Privacy Policy

Current as of 6/15/2009

 

INTRODUCTION
Please read this privacy policy (the "Privacy Policy") to learn more about how Interleukin Genetics, Inc. ("Interleukin," "we," or "us") treats personally identifiable information that you provide to us when you create a user account and order Services on our website www.inherenthealth.com (the "Website"). Unless otherwise defined herein, capitalized terms shall have the meanings assigned to such terms in the Terms and Conditions of Use Agreement for the Website found here. If you have comments, suggestions, questions, or concerns about our Privacy Policy, please contact us at privacy@InherentHealth.com.

What This Privacy Policy Covers. This policy covers our treatment of personally identifiable information that we obtain from you when you register as a new customer and when you purchase Services that may be offered for sale on our Website.  Personally identifiable information also includes health information that you disclose to us and information generated from tests that we conduct for you. We regard personally identifiable information as information that someone can use to identify or contact you in person, such as real name, telephone number, email address, physical mailing address, financial account information, Genetic Information, and certain medical information you voluntarily provide to us such as your birth date, gender, and personal and family disease history. Information that we use internally to identify you as a customer in our system, such as your selected username or password, is not considered personally identifiable information.

What This Privacy Policy Does Not Cover. This policy does not cover the privacy practices of third parties that we do not own or control, such as our partners and advertisers. In addition, we may provide links to other services and on occasion to other sites that may interest you. All of these sites operate independently and they have their own privacy or security practices. We have no control over, do not review, and cannot be responsible for these outside websites or their content. Accordingly, we encourage you to review their policies before submitting any personal information to them.

HOW INFORMATION IS COLLECTED
1. Information You Provide.

Required Registration Information. When you register as a customer, we collect the following information from you: full name, email address, and the username and password you have created.

Required Information When You Order Products. When you order products on our Website, we collect your full name, your billing and shipping address, telephone number, credit card number, expiration date and security code.

Email Information. In addition to providing the foregoing information to us, if you choose to correspond with us through email, we may retain the content of your email messages together with your email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received by mail and telephone.  It will remain safeguarded and not be shared with any outside services or companies, except as necessary to provide the services that you have requested.

Access to Your Personal Information. In general, we make it easy for you to view the personally identifiable information we have collected from you in your customer profile, where you can add, edit, or delete it as you see fit.

2. Information We Track. Similar to other commercial web sites, our Website utilizes a standard technology called cookies and Web server logs to collect information about how our Website is used. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Website, and the websites visited just before and just after our Website. This information is collected on an aggregate basis. None of this information is associated with you as an individual.

Cookies are stored on computers to increase the security of your personal information and make it easier for you to navigate a website. Session cookies are automatically deleted when you close your web browser, while other cookies, called persistent cookies, remain on your computer for long periods of time.  To remove persistent cookies from your computer, follow the instructions in the help menu of your web browser.  If your internet settings block cookies altogether, you will not be able to log into an account on the Website.

INFORMATION WE DO NOT COLLECT
1. Personal Information of Children Under the Age of 13. You should be aware that our Website is not intended for, or designed to attract, children under the age of 13 and as such, we do not intentionally gather personally identifiable information of children who are under the age of 13. If you believe that we have collected personal information about a child who is under the age of 13, please contact us at privacy@InherentHealth.com and such personal information will be deleted.

HOW PERSONALLY IDENTIFIABLE INFORMATION IS USED, CONTROLLED, AND SECURED
1. Use of Your Personally Identifiable Information That You Provide To Us. We may use your personally identifiable information for the following purposes:

  • To process and fulfill your order, including to send you emails confirming your order status and shipment.
  • To generate and send you requested test results.
  • To communicate with you and to send you information by email, mail, or other means about our products, new services, and special offers we think you will find valuable.
  • To notify you about important changes to our Website.

As a customer, you will be given the opportunity, at least once annually to notify us of your desire not to receive promotional offers.

2. Use of Information We Collect From Cookies. We may use the information we collect from cookies for the following purposes:

  • To analyze trends and statistics about the use of our Website
  • To design our Website in the most user-friendly manner so that we can enhance your shopping experience
  • To help us improve our Website, products and services and better serve our existing and potential customers

3. Control of Your Personally Identifiable Information. Except as otherwise described in this Privacy Policy, personally identifiable information you provide to us will not be shared outside of Interleukin and its controlled subsidiaries and affiliates without your permission.

4. Security of Personally Identifiable Information. To prevent unauthorized access to personally identifiable information, we have put into practice a number of procedures set forth below:

  • User access is protected using personally assigned usernames and passwords.
  • DNA samples are assigned a unique, anonymous barcode to track the Genetic Information independent of the user information.
  • User information is always stored separately from Genetic so that Genetic Information remains anonymous to laboratory personnel.
  • This Website is encrypted to secure personally identifiable information. All personally identifiable and transactional information is encrypted using industry standard SSL encryption where the consumer sends confidential personal and credit card information to us on our Website, a secure server software which we have licensed encrypts all information entered before it is sent to us. The information is scrambled en route and decoded once it reaches our Web site.
  • Our network is secured using server firewalls. In addition, the Website will use firewall to protect information from unauthorized access, disclosure, alteration, and/or destruction.
  • Archives containing personally identifiable information are securely stored on the database server which will be securely stored behind the firewall
  • Employee and third party consultant access to personally identifiable information is limited to their needs related to provision of Services. Employees and third party consultants may only access this information using a password.

All employees and third party consultants with access to personally identifiable information are trained appropriately and are required to sign a confidentiality agreement that aligns with this privacy policy.

Please note that email correspondence that you may send to us may not be secure unless we advise you that security measures will be in place prior to your transmitting the information. For that reason, we ask that you do not send confidential information such as Social Security or financial account numbers to us through an unsecured email.

HOW INFORMATION IS SHARED AND DISCLOSED
1. With Third Parties. We may provide anonymous, aggregate information about our customers, sales, Website traffic patterns and related information to our affiliates, partners or reputable third parties, but this information will not include personally identifiable information.

2. Linked Services. In some cases, we may allow you to access or link to other products or services through our Website. In all of these cases, our partners may choose to collect your personal information as they deem appropriate. We are not responsible for or in control of how our partners collect, use, or disclose your information obtained through these linked services. We encourage you to be aware when you are using these partner services and, for your best online experience, we encourage you to review their policies before submitting any personal information to them.

3.  As Necessary In Certain Legal Circumstances. We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect the rights, property or safety of Interleukin or others, respond to claims and/or to comply with a judicial proceeding, court order, or legal process served on us.

TEST RESULTS
Customer samples are processed in our state-of-the art CLIA-certified laboratory with the utmost standards of quality and according to government regulations.

Your DNA sample will only be tested for the information requested. Results will be provided by mail to the address designated or electronically via a secure, password protected Website.  No one outside our laboratory will have access to the results unless directed to do so in writing.  This includes family members.

To further protect your privacy, we will destroy samples within ten days after completing your requested test.

COMMUNICATION
We will contact customers using the method of communication they specify.  Information will not be communicated to any other individual unless the customer directs us to do so in writing or it is required by law.

ACCOUNT TERMINATION
If a customer decides to terminate his or her account with Interleukin, we will delete the customer's user account, access and personally identifiable information from our system.  However, we are required by law to archive and retain copies of the test report for 7 years. 

FEDERAL LAWS PROTECTING YOU
Some people worry that once they know a genetic fact about themselves, they could be forced to share that information with an insurer or employer.  The United States instituted a new law on May 21, 2008 called the Genetic Information Nondiscrimination Act (GINA), which protects Americans against unfair treatment from employers and insurers on the basis of genetic information.  As a result, you are not required to disclose genetic information to an employer or insurer, nor can they legally discriminate against you.

STATE LAWS PROTECTING YOU
There are also state laws that prevent insurers, employers and others from using genetic test results for discriminatory purposes. You may have additional protection under these laws, depending on where you are located.

NOTICE TO CALIFORNIA RESIDENTS
California Civil Code Section 1798.83 permits customers who are California residents and who have provided Interleukin with "personal information" (as that term is defined in Section 1798.83) to request certain information about the disclosure of that information to third parties for their direct marketing purposes.  If you are a California resident with questions regarding this, please contact Interleukin at privacy@InherentHealth.com or at Interleukin Genetics, Inc., 135 Beaver Street, Waltham, Massachusetts 02452, U.S.A.

FOR OUR CANADIAN CUSTOMERS
Canadian citizens, except under circumstances defined by law, are entitled to access their own Personal Information collected by Interleukin by writing to: Interleukin Genetics, Inc., 135 Beaver Street, Waltham, Massachusetts 02452, U.S.A. We may ask you to pay an administrative fee for accessing or copying your information, but will inform you of the anticipated charges and confirm that you want us to proceed before processing your request. If you believe that the personally identifiable information about you that we have collected is incomplete or inaccurate, we will correct the information upon verification of the omission or error and of the identity of the person requesting the change. If you wish additional information about our personal identifiable management, to access, correct or have us investigate any matters in relation to your personally identifiable information, please contact us at the address provided above.

NOTICE TO VISITORS OUTSIDE OF THE UNITED STATES
You should be aware that the United States and other countries have not harmonized their privacy regulations. Because Interleukin and its servers is located in the United States, we have written our Privacy Policy to satisfy United States regulations. By registering as a customer, you expressly agree to the transfer into and out of the United States and the use of your personally identifiable information as necessary to provide the services that you request. You also agree to the level of privacy protection set out in this Privacy Policy.

LINKED WEBSITES
This Website contains links to third-party Websites operated by other organizations.  We are not responsible for their privacy practices and we encourage our customers to read the privacy policies of each Website that collects personally identifiable information.  We will not disclose our customers' personal information to these organizations. 

BUSINESS TRANSITION
In the event that Interleukin undergoes a business transition such as a merger or an acquisition by another company, or if any personally identifiable information is transferred to another company, we will require the successor to comply with the terms of this policy.

CHANGES TO THIS PRIVACY POLICY
This Privacy Policy is subject to occasional revision, and changes will be posted on the Website.  If we make any substantial changes in the way we use or disclose your personally identifiable information, we will notify you at the email address listed in your customer profile. If you object to any such changes, you may request that we delete your customer account.