Segterra (InsideTracker) Privacy Policy
Introduction
Segterra ("Segterra", "InsideTracker", "GoalGetter," "us," "our" or "we") recognizes the importance of privacy.
We respect your desire to store and access your information in a private and secure manner.
This Policy explains how we handle your Personal Information, Blood Information and Genetic Information.
Your Personal Information is data that could be used to identify you. Your Blood Information is data related
to your blood tests. Your Genetic Information is data related to your genotype for a specific set of genes.
This Privacy Policy governs the way in which we collect, use, maintain, and disclose information collected
from users of our websites. These websites may include but are not limited to www.insidetracker.com,
and any other website or mobile software application owned or operated by InsideTracker (the "Platform").
This Privacy Policy applies to the Platform and all products and services (collectively, the "Services")
offered by us. We are committed to providing you a secure, user-controlled Platform. At the same time, you
share responsibility for maintaining privacy and security. For example, we ask you to keep your password secure.
Do not share it with any third parties. We urge you to read this Privacy Policy carefully.
The Policy applies to all new and existing InsideTracker users. To use the InsideTracker Services, you must
agree to the Privacy Policy. You may not use the Services if you do not agree to the Privacy Policy because
it is part of the Terms of Service ("Terms"). Any capitalized terms not defined in the Privacy Policy have
the same meaning as those in the Terms.
Our Terms of Service explains that, by using our Platform and signing up for services provided by InsideTracker
or on our behalf by third parties with whom we contract, you are allowing us to collect, use and process
your Personal Information, Blood Information and Genetic Information according to the Terms, the Product
Consent and this Privacy Policy. If you have any questions about this Policy, please contact us at
support@insidetracker.com.
If you do not agree with the terms of this Privacy Policy, please do not use the
Platform or Services.
By voluntarily giving us Personal Information and agreeing to have partner companies transmit your blood
data and/or your genetic data to us, you are consenting to our use of it in accordance with this Privacy
Policy and our Product Consent. If you give Personal Information to us, you agree that such Personal
Information may be transferred from your current location to the offices and servers of InsideTracker and
third parties we authorize.
Privacy Principles
We follow the principles listed below to protect your privacy:
-
We do not collect any more Personal Information about you than we need.
-
We only use your Personal Information for the purposes we specify in this Privacy Policy, unless you agree otherwise.
-
Other than as we specify in this Privacy Policy, we do not share your Personal Information with third parties.
Information We Collect
-
Personal Information (Data).
InsideTracker collects several types of Personal Information.
Personal Information is data that could be used to identify you, either alone or when combined with other
information. We gather this information from you when you buy our Services, subscribe to our newsletters,
and use the Platform. You will also provide such information when you create a personal account and
complete surveys and forms. When you communicate with us or request information from us we will collect
Personal Information from you. Personal Information collected online can be combined with Personal
Information collected offline. The Personal Information we collect may include your name, email address,
mailing address, date of birth, gender, and credit card or bank account information. If you buy our
InsideTracker service we will also collect certain health, test, and biometric information, including,
but not limited to, blood biomarker data, height, weight, ethnicity, and heart rate. If you buy the
InsideTracker genetics service, we will also collect certain DNA (Genetic) information. Personal
information may include registration information, blood biomarkers information, DNA information,
self-reported information, user content and web behavior information.
-
Registration Information is information that we collect
from you when you register for InsideTracker Services. Examples include your name, age, login credentials,
and contact information, such as an email address. We use this information to deliver our Services to you,
to communicate with you, and to confirm your identity.
-
Blood biomarker data is data related to your blood test
results from tests done by InsideTracker laboratory partners. You may also upload existing blood
test results from tests ordered by your doctor or insurance company. We may use your blood biomarker
data in a de-identified, aggregated way for InsideTracker research.
-
Genetic (DNA) information is data related to your genotype
for a specific set of genes related to healthy aging, nutrition, weight, sleep and physical activity.
InsideTracker will receive your genetic information from our partner Helix when you buy the GoalGetter
product. When you purchase the InsideTracker DNA kit, you will collect a DNA sample using the provided
collection kit and send it to our partner AKESOgen for DNA extraction and analysis. If you purchase
our genetics add-on service, you will provide your genetic data from DNA tests that you have previously
had done. InsideTracker analyzes your DNA data using an algorithm that determines your genetic potential
for certain traits. InsideTracker may use your aggregated, de-identified genetic data for research
and development to improve future products. For research that we hope to publish in scientific
publications, we will request separate permission through a Research Consent document to use your
de-identified Genetic Information. Any Research Consent is optional and voluntary. You will not be
required to agree to a Research Consent document in order to use the Platform or Services.
-
Self-Reported Information includes information you
provide in the InsideTracker questionnaire or in any other website surveys or forms, such as sex,
body weight, height, diet, etc. We may use your Self-Reported Information in a de-identified
way for InsideTracker research.
-
User Content is all information other than Genetic
Information or Self-Reported Information provided by the users of the InsideTracker Services and
transmitted, whether publicly or privately, to InsideTracker. User content may include data, text,
software, music, audio, photographs, graphics, video, messages, or other materials. For example,
user content includes comments made on InsideTracker blogs and emails to customer support.
-
Web Behavior Information is information on how you use
the Platform (e.g. browser type, domains, page views). We may collect this information through log
files, cookies, and web beacon, analytical and advertising technologies.
If you have purchased InsideTracker as a gift for someone else, any information you provide about the gift
recipient will be used only as needed to deliver the gift. Your gift recipient must create their own account.
The gift recipient also must provide their own blood and genetic samples or data depending on the InsideTracker
plan selected. The gift recipient must provide their own consent. No one else can consent for them.
InsideTracker will not share any Personal Information of the gift recipient with you.
You can always refuse to supply the Personal Information that we request. If you do refuse to supply
information, you may not be able to engage in certain Platform-related activities and receive certain
Services and information.
-
Non-Personal Information. We may collect non-Personal
Information about you when you interact with our Platform. Non-Personal Information may include your
browser name, type of computer, and the files you viewed on the Platform. Clickstream data,
(i.e. a list of pages or URLs visited), and technical information about how you connect to the Platform,
such as the operating system and the internet service providers used, are other types of non-Personal
Information that we may collect. We may, in some cases, need to review this automatically collected data
in combination with specific registration information to identify and resolve issues for individual users,
detect fraud, etc. To the extent that we link this non-Personal Information with your Personal
Information, this Privacy Policy governs our use of such information.
-
Electronic Health Records Disclaimer. At no time shall your
Personal Information, including blood data or genetic data collected from you in accordance with this
Privacy Policy be deemed to be an electronic health record or an electronic medical record for any purpose,
including without limitation for purpose of compliance with the Health Insurance Portability and
Accountability Act of 1996.
How We May Use Your Personal Information
We may collect and use Personal Information for the following purposes:
-
To provide InsideTracker services. We use your Personal
Information, including blood biomarker data, height, weight, ethnicity, along with your Self-Reported
Information to produce your InsideTracker analysis. If you buy InsideTracker genetic services, we will
use your DNA Information to provide you with analysis of your genetic potential.
-
To process transactions. Information you give to us lets
us process transactions made on the Platform or otherwise as necessary to perform our contractual
obligations to you, including confirming your order, billing, and delivering products or services.
-
To improve customer service. Information you provide helps
us respond to your customer service requests and support needs more efficiently. We will do this on the
basis of our legitimate business interests.
-
To personalize your experience. We may use combined,
de-identified information to understand how our users as a group use the Services. We will do this
on the basis of our legitimate business interests.
-
To improve our Services. We may use combined,
de-identified information and feedback you provide to improve our Services. We will do this on the
basis of our legitimate business interests.
-
To run a promotion, contest, survey, or other feature of the
Platform. With your consent, we will use your Personal Information, preferences and details
of your transactions to keep you informed by email, text, web or telephone about our products and services.
These products may include tailored special offers, discounts, promotions, events, competitions and so
on. We do not use your blood test results or DNA data for marketing. Of course, you are free to opt out
from hearing from us by any of these channels at any time.
-
To respond to your inquiries. We will use your Personal
Information to respond to your inquiries, questions and/or other requests. We do this on the basis of
our contractual obligations to you, our legal obligations and our legitimate interests.
-
To share offers from third parties that may be of interest to
you. With your consent, we may use your information to tell you about offers, programs,
products, or services from third parties that may be of interest to you.
-
As required by law To send you communications required by
law or which are necessary to inform you about our changes to the services we provide you. For example,
updates to this Privacy Policy and other legally required notices or information. These service messages
will not include any promotional content and do not require prior consent when sent by email or text
message. If we do not use your Personal Information for these purposes, we would be unable to meet
our legal obligations.
-
To comply with our legal or contractual obligations to share data
with law enforcement. If we are required to disclose your information, we will do our best to
provide you with notice in advance, unless we are prohibited by law from doing so.
-
To fulfill any other purpose for which you provide Personal
Information. We may use your Personal Information for purposes that we tell you about at the
time we collect the information or later with your consent.
-
For scientific research. We may include your anonymized
blood test information and self-reported information in disclosures to third parties for the purpose
of research or other applications, but no identifying information will be shared without your prior
knowledge and consent. InsideTracker research is intended to advance wellness and nutrition knowledge
and to create, commercialize, or undertake activities toward the practical applications of this learning
to the improvement of health care. Our research partners may include commercial or non-profit
organizations that conduct or support medical research or conduct or support the development of drugs
or devices to diagnose, predict, or treat health conditions. We may ask permission to use your
de-identified Genetic Information for research that we hope to publish in scientific publications.
If you choose to give this permission, you will agree to a Research Consent document. The Research
Consent document is optional and voluntary. You may use the website or services without
agreeing to the Research Consent document.
How We Protect Your Information
The security of your Personal Information is important to us. We have adopted generally accepted industry
standards for our data collection, storage, and processing practices and security measures to protect
against unauthorized access, alteration, disclosure, or destruction of your Personal Information,
username, password, transaction information, and data stored on the Platform. No method of transmission
over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive
to use commercially acceptable means to protect your Personal Information, we cannot guarantee its
absolute security.
Please recognize that protecting your Personal Information is also your responsibility.
We ask you to safeguard your password, secret questions and answers, and other authentication
information you use to access our services. You should not disclose your authentication information
to any third party. You should also immediately notify us of any unauthorized use of your password.
We cannot secure Personal Information that you release on your own or that you request us to release.
In addition, you may choose to disclose, through other means not associated with us, any part of your
Personal Information and/or Genetic Information. You may share this information with friends or family
members, groups of individuals, third-party service providers, doctors or other health care professionals,
or other individuals. We recommend that you make such choices carefully.
The Genetic Information Nondiscrimination Act of 2008 (GINA) says that you are not required to share your
genetic information with your employer or your health insurance company. Other companies, such as life
insurance, long-term care insurance, and disability insurance companies, may ask you to share your genetic
information. Always be careful with whom you choose to share your genetic information as it is your
ultimate right and choice to share such information.
If you do choose to share genetic data with your doctor or other health professional, those genetic data may
become part of your medical record. Other health professionals and health insurance companies may
be able to access the genetic data in your health record.
We will have no responsibility or liability for any consequences that may result because you have released
or shared Personal Information and/or Genetic Information with a third party. It is your responsibility to
share Personal Information and Genetic Information only with people you know and trust.
We reserve the right to update our privacy and security policies and practices from time to time at our sole
discretion. We will employ commercially reasonable technical and organizational safeguards against
unauthorized disclosure or access to your data or other personally identifiable information about you,
consistent with our Privacy Policy. HOWEVER, YOU ACKNOWLEDGE THAT SECURITY SAFEGUARDS, BY THEIR NATURE,
ARE CAPABLE OF CIRCUMVENTION AND INSIDETRACKER DOES NOT AND CANNOT GUARANTEE THAT PERSONALLY IDENTIFIABLE
INFORMATION ABOUT YOU WILL NOT BE ACCESSED BY UNAUTHORIZED PERSONS CAPABLE OF OVERCOMING SUCH SAFEGUARDS.
IN PARTICULAR, OUR PLATFORM MAY BE USED TO ACCESS AND TRANSFER INFORMATION, INCLUDING PERSONALLY
IDENTIFIABLE INFORMATION ABOUT YOU OVER THE INTERNET. YOU ACKNOWLEDGE AND AGREE THAT INSIDETRACKER DOES NOT
OPERATE OR CONTROL THE INTERNET AND THAT UNAUTHORIZED USERS (SUCH AS HACKERS) MAY USE VIRUSES, WORMS,
TROJAN HORSES, KEYSTROKE LOGGERS AND OTHER UNDESIRABLE DATA AND SOFTWARE TO OBTAIN ACCESS TO OR DAMAGE OUR
SITE OR TO ACCESS PERSONALLY IDENTIFIABLE INFORMATION ABOUT YOU. Furthermore, we cannot be responsible for
any personally identifiable information about you that you release on your own, or that you request
or authorize us to release.
Disclosure of Your Personal Data
We may disclose aggregated, or other non-Personal Information or information about our users without
restriction. We may disclose Personal Information about you in the ways described below and/or
to the third-parties mentioned below.
-
Affiliates. To our parents, affiliates, joint ventures, or
promotion partners, for their use in a manner consistent with the purposes described in this Privacy Policy.
-
Agents and Service Providers. To contractors, service providers,
and other third parties we use to support our business and provide the Services. These providers may
complete transactions or perform services on our behalf or for your benefit.
-
Marketing. With your consent, we may share your personal
data to third parties for their own direct marketing purposes, to provide you with information about
products that may be of interest to you, and for other purposes as specifically set forth in this
Privacy Policy. We do not share any DNA data, DNA analysis or blood test data with
third parties for marketing purposes.
-
Legal Process. As required by law, such as to comply with
a subpoena or other legal process, or when we believe in good faith that disclosure is necessary
to protect our rights, protect your safety or the safety of others, investigate fraud, or respond
to a government request. If we are required to disclose your information, we will do our
best to provide you with notice in advance, unless we are prohibited by law from doing so.
-
Certain Business Transfers. As part of a corporate business
transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets.
It may also be disclosed in the event of insolvency, bankruptcy, or receivership. We will use reasonable
efforts to direct any such transferee to use your Personal Information in a manner that
is consistent with our Privacy Policy.
-
Consent. In additional ways upon your consent.
Your Rights
-
Request a Copy of your Personal Information. You have the
right to request a copy of any Personal Information that we hold about you. If you would like a copy
of your Personal Information, please contact us using the contact information below. We may request
proof of your identity before sharing such information. If you discover that the information we hold
about you is incorrect or out of date, you may ask us to correct that information
by contacting us using the contact information below.
-
Cease Processing or Delete Personal Information. You may
ask us to stop processing, or delete, the personally identifiable data we hold about you in certain
circumstances. It may not be possible for us to stop processing or delete all of the information we
hold about you where we are fulfilling a transaction or have a legal basis to retain the information,
however please contact us to discuss how we can assist you with your request.
-
Withdraw Consent. When we process your information on
the basis that you have consented to such processing, you have the right to withdraw your consent,
or ask us to stop or restrict processing the Personal Information we have about you, at any time
by contacting us using the contact information below.
-
Portability. You may also ask us to transfer your
Personal Information to a third party in certain circumstances. If you would like any further
information about your rights or how to exercise them, please contact us using
the contact information below.
-
Complaints. If you are in the European Union, you have the
right to make a complaint at any time to the relevant data protection authority in your country.
-
Retention. We will retain your information for as long
as needed to fulfill your requests, provide you services, comply with our legal obligations, resolve
disputes, and enforce our agreements.
-
Unsubscribe. If you receive marketing emails from us, you
can unsubscribe to our emails by clicking "unsubscribe" within each email. You may not opt-out of
service-related communications, which are not promotional in nature.
Closing or Correcting Your Account
Your use of the InsideTracker service is voluntary. It is your choice whether to participate or not.
You may cancel the service at any time. If for any reason you believe that your use is anything
but voluntary, please stop all use of the service.
If you no longer wish to use InsideTracker Services, you may close your account by sending a request to
Customer Support at support@insidetracker.com.
When closing an account, we remove all Personal Information
within your account. However, Personal Information that you have previously provided will not be removed
from ongoing or completed internal R&D or business activities that use the information
(as de-identified statistical information). Similarly, if you close your account after you have separately
agreed to the Research Consent document, any genetic information that you have previously given consent
to use in de-identified form will not be removed from ongoing or completed studies. If you wish to have
your data removed from our business partners, you must contact them separately. In addition, we keep
limited information related to your order history (e.g., name, contact, and transaction data)
for accounting and compliance purposes.
If your Personal Information changes, you may correct or update it on your Profile page.
You may also correct or reset Personal Information entered into a survey, form, or feature by emailing
a request to customer support at support@insidetracker.com
and including the name of the specific survey, form, or feature.
Third-Party Websites
You may find advertising or other content on the Platform that link to the websites and services of our partners,
suppliers, advertisers, sponsors, licensors, and other third parties. We do not control the content or links
that appear on these websites. We are not responsible for the practices employed by websites linked to or
from the Platform. In addition, these websites or services, including their content and links, may be
constantly changing. These websites and services may have their own privacy policies and customer service
policies. Browsing on and interacting with any other website, including websites which have a link to the
Platform, are subject to that website's own terms and policies. We encourage you to read the Privacy
Policies of each website that you visit. This Privacy Policy applies solely to information collected
by InsideTracker.
Cookies and Other Tracking Technologies
-
As is true of most websites, we gather certain information automatically and store it in log files.
This information may include Internet protocol (IP) addresses, browser type, internet service provider
(ISP), referring/exit pages, the files viewed on our Platform (e.g., HTML pages, graphics, etc.),
operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate
and administer the Platform.
-
InsideTracker uses cookies. A cookie is a small text file that is stored on a user’s computer when
visiting certain websites. We use cookies or similar technologies to store session information, analyze
trends, run the Platform, track users' movements on InsideTracker, and gather demographic information
about our user base as a whole. These cookies are only applicable within our Platform.
-
The length of time a cookie stays on your device or computer depends on its type. "Persistent"
cookies stay on your device or computer until they expire or are deleted. "Session" cookies will
only stay on your device or computer for as long as you are on our Platform.
We use first party cookies and third party cookies on our Platform. First party cookies belong to us.
Third party cookies are placed on your device or computer by a third party through our Services,
such as an advertiser.
-
Please click for a list of the cookies used on our site.You can modify your cookie setting by
following the instructions provided by your browser. These instructions are usually found in the "Tools",
"Help" or "Edit" tabs. If you set your browser to reject cookies, you may not be able to fully access and
use our Platform. You can learn more about the choices provided by advertisers for individuals to decide
how their information is collected and used by visiting the Digital Advertising Alliance
(www.aboutads.info),
the Network Advertising Initiative
(www.networkadvertising.org/
managing/opt_out.asp)
or the European Digital
Advertising Alliance (www.youronlinechoices.eu).
Changes to This Privacy Policy Notice
We have the discretion to update this Privacy Policy at any time. When we do, we will revise the updated
date at the top of this page. If we make material changes to this Privacy Policy, we will notify you here,
by email, or by means of a notice on the Platform prior to the change becoming effective. We encourage you
to frequently check this page for any changes to stay informed about how we are helping to protect the
Personal Information we collect. You acknowledge and agree that it is your responsibility to review this
Privacy Policy periodically and become aware of modifications.
Where We Store Your Information
The Platform and Services are intended for adults. Users under the age of 18 are not permitted to use the Services.
The Platform is not directed to, and we do not knowingly collect or solicit Personal Information from,
children under the age of 18. If we learn we have collected or received Personal Information from a child
under the age of 18, we will delete that information. If you believe we might have any information from or
about a child under the age of 18, please contact us using the contact information below.
Children Under the Age of 18
The Platform and Services are intended for adults. Users under the age of 18 are not permitted to use the Services.
The Platform is not directed to, and we do not knowingly collect or solicit Personal Information from,
children under the age of 18. If we learn we have collected or received Personal Information from a child
under the age of 18, we will delete that information. If you believe we might have any information from or
about a child under the age of 18, please contact us using the contact information below.
Where We Store Your Information
Segterra (InsideTracker) is located, and the Platform is hosted, in the United States of America.
In order for us to provide the Services to you, we will process and store Personal Data you provide
to us in the United States of America, which may have different data protection laws than
those in the country in which you reside.
California Privacy Rights
California Civil Code Section § 1798.83 permits California residents to request certain information
regarding our disclosure of Personal Information to third parties for their direct marketing purposes.
To make such a request, please contact us using the contact information below.
HIPPA
Segterra ("Segterra", "InsideTracker", "GoalGetter", "us", "our" or "we") is fully compliant with the HIPAA
Standards for Privacy, Electronic Transactions and Security (including the HITECH Act and the Omnibus Rule of 2013).
We have implemented policies, processes, and procedures designed to ensure compliance with Federal security
laws, regulations, and rules, and we monitor ongoing compliance efforts and maintain various reporting
mechanisms that are required by law or requested by our customers. We recognize that it is a key responsibility
for our business and will continue to provide all of our various programs and services in accordance with
the relevant requirements of all federal laws and regulations, including, as applicable, HIPAA.
Questions regarding our HIPAA policies or compliance may be directed to:
support@insidetracker.com
Contacting Us
If you have any questions about this Privacy Policy, the practices of the Platform, or your dealings with us,
please contact us at:
Privacy Office
Segterra, Inc. (InsideTracker)
One Broadway, 14th Fl, Cambridge, MA 02142
Tel: +1 (800) 513-2359
Email: support@insidetracker.com