Fzero Genomics puts your privacy first. This document outlines general security and privacy practices that we implement. Please contact us at [email protected] with any questions.
Fzero Genomics gives you control over your genetic information. We want you to decide how your information is used and with whom it is shared.
You decide how your information is stored, used and shared.
There are several important decisions you can make:
- Whether or not to store your saliva sample.
- If you wish your account to be visible to other Fzero Genomics users.
Your decisions concerning how your information is stored, used and shared can be changed at any time.
We take great care to design our product with privacy in mind. And we think it is important for you to understand how we handle your information. Below is an overview of the information we collect, how it is used and when it is disclosed.
Types of information we collect
We collect personal information from you when you register and use the site, such as your name, credit card, email and web behavior information (such as your IP address). Through the saliva sample and the survey responses you provide to us, we collect genetic, phenotypic and familial information.
How we store your information
Your personal and registration information is stored separately from any genetic information to reduce the likelihood that you could be identified. Your information is assigned a randomized customer identification number for identification and customer support services. Your genetic information is only identified using a barcode system.
How we keep your research details private
If you provide responses to our online surveys and opt into our research program, your genetic information is stripped of personally identifying information and transferred into our research environment where it is stored with your survey response data and is assigned a randomized research identification number.
We will not sell, lease or rent your individual-level information to any third party or to a third party for research purposes without your explicit consent. However, we do use and share aggregate information with third parties in order to perform business development, initiate research, send you marketing emails and improve our services.
Aggregate information has been stripped of your personal details (e.g., your name and contact information) and aggregated with the information of others so that you cannot reasonably be identified as an individual.
Considerations for children and incapacitated individuals
We care strongly about protecting the information of children and other individuals who do not have the legal capacity to make decisions for themselves. In the case of children, a parent or guardian may collect a saliva sample from, create an account for, and provide information related to his or her child. The parent or guardian assumes full responsibility for ensuring that the information he or she provides to Fzero Genomics about his or her child is kept secure and that the information submitted is accurate.
When a customer has lost capacity or passed away, we will only give their account information to individuals who are legally authorized to make decisions on their behalf, such as an executor, a personal representative, or a beneficiary of a deceased's estate. The person requesting the information must complete an authorization form and provide evidence and legal documentation indicating they are allowed to act on behalf of the individual before we will provide any information.
Law enforcement requests
We work very hard to protect your information from unauthorized access from law enforcement. However, under certain circumstances, your information may be subject to disclosure pursuant to a judicial or other government subpoena, warrant or order, or in coordination with regulatory authorities. If such a situation arises, we have to comply with valid governmental requests and we will notify the affected individual(s) unless the legal request prevents us from doing so.
Insurance company & employer requests
Fzero Genomics will not provide any person's data (genetic or non-genetic) to an insurance company or employer without authorisation from you the client.
Fzero Genomics believes genetic information, as well as the systems put in place to protect it, deserve the highest level of security. Fzero Genomics employs software, hardware and physical security measures to protect the computers where customer data is stored. We use robust authentication methods to access our systems. Personal information and genetic data are stored in physically separate computing environments, which is in line with the industry standards for security. It is important to note Fzero Genomics cannot protect your information if you share it with others. In addition, despite using the most current technical and industry guidelines for protection of your information, it is never possible to fully guarantee against breaches in security.
- Security by Design. Fzero Genomics produces secure applications by design, by following principles such as Confidentiality, Integrity and Availability. Fzero Genomics incorporates explicit security reviews in the software development lifecycle, quality assurance testing and operational deployment.
- Separation of Environments. Fzero Genomics ensures processing, production, and research environments are separated and access is restricted.
- Availability and Resilience. Fzero Genomics' application components are deployed in a highly redundant configuration, in geographically distributed data centers to minimize any disruption. This ensures high availability of Fzero Genomics services and prevents data loss of our customers' information.
- Access Controls. At Fzero Genomics all access is limited to authorized personnel, based on job function and roles. Fzero Genomics access controls include multi-factor authentication, single sign-on, and follow a strict least-privileged authorization policy by default. Fzero Genomics also uses industry standard, advanced protocols for authorization to supported internal platforms and Third-Party Apps. Furthermore, access to genetic and account information is enforced through different policies and encryption keys. That means your genetic information requires additional privileges to access.
- Encryption. Fzero Genomics uses industry standard security measures to encrypt sensitive personal data at rest. Fzero Genomics also uses HTTPS by default to encrypt all data in transit.
- Monitoring and Logging. Fzero Genomics uses state of the art intrusion detection and prevention measures to stop any potential attacks against its networks. Monitoring and logging used at Fzero Genomics provides real-time monitoring, correlation and analysis of logs and alerts across virtually any system implemented.
- Security Awareness and Training. Fzero Genomics requires all of our employees to complete security and privacy training
Fzero Genomics offers customers the opportunity to participate in conducting research. Participating in our research is completely voluntary. Customers can choose not to consent to research, and choosing not to participate will not impact their Fzero Genomics experience.If you choose to consent to participate in research, your data will be used to help power the work done by Fzero Genomics scientists or third-party researchers working with Fzero Genomics. Consenting allows our researchers, or approved third-party researchers, to use a customer's de-identified data in aggregate for a variety of studies.