Last Updated: July 27, 2023
1. ACCEPTANCE OF THIS POLICY AND TERMS
2. LAWS AND POLICIES THAT PROTECT YOU
To keep things simple, we want to help you understand which rules and policies apply to your specific situation. Depending on which type of activity, entity, or individual is involved (consumer, patient, website visitor, provider, or job applicant), we collect, process, and store different categories of personal information; and different laws apply to each.
2.1 CONSUMER-INITIATED GENETIC TESTING FOR EDUCATIONAL PURPOSES
If you are a consumer who is a California resident and initiated an order for our genetic testing kit Services (whether directly via www.picturegenetics.com, or via a third-party website or provider) (“Consumer”), you have certain rights under the Genetic Information Privacy Act (“GIPA”). Please see our GIPA Privacy Notice.
2.2 PROVIDER-INITIATED GENETIC TESTING FOR DIAGNOSIS AND TREATMENT PURPOSES
If you are a patient whose healthcare provider is ordering laboratory testing from Fulgent in order to help evaluate, screen for, diagnose, or treat a certain medical condition, the Health Insurance Portability and Accountability Act (“HIPAA”) applies to you. Please see our HIPAA Notice of Privacy Practices, which explains how we handle personally identifiable health information (“PHI”) under U.S. laws, including HIPAA.
2.3 GENETIC TESTING FOR INTERNATIONAL RESIDENTS
We are located in the United States and may collect, process, and store your information in the United States. If you are located outside the United States, in limited circumstances, your information will be transmitted to us in the United States. When we conduct such transfers, we rely on various legal bases to lawfully transfer your personal information from your country to the United States, including the European Commission-approved Standard Contractual Clauses. Our data protection laws may be less protective than the laws of the jurisdiction in which you reside. If you do not want your information collected, transferred to, processed or maintained in the United States, you should not use our Services.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, applicable data protection laws, including the General Data Protection Regulation (GDPR), give you certain rights. please see our EEA/UK/Switzerland Privacy Notice. Note that we currently do not market or sell consumer-initiated genetic tests in Europe and do not make our Website available to European residents.
2.4 CALIFORNIA RESIDENTS VISITING OUR WEBSITE
If you are a California resident, please see our California Privacy Notice. Under the law, rights afforded by the California Consumer Privacy Act of 2018 (“CCPA”) do not apply to PHI and are instead protected by HIPAA or by GIPA, as discussed above.
2.5 CALIFORNIA RESIDENTS WHO ARE JOB APPLICANTS
3. TYPES OF PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT
3.1 PATIENT’S OR CONSUMER’S INFORMATION
We may collect, process, generate, and share PHI or personal identifiable information of patients or Consumers, including the following categories either directly or through third parties (for example, health care providers):
Fulgent engages in research and development, which helps us improve our Services, build new Services and customized features, or promote medical advancements. For the genetic tests that we perform, you may elect to consent to research at the time the test is requested. If you consent to research, your personal information and remaining sample may be stored and processed for up to 20 years for the further purposes specified in the applicable Informed Consent Form and/or Test Requisition Form; and it may be retained in an anonymized form to support further research, development, and improvement of diagnostic methods and potential therapeutic developments.
3.2 PERSONAL INFORMATION COLLECTED FROM PROVIDERS
In order to provide the Services requested (including testing, billing, etc.), we will collect and process the following personal information from providers:
We may also use the provider’s personal information to share marketing information about our Services. To do so, we may process your contact information or information about your interaction with our Services so that we can send you marketing communications; provide you with information about events, webinars, or other materials; deliver targeted marketing to you; and keep you updated about our Services. You can opt-out of our marketing activities at any time by using the “unsubscribe” link in our email communications or by contacting email@example.com.
3.3 INFORMATION COLLECTED FROM VISITORS TO OUR WEBSITE
Generally, individuals are able to visit our Website without disclosing personal information, except as may be necessary to provide a product or service at their request or for advertising purposes. In some cases, we may recognize personal data like the IP address as well as non-personal data like the name of the visitor’s Internet service provider, the website from which the visitor came to our Website, the pages that the visitor views on the Website, and what the visitor clicks on any given page. This data could possibly identify an individual, but Fulgent does not use it to do so.
“Do Not Track”: Some browsers have a “do not track” or “global privacy control” or “GPC” features that allow you to tell websites that you do not want to have your online activities tracked. For California residents, you may exercise your GPC rights by utilizing the available features on our Website.
3.4 PERSONAL INFORMATION PROVIDED VOLUNTARILY
We also collect personal information that you voluntarily provide to us, such as inquiries through our Website, information you provide about your business, information provided through our portal, etc. We use this information for the purpose of addressing the request received, enforcing agreements, resolving disputes, and as otherwise described in this Policy. In instances where social media services may be used, we do not have any influence on the storage and processing of providing personal information via the respective social media service. You are encouraged to review those privacy policies before sending Fulgent personal information via a social media service.
4. INFORMATION WE SHARE
Subject to the limitations described in our HIPAA Notice of Privacy Practices, COVID-19 FAQs, California Privacy Notice, GIPA Privacy Notice, California Notice to Job Applicants, and the EEA/UK/Switzerland Privacy Notice (which are available on our Website), Fulgent may disclose your personal information as follows:
5. HOW WE USE AND DISCLOSE DE-IDENTIFIED, ANONYMIZED, OR PSEUDONYMIZED INFORMATION
To the extent we have relied on your express consent to process de-identified or pseudonymized personal information in relation to the above (for example, if you are in the EEA, United Kingdom, or Switzerland), you may withdraw your consent to participate at any time by contacting us at firstname.lastname@example.org. Fulgent will not include any such de-identified or pseudonymized personal information in future research commencing within 30 days from the receipt of your valid request. Any research involving your data that has already been performed or published prior to the receipt of your request will not be reversed, undone, or withdrawn.
6. CHILDREN’S INFORMATION
Our Website is directed towards adults and is not designed for, intended to attract, or directed towards children under the age of 18. If you are under the age of 18, you must obtain the authorization of a responsible adult (parent or legal guardian) before accessing or using our Website. If we become aware that we have collected any personal information from children under 18 without appropriate authorization, we will promptly remove such information from our databases.
7. THIRD-PARTY INFORMATION
You agree that you have provided notice to, and obtained consent from, any third party individuals whose personal information you supply to us, including with regard to (a) the purposes for which such third party’s personal information has been collected; (b) the intended recipients or categories of recipients of the third party’s personal information; (c) which of the third party’s information is obligatory and which information, if any, is voluntary; and (d) how the third party can access and, if necessary, rectify the information held about them.
8. LINKED WEBSITES
Our Website may contain links to external websites. Unless clearly noted otherwise, Fulgent does not maintain these sites. Fulgent is not responsible for the privacy practices of sites that it does not operate. Please refer to the specific privacy policies posted on these sites.
9. INFORMATION ACCESS, UPDATES, AND CHOICE
You can update, amend, or delete your account information and preferences at any time by logging into your Provider Portal or Patient Portal Account or by contacting us at email@example.com. When you make a valid request, we will provide you with instructions on how to update certain personal information and how to unsubscribe from our emails and communications. Please follow the instructions when necessary to notify Fulgent of changes to your name, email address, and preference information.
Fulgent will take reasonable steps to verify your identity, including via verification and confirmation emails, before granting access to your personal information.
We store your personal information for as long as we need it in connection with the Services; to serve the purpose(s) for which your personal information was processed; or as necessary to comply with our legal obligations, resolve disputes, or enforce our agreements to the extent permitted by law.
We store information used for marketing purposes indefinitely, until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we honor your unsubscribe request. If you have any questions about our retention periods, please feel free to contact us at firstname.lastname@example.org.
11. SECURITY MEASURES
We have implemented reasonable technical, administrative, and physical measures to protect information contained in our system against misuse, loss, or alteration and to safeguard your personal information. Information that you provide through our Website or transmitted via email by us is encrypted using industry-standard Secure Sockets Layer (SSL) technology. Your personal information is processed and stored on controlled servers with restricted access, and, if applicable, in compliance with HIPAA and other applicable laws. Unfortunately, no method of electronic transmission is 100% secure, so we cannot ensure or warrant the security of any information you transmit to our Website, and you do so at your own risk. Please do not submit any personal health information or credit card information to us via email.
Please recognize that protecting your personal information is also your responsibility. You should keep your username, password, ID numbers, or other access credentials secure, as Fulgent cannot secure personal information that you release on your own or that you request us to release. If we receive instructions using your log-in information, we will consider that you have authorized the instructions.
12. CONTACT US
If you have any questions regarding this Policy or our privacy practices, contact us at:
ATTN: Privacy Officer
4399 Santa Anita Ave
El Monte, CA 91731