Effective as of: November 9, 2018


In this LunaDNA Privacy Policy, we refer to genomic data (that is, data about your genes, or DNA) and medical or health data (for example, medications, allergies, surveys, health records, information collected by integrated apps and devices) as Shared Data.


We refer to any personal information (for example, your name, contact information, payment information) as Personal Data.  Personal Data does not include your Shared Data.


Our Philosoph

  • The privacy and security of your Personal Data and Shared Data is of the utmost importance.
  • We understand and respect the sensitive nature of the information you may provide to us, and we strive to be transparent in our collection, use and disclosure of this information and to ask for your explicit consent to share sensitive information with third parties.
  • We are committed to providing a secure, private, and safe environment for our services.


How We Share/Use Your Data
LunaDNA collects information from you when you register an account on our Website, contribute Shared Data or Personal Data, including self-reporting information through surveys, forms, features or applications, use social media connections and features, refer contacts to us, share information through various interactions with us and our partners, and through our use of cookies and similar tracking technologies.


LunaDNA will use your Shared Data and Personal Data as follows:

  1. Population-level Research: LunaDNA or a contracted third party may perform population-level searches based on a pre-defined study design. We refer to these searches as queries.  Based on the results of a query, a subset of aggregated, de-identified Shared Data is populated in a private, secured computer environment controlled by LunaDNA, which we refer to as a sandbox, in order to complete the analysis required by the study design. This population-level research may have various purposes including the advancement of genomic science and identifying links between genomics and disease or other conditions.  Researchers and third parties will only be able to identify your Shared Data by a unique data file identification number that is independent from your Personal Data.
  2. Targeted Research Participation: In some situations, such as clinical trial recruitment, a researcher or contracted third party may want to contact you and other members directly. LunaDNA enables this via an anonymous, automated process, which allows the researcher or contracted third party to invite you into a direct communication but does not grant them access to any of your Personal Data. It is then your choice whether you will engage in direct contact with the researcher or contracted third party or not. Your preference whether to receive these invitations (which we call opt-in) can be turned on or off within your account settings page. The invitation list is typically determined by LunaDNA, the researcher or the contracted third party querying our database, using the anonymized unique data file identification number linked to your Shared Data, and based on specific query parameters defined by the researcher or contracted third party.
  3. Advertising: LunaDNA may display advertisements to you on our website.  These advertisements will be chosen because our manager, LunaPBC, believes that they will create value for members. Advertisements may or may not be targeted for you based on information that LunaDNA collects about you, including communications between you and LunaDNA that are administrative in nature or by tracking your website usage using cookies (please see our Cookie Policy below).  If we select any advertisement for you based on information that LunaDNA has collected about you, we will display it in such a way that neither LunaDNA nor the advertiser will know which particular members have received the advertisement; however, you may identify yourself to such an advertiser by answering or otherwise responding to the advertisement.
  4. Improving LunaDNA Services:  LunaDNA may use the information it collects to improve its services, for example, improving the design and structure of our website or databases; to detect, prevent, or otherwise address fraud, security, or technical issues; and to protect against harm to the rights, property or safety of LunaDNA or our affiliates or members.
  5. As Required By Law:  LunaDNA may use or disclose any information it collects as required by law or legal process, for example, in responding to a court-issued subpoena.  However, we believe the steps LunaDNA takes to protect your information, such as its data segregation architecture which does not allow for re-identification of Shared Data without the consent of the contributing member, provides substantial protection to our members in these situations.  Where allowed by law or legal process and where reasonably possible, we will notify you in advance of any such proposed use or disclosure of your data.
  6. Enforcement of Agreements.  LunaDNA may use your data to enforce our Terms of Service, any member Subscription Agreement, or our Operating Agreement, including in each case investigations of potential violations.


Security & Privacy Measures

LunaDNA takes the security and privacy of your data very seriously. LunaDNA uses technical, physical, and administrative controls designed to protect member Personal Data and Shared Data from unauthorized access or disclosure and to regulate the appropriate use of this information.


All Shared Data is anonymized (or de-identified) so that the information does not identify you based on individual pieces of information or combinations of information. Your Personal Data is separated from Shared Data, so that you cannot be reasonably re-identified as an individual by researchers or third parties given access to Shared Data for population-level research.  Each type of data is uniquely tagged with a sequence of characters that is determined by a one-way hash function, designed in such a way that it is extremely difficult with today’s technology to reverse engineer the given value. This disaggregated data is currently stored across separate private, cloud storage sites, which increases the barriers for anyone trying to access any member’s complete data profile.  LunaDNA leverages what it believes to be best-in-class HIPAA compliant infrastructure (even though we are not subject to HIPAA).


We protect data via safeguards such as data backup, audit controls, access controls, data encryption, and account creation and login verification.  Our site and application program interfaces (APIs) use Secure Socket Layer (SSL) technology to encrypt all connections to and from our site and APIs to enhance security of electronic data transmissions. Additionally, we use standards and processes for securing and encrypting all stored member data.   Each member will be in control of the selection and safety of his or her password, but LunaDNA has put measures in place to assist account security. Additionally, LunaDNA requires email verification at account creation and two-factor authentication for members signing into their LunaDNA account.


Your Choices

As explained in our LunaDNA Consent, you may choose at any time to revoke your consent to all of your data, purge some or all of your data, and even delete your account completely from our databases.


Cookie Policy

This cookie policy explains how LunaDNA uses cookies and similar technologies when you visit our website or any other websites, apps, pages, features, or content we own or operate and/or interact with LunaDNA online advertisements or marketing emails. We encourage you to read the full policy so that you can understand what information is collected using cookies and how LunaDNA uses that information.


1. What Are Cookies?  Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. To learn more about cookies, including how you can turn them off, you can visit allaboutcookies.org.


2. Use of Cookies on Our Website.  We use cookies to collect information about your online preferences.  We use the following categories of cookies on our website:


Strictly Necessary Cookies.  These cookies are essential in order to enable you to navigate through our website and use its features. Without these cookies, we cannot remember your login details or otherwise keep track of any services you have requested.


Performance Cookies.  These cookies collect anonymous information on how visitors use our website. For example, we currently use Google Analytics cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, data uploading experience and marketing campaigns. The data stored by these cookies never contains personal details from which your individual identity can be established.


Functionality Cookies.  These cookies remember choices you have made, such as the country you visit our website from, your preferred language and search parameters such as size, color or product line. These can then be used to provide you with an experience more appropriate to your selections and to make your visits more tailored and pleasant. The information these cookies collect may be anonymized and cannot track your browsing activity on other websites.


Targeting or Advertising Cookies.  These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers.

To learn more about advertising cookies and to control your preferences, visit aboutads.info.

Third Party Cookies.  Other parties may use cookies on our website to provide services to us and the businesses that advertise on our website.  For example, Google Analytics may set cookies while you are browsing our website as described above under Performance Cookies.


3. Deleting or Blocking Cookies.  One of the great things about cookies is that you can control how they are used on your browser. To learn more about clearing and managing cookies, visit allaboutcookies.org/manage-cookies/clear-cookies-installed.html.


Minors

LunaDNA is not designed for, intended to attract, or directed toward minor children under the age of 13, and we will not accept any contributions of information or data from minor children under the age of 13.


Contact Information

If you have any questions about our Privacy Policy, including requests for certain information by California residents regarding our disclosure of personal information to third parties for their direct marketing purposes, you may contact us at:

            LunaDNA

            Attention:  Data Protection and Privacy

            415 S. Cedros Avenue

            Solana Beach, CA 92075

            Email: privacy@lunadna.com


Changes to This Privacy Policy

LunaDNA cannot foresee all of the potential applications of the data we collect, particularly in a rapidly developing field such as genomics and medical research.  Therefore, LunaDNA reserves the right to update this Privacy Policy from time-to-time.  Before implementing any changes, LunaDNA will first notify you of the proposed changes at least 30 days before their effectiveness to provide you with the opportunity to revoke your LunaDNA consent, purge some or all of your data, or even delete your account completely from our databases (as described in the LunaDNA Consent) if you do not want to be bound by the revised terms.  If you do not take one of those actions after receiving notice of those proposed changes, you agree that you will be bound by the new terms when they become effective.


You are responsible for ensuring that your contact information (i.e., email listed on your profile page) remains up to date and valid.