Thank you for choosing Picture Genetics. Picture Genetics is a product of Fulgent Genetics, Inc., (“we” or “us”), and we are committed to protecting your privacy.

This Privacy Policy (this “Policy”) describes how we collect, use, store, secure, and disclose your personal information when you access or use our websites, including without limitation www.picturegenetics.com or www.fulgentgenetics.com (the “Websites”), and when you use the Picture Genetics products in relation to our genetic testing and related services (our “Services”).

This Privacy Policy is in addition to and does not replace our Notice of Privacy Practices which explains how we handle personally-identifiable health information under U.S. law. The Services are only available in the United States and Picture Genetics does not collect any personal data from individuals outside the United States.

We may revise this Policy from time to time. All updates will be posted on this web page. If we make any material changes in the way your personal information is handled, we will notify you by email (sent to the email address specified in your account) or by means of a notice on our Websites prior to the change becoming effective.

ACCEPTANCE OF THIS PRIVACY POLICY
Before you use our Services, please read the Picture Genetics Terms of Service, and the Notice of Privacy Practices, as applicable. By accepting the applicable Terms of Service, you agree with our privacy practices as described in this Policy. If you do not agree with the terms of this Policy, please do not access the Websites or use our Services.

TYPES OF PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT
Depending on which of our Services are being used, we process and store different combinations of personal information as set forth in this Policy.

PERSONAL INFORMATION COLLECTED FROM USERS
Through our Services, and based on and by virtue of the consent you provide to us, we may collect and process your personal information, including the following categories:

• Personal details (including first and middle name, last name, birth date and/or age)
• Family relationships (if applicable)
• Address
• Gender
• Ethnicity
• Nationality
• Disease
• Symptoms and other medical information
• The sample material involving genetic data
• Information on user’s insurance (where provided)
• Payment information for services
• Identifiable genetic information; and
• Genetic test results and findings

Such collected personal information is used to provide the Services and test results and to perform the billing. All the collected personal information of a user will be stored for as long as stated in the informed consent form. The personal information will be processed by us for the performance of the specific test that you have purchased, and for informing you (and/or the assigned medical provider) of the results of such analysis, all on the basis of your consent. We will de-identify (pseudonymize) the personal information to the extent possible.

We may also use the personal information to share marketing information about our Services, and to do so, we may process your contact information or information about your interaction with our Services to send you marketing communications, provide you with information about events, webinars, or other materials, deliver targeted marketing to you, and keep you updated about our Services. You can opt-out of our marketing activities at any time by using the “unsubscribe” link in any email communications or by contacting privacy@picturegenetics.com.

PERSONAL INFORMATION COLLECTED FROM VISITORS TO OUR WEBSITES
Generally, anyone is able to visit www.picturegenetics.com (“Main Website”) without disclosing personal information, except as may be necessary to provide a product or service or information at your request. Data are collected from the Main Website only to the extent technically necessary. For example, in some cases we may recognize personal data like the IP address as well as non-personal data like the name of your Internet service provider, the website from which you came to our Main Website, the pages that you view on the Main Website, and what you click on any given page. This data could possibly identify an individual, but Fulgent does not use it to do so.

• Cookies: We use cookies and similar tracking technologies to personalize your experience on our Websites. Please see our Cookie Policy for more information. Without processing your personal information for such purposes, you may not be able to access part or all of our Services. Our servers automatically record information created by your use of our Websites and we use visitor logs to compile anonymous statistics. The aggregate information is collected sitewide and contains anonymous website statistics and is not considered personal information.
• “Do Not Track”: Some browsers incorporate a "Do Not Track" (DNT) or similar feature that signals to digital services that a visitor doesn’t want to have their online activity tracked. Because there is not yet an accepted standard for how to respond to DNT signals, we and our service providers (like many digital service operators) do not respond to DNT signals.

PERSONAL INFORMATION PROVIDED VOLUNTARILY
We collect any personal information that you voluntarily provide to use, such as inquiries through our Main Website for further information about our Services. This information is used only for the purpose of addressing the request received. In cases where social media services may be used, we do not have any influence on the storage and processing of providing personal information via the respective social media service. You are encouraged to review those privacy policies before sending us personal information via a social media service.

INFORMATION WE SHARE
We may disclose your personal information as follows:

• Our service providers, vendors, and other processors. We may share your personal information with our service providers, business partners, or other vendors that help us provide our Services to you. Such entities will be given access as is reasonably necessary to provide our Services, and only under contractual obligations that are at least as restrictive as this Policy and in compliance with applicable privacy laws. Agents, vendors, and service providers who may have access to protected health information and other special categories of personal data are contractually obligated to protect the privacy and security of such information. We share your payment information with our third party payment processor. We do not store any credit card information on our servers.
• Affiliated businesses. We may share your personal information with group companies and affiliates, including Fulgent. Affiliated businesses may use your information to help provide, understand, and improve our Services and the affiliates’ own services.
• Health care providers. We may disclose your personal information to others involved in your care, including your own provider or an independent provider who may review your information to determine whether the Services are appropriate for you, or other diagnostic laboratories.
• Change of control. We may share your personal information as part of a purchase, transfer, or sale of the Services or the company (for example, a corporate restructuring, merger or consolidation with, or sale of substantially all of our assets to a third party).
• Safety and legal compliance. We may share your personal information if we believe that such disclosure is necessary to comply with any applicable laws, regulations, legal processes, or requests by public authorities (e.g., law enforcement, tax authorities, etc.); protect you, us, or other users’ rights or property, or to protect our Services, comply with or enforce our terms, agreements or policies. Such disclosure may be to parties outside the United States.
• Your consent or express actions. We will share personal information when we have your consent to do so. Also, any information or content that you voluntarily disclose for posting in public areas of our Websites, such as blog comments or social media posts on our social media profiles, become available to the public.
• Anonymous or aggregate data. We may share anonymized or aggregated information with any third parties. Such information no longer reasonably identifies you and is not considered personal information.

HOW WE USE AND DISCLOSE DE-IDENTIFIED, ANONYMIZED OR PSEUDONYMIZED INFORMATION
“De-identified” or “pseudonymized” information is data we have stripped of your personally identifiable information, such as your name, address, or birthdate. We retain the ability to re-identify such information. “Anonymized” information is when personal information is stripped of all identifiers and cannot reasonably be linked back to you. We may use “de-identified” or “pseudonymized” information for various purposes, including:

• For quality control and validation:
  • In accordance with regulatory requirements, we may de-identify, store and use users’ samples and information for internal quality control, validation, research and development. This is an important use for us to maintain our high quality Services and to develop new Services.
  • In accordance with regulatory requirements, we may also share de-identified users’ samples and information for quality assurance and validation purposes. Such sharing is essential to maintaining the quality of genetic testing in testing laboratories.
• For research purposes:
  • We may contribute de-identified genetic variants that we have observed in the course of providing our Services to publicly available databases.
  • We may use or disclose de-identified user information for general research purposes. This may include research collaborations with third parties, such as universities, hospitals, or other laboratories, in which we utilize de-identified clinical cases at the individual or in the aggregate, and we may present or publish such information. This may also include commercial collaborations with private companies for research purposes.

To the extent we have relied on your consent to process such de-identified personal information for research purposes, you may withdraw your consent to participate at any time by contacting us at privacy@fulgentgenetics.com. We will not include any such de-identified personal information in new research commencing within 30 days from the receipt of your request. Any research involving your data that has already been performed or published prior to the receipt of your request will not be reversed, undone, or withdrawn.

CHILDREN’S INFORMATION
Our Websites are directed towards adults and are not designed for, intended to attract, or directed towards children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before accessing or using our Websites. If we become aware that we have collected any personal information from children under 16 without appropriate authorization, we will promptly remove such information from our databases.

THIRD-PARTY INFORMATION
You agree that you have provided notice to, and obtained consent from, any third party individuals whose personal information you supply to us, including with regard to (a) the purposes for which such third party’s personal information has been collected; (b) the intended recipients or categories of recipients of the third party’s personal information; (c) which of the third party’s information is obligatory and which information, if any, is voluntary; and (d) how the third party can access and, if necessary, rectify the information held about them.

LINKED WEBSITES
Our Websites may contain links to external websites. We do not maintain these sites and are not responsible for the privacy practices of sites that we do not operate. Please refer to the specific privacy policies posted on these sites.

INFORMATION ACCESS, UPDATES, AND CHOICE
You can update, amend or delete your account information and preferences at any time by logging into your account or by contacting us at privacy@picturegenetics.com.

All our email correspondence will include instructions on how to update certain personal information and how to unsubscribe from our emails and postal mail correspondence. Please follow the instructions in the emails to notify us of changes to your name, email address, and preference information.

We will take reasonable steps, such as confirmation emails or other methods, to verify your identity before granting access to your personal information.

RETENTION
We store your personal information for as long as we need it to provide you our Services, to serve the purpose(s) for which your personal information was processed, or as necessary to comply with our legal obligations, resolve disputes, or enforce our agreements to the extent permitted by law. While retention requirements can vary by country, we generally apply the retention periods noted below.

We store information used for marketing purposes indefinitely until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request. Also, we retain any information collected via cookies, clear gifs, flash cookies, webpage counters and other technical or analytics tools up to one year from expiry of the cookie or the date of collection. If you have any questions about our retention periods, please feel free to contact us at privacy@picturegenetics.com.

SECURITY MEASURES
We use reasonable technical, administrative and physical measures to protect information contained in our system against misuse, loss or alteration. Information that you provide through our Websites is encrypted using industry-standard Secure Sockets Layer (SSL) technology, with the exception of information you send via email. Your information is processed and stored on controlled servers with restricted access, and in compliance with the Security Rule of the Health Insurance Portability and Accountability Act of 1966 (HIPAA). Unfortunately, no method of electronic transmission is 100% secure, so we cannot ensure or warrant the security of any information you transmit to our Websites, and you do so at your own risk. Please do not submit any personal health information or credit card information via email.

Please recognize that protecting your personal information is also your responsibility. You should keep your username, password, ID numbers, or other access credentials secure as Fulgent cannot secure personal information that you release on your own or that you request us to release. If we receive instructions using your log-in information we will consider that you have authorized the instructions.

TRANSFERS OF PERSONAL INFORMATION
We may store, process and transmit personal information in locations around the world, including locations outside of the country or jurisdiction where you are located. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Services.

CONTACT US
If you have any questions regarding this Policy or our privacy practices, you may contact us at:
Picture Genetics
c/o Fulgent Genetics, Inc.
4978 Santa Ana Ave., Suite 205
Temple City, CA 91780
privacy@picturegenetics.com