shared with Our Agents. We employ and contract with people and other entities that perform certain tasks on our behalf and who are under our control (our “Agents”). We may need to share Personal Data with our Agents in order to provide products or services to you. Unless we tell you differently, our Agents do not have any right to use Personal Data or other information we share with them beyond what is necessary to assist us. You hereby consent to our sharing of Personal Data with our Agents.

3.6 IP Address Information. While we collect and store IP address information, that information is not made public. We do at times, however, share this information with our partners, service providers and other persons with whom we conduct business, and as otherwise specified in this Privacy Policy.

3.7 Aggregate Information. We share Aggregate Information with our partners, service providers and other persons with whom we conduct business. We share this type of statistical data so that our partners can understand how and how often people use our Services and their services or websites, which facilitates improving both their services and how our Services interface with them. In addition, these third parties may share with us non-private, aggregated or otherwise non-Personal Data about you that they have independently developed or acquired.

3.8 Interest-Based Advertising. We may allow third-party advertising partners to set tracking tools (e.g., cookies) to collect information regarding your activities (e.g., your IP address, page(s) visited, time of day). We may also share such de-identified information as well as selected Personal Data (such as demographic information and past purchase history) we have collected with third-party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit other websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We may allow access to other data collected by the Site to facilitate transmission of information that may be useful, relevant, valuable or otherwise of interest to you.

3.9 Information Disclosed Pursuant to Business Transfers. In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy.

3.10 Information Disclosed for Our Protection and the Protection of Others. We also reserve the right to access, read, preserve, and disclose any information as it reasonably believes is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce these Terms of Service, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.

3.11 Information We Share with Your Consent. We will share your Personal Data with any relevant party you have granted us permission to share with.

 


4. HOW WE STORE AND SECURE INFORMATION

Keeping your information secure is a top priority for us. To that end we comply with industry-standard best practices to secure your information. We use data hosting service providers in the United States to host the information we collect, and we use technical measures to secure your data. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

4.1 Account Information.  We retain your Personal Data only as long as necessary to accomplish the business purpose for which it was collected or to comply with our legal and contractual obligations, plus 1 year, and then securely dispose of that information. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

4.2 Information You Share on the Services If your account is deactivated or disabled, some of your information and the content you have provided will remain.

4.3 Marketing information If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

 


5. HOW TO ACCESS AND CONTROL YOUR INFORMATION

You can stop all collection of information by the Services easily by terminating the service as described in the Terms of Use.

 


6. ADDITIONAL IMPORTANT PRIVACY MATTERS

6.1 Minimum Age. We are committed to protecting the privacy of children as well as adults. Our Services are not designed for, intended to attract, or directed toward children under the age of 18. A parent or guardian, however, may use the Services, create an account for, and provide information related to, his or her child who is under the age of 18. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to us about his or her child is kept secure and that the information submitted is accurate. To use the Website or any other Services, you must be (i) at least 18 years old, if you are submitting your own biological sample (“Sample”), or if you are under the age of 18, the Services may only be used by your parent or legal guardian, (and (ii) not a competitor of or using the Services for purposes that are competitive with the Company.

6.2 Security. We are concerned about safeguarding the confidentiality of your Personal Data. We provide physical, electronic, and procedural safeguards to protect information we process and maintain and use a combination of firewall barriers, encryption techniques and authentication procedures. For example, we limit access to your Personal Data to authorized employees and contractors who need to know that information in order to operate, develop or improve our Services. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

6.3 California Privacy Rights. California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third-parties to whom we have disclosed their Personal Data (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Data disclosed to those parties.

6.4 Nevada Privacy Rights. Nevada Residents Pursuant to Nevada law, you may direct a business that operates an internet website not to sell certain Personal Information a business has collected or will collect about you. We do not sell your Personal Information pursuant to Nevada law. For more information about how we handle and share your Personal Information or your rights under Nevada law, contact us at [email address].

6.5 Links to Other Sites. Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

6.6 Changes to this Privacy Policy. We will notify you when we change this Privacy Policy. We may change this Privacy Policy from time to time. If we make significant changes in the way we treat your Personal Data, or to the Privacy Policy, we will provide notice to you on the Services or by some other means, such as email. Please review the changes carefully. If you agree to the changes, simply continue to use our Services.  Your continued use of our Services after the revised Statement has become effective indicates that you have read, understood, and agreed to the current version of this Policy.  If you object to any of the changes to our terms and you no longer wish to use our Services, you may close your account(s). Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. Using our Services after a notice of changes has been communicated to you or published on our Services shall constitute consent to the changed terms or practices.

 


7. CONTACT US

Contacting us: If you have any questions, please don’t hesitate to contact us at: hello@nirvanabiome.com