A. Smart EpiGenetX LLC, owns and operates the www.nutricare.life website, NutriCare.Life web and mobile applications are collectively referred to herein as the “Platform”. (“We,” or “us” or "Platform") knows that you care how Personal Information about you is collected, used, shared and stored. “Personal Information” means information that personally identifies you, including your Enrollment Information, Health Goals, Medical History, Medical Analysis such as Genetic, Blood, Urine Data, and Consent Form. A large portion of the Personal Information we collect, use, share, and store is sensitive in nature, including, any and all medical information, for example, Genetic Data & Other Personal Information.
“GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
“EU/EEA” includes all current member states of the European Union and the European Economic Area.
“Process”, in respect of personal data, includes collecting, storing and disclosing to others.
Smart EpiGenetX complies with the legal provisions regarding the use of personal data (including genetic data), as established by REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016, on the protection of natural persons with regard to data processing personal and the free circulation of this data
2. MOBILE PRIVACY:
3. BASED IN THE EUROPEAN UNION:
Smart EpiGenetX LLC operates in the European Union and is a corporation organized under the laws of Romania and the European Union. The servers that host this Site are located in the European Union, and any Personal Information you provide to us will be processed by Smart EpiGenetX in the European Union. By using this Service, your data will be in the European Union.
4. PERSONAL INFORMATION WE COLLECT OR YOU MAY PROVIDE:
A. You can visit our Platform without telling us who you are or revealing any Personal Information about yourself.
B. You provide us with Personal Information when you register to use the Service on the Platform:
i) To create an account and enrol Your name Your email address; Your physical addresses; Your telephone number(s); Your credit card information are collected by our third-party payment processors. Your credit card numbers are not stored on our database or servers; Date of Birth; Gender; Unique user name and password
ii) To use the Services in addition to Enrollment Information (“Genetic, Blood and Urine Data & Other Personal Information”): Genetic Data resulting from your genotyping or whole-genome sequencing, Blood and Urine Data. Medical information means, by way of example, your biometrics, medications, procedures, lab work and health records. A family history that includes information about you, your parents, grandparents, other relatives, siblings, uncles or children. Lifestyle information means, by way of example, your nutrition, activities, sleep, stress, smoking/alcohol, relationship, confidential history, and environmental factors).
C. Smart EpiGenetX integrates genomic and clinical data with behavioural analysis to support users assess malnutrition status and engage patients with their Health Care providers and help Health Care providers create a detailed action plan uniquely suited to the patient including supplementation routines and other recommendations. You decide if and how you want to disclose your Personal Information to third parties other than your physician or medical professional.
D. We may also collect Personal Information from you as a result of your email communications with us, requests for information, products or services, your posts on our Site, completion of surveys or to apply for employment.
E. Any Personal Information you post on a community forum or the public pages of our Platform is available to the public without any expectation of privacy or confidentiality. Copies may remain viewable in cached and archived pages or if other users have copied or stored this Personal Information even if you remove it. To request the removal of your Personal Information from these areas of our Site, contact us at firstname.lastname@example.org
F. You are required to enter your Personal Information as opposed to a third party on your behalf. You promise the Personal Information will be current, accurate and complete to your best knowledge at the time provided and will use reasonable efforts to update all Personal Information as appropriate. Smart EpiGenetX disclaims any legal duty to verify the accuracy of any Personal Information you provide to us.
G. We display personal testimonials on our Site in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at email@example.com.
5. HOW WE USE YOUR PERSONAL INFORMATION:
We compile, save, use and analyze your Personal Information in both a personally-identifiable form and an aggregated, non-personally identifiable form, to operate, maintain, improve, and provide to you the Service and to conduct our business. We use this information to Register you as a user and to identify you when you sign in to your account; Administer your account; Provide Recommendations; Respond to your inquiries, customer service requests, complaints or your job application; Verify activity as we deem necessary; Send you a newsletter or other promotional communications; Conduct research and analyze data for our business purposes and to improve our Service or customize our communications with you; Communicate with you;
6. HOW WE SHARE YOUR PERSONAL INFORMATION WITH THIRD PARTIES:
B. We share: (i) Your Personal Information with your Physician or other medical professionals under your direction (ii) Your Personal Information: With business partners or service providers (e.g. credit card processors or our contracted genotyping laboratory) to process and/or store the information in order to help us provide, understand or improve our Services. These companies are authorized to use your personal information *only as necessary to provide* these services to us. As required by law, such as to comply with reporting requirements, a subpoena, or similar legal process in connection with an investigation of fraud, intellectual property infringement, piracy, or other unlawful activity or as we believe reasonably necessary to protect or enforce our rights, protect your safety or the safety of others. With any third party with your prior consent to do so.
C. For genotyping, you or we will send your saliva sample to our third-party Clinical Laboratory Improvement Amendments (CLIA) certified laboratory partner (“Laboratory”). The sample will be labelled with a unique barcode and no other identifier. To protect your privacy, receiving personnel at the laboratory will remove and discard any identifying information (e.g. name, address) included with saliva samples before testing personnel receive the samples for genotyping. Receiving personnel do not perform testing, and testing personnel only handle samples labelled with the unique barcode. DNA samples are destroyed after 25 years or until the sample is depleted. DNA belongs to the customer. Customers can request that we remove the data, but keep the DNA stored. Customers can request that we keep the data, but not store the DNA. Customers can request that we remove the data and not store the DNA. Smart EpiGenetX acts per the customer’s instruction.
The laboratory securely sends the resulting Genetic, Blood and Urine Data to us along with your unique barcode. Genetic, Blood and Urine Data is encrypted and stored securely; the laboratory also stores your Genetic, Blood and Urine Data but is labelled only with a sample barcode.
E. We may also share your Personal Information in the event that the business of Smart EpiGenetX is transferred to another entity by way of merger, sale of the company’s assets, or otherwise. In such an event, you will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
7. HOW WE STORE AND PROTECT YOUR PERSONAL INFORMATION:
A. We may store Personal Information in locations outside our direct control (for instance, on servers or databases co-located with hosting providers).
B. We use Security Sockets Layer (SSL) encryption technology to encrypt sensitive personal information (such as your Genetic, Blood and Urine Data and Profile and Smart EpiGenetX login credentials) before it travels over the internet. Credit card numbers are never stored on our database or servers.
C. The security and protection of your Personal Information are important to us. We have implemented physical and technical security safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the electronically protected health information we receive, maintain and transmit. Ultimately, security is a shared responsibility of the users of Smart EpiGenetX. Protecting your Personal Information is also your responsibility. You are responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access Smart EpiGenetX. You should not disclose your authentication information to any third party and should immediately notify Smart EpiGenetX of any unauthorized use of your password. Smart EpiGenetX cannot secure Personal Information that you release on your own or that you request us to release. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Site, you can contact us at firstname.lastname@example.org.
8. COMPROMISE OF PERSONAL INFORMATION:
Personal Information, once released or shared, can be difficult to contain. We will notify promptly those affected by a security breach. Notwithstanding, Smart EpiGenetX: (a) is not responsible or liable for any consequences that may result because you have released or shared Personal Information with a third party; and (b) does not accept liability for any unintentional disclosure or a disclosure that occurs due to a security breach of our systems or facilities.
9. USER ACCESS AND CHOICE:
A. You may, of course, decline to submit Personal Information to us; in which case, you may not be able to use certain Services.
B. You are free to access your Personal Information by contacting our Customer Service department by email at email@example.com. You can request your Personal Information be modified by sending an email to us at firstname.lastname@example.org with the words “UPDATE MY INFORMATION” in the subject line. We will not delete your Personal Information to the extent that it may be used in an aggregated, non-personally identifiable form to improve our Service. At any time, Smart EpiGenetX may require you to submit additional Personal Information to verify your identity or to protect your security and privacy. For your information, please note that it is our practice to monitor and in some cases record calls for staff training and quality assurance purposes. We will respond to your request within 30 days.
10. NOTIFICATION, ELECTRONIC COMMUNICATION AND OPT-OUT:
A. You consent to our using your email address and other forms of communication to send you Service-related notices, including any notices required by law, in lieu of communication by postal mail. You may not opt-out of some Service-related communications.
B. Upon registration, or on other areas of the site, you may opt-in to receive periodic messages from us, including changes to features of the Service, newsletters, promotions and special offers. If you wish to subscribe to these emails and other forms of communication, we will use your name, email address, and/or phone number to send them to you. Out of respect for your privacy, you may choose to stop receiving our newsletter, marketing emails, or sms notifications by following the unsubscribe instructions included in these emails and notifications. Opting out may prevent you from receiving messages regarding updates, improvements, or offers.
11. CHILDREN’S PRIVACY:
The Platform is for use by adults only. If you are not over 18 years of age, do not use this Site. Smart EpiGenetX is committed to protecting the privacy of children. We do not intentionally collect Personal Information from any person we actually know who is under the age of 18. If we learn that we have collected Personal Information from a child under the age of 18, we will delete that information as quickly as possible. If you believe that we might have any Personal Information from a child under 18, please contact us at email@example.com.
12. COOKIES, WEB BEACONS, AND OTHER SIMILAR TECHNOLOGIES
A cookie is a small data file that is placed on the hard drive of your computer when you visit a Site. A “session cookie” expires immediately when you end your session (i.e., close your browser). A “persistent cookie” stores information on the hard drive so when you end your session and return to the same Site at a later date, the cookie information is still available. A web beacon is a small string of code that represents a clear graphic image and is used in conjunction with a cookie.
When you visit our Site, we may use both a session and a persistent cookie. This Smart EpiGenetX-placed cookie may contain information (such as a unique user ID) that is used to track your usage of our Site and in some cases, your e-mail address. Your e-mail address is only saved in this Smart EpiGenetX-placed cookie if you register with us. A web beacon allows us to capture certain additional types of information about a visitor’s actions on a website, such as a visitor’s cookie number, the time, date, duration and the number of page views, a description of the page where the Web beacon is placed, and details about any items that were purchased.
13. LINKS TO OTHER WEBSITES, BLOGS/FORUMS AND SOCIAL MEDIA WIDGETS:
B. Our Platform may offer a publicly accessible blog. You should be aware that any information you provide in these areas may be displayed publicly and read, collected, and used by others who access them. To request the removal of your personal information from our blog, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
D. Among the vendors whose services we employ may be companies that help us deliver online advertisements such as banner ads. These companies may collect and use the information you provide to us to better understand the offers, promotions, and types of advertising that are most appealing to our customers. After the information is collected by these third parties, it is aggregated so it is not personally identifiable or tied to you or any other user. If you would prefer that these companies not collect your information, please contact email@example.com.
14. ENGLISH LANGUAGE:
15. USAGE DATA
We record how you interact with our Service. For example, we may log your taps/clicks on certain areas of the interface, the features and content you interact with, how often and for how long you use the Site, and your accessed services.
16. ADVERTISING IDS
We collect your Apple Identifier for Advertising (IDFA) or Google Advertising ID (AAID) (depending on the operating system of your device) when you access our Site from a mobile device. You can typically reset these numbers through the settings of your device’s operating system (but we do not control this).
17. FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA
We process your personal data:
A. To provide our Service
This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues. For this purpose, we, in particular, will send you your customized food list, supplement list, and meal plan to your email, which you will indicate during the purchase or nutrients to the provided address
B. To customize your experience
We process your personal data, such as your goals (for example, target weight), to adjust the content of the Service and make offers tailored to your personal preferences. For example, we ask you to provide us with your body measures in order to calculate, in particular, recommended daily amount of nutrients.
C. To provide you with customer support
E. To communicate with you regarding your use of our Service
We communicate with you, for example, by email. These may include, for example, emails with information about the Service.
The services that we use for these purposes may collect data concerning the date and time when the message was viewed by the Website’s users, as well as when they interacted with it, such as by clicking on links included in the message.
We use email marketing providers, which is a marketing personalization and retention platform, to deliver tailored email messages to our users.
F. To research and analyze your use of the Service
This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Platform and our new products. We also use such data for statistical analysis purposes, to test and improve our offers. This enables us to better understand what features and sections of the Platform our users like more, and what categories of users use our Platform. As a consequence, we often decide how to improve the Platform based on the results obtained from this processing.
18. WHAT THIRD-PARTY SERVICES DO WE USE FOR THIS PURPOSE?
B. To analyze how visitors use our Platform and to measure the effectiveness of some ads we use Google Analytics, a web analysis program of Google. In order to provide us with analytics, Google Analytics places cookies on your device. On Google Analytics we get, in particular, aggregated information on the data you enter on our Platform and users’ interactions within the Platform. Google allows you to influence the collection and processing of the information generated by Google, in particular, by installing a browser plug-in, available here. You can read more about how Google uses the information here.
19. TO SEND YOU MARKETING COMMUNICATIONS
We process your personal data for our marketing campaigns. We may add your email address to our marketing list. As a result, you will receive information about our products, such as for example, special offers. If you do not want to receive marketing emails from us, you can unsubscribe by following the instructions in the footer of the marketing emails.
20. TO PERSONALIZE OUR ADS
We and our partners, including Facebook and Google, use your personal data to tailor ads and possibly even show them to you at the relevant time. For example, if you have accessed our Platform, you might see ads for our products, for example, in your Facebook feed.
21. HOW TO OPT OUT OR INFLUENCE PERSONALIZED ADVERTISING
iOS: On your iPhone or iPad, go to “Settings,” then “Privacy” and tap “Advertising” to select “Limit Ad Track”. In addition, you can reset your advertising identifier (this also may help you to see less of personalized ads) in the same section.
Android: To opt out of ads on an Android device, simply open the Google Settings app on your mobile phone, tap “Ads” and enable “Opt-out of interest-based ads”. In addition, you can reset your advertising identifier in the same section (this also may help you to see less personalized ads).
22. TO LEARN EVEN MORE ABOUT HOW TO AFFECT ADVERTISING CHOICES ON VARIOUS DEVICES, PLEASE LOOK AT THE INFORMATION AVAILABLE HERE.
In addition, you may get useful information and opt out of some interest-based advertising, by visiting the following links:
Network Advertising Initiative – http://optout.networkadvertising.org/
Digital Advertising Alliance – http://optout.aboutads.info/
Digital Advertising Alliance (Canada) – http://youradchoices.ca/choices
Digital Advertising Alliance (EU) – http://www.youronlinechoices.com/
DAA AppChoices page – http://www.aboutads.info/appchoices
Browsers: It is also may be possible to stop your browser from accepting cookies altogether by changing your browser’s cookie settings. You can usually find these settings in the “options” or “preferences” menu of your browser. The following links may be helpful, or you can use the “Help” option in your browser.
Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari web and iOS
What third-party services do we use for this purpose?
We value your right to influence the ads that you see, thus we are letting you know what service providers we use for this purpose and how some of them allow you to control your ad preferences.
We use Facebook pixel on the Site. Facebook pixel is a code placed on the Platform collecting data that helps us track conversions from Facebook ads, build a targeted audience and remarket to people who have taken some action on the Site (for example, purchased a meal plan).
We also use Facebook Ads Manager together with Facebook Custom Audience, which allows us to choose audiences that will see our ads on Facebook or other Facebook products (for example, Instagram). Through Facebook Custom Audience we may create a list of users with certain sets of data, such as an IDFA, and choose users that have completed certain actions on the Platform. As a result, we may ask Facebook to show some ads to a particular list of users. As a result, more of our ads may show up while you are using Facebook or other Facebook products (for example, Instagram). You may learn how to opt out of advertising provided to you through Facebook Custom Audience here.
Facebook allows its users to influence the types of ads they see on Facebook. To find out how to control the ads you see on Facebook, please go here or adjust your ads settings on Facebook.
Google Ads is an ad delivery service provided by Google that can deliver ads to users. In particular, Google allows us to tailor the ads in a way that they will appear, for example, only to users that have conducted certain actions with our Site (for example, show our ads to users who visited our Website). This remarketing could be in the form of an advertisement on the Google search results page or a site in the Good Display Network.
23. TO PROCESS YOUR PAYMENTS
We provide paid products and/or services within the Service. For this purpose, we use third-party services for payment processing (for example, payment processors). As a result of this processing, you will be able to make a payment for a customized meal plan and we will be notified that the payment has been made and will send you the meal plan.
We will not store or collect your payment card details ourselves. This information will be provided directly to our third-party payment processors.
24. TO ENFORCE OUR TERMS AND CONDITIONS OF USE AND TO PREVENT AND COMBAT FRAUD
We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions of Use).
25. TO COMPLY WITH LEGAL OBLIGATIONS
We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means.
In this section, we are letting you know what legal basis we use for each particular purpose of processing.
WE PROCESS YOUR PERSONAL DATA UNDER THE FOLLOWING LEGAL BASES:
to perform our contract with you.
Under this legal basis we:
- Provide our Service (in accordance with our Terms and Conditions of Use)
- Customize your experience
- Manage your account and provide you with customer support
- Communicate with you regarding your use of our Service
- Process your payments
- for our (or others') legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data;
We rely on legitimate interests:
- to communicate with you regarding your use of our Service. The legitimate interest we rely on for this purpose is our interest to encourage you to use our Service more often. We also take into account the potential benefits to you, which may lead you to a better and healthier lifestyle.
- to research and analyze your use of the Service. Our legitimate interest for this purpose is our interest in improving our Service so that we understand users’ preferences and are able to provide you with a better experience (for example, to make the use of the Platform easier and more enjoyable, or to introduce and test new features).
- to send you marketing communications. The legitimate interest we rely on for this processing is our interest to promote our Service in a measured and appropriate way.
- to personalize our ads. The legitimate interest we rely on for this processing is our interest to promote our Service in a reasonably targeted way.
- to enforce our Terms and Conditions of Use and to prevent and combat fraud. Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorized use of the Service, and non-compliance with our Terms and Conditions of Use.
- to comply with legal obligations.
26. WITH WHOM DO WE SHARE YOUR PERSONAL DATA
We share information with third parties that help us operate, provide, improve, integrate, customize, support, and market our Service. The types of third parties we share information with include, in particular:
We share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We may share your personal information with the following types of service providers:
cloud storage providers
data analytics providers
marketing partners (in particular, social media networks, marketing agencies, and email delivery services)
Law enforcement agencies and other public authorities
We may use and disclose personal data to enforce our Terms and Conditions of Use, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.
27. HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS
To be in control of your personal data, you have the following rights:
Accessing/reviewing/updating/correcting your personal data. You may review, edit, change, or request a copy of your personal data collected during your use of the Platform at firstname.lastname@example.org.
Deleting your personal data. You can request the erasure of your personal data by sending us an email at email@example.com
When you request the deletion of your personal data, we will use reasonable efforts to honour your request. In some cases, we may be legally required to keep some of the data for a certain time; in such an event, we will fulfil your request after we have complied with our obligations.
Objecting to or restricting the use of your personal data. You can ask us to stop using all or some of your personal data or limit our use thereof by sending a request to firstname.lastname@example.org
The right to lodge a complaint with a supervisory authority. We would love to contact us directly, so we could address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or where the alleged infringement has taken place.
The right to data portability. If you wish to receive your personal data in a machine-readable format, you can send a respective request to email@example.com
28. INTERNATIONAL DATA TRANSFERS
In particular, if we transfer personal data originating from the EU to countries with not an adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the EU-U.S. Privacy Shield Framework (details available here), or (iii) the European Commission adequacy decisions about certain countries (details available here).
30. DATA RETENTION
31. HOW “DO NOT TRACK” REQUESTS ARE HANDLED
This Service does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honour the “Do Not Track” requests, please read their privacy policies.
32. PERSONAL DATA CONTROLLER
Smart EpiGenetX Limited, is a company registered in the Republic of Romania with a registered office at Pipera Blvd. 4C, vila C5, Voluntari, Romania, 077191 will be the controller of your personal data.
33. CONTACT US
Effective as of 1 March 2020