Patient Login Portal Pharmacists Login LTC Administrators/Providers Help Center Close Business Solutions Genomic Programs Precision Nutrition Program Precision Medication Management Covid-19 Solutions Medical/Healthcare Facilities Pharmacies Resources News About Us Contact SEARCH CONTACT (866) 320-8259 sales@base10genetics.com Business Solutions Genomic Programs Precision Nutrition Program Precision Medication Management Covid-19 Solutions Medical/Healthcare Facilities Pharmacies Resources News About Us Contact (866) 320-8259 sales@base10genetics.com

BASE10 Privacy Statement

TABLE OF CONTENTS

TABLE OF CONTENTS

Privacy Statement

Last modified 11 | 09 | 2021 

At BASE10 Genetics, Inc. (“BASE10”), we aim to help people achieve real health through a one of a kind-genetics-based medication and nutrition health program. BASE10 sets out to achieve these goals through, among other things: To provide and improve our website, mobile apps, products, software and other services (including but not limited to text, graphics, images, and other material and information) (collectively the “Services”), we collect, process, and store “Personal Information,” which is information that can identify you, such as your name, email or mailing address, or information that could reasonably be linked back to you, including in some cases your COVID-19 Information and Genetic Information. This Privacy Statement describes our practices for collecting, storing, and processing your Personal Information and the controls we provide you to manage it within our Services.

1. Account Creation and Your Engagement with BASE10

The Personal Information required to create an account with BASE10 is limited to your Account Information as defined below. Account creation also requires you to agree to BASE10’s Terms of Service and this Privacy Statement. By visiting BASE10’s website (www.base10genetics.com) (the “Website”), using the Services, or creating an account you are telling us that you agree to BASE10 collecting, processing, and sharing your Personal Information (including your Genetic Information if you have taken a DNA test) as described in this Privacy Statement and to the Terms of Service. At any time, you can request that BASE10 delete information you have uploaded into your account. You can also delete your entire account as provided in detail below.

2. What Personal Information Does BASE10 Collect?

a. What Personal Information Does BASE10 Collect from You?

Account Information. Self-Reported Information. COVID-19 Information. Sensitive User Data (Location, Camera, Image, Audio, Video, File Storage) location data camera data image data file storage does NOT audio and video Genetic Test Information. Individual-Level Information. Genetic Information. Payment Information. Blogs. info@base10genetics.com Contests and Promotions. Customer Service. Referral Information and Sharing. User Content.

b. What Information Does BASE10 Collect Through Your Use of the Services?

Social Media Features and Widgets. Web Behavior Information Collected Through Tracking Technology. Information from Your Use of the Service.

c. What Information Does BASE10 Collect from Other Sources?

We receive COVID-19 Information, DNA Data and Genetic Test Information from our partner laboratories who receive the samples that you provide to receive our Services. We may also receive other information about you from third parties to provide you with our Services or operate our business.

3. How Does BASE10 Use Your Personal Information?

Using Information to Provide, Analyze, and Improve Our Services. Aggregate Information. Biological Sample. Using COVID-19 Information:

4. With Whom Does BASE10 Share Information?

General Service Providers For Pharmacogenomics and Nutrigenomics Testing. User Employers As Part of COVID-19 Tacking and Recovery Program. Authorization for Use and Disclosure of Protected Health Information info@BASE10genetics.com Service Providers and Subcontractors to Support the COVID-19 Tracking and Recovery Program. Targeted Advertising Service Providers. Commonly Owned Entities. Research Partners. Law Enforcement. If BASE10 Is Acquired.

5. What Are BASE10’s Retention Practices?

BASE10’s Services are premised on the notion that personal health is not a one-time event and continues over one’s lifetime. Additionally, and with particular regard to our DNA customers who pay fees or purchase DNA-related Services, the ongoing enhancement of our collections of DNA features provide benefits and insights to our users over time. As a result, our retention practices reflect this ongoing value by retaining user accounts on our system until our users inform us of their desire to delete their data or close their accounts. BASE10 will retain the Personal Information you provide while creating your account until such time as you ask us to delete it. We retain user information (e.g., visits to the Website) in a depersonalized or aggregated form. Once aggregated, this information ceases to be personal and will not be subject to user deletion requests. For DNA Data and Genetic Information, BASE10 retains them as needed to provide you with the features and functionality you purchased. For COVID-19 Information and Optional COVID-19 User Access Information, BASE10 retains them as needed to fulfill the limited purposes set forth in this Privacy Statement and as needed to comply with current or future regulatory guidance.

6. Your Choices and Access to Your Personal Information

Access to Your Account. info@BASE10genetics.com. Signing in to App. Marketing Communications. info@base10genetics.com Information You Choose to Share With Others. Account Closure. info@base10genetics.com

7. Security

BASE10 takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of information, BASE10 uses a range of physical, technical, and administrative measures to safeguard your Personal Information. In particular, all connections to and from our Website and mobile application are encrypted using Secure Socket Layer technology. Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access our Services. You should not disclose your authentication information to any third party and should immediately notify BASE10 of any unauthorized use of your password. BASE10 cannot secure Personal Information that you release on your own or that you request us to release. Your information collected through the Service may be stored and processed in the United States or any other country in which BASE10 or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.

8. Linked Websites

BASE10 provides links to third-party websites operated by organizations not affiliated with BASE10. BASE10 does not disclose your Personal Information to organizations operating such linked third-party websites. BASE10 does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by BASE10.

9. Children’s Privacy

BASE10 is committed to protecting the privacy of children as well as adults. Neither BASE10 nor any of its Services are designed for, intended to attract, or directed toward children under the age of 13. A parent or guardian, however, may collect a Biological Sample from, create an account for, and provide information related to, his or her child. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to BASE10 about his or her child is kept secure and that the information submitted is accurate.

10. Changes to this Privacy Statement

Whenever this Privacy Statement is changed in a material way, a notice will be posted as part of this Privacy Statement and on our customers’ account login pages for 30 days. After 30 days the changes will become effective. In addition, all customers will receive an email with notification of the changes prior to the change becoming effective.

11 California Resident Additional Privacy Statement

BASE10 provides this California Resident Additional Privacy Statement (“California Statement”), applicable solely to California residents, as a supplement to our Privacy Statement to provide information as to how you may exercise your rights under the California Consumer Privacy Act (“CCPA”). This California Statement covers all BASE10’s Services that link to this California Statement, including BASE10 (referred to throughout as “BASE10”). Categories of Personal Information. Business Purposes. Categories of Sources of Personal Information. Categories of Third Parties with Whom We Share Personal Information. General and Targeted Service Providers. Commonly Owned Entities. Research Partners. Law Enforcement. Exercising Your Rights Under CCPA. info@base10genetics.com Right to Delete. info@base10genetics.com. Authorized Agents. info@base10genetics.com Selling. Non-Discrimination. California’s Shine the Light Law.

12. Contact Information

If you have questions about this Privacy Statement or the California Statement, please email BASE10’s Privacy Administrator at info@base10genetics.com, or send a letter to: info@base10genetics.com Privacy Administrator 866-710-1018BASE10 Genetics, Inc. 70 E. Lake St., Suite 226Chicago IL 60601 *This Privacy Statement was last updated on November 09, 2021. *This Privacy Statement was last updated on November 09, 2021. 70 E. Lake St.Suite 226Chicago, IL, 60601 PHONE: PHONE Sales: 1 (866) 320-8259 Customer Support: 1 (866) 710-1018 EMAIL: EMAIL Contact SalesContact Support Contact Sales Contact Support Services Patient Login Portal Legal Privacy Policy Terms Of Use

Patient Login Portal Pharmacists Login LTC Administrators/Providers Help Center