Privacy Policy

In accordance with the General Data Protection Regulation (GDPR), this Privacy Policy governs access to and use of this website.

Effective Date: September 1, 2020, Last revision: February 18, 2023

Privacy Policy Statement

GeneHabit Private Limited is a registered company in Singapore with registration number 202017204N and a registered office at 7500A Beach Road, #05-319 The Plaza, Singapore 199591.

At GeneHabit, your information is treated with utter care. We handle your information responsibly in a secure manner by means of administrative, physical and technical methods to safeguard it and process the information only for the legitimate purposes disclosed. Your personal information including genetic test results is maintained under a strict confidentiality policy. This policy applies to all users of our services, new and existing. This privacy policy outlines various purposes your information will be used and as per any additional consent or agreement that you may enter with us.

Genehabit is a Preventative Health and Wellness Technology Company, we bring together laboratory diagnostics and digital technology to make available scientific insights about your health. We are committed to providing you with details of the information we collect, hold, and process. We will also provide you control, to the extent possible, of the information you provide to us.

The purposes for which we use your personal information are outlined in this Privacy Policy and any additional Consent Documents or Agreements we may enter into with you. By using any Genehabit services, you consent to this Privacy Policy. You may not use our Services if you do not accept this Privacy Policy as it forms part of the GeneHabit Terms of Service. To be aware of any changes made, it is in your best interest to read our Policy each time you visit our website. The date this policy was last updated can be found at the policy’s beginning.

Key Definitions

We/Us/Our/GeneHabit means GeneHabit Private Limited.

You/Your/Yourself means the User of the Website.

Anonymized DNA sample: Means any Information that we have anonymized in a manner to result in the Information no longer being able to identify you, whether directly or indirectly, and is therefore no longer Personal Information.

“Applicable Law” – Means any law, by-law, ordinance, proclamation and/or statutory regulation which the Parties are required to observe by reason of this Privacy Policy and matters incidental thereto, including, but not limited to, the GDPR.

“GDPR” – means the European Union’s General Data Protection Regulation, 2016/679.

“GDPR UK” – Add definition here

“EEA” – Means European Economic Area.

“Processing”, “Process” and “Processed” – means any operation or set of operations which is performed on Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Purpose” – Means the purposes for which we Process Information.

“Terms of Service” – means the specific terms that apply to our relationship when we provide you with Services.

What Kind of Information We Collect About You?

We collect several types of information about users of our services and website visitors. This information may be gathered automatically when you browse through our Websites or else directly from you when you choose to sign up for our Services:

Your personal data is collected and processed when you register for a Service, through our website, through content on our website, through advertising third parties with whom you interact on our website, or when you submit any feedback by other means of communication. The information requested from you depends on the activity or services you avail, for example making payment for the service. If you reject the request to provide such information required for a particular activity, you will not be able to perform your desired activity or engage with our services successfully.
We may also access your information from any public sources where you have chosen to make such Information public, for example, social media platforms, from third parties who lawfully provide it to us.
We also collect your Internet Protocol (“IP”) address and device information. We use these to diagnose problems with our servers and/or software, to administer our Services, and to gather demographic information.

GeneHabit may collect the following types of information:

Registration Information: Personal information will be collected when you set up an account with us, such information may include but may not be limited to your name, location, contact details, and date of birth.
Self-Reported Information: Personal Information including but not limited to health issues, medical conditions, fitness or physical performance information, ethnicity, family history, or health goals that you voluntarily share with us by means of surveys, forms or features while entering our site may be collected by us. Such self-reported information may be anonymized and used in approved research to improve our services.
Genetic Information: Your genetic or biomarker information is generated through the analysis of your saliva or blood test or when you upload/provide such genetic or biomarker information to us by any means to avail of our services.
Online activity information: This is the information about your usage of our websites, portals, social media pages, apps or any other software solutions that you may use. Such information is collected through cookies, webhooks, logs, advertising, and analytical techniques.
Payment Information: At the point of sale, payment card information will be taken to facilitate purchases. Genehabit does not store card information; instead, our third-party card processing provider handles it.

How we use this information

We use the personal information you give us in ways that are compliant with this privacy statement and for the primary purposes for which they were acquired. Any personal information you voluntarily provide to us, whether verbally or in writing, will be processed for one or more of the following purposes:

To fulfill our duties in accordance with the terms of the agreement that would have been entered into between you and GeneHabit, as well as to give you the Service for which you would have signed up. You will be informed in advance if the data is used for a purpose other than what was intended.

We will use the information that we collect about you for the following purposes to present, provide, and improve our Services. We primarily use your identifiers, demographic, commercial, internet or other electronic network activity information and preferences to present and provide our Services to you. This includes the following:

Providing you with appropriate search results and personalized content;
Processing your purchases;
Verifying your identity;
Recognize you when you return to our Services;
Providing you notices about your account;
Notifying you about updates or changes to our Services or any DNA Product Partner or other third-party services we offer or provide through our platform.
We provide you with information or services that you otherwise request from us.

To improve our Services or to develop and provide new products and services, we may use your self-reported Information, identifiers, demographic information, biomarker information, commercial information, and internet or other electronic network activity information and preferences as follows:

To track your usage of our Services;
To administer a survey;
To perform quality control and quality improvement activities;
To develop new products and services;
To conduct data analysis about users of our Services, our audience size, and usage trends;
To conduct marketing campaigns and targeted online advertising, and to monitor the success of our marketing activities.

Brand Promotion and Advertising

We may communicate with you from time to time about our products, brands, services, new products and services, discounts, new research participation, and any key information that we deem useful to you.

We may advertise to you directly or via 3rd party including social media. All such advertising will be in accordance with this privacy policy, where you have given your consent to receive such communication, based on your cookie or browser settings and in case we think it is in our legitimate interest. You may change your consent or marketing preference at any time by informing us.

Research and Development Activities

We may include your self-reported information and biomarker information for which you have already provided consent in research and development. We may share such information with 3rd party contractors we engage to run only the R&D activities for GeneHabit. Your information or biomarker data will not be shared with any 3rd party for any other purposes.

We will contact you to get your consent beforehand for any new research that we plan to do. We will request consent from you before including your information, and anonymized samples in any scientific publications.

Information Disclosure

In order to provide the services for which you have signed up, information or data may be disclosed or shared with our employees and third parties. Your Information will not be shared or passed on to unauthorized personnel.

You confirm that you are giving your explicit consent on behalf of yourself and all other people specified in the form when you complete and send us an online form that includes information about another person. You would need to inform the other individuals of the aforementioned Privacy Policy and have also obtained their consent.

You are hereby acknowledging and accepting that GeneHabit may be required to share your personal data with third parties, whether those third parties are directly or indirectly related to GeneHabit, in order to provide the services, you require by using our services and by directly or indirectly collecting personal data. Only the methods outlined below will be used to share the data.

Transfer of information or data may include but is not limited to:

Providers of services: Contractual arrangements with service providers and other third parties enable us to provide and support some of our services. We and our service providers make use of a piece of software called “cookies,” which allows us to collect data about how people use the website and services, manage them more effectively, and deliver services. In order to provide you with the Service, we may, for instance, disclose your information to our Third Party Agents (TPAs), virtual offices, or testing laboratories. In order to provide you with the Service, the company has authorized TPAs representing it in some countries. In order to provide the Service, the labs with which we collaborate may also have access to your data. The standard operating procedures of the laboratory dictate the subsequent storage or disposal of this data.
Cross-border: We may, in order to provide the Service, transfer your data outside of the country to our affiliated companies, subsidiaries, service providers, and authorized third-party agents.
Continuity of Operations: We reserve the right to include your data, including personal data, in the assets transferred to the acquiring or surviving company in the event that GeneHabit enters into a sale of all or part of its assets.
Disclosure of information as required by law: When required by law, a subpoena, or other legal processes, or if we believe disclosure is reasonably necessary, we may be required to disclose certain information.

Your sensitive personal information may be among the details that we may disclose in accordance with this clause. You acknowledge and agree that GeneHabit will only disclose these details if required to do so by law or if we have good reason to believe that doing so is necessary. This disclosure does not include but is not limited to the following:

Implement the GeneHabit Service Agreements;
pursuing an investigation, taking preventative measures, or taking action regarding actual or suspected illegal activities, or assisting law enforcement agencies;
respond to allegations or claims made against GeneHabit by third parties; or safeguard the public’s safety and GeneHabit’s rights, property, or both.

We will inform you when we are required to share any information in accordance with this clause, unless we are prohibited by law or court order, and if time permits. If we think a request is inappropriate, we will challenge it and verify that it is genuine.

It is important to point out that even if the sender and the receiver of the data are in the same country, data sent via the internet can be sent across international borders. As a result, a country with a lower level of data protection than your home country may be used to transmit your data.

Self-Directed Communication and Sharing

Through our website, apps and social media platforms, we may offer you the opportunity to interact with other users and share your information. Please refrain from posting any information that you do not wish to be made public. You can choose which information to share in this way, including sensitive personal data like your genetic information. In accordance with this clause, sharing information is voluntary, and you decide what you share.

Your Personal Data Rights, Updating or Correcting Data

You may have certain rights regarding the processing of your information, subject to applicable law, including:

Change or Correct the Data: You may get in touch with us to change your personal information, especially if it’s wrong. In some cases, we may ask for evidence to support this request.
Data Deletion: You have the right to ask us to delete all or some of your personal information, especially if it is no longer necessary to provide you with the service or if you have finished using the service. However, there are some circumstances in which this may not apply, such as when a test is carried out under Legal/Chain of Custody conditions.
Right to Have Access to and Use of Your Data: You have the right to request a machine-readable copy of your personal data on file.
Refusal to Provide us with Your Personal Information: You have the right not to provide us your information (using this right could prevent us from giving you all the benefits of Our Site and/or Services) or express opposition to the processing of your data.

All requests will be considered based on the nature of services and commitments we have entered to store your information. You can send a data request to [email protected], via the contact us form on our website or write to us at any of our offices to request information, modifications, or deletion of your personal data. We will process your request for modifications, and delete or amend your information after we successfully your identity within 30 days of your request.

Data Security, Retention and Storage Policy

To insure confidentiality, samples are also bar-coded to insure that only you will have access to both your personal information and genetic information. Genehabit will store your bar-coded and anonymized DNA sample for up to 1 year so that you will have the opportunity to be tested for additional genetic variants as new discoveries are made and the science develops. We do this so that new tests can be performed at your request without the need to collect another saliva sample and its associated costs. However, you may have your sample destroyed by sending a written request to us. Your personal genetic information will never be disclosed to a third party without your explicit written consent to do so unless required by law.

GeneHabit uses the Secure Socket Layer (SSL) protocol to encrypt information that is transmitted over the Internet. This technology uses 256-bit encryption, which ensures that confidential information cannot be viewed, intercepted or altered. To the best of our ability, we have taken all necessary precautions to safeguard your data. In fact, in order to safeguard your personal data, we have implemented security rules, policies, and technical measures.

However, by agreeing to use the Service, you acknowledge that security safeguards, by their nature, are capable of being circumvented and that cannot guarantee that personally identifiable information about you will not be accessed by unauthorized people who are able to overcome such safeguards, including actions aimed at accessing information over the Internet.

You should be careful about sharing the results of your Report and any related information. Genetic information that you share with others may be used against your interests. You may wish to seek legal advice to understand the extent of the legal protection of your genetic information before you share it with anybody. Genetic information that you choose to share with your physician or other health care provider may become part of your medical record and may become accessible to other health care providers or insurance. If you are asked by an insurance company whether you have learned about your genetic information and you do not disclose this to them, this may be considered to be a fraud. GeneHabit cannot be responsible for any personally identifiable genetic information about you that you release on your own, or that you request or authorize us to release.

Customers can write to us to request the eradication of their genetic data from our database. In that case, GeneHabit will not be able to offer future services. If you have given explicit consent to the use of genetic or biomarker information and/or self-reported information for any product development or Research and Development purpose, it will not be removed from any ongoing or completed studies that use such Information unless you explicitly revoke your consent in relation to the use of such Information for those purposes. However, we will inform anyone who received your information for research & development that you have closed your account and that the information will not be used in any new research or product development. Any Processors who will keep your information for this purpose will be informed about amendments or deletion and all processors will be recorded by us.

Any paper consent documents will be secured and retained for up to 5 years while any electronic consent documents, consent logs or scanned consent forms, will be retained indefinitely. We will retain information related to orders, consent and services provided to you for accounting and statutory requirements.

Payment Information

At the point of sale, payment card information will be taken to facilitate purchases. Genehabit does not store card information; instead, our third-party card processing provider handles it. Our third-party payment processors receive that data directly, and their privacy policies govern how they use your personal information. The PCI Security Standards Council, a partnership of Visa, Mastercard, American Express, and Discover, oversees these payment processors’ compliances with PCI-DSS standards. The PCI-DSS requirements ensure that payment information is handled securely.

The payment processors we engage:

Strip Secure Payment Gateway – read their privacy policy at https://stripe.com/gb/privacy

PRIVACY POLICY CHANGES

GeneHabit may update our privacy and security policies and practices from time to time. We will continue to use commercially reasonable safeguards against unauthorized disclosure of or access to your genetic data or other personally identifiable information about you. We’ll let you know about those changes by either contacting you via email or another means of communication, such as on a different website feature or page.

How can you get in touch with us with queries?

Please contact our Data Protection Officer at [email protected] if you have any inquiries regarding GeneHabit’s handling of your information or wish to request access to or deletion of your information.

You can contact [email protected] or send us a letter at our registered office address if you are dissatisfied with the way GeneHabit handles your information or would like to provide any other feedback regarding your experience with us.

Different countries may have rights by law in addition to those mentioned above, you may want to refer to your local privacy and data rights organization for further assistance. You may contact your local regulatory authority in case if you are not happy with GeneHabit’s handling of your private data.

Name	Provider	Purpose	Expiration
SIDCC	Google	Security cookies confirm visitor authenticity, prevent fraudulent use of login data, and protect visitor data from unauthorized access.	1 Year
__Secure-1PSIDCC	Google	Cookie required to use website options and services.	1 Year
SID	Google	To provide ad delivery or retargeting, provide fraud prevention.	2 Year
HSID	Google	To provide fraud prevention.	2 Year
SEARCH_SAMESITE	Google	SameSite prevents the browser from sending this cookie along with cross-site requests. The main goal is to mitigate the risk of cross-origin information leakage. It also provides some protection against cross-site request forgery attacks.	6 Month
moove_gdpr_popup	GDPR Cookie Compliance	To store cookie consent preferences.	Session
wp_lang	WordPress	To store language settings.	Session
AEC	Google	Cookies ensure that requests within a browsing session are made by the user, and not by other sites. These cookies prevent malicious sites from acting on behalf of a user without that user’s knowledge.	6 Month
wordpress_test_cookie	WordPress	To read if cookies can be placed.	Session
wp-settings-2	WordPress	These cookies are required and automatically added by the software that runs this website.	210 min from set/update.
wp-settings-time-2	WordPress	These cookies are required and automatically added by the software that runs this website.	210 min from set/update.
wordpress_admin_logged_in	WordPress	Used to determine if the logged-in user is the admin.	1 Year

Name	Provider	Purpose	Expiration
__Secure-3PSIDCC	Google	Targeting cookie. Used to create a user profile and display relevant and personalized Google Ads to the user.	2 Year
__Secure-1PSID	Google	Used for targeting purposes to build a profile of the website visitor's interests in order to show relevant & personalized Google advertising.	2 Year
__Secure-3PAPISID	Google	These cookies are used to deliver more relevant ads for you and your interests.	2 Year
__Secure-1PAPISID	Google	Used for targeting purposes to build a profile of the website visitor's interests in order to show relevant & personalized Google advertising.	2 Year
APISID	Google	These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 Year
SAPISID	Google	These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. SAPISID cookies enable Google to collect user information for videos hosted by YouTube.	2 Year
SSID	Google	These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. SSID cookies enable Google to collect user information for videos hosted by YouTube.	2 Year
__Secure-3PSID	Google	Targeting cookie. Used to profile the interests of website visitors and display relevant and personalized Google ads.	2 Year
1P_JAR	Google	To provide ad delivery or retargeting.	1 Month
NID	Google	To provide ad delivery or retargeting, store user preferences.	6 Month
OTZ	Google	Links activities of website visitors to other devices that are previously logged in via the Google account. In this way, advertisements are tailored to different devices.	1 Month
_fbp	Facebook	To store and track visits across websites.	3 Month
OGP	Google	Cookie required to use website options and services.	1 Month
OGPC	Google	Cookie required to use website options and services.	1 Month
DV	Google	To provide ad delivery or retargeting.	1 Day

Name	Provider	Purpose	Expiration
tk_lr	Jetpack	Referral cookies are used to analyze referrer behavior for Jetpack-connected sites using WooCommerce	1 Year
tk_r3d	Jetpack	Used for the internal metrics for user activities to improve user experience.	3 Day
_ga	Google Analytics	The cookie used by Google Analytics enables a service to distinguish one visitor from another.	2 Year
__utma	Google Analytics	To Store the calculation of days and times to purchase.	Persistent
__utmv	Google Analytics	This is used on sites that make use of the user-defined report in Google Analytics	2 Year
tk_ai	Jetpack	Stores a randomly-generated anonymous ID. This is only used within the admin area and is used for general analytics tracking.	Session
_gid	Google Analytics	To store and count page views.	1 Day
__utmc	Google Analytics	To store the time of visit.	30 Minutes.
tk_or	Jetpack	The tk_or is a referral cookie set by the JetPack plugin on sites using WooCommerce, which analyzes referrer behavior for Jetpack.	5 Year
__utmz	Google Analytics	To store used keywords and search engines.	6 Month

Privacy Policy

Privacy Policy Statement

Key Definitions

What Kind of Information We Collect About You?

Brand Promotion and Advertising

Information Disclosure

PRIVACY POLICY CHANGES

How can you get in touch with us with queries?

Payment Option

Products

Search

Partner Us

Newsletter