BASE10 Privacy Statement
Last modified 11 | 09 | 2021
At BASE10 Genetics, Inc. ("BASE10"), we aim to help people achieve real health through a one of a kind-genetics-based medication and nutrition health program. BASE10 sets out to achieve these goals through, among other things:
- The COVID Tracking and Recovery Program: a COVID vaccination and testing tracking and recovery program, principally delivered through the website or mobile app, which offers organizations and employers a COVID-19 solution to navigate the ever-changing regulatory and safety mandate landscape;
- The Nutrigenomics Program, which is developed by a team of registered dietitians trained in medical nutrition therapy and dedicated to making a qualitative difference in employees’ health; and
- The Pharmacogenomics Program, which aims to create long-term human impact by minimizing the likelihood and effects of adverse drug events.
To provide and improve our website, mobile apps, products, software and other services (including but not limited to text, graphics, images, and other material and information) (collectively the "Services"), we collect, process, and store "Personal Information," which is information that can identify you, such as your name, email or mailing address, or information that could reasonably be linked back to you, including in some cases your COVID-19 Information and Genetic Information. This Privacy Statement describes our practices for collecting, storing, and processing your Personal Information and the controls we provide you to manage it within our Services.
1. Account Creation and Your Engagement with BASE10
The Personal Information required to create an account with BASE10 is limited to your Account Information as defined below. Account creation also requires you to agree to BASE10's Terms of Service and this Privacy Statement. By visiting BASE10's website (www.base10genetics.com) (the "Website"), using the Services, or creating an account you are telling us that you agree to BASE10 collecting, processing, and sharing your Personal Information (including your Genetic Information if you have taken a DNA test) as described in this Privacy Statement and to the Terms of Service. At any time, you can request that BASE10 delete information you have uploaded into your account. You can also delete your entire account as provided in detail below.
2. What Personal Information Does BASE10 Collect?
a. What Personal Information Does BASE10 Collect from You?
- Account Information. When you register an account with us or purchase our Services, we collect personal information, such as your name, date of birth, billing and shipping information, email address or phone number, gender, and account username and password.
- Self-Reported Information. Self-Reported Information includes all information about yourself, including your Genetic Information, disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your BASE10 account. You have the option to provide us with additional information about yourself through surveys, forms, features or applications. For example, you may provide us with information about your personal traits (e.g., eye color, height), ethnicity, disease conditions (e.g., Type 2 Diabetes), other health-related information (e.g., pulse rate, cholesterol levels, visual acuity), and family history information (e.g., information similar to the foregoing about your family members). Where you are disclosing information about a family member, you should make sure that you have permission from the family member to do so.
- COVID-19 Information. Information collected regarding the circumstances of testing, as well as the details relating to SARS-CoV-2 blood test results received through our partner laboratories through constitutes “COVID-19 Information.” That information includes, but is not limited to date, time, address and phone number of testing site, assigned identifier for test, status of pending tests, results of tests and historical test results.
- Sensitive User Data (Location, Camera, Image, Audio, Video, File Storage):. Solely at your option, BASE10 Genetics may collect Sensitive User Data (Location, Camera, Image, File Storage), but limits the access, collection, use and sharing of this data Sensitive User Data to purposes directly related to providing and improving features of the BASE10 App, does not share Sensitive User Data with third parties, and does not sell Sensitive User Data. You will be asked for your affirmative consent prior to the mobile application accessing or collecting the Sensitive User Data (Location, Camera, Image, File Storage). While the optional features associated with Sensitive User Data may be unavailable if permission is denied, your provision of Sensitive User Data is entirely optional, and you may continue to use the app if you deny permission to collect the information. BASE10 handles Sensitive User Data Securely by transmitting it over HTTPS.
- BASE10 may collect location data (upon your election) to help users select nearby testing locations, but processes that data ephemerally and retains it for no longer than necessary to service the specific request. The location data is not used to track you, stored on BASE10’s servers or shared with third parties.
- BASE10 may collect camera data (upon your election) for two purposes. First, to collect a picture of your vaccination card to help you build your personal records and facilitate your sharing of the card with your choice of entities. BASE10 does not aggregate or use this data, or share it with third parties (except at your election). The App retains this data until you delete it, unless you are participating in an employer-sponsored program in which case the employer retains the data for legal and audit purposes. Second, Base10 may access your camera data (at your election) to scan a QR code that links to publicly-available information on partner pharmacies, but processes that data ephemerally, retains it for no longer than necessary to provide the requested information, and does no use it for any other purpose or share it with third parties.
- BASE10 may collect image data (upon your election) to help you build your personal records and facilitate your sharing of the vaccination card with your choice of entities. The app does not collect audio and video data from your library or elsewhere. BASE10 does not aggregate or use this data, or share it with third parties (except at your election). The App retains this data until you delete it, unless you are participating in an employer-sponsored program in which case the employer retains the data for legal and audit purposes. The App retains this camera data until you delete it, unless you are participating in an employer-sponsored program, in which case the employer retains the data for legal and audit purposes.
- BASE10 may access your file storage (upon your election) to retrieve your records, such as nutrition reports and test results, to facilitate the app functionality described in this section including (at your election) sharing with third parties. Access occurs in real-time to service your specific request to retrieve records, and for no other purpose, and such access terminates once the requested action has been completed.
- BASE10 does NOT use, collect, store or share any audio and video data.
- Genetic Test Information. Genetic Test Information includes the resulting analysis of your Genetic Information, generated through processing of your test by BASE10 or by its contractors, successors, assignees, or otherwise processed by and/or contributed to BASE10.
- Individual-Level Information. Information about a single individual's test results, diseases or other traits/characteristics, but which is not necessarily tied to Account Information.
- Genetic Information. At our partner laboratories, they extract your DNA from the saliva sample that you provide through a DNA kit and convert it into machine-readable biometric data (which excludes facial identification and fingerprint recognition information that Users may opt in to providing for logging in to their account that BASE10 does not collect) ("DNA Data"). Our partner laboratories then send us analytics on your DNA Data that we process to provide our Services. Your DNA Data and any information derived from it are Personal Information and referred to as "Genetic Information." COVID-19 Information does not constitute “Genetic Information” as that term is defined herein.
NOTE: Neither your saliva nor the extracted DNA (together referred to as "Biological Sample(s)") are Personal Information under this Privacy Statement.
- Payment Information. Information such as your credit card number, billing and shipping address(es) when you make a purchase.
- Blogs. Our Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request that we remove or anonymize your personal information from our blog or community forum, contact us at email@example.com. Please note that whenever you post something publicly, it may sometimes be impossible to remove the information, for example, if someone has taken a screenshot of your posting. Please exercise caution before choosing to share personal information publicly on our blogs, community forums or in any other posting. Note also that you may be required to register with a third-party application to post a comment. To learn how the third-party application uses your information, please review their privacy statement.
- Contests and Promotions. Personal information that you provide when you voluntarily participate in contests and special promotions we run or sponsor.
- Customer Service. When you contact our customer support services or correspond with us about our Service, we collect information to track and respond to your inquiry; investigate any breach of our Terms of Service, Privacy Statement or applicable laws or regulations; and analyze and improve our Services.
- Referral Information and Sharing. When you refer a person to BASE10 or choose to share results information with another person, we will ask for that person's email address. We will use the email address solely, as applicable, to make the referral or to share your results information, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for BASE10 to communicate (e.g., via email) with him or her. The person you referred may contact us at info@BASE10genetics.com to request that we remove this information from our database.
- User Content. Some of our Services allow you to create and post or upload User Content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission and transmitted, whether publicly or privately, to or through BASE10. For example, User Content includes any post or message you place on BASE10's community forums. This does not include Genetic Test Information and Self-Reported Information-generated by users of BASE10 Services.
b. What Information Does BASE10 Collect Through Your Use of the Services?
- Social Media Features and Widgets. Our Website includes social media features. These features may collect your IP address and which page you are visiting on our site and may set a cookie to enable the feature to function properly. They may also allow third-party social media services to provide us information about you, including your name, email address, and other contact information. The data we receive is dependent upon your privacy settings with the social network. Features are either hosted by a third party or hosted directly on our Website. Your interactions with these Features are governed by the privacy statement and practices of the company providing it, and not BASE10. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our Website or Service.
- Information from Your Use of the Service. Information about your use of the Services, such as which pages you view or links you click, which we may use to infer details about you as a customer and your interests to provide a better experience through, for example, search suggestions.
c. What Information Does BASE10 Collect from Other Sources?
We receive COVID-19 Information, DNA Data and Genetic Test Information from our partner laboratories who receive the samples that you provide to receive our Services. We may also receive other information about you from third parties to provide you with our Services or operate our business.
3. How Does BASE10 Use Your Personal Information?
- Using Information to Provide, Analyze, and Improve Our Services. We use the information described above to operate, provide, analyze, and improve our Services. With the exception of COVID-19 Information and Optional COVID-19 User Access Information, these activities may include, among other things, using your information in a manner consistent with other commitments in this Privacy Statement, to:
- open your account, enable purchases and process payments, communicate with you, and implement your requests (e.g., referrals);
- host our Website, run our mobile application(s), authenticate your visits, provide custom, personalized content and information, and track your usage of our Services;
- pair you and your Genetic Information with genetically trained, registered dietitians and healthcare professionals who can use the information to provide health-related services such as but not limited to weight management, absenteeism/presenteeism, blood pressure management, blood sugar management, hospitalization reduction, fitness optimization, stress management, morale boost, and more;
- conduct analytics to improve and enhance our Services;
- offer new products or services to you, including through emails, promotions or contests;
- conduct surveys or polls, and obtain testimonials;
- process and deliver your testing results; and
- perform research and development activities, which may include, for example, conducting data analysis and research in order to develop new or improve existing products and services, and performing quality control activities.
- Aggregate Information. We may share Aggregate Information with third parties, which is any information that has been anonymized, by stripping out your Account Information (e.g., your name and contact information), and aggregated with information of others so that you cannot reasonably be identified as an individual. This Aggregate Information is different from Individual-Level Information or Self-Reported Information. Individual-Level Information or Self-Reported Information consists of data about a single individual's genotypes, diseases or other traits/characteristics information. For example, Aggregate Information may include a statement that "30% of our male users share a particular test trait," without providing any data or testing results specific to any individual user. We may provide such Aggregate Information in commercial arrangements with our business partners or under arrangements with governmental agencies. In contrast, Individual-Level Information could reveal whether a specific user has a particular trait, or all of the Genetic Test Information about that user. COVID-19 Information and Optional COVID-19 User Access Information are only used as described in the section entitled Using COVID-19 Information, below.
- Biological Sample. To use our Services in connection with our Nutrigenomics and Pharmacogenomics Programs, you must register an online account and provide your Biological Sample to a third-party laboratory. Once received, the third-party laboratory analyzes your Biological Sample(s) before sending your DNA Data to BASE10.
- Using COVID-19 Information: We offer the COVID Tracking and Recovery Program to store and display COVID-19 Information, including individual vaccination statuses and test results, and offer features using the Optional COVID-19 User Access Information (if permitted by you through the Authorization identified below). Base10 does not interpret this data and does not issue public health conclusions. The COVID Tracking and Recovery Program only accesses COVID-19 Information, Optional COVID-19 User Access Information, and other Personal Information to open your account, communicate with you, provide the Services to you, and process and deliver your testing results. Notwithstanding any other statement in this Privacy Statement, these activities are limited to directly supporting the COVID-19 public health emergency and collecting data to support COVID-19 related efforts, epidemiological research or to comply with legally mandated processes. Further information regarding BASE10's use and disclosure of COVID-19 Information can be found in the Authorization for Use and Disclosure of Protected Health Information, which is incorporated herein by reference and available here. Before we collect COVID-19 Information, you will receive and must accept the terms of the Authorization.
4. With Whom Does BASE10 Share Information?
- General Service Providers For Pharmacogenomics and Nutrigenomics Testing. We share the information described above with our service providers, as necessary to provide their services to us. Service providers are third-party companies or individuals that help us to provide, analyze, and improve our Services. For example, we work with third-party laboratories and contractors to process and analyze your Biological Sample for purposes of generating your Genetic Test Information.
NOTE: Our service providers act on BASE10's behalf. While we implement procedures and contractual terms to protect the confidentiality and security of your information, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically. When you purchase a testing kit from BASE10, you are instructed to send a Biological Sample to our third-party laboratory with a unique barcode label. We are also required to provide to the laboratory certain identifiers, including your name, date of birth, patient identifier number, etc.) pursuant to clinical laboratory requirements such as the Clinical Laboratory Improvement Amendments ("CLIA"). Unless you choose to store your sample, Biological Samples are destroyed after the laboratory completes its work, provided that laboratory legal and regulatory requirements no longer require the actual samples to be maintained. A de-identified copy of data will be kept in accordance with CLIA. The laboratory securely sends the resulting Genetic Test Information to us, which is stored securely on our servers.
- User Employers As Part of COVID-19 Tacking and Recovery Program. BASE10 offers employers the ability to track vaccination statuses and testing results of employees who authorize BASE10 to do so as part of the COVD-19 Tracking and Recovery Program as identified in Section 3.d. above. As provided in the Authorization for Use and Disclosure of Protected Health Information, Users may revoke their authorization at any time prior to its expiration date by emailing BASE10 at info@BASE10genetics.com or notifying BASE10 in writing at 70 E. Lake St., Suite 226, Chicago IL 60601.
- Service Providers and Subcontractors to Support the COVID-19 Tracking and Recovery Program. We retain the services of service providers and subcontractors to perform the Services necessary to offer the COVID-19 Tracking and Recovery Program identified in Section 3.d. above. Any such service providers or subcontractors agree to contractual provisions to use reasonable security measures to protect any COVID-19 Information and Optional COVID-19 User Access Information from disclosure.
- Commonly Owned Entities. We may share some or all of your information with other companies under common ownership or control of BASE10, which may include our subsidiaries, our corporate parent, or any other subsidiaries owned by our corporate parent in order to provide you better service and improve user experience. We may provide additional notice and ask for your consent if we wish to share your information with our commonly owned entities in a materially different way than discussed in this Privacy Statement.
- Research Partners. We may share Aggregated Information with research partners or external research organizations when you provide us with your consent to do so as provided above.
- Law Enforcement. Under certain circumstances your information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders, or in coordination with regulatory authorities, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. BASE10 will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that BASE10 may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the BASE10 Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of BASE10, its employees, its users, its clients, and the public.
- If BASE10 Is Acquired. If BASE10 or its businesses are acquired or transferred (including in connection with bankruptcy or similar proceedings), we will share your Personal Information with the acquiring or receiving entity. The promises in this Privacy Statement will continue to apply to your Personal Information that is transferred to the new entity.
5. What Are BASE10's Retention Practices?
BASE10's Services are premised on the notion that personal health is not a one-time event and continues over one's lifetime. Additionally, and with particular regard to our DNA customers who pay fees or purchase DNA-related Services, the ongoing enhancement of our collections of DNA features provide benefits and insights to our users over time. As a result, our retention practices reflect this ongoing value by retaining user accounts on our system until our users inform us of their desire to delete their data or close their accounts. BASE10 will retain the Personal Information you provide while creating your account until such time as you ask us to delete it. We retain user information (e.g., visits to the Website) in a depersonalized or aggregated form. Once aggregated, this information ceases to be personal and will not be subject to user deletion requests. For DNA Data and Genetic Information, BASE10 retains them as needed to provide you with the features and functionality you purchased. For COVID-19 Information and Optional COVID-19 User Access Information, BASE10 retains them as needed to fulfill the limited purposes set forth in this Privacy Statement and as needed to comply with current or future regulatory guidance.
6. Your Choices and Access to Your Personal Information
- Access to Your Account. If your Account Information changes, you may access, correct or update most of it from your Account Settings page. You may also modify and delete certain of your information or update your consent status and biobanking options. Please note that you may not be able to delete User Content that has been shared with others through the Service and that you may not be able to delete information that has been shared with third parties, though we can work with you to prohibit your data from being shared with third parties in the future. We will respond to your request to access within 30 days. Upon request BASE10 will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. To request this information please contact us at info@BASE10genetics.com.
- Signing in to App. BASE10 offers Users the option to opt in to signing into the app with either facial identification or a fingerprint. BASE10 does not collect this information. BASE10 also offers Users who are downloading the app the option to opt in to receiving text message alerts, including test results. Even if Users opt in to receiving such text messaging, Users can unsubscribe.
- Marketing Communications. By registering for an account, you are agreeing that we may send you promotional emails about our Services. You can opt-out of receiving certain messages or notifications from us by visiting your Account page (go to Account, Settings, Notifications) or by contacting our Privacy Administrator at firstname.lastname@example.org. You can also click the "unsubscribe" button at the bottom of promotional email communications. Please note that you may not opt-out of receiving non-promotional messages regarding your account, such as technical notices, purchase confirmations, or Service-related emails. For more information about our online advertising, please also refer above under the heading Targeted Advertising Service Providers.
- Information You Choose to Share With Others. BASE10 gives you the ability to share information with other individuals who have BASE10 accounts. You may be required to opt-in to some of this sharing, but some features require an opt-out. Also, please note that certain types of your User Content may be viewable by other BASE10 users and once posted, you may not be able to delete or modify such content. You may decide to disclose your Personal Information to friends and/or family members, doctors or other health care professionals, and/or other individuals outside of our Services, including through third-party services such as social networks and third-party apps that connect to our Website and mobile apps through our API. These third parties may use your Personal Information differently than we do under this Privacy Statement. Please make such choices carefully and review the privacy policies of all other third parties involved in the transaction. For example, if you have enabled a BASE10 sharing feature with another person who downloads a third-party app that uses our API, your information may also be obtained by that third-party app developer and, potentially, by other users of that third-party app. In general, Personal Information, once shared or disclosed, can be difficult to contain or retrieve. BASE10 will have no responsibility or liability for any consequences that may result because you have released or shared Personal Information with others. Likewise, if you are reading this because you have access to the Personal Information of a BASE10 customer through a multi-profile account, we urge you to recognize your responsibility to protect the privacy of each person within that account. It is incumbent upon all users to share Personal Information and account access only with people they know and trust. Users with multi-profile accounts (e.g., where family member accounts are linked) should use caution in setting profile-level privacy settings.
- Account Closure. If you no longer wish to participate in our Services or no longer wish to have your Personal Information be used, you may close your account by sending a request to email@example.com. When closing an account, we remove all Genetic Test Information within your account (or profile) within thirty (30) days of our receipt of your request. In addition, we retain limited Account Information related to your order history (e.g., name, contact, and transaction data) as long as your account is active or as needed to provide you services, as well as for accounting, audit and compliance purposes.
BASE10 takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of information, BASE10 uses a range of physical, technical, and administrative measures to safeguard your Personal Information. In particular, all connections to and from our Website and mobile application are encrypted using Secure Socket Layer technology. Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access our Services. You should not disclose your authentication information to any third party and should immediately notify BASE10 of any unauthorized use of your password. BASE10 cannot secure Personal Information that you release on your own or that you request us to release. Your information collected through the Service may be stored and processed in the United States or any other country in which BASE10 or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of your country of residence.
8. Linked Websites
BASE10 provides links to third-party websites operated by organizations not affiliated with BASE10. BASE10 does not disclose your Personal Information to organizations operating such linked third-party websites. BASE10 does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by BASE10.
9. Children's Privacy
BASE10 is committed to protecting the privacy of children as well as adults. Neither BASE10 nor any of its Services are designed for, intended to attract, or directed toward children under the age of 13. A parent or guardian, however, may collect a Biological Sample from, create an account for, and provide information related to, his or her child. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to BASE10 about his or her child is kept secure and that the information submitted is accurate.
10. Changes to this Privacy Statement
Whenever this Privacy Statement is changed in a material way, a notice will be posted as part of this Privacy Statement and on our customers' account login pages for 30 days. After 30 days the changes will become effective. In addition, all customers will receive an email with notification of the changes prior to the change becoming effective.
11 California Resident Additional Privacy Statement
BASE10 provides this California Resident Additional Privacy Statement ("California Statement"), applicable solely to California residents, as a supplement to our Privacy Statement to provide information as to how you may exercise your rights under the California Consumer Privacy Act ("CCPA"). This California Statement covers all BASE10's Services that link to this California Statement, including BASE10 (referred to throughout as "BASE10").
- Categories of Personal Information. BASE10 collects, and has collected in the 12 months prior to the effective date of this California Statement, the following categories of Personal Information:
- Identifiers, such as name, postal address, unique personal identifier, online identifier, IP address, your mobile device identifier, email address, account name, and driver's license.
- Categories of personal information described in subdivision (e) of Section 1798.80 not covered by an existing category (medical information, physical characteristics, or descriptions).
- Characteristics of protected classes under California or federal law, such as biological sex and date of birth, and, as provided by users, medical conditions. This also includes any other Self-Reported Information and User Content (defined above) you choose to share with us that is considered a legally protected class under California or federal law.
- Commercial information, such as products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
- Biometric information, which excludes facial identification and fingerprint recognition information that Users may opt in to providing for logging in to their account that BASE10 does not collect, such as DNA Data (defined above).
- Internet usage information, such as your Web Behavior Information, browsing history, search history, and information regarding your interaction with our sites and advertisements (also described above).
- Geolocation data, such as location of your device or computer and any metadata associated with digital photographs uploaded.
- Sensory data, such as audio, electronic, and visual information (e.g., recordings of calls with BASE10 Services or information you voluntarily share when doing consumer insights research with us and Optional COVID-19 User Access Information, if enabled).
- Inferences derived from Personal Information, such as to provide health-related information and to create consumer profiles for the purposes of research, product development and marketing. We do not sell your Personal Information. NOTE: Some categories of information are collected only if you use certain of our Services.
- Business Purposes. BASE10 uses the categories of Personal Information above for the following business purposes:
- Providing personalized optimized health management through genetics-based medication and nutrition health program;
- Collecting and using data to support COVID-19 related efforts or epidemiological research;
- Communicating to you about the Services; and
- Marketing new products and offers from us or our business partners based on your interests.
- Categories of Sources of Personal Information. BASE10 collects, and has collected in the 12 months prior to the effective date of this California Statement, categories of Personal Information described above from the following categories of sources:
- You, our user/visitor—this source of Personal Information depends on your use of the Services, including your DNA Data, Account Information, Self-Reported Information, User Content, and Web Behavior Information (defined above);
- Public records;
- Historical records; and
- Third parties.
- Categories of Third Parties with Whom We Share Personal Information. BASE10 shares, and has shared in the 12 months prior to the effective date of this California Statement, with the following categories of third parties the correlating categories of Personal Information:
- General and Targeted Service Providers. We provide information to third-party companies or individuals that help us to provide, analyze, and improve our Services. For example, we work with third-party laboratories and contractors to process and analyze your Biological Sample for purposes of generating your Genetic Test Information. The categories of Personal Information provided to these third parties include identifiers, categories of personal information described in Section 1798.80(e) of the California Civil Code, characteristics of protected classes under California or federal law, commercial information, biometric information, internet usage information, internet usage information, geolocation information, and inferences.
- Commonly Owned Entities. We provide information to commonly owned entities or affiliates that help us to provide, analyze, and improve our Services. The categories of Personal Information provided to these third parties include identifiers, categories of personal information described in Section 1798.80(e) of the California Civil Code, characteristics of protected classes under California or federal law, commercial information, biometric information, internet usage information, internet usage information, geolocation information, and inferences.
- Research Partners. With your consent, we may provide information to third-party research partners with the following categories of Personal Information provided to these third parties include identifiers, categories of personal information described in Section 1798.80(e) of the California Civil Code, characteristics of protected classes under California or federal law, commercial information, biometric information, internet usage information, internet usage information, geolocation information, and inferences.
- Law Enforcement. We do not voluntarily share your Personal Information with law enforcement or regulatory bodies. We require valid legal process as described above before we would provide any data to law enforcement.
- Exercising Your Rights Under CCPA. The CCPA gives California consumers the right to request that we disclose what Personal Information we collect, use, disclose, or sell. This includes the right to request the categories of Personal Information we have collected about them, the categories of sources of Personal Information, the business purpose for collecting Personal Information, the categories of third parties with whom we share categories of Personal Information, and the specific pieces of Personal Information we have collected about the requestor. If you are submitting a request to know on your own behalf, you may make your request by email. To email your request to know, email us at firstname.lastname@example.org. We will require you to provide proof of identity and California address (e.g., you may be required to provide a copy of your government ID, which will be used solely to verify your identity and address).
- Right to Delete. The CCPA gives California consumers the right to request that we delete your Personal Information. If you are submitting a request to delete on your own behalf, you may make your request by email. To email your request to delete, email us at email@example.com. We will require you to provide proof of identity and California address (e.g., you may be required to provide a copy of your government ID, which will be used solely to verify your identity and address). Note that to delete your Personal Information, you must delete your account and that once an account deletion request is completed, this process is irreversible.
- Authorized Agents. The CCPA allows California residents to use "authorized agents" to make requests to know and requests for deletion. To use an authorized agent, email us at firstname.lastname@example.org. Note that even if a consumer chooses to use an authorized agent for a request, the consumer will still need to work directly with us to provide the items below:
- Proof that the authorized agent is registered with the Secretary of State to conduct business in California;
- Signed permission from the consumer allowing the authorized agent to act on the consumer's behalf;
- Verification of the consumer's identity (to be made directly by the consumer to us). We will require proof of identity and California address (e.g., a copy of your government ID, which will be used solely to verify your identity and address); and
- Confirmation that the consumer provided the authorized agent permission to submit the request to be confirmed directly by the consumer to us.
- Selling. BASE10 does not sell your Personal Information and has not sold it in the 12 months prior to the effective date of this California Statement.
- Non-Discrimination. We will not discriminate against you for exercising any of your rights under the CCPA.
- California's Shine the Light Law. California Civil Code Section 1798.83, known as the "Shine the Light" law, permits users who are California residents to request and obtain from us a list of what Personal Information (if any) we disclosed to third parties for their direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, BASE10 currently does not share any Personal Information with third parties for their own direct marketing purposes.
12. Contact Information
If you have questions about this Privacy Statement or the California Statement, please email BASE10's Privacy Administrator at email@example.com, or send a letter to:
BASE10 Genetics, Inc.
70 E. Lake St., Suite 226
Chicago IL 60601
*This Privacy Statement was last updated on November 09, 2021.