Privacy Policy

This version 1.2 was last updated November 14, 2022 

This privacy policy (“Privacy Policy” or “Policy”) describes the types of personal data Chronomics, Ltd. or our affiliates (“we” “us” or “our”), acting as controller, may collect, share or otherwise use your personal data; steps we to take to protect personal data; and choices and rights you may have with respect to your personal data.  This Policy may describe this information as  “your personal data” which, for the purposes of the Policy, includes your child’s personal data where you are a parent/guardian or other individual where you are a legal representative, using our Sites (defined below) on behalf of your child or other individual.  If you are a legal representative of an individual, by submitting that individual’s personal data, you are representing that you are the individual’s legal representative with the right to obtain goods or services for them.

This Policy only applies to our websites and mobile applications (“Sites”) that link to this Policy and for the purpose of providing you with goods and services directly or together with our partners, vendors and contractors (the “Services”).  Our Sites may include links to third-party websites, plug-ins and/or applications, including but not limited for social media purposes. Clicking on those links, or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy policy or notice of every website you visit.

Personal Data We Collect

We may collect the following personal data:

Personal Data You Provide To Us 

If you are a patient of a healthcare provider or telehealth organization, you will provide certain personal data to us voluntarily so that we may provide Services for you.  Depending on the type of Services you seek or are prescribed, such information may include:

  • First and last name
  • Contact information (email address, postal address, telephone number)
  • Log on credentials when you create an account with us (e.g., user ID, password)
  • Sex assigned at birth
  • Date of birth and age in years
  • Your physical location in terms of city and state or province and country
  • Type of diagnostic or wellness test prescribed for you or sought by you
  • Health information that may be required as related to the test  (such as recent symptoms)
  • The date and time of your consent related to the Services and/or medical treatment
  • Any of your communications transmitted through our Sites
  • Where applicable, your preferences in receiving marketing from us and our third-party providers.
  • Any other information you choose to provide to us.

If you are a healthcare provider or telehealth organization, or its representative, such information may include:

  • First and last name
  • Professional designation
  • Specialty
  • Clinical affiliation
  • Contact information (email address, postal address, telephone number)
  • NPI number and/or licensing identification number
  • Any of your communications transmitted through our Sites
  • Date and time of interaction with our Services and/or the customer/patient
  • Any other information you choose to provide to us.

If you are a laboratory or its representative, such information may include:

  • First and last name
  • Entity name
  • Any professional designation
  • Contact information (email address, postal address, telephone number)
  • Lab certification or accreditation type
  • Any of your communications transmitted through Sites
  • Any other information you choose to provide to us.

Personal Data We may Receive About you from Third Parties 

We may receive personal data about you from healthcare providers, telehealth organizations, laboratories, our partners or other third parties used through the Services. If you are receiving tests from us or from one of our partners, vendors or contractors, or you are registering your test, or using our Site, this information may include:

  • First and last name
  • Contact information (email address, postal address, telephone number)
  • Date of birth and age in years
  • Sex assigned at birth
  • Your physical location in terms of city and state or province and country
  • Type of diagnostic or wellness test prescribed for you or sought by you
  • Health information about you that may be required as related to the specific test (such as recent symptoms)
  • Date and time of your consents related to the Services and/or medical treatment
  • Dates when such prescriptions are provided related to the Service
  • Results of the diagnostic or wellness test(s) you have taken
  • The date that test results are available to you
  • Any other information about you related to the Services.

Data We Collect Automatically 

Below is a summary of our use of cookies and other online tracking technologies on this SIte.  Please see our Cookies and Other Online Tracking Technology Policy (“Cookies Policy”) for further information. Like most websites, our Sites use cookies and other automated technologies to collect information about how the Sites are used.  A cookie is a small text file which a website stores on your computer’s hard drive, if permitted by your web browser. We use cookies and other automated technologies to identify you as a unique user when visiting our Sites, to understand the search terms you use, the URL that referred you to the Site, all areas on the Sites you visit and the time of your visit to enable us to track usage, to analyse the performance of, fix errors in our Sites, for information security purposes, and to provide support for, improve, and develop the SItes or Services. Most browsers are initially set up to accept cookies. You can reset your browser to notify you when you have received a cookie or alternatively, to refuse to accept cookies. However, you may not be able to use certain features on our Sites if you choose not to accept cookies. You can find more information about cookies and how to manage them at http://www.allaboutcookies.org/.

We also collect your IP address and other unique identifiers of your computer, mobile phone or other device used to access our Sites.  Any information described in this section may be non-identifying or associated with you and therefore identifiable.  Whenever we associate such information with you, as an identifiable individual, we treat it as personal data.

Automated Decision Making

We do not envision that any decisions that have a legal or significant effect on you will be taken concerning you using purely automated means, however we will update this Privacy Policy and inform you if this position changes.

How We Use Personal Data

  • To provide the Services.
  • To communicate with you and market to you where, depending on your location, you have opted in or opt to receive marketing information marketing requirements.  See the “Choices” section below for further information.
  • Your personal data may be used to verify you as the individual for whom Services are prescribed or should be directed to, or to compare your information against the applicable laboratory, health care provider or other vendor assisting with the Services.
  • Your personal data may be stored or shared as described in this Privacy Policy.  See the “Retention and Deletion” section below for further information.
  • We use your personal data to respond to your requests and inquiries.
  • We use your feedback or responses to surveys to provide , provide support for, improve, and develop the Services and our Sites.
  • We use your personal data as permissible or required by law.
  • We may also ask for your consent to use your personal data for a specific purpose that we communicate to you.
  • We do not sell personal data.

With Whom We Share Personal Data 

We may share information about you as follows:

  • We share personal data with our affiliates, vendors, consultants, and other third-party providers who need access to such information to provide the Services or to assist us in providing the Services, including for example, we may share your information with a laboratory, healthcare provider, telemedicine organization, cloud service provider, shipping entity, or third-party such as our contractors or consultants who are assisting in the Services or providing technical support.  Should you use the websites or other applications of these third parties, you should refer to their privacy policies or for their use of your personal data.
  • We may disclose personal data to law enforcement, regulators or other third parties if we believe in good faith that it’s necessary (a) in connection with any investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on us; (c) to protect or defend our rights, safety or property or of users of our Services or others; and/or (d) to otherwise to establish, bring or defend a legal claim; or (e) to assist in preventing any violation of the law; (f) to enforce our Terms of Use on our Sites or our Terms and Conditions for the Services (for example, if your actions appear inconsistent with such terms).
  • We may share personal data as otherwise required by applicable laws or regulations.

Legal Basis for Processing Personal Data

  • Based on your consent, which may be withdrawn at any time by writing to us in accordance with our details in the “Contact Us” section below.
  • Based on our contract obligations or to take steps at the request of an individual prior to entering into a contract to provide Services or otherwise.
  • Necessary for our legitimate interests such as improving our Sites and Services, enhancing our relationship with you and protecting our confidential and proprietary information.
  • Necessary to comply with legal requirements, such as those set forth in the “With Whom We share Personal Data” section above.
  • Necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of an employee, medical diagnosis, the provision of health or social care or treatment in accordance with applicable laws.
  • Necessary for scientific or historical research purposes or statistical purposes in accordance with applicable laws.
  • For reasons of substantial public interest.
  • To comply with employment, social security and social protection law.
  • For public health reasons.

Aggregated or De-identified Data 

We may also share aggregated, de-identified or anonymized data, which cannot reasonably be used to identify you, for our lawful business purposes, including to analyze, build and improve our Services, and improve our products and other offerings, provided that we will not share such data in a manner that could identify you.

International Data Transfers

Like many companies, our business operations are global. Accordingly, your personal data may be transferred to a location which has data protection laws that may not provide the same level of protection as your location.  Any such transfer will be in compliance with applicable law.  For example, if you are located in the European Economic Area (“EEA”), the United Kingdom (“UK”) or Switzerland, we will provide an adequate level of data protection for the transfer of personal data to the to a non-adequate third country (e.g. United States) through the use of appropriate safeguards such as standard contractual clauses.

Data Security

We take reasonable technical and organizational measures to help protect personal data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction.

Retention and Deletion

We do not store personal data, other than as reasonably required to provide the Services, run the Sites effectively, or to respond to inquiries or requests, or as otherwise provided herein or as required by law.  We will only retain your personal data for as long as reasonably necessary to fulfill the purposes for which we collected it . We may need your personal data to establish, bring or defend legal claims or where otherwise legally required or requested by the government.  For this purpose, we may retain your personal data after the date it is no longer needed by us, in accordance with our data retention policy, for any of the purposes listed under the “How We Use Personal Data” section above. The only exceptions to this are where:

  • The law requires us to retain your personal data for a longer period, or delete it sooner;
  •  You exercise a right to have your personal data erased (where it applies) and we do not need to retain it in connection with any of the reasons permitted or required under the law (see the “Rights Under the GDPR” section below); or
  • In limited cases, the law permits us to keep your personal data indefinitely provided we put certain protections in place.

Children 

None of our Sites are designed or intended for children under 13. If you are based outside the United States, you must be over the age required by the laws of your location to use the Services. Parental/guardian submission of their children’s personal data for the purposes of obtaining Services  is permitted. By submitting data of a child, you are representing that you are the parent or legal guardian of the child with the right to obtain the Services for the child.

Your Choices

You have the following choices with respect to our use of your personal data on this Site:

  • If you do not consent to the collection, use or sharing of your personal data as described in this Privacy, please do not use our Site or provide us with information.
  • If you have an account on this Site, you can sign in and update your personal data including, where applicable, whether you wish to receive marketing messages from us or our third-party providers.
  • You can stop the delivery of email marketing messages from us by following the unsubscribe instructions in the messages.
  • You have choices to prevent or limit the collection of personal data through cookies and other tracking technologies.  See the above “Cookies” section and our Cookies Policy for more information.

Rights Under the GDPR

If you are located in the European Union or the United Kingdom, under certain circumstances, you have rights under the General Data Protection Regulation (“GDPR”) in relation to your personal data.  For example, you may have the right to:

Your Rights Further Information
To have your personal data corrected if it is inaccurate or incomplete If you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date.
To object to processing of your personal data Where we rely on our legitimate interests as the lawful basis for processing your personal data for particular purposes, you may object to us using your personal data for these purposes. If we agree that your objection is justified, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
To withdraw your consent to processing your personal data Where we rely on your consent as the lawful basis for processing your personal data and special category data, you may withdraw your consent at any time. If you withdraw your consent, our use of your personal data before you withdraw is still lawful.
To restrict processing of your personal data You may ask us to restrict the processing of your personal data in the following situations:

  • where you believe it is unlawful for us to do so; or
  • you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings.
To have your personal data erased In certain circumstances, you may ask for your personal data to be removed from our systems. Unless there is a reason that the law allows us to use your personal data for longer, we will make reasonable efforts to comply with your request.
To request access to your personal data and how we process it You have the right to ask for a copy of the personal data that we hold about you. We may not provide you with a copy of your personal data if this concerns other individuals or we have another lawful reason to withhold that information.
To electronically move, copy or destroy your personal data in a standard, machine-readable form Where we rely on your consent as the lawful basis for processing your personal data or need to process it in connection with a contract in place directly with you, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form.
Rights relating to automated decision making, including profiling You may also contest a decision made about you based purely on automated processing.
To complain to a data protection regulator You have the right to complain to the relevant data protection regulator (which in the UK is the Information Commissioner’s Office) if you are concerned about the way we have processed your personal data.

 

If you wish to exercise any of the above rights, please contact us using the contact details below. Please include in your request sufficient information that allows us to reasonably verify that you are the individual about whom we collected the personal data or the parent or guardian of that individual, including a means to contact you. We may contact you if we are in need of information to support your request or to verify your identity as related to the Services or your personal data. We will not discriminate against you in any way based on your exercise of these rights or any rights protected by law.  Except in rare cases, we will respond to you within 1 calendar month from either:

  • The date that we have confirmed your identity; or
  • Where we do not need to do this because we already have this information, from the date we received your request.

Changes

We may change this Privacy Policy from time to time. If we do, we will let you know by revising the date at the top of this Policy. If we make a change to this Policy that, at our sole discretion, is material, we will summarize the changes. We encourage you to review this Policy whenever you access our Site. If you continue to use the Service after a Policy change goes into effect, you are consenting to the revised Policy.

Contact Us

We have appointed a data protection officer (DPO) who is responsible for overseeing questions related to this Privacy Policy. If you have any questions about this Policy, including any requests to exercise privacy rights, please contact the DPO using the below details:

By email to [email protected]

By postal mail to our UK Office:

Chronomics, Ltd.

Attn: PRIVACY REQUEST

Bizspace Wimbledon, 8 Lombard Road,
London, SW19 3TZ
United Kingdom