Effective as of: November 9, 2018
We refer to any personal information (for example, your name, contact information, payment information) as Personal Data. Personal Data does not include your Shared Data.
- The privacy and security of your Personal Data and Shared Data is of the utmost importance.
- We understand and respect the sensitive nature of the information you may provide to us, and we strive to be transparent in our collection, use and disclosure of this information and to ask for your explicit consent to share sensitive information with third parties.
- We are committed to providing a secure, private, and safe environment for our services.
How We Share/Use Your Data
LunaDNA will use your Shared Data and Personal Data as follows:
- Population-level Research: LunaDNA or a contracted third party may perform population-level searches based on a pre-defined study design. We refer to these searches as queries. Based on the results of a query, a subset of aggregated, de-identified Shared Data is populated in a private, secured computer environment controlled by LunaDNA, which we refer to as a sandbox, in order to complete the analysis required by the study design. This population-level research may have various purposes including the advancement of genomic science and identifying links between genomics and disease or other conditions. Researchers and third parties will only be able to identify your Shared Data by a unique data file identification number that is independent from your Personal Data.
- Targeted Research Participation: In some situations, such as clinical trial recruitment, a researcher or contracted third party may want to contact you and other members directly. LunaDNA enables this via an anonymous, automated process, which allows the researcher or contracted third party to invite you into a direct communication but does not grant them access to any of your Personal Data. It is then your choice whether you will engage in direct contact with the researcher or contracted third party or not. Your preference whether to receive these invitations (which we call opt-in) can be turned on or off within your account settings page. The invitation list is typically determined by LunaDNA, the researcher or the contracted third party querying our database, using the anonymized unique data file identification number linked to your Shared Data, and based on specific query parameters defined by the researcher or contracted third party.
- Improving LunaDNA Services: LunaDNA may use the information it collects to improve its services, for example, improving the design and structure of our website or databases; to detect, prevent, or otherwise address fraud, security, or technical issues; and to protect against harm to the rights, property or safety of LunaDNA or our affiliates or members.
- As Required By Law: LunaDNA may use or disclose any information it collects as required by law or legal process, for example, in responding to a court-issued subpoena. However, we believe the steps LunaDNA takes to protect your information, such as its data segregation architecture which does not allow for re-identification of Shared Data without the consent of the contributing member, provides substantial protection to our members in these situations. Where allowed by law or legal process and where reasonably possible, we will notify you in advance of any such proposed use or disclosure of your data.
- Enforcement of Agreements. LunaDNA may use your data to enforce our Terms of Service, any member Subscription Agreement, or our Operating Agreement, including in each case investigations of potential violations.
Security & Privacy Measures
LunaDNA takes the security and privacy of your data very seriously. LunaDNA uses technical, physical, and administrative controls designed to protect member Personal Data and Shared Data from unauthorized access or disclosure and to regulate the appropriate use of this information.
All Shared Data is anonymized (or de-identified) so that the information does not identify you based on individual pieces of information or combinations of information. Your Personal Data is separated from Shared Data, so that you cannot be reasonably re-identified as an individual by researchers or third parties given access to Shared Data for population-level research. Each type of data is uniquely tagged with a sequence of characters that is determined by a one-way hash function, designed in such a way that it is extremely difficult with today’s technology to reverse engineer the given value. This disaggregated data is currently stored across separate private, cloud storage sites, which increases the barriers for anyone trying to access any member’s complete data profile. LunaDNA leverages what it believes to be best-in-class HIPAA compliant infrastructure (even though we are not subject to HIPAA).
We protect data via safeguards such as data backup, audit controls, access controls, data encryption, and account creation and login verification. Our site and application program interfaces (APIs) use Secure Socket Layer (SSL) technology to encrypt all connections to and from our site and APIs to enhance security of electronic data transmissions. Additionally, we use standards and processes for securing and encrypting all stored member data. Each member will be in control of the selection and safety of his or her password, but LunaDNA has put measures in place to assist account security. Additionally, LunaDNA requires email verification at account creation and two-factor authentication for members signing into their LunaDNA account.
As explained in our LunaDNA Consent, you may choose at any time to revoke your consent to all of your data, purge some or all of your data, and even delete your account completely from our databases.
1. What Are Cookies? Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. To learn more about cookies, including how you can turn them off, you can visit allaboutcookies.org.
Strictly Necessary Cookies. These cookies are essential in order to enable you to navigate through our website and use its features. Without these cookies, we cannot remember your login details or otherwise keep track of any services you have requested.
Performance Cookies. These cookies collect anonymous information on how visitors use our website. For example, we currently use Google Analytics cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, data uploading experience and marketing campaigns. The data stored by these cookies never contains personal details from which your individual identity can be established.
Functionality Cookies. These cookies remember choices you have made, such as the country you visit our website from, your preferred language and search parameters such as size, color or product line. These can then be used to provide you with an experience more appropriate to your selections and to make your visits more tailored and pleasant. The information these cookies collect may be anonymized and cannot track your browsing activity on other websites.
Targeting or Advertising Cookies. These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers.
To learn more about advertising cookies and to control your preferences, visit aboutads.info.
3. Deleting or Blocking Cookies. One of the great things about cookies is that you can control how they are used on your browser. To learn more about clearing and managing cookies, visit allaboutcookies.org/manage-cookies/clear-cookies-installed.html.
LunaDNA is not designed for, intended to attract, or directed toward minor children under the age of 13, and we will not accept any contributions of information or data from minor children under the age of 13.
Attention: Data Protection and Privacy
415 S. Cedros Avenue
Solana Beach, CA 92075
You are responsible for ensuring that your contact information (i.e., email listed on your profile page) remains up to date and valid.