Effective Date: July 1, 2020
These “Privacy Highlights” provide an overview of some core components of our data handling practices. Please be sure to review the Full Privacy Statement.
Information We Collect
We generally collect the following information:
- Information you share with us. We collect and process your information when you place an order, create an account, register your Juno Diagnostics kit, complete research surveys, post on our Forums or use other messaging features, and contact Customer Care. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content as defined in our full Privacy Statement.
- Information from our DNA testing services. With your consent, we extract your DNA from your blood sample and analyze it to produce your Genetic Information in order to provide you with Juno Diagnostics reports.
How We Use Information
We generally process Personal Information for the following reasons:
- To provide our Services. We process Personal Information in order to provide our Service, which includes processing payments, shipping kits to customers, creating customer accounts and authenticating logins, analyzing blood samples and DNA, and delivering results.
- To analyze and improve our Services. We constantly work to improve and provide new reports, tools, and Services. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience or assess our marketing campaigns.
- For Juno Diagnostics Research, with your consent. If you choose to consent to participate in Juno Diagnostics Research, Juno Diagnostics researchers can include your de-identified Genetic Information and Self-Reported Information in a large pool of customer data for analyses aimed at making scientific discoveries.
Control: Your Choices
You have the ability to make decisions about how your data is shared and used. You choose:
- When and with whom you share your information, including friends, family members, health care professionals, or others outside our Services, including through third party services that accept Juno Diagnostics data and social networks.
- To give or decline consent for Juno Diagnostics Research. By agreeing to the Research Consent Document, Individual Data Sharing Consent Document, or participating in a Juno Diagnostics Research Community you can consent to the use of your de-identified data for scientific research purposes.
- To delete your Juno Diagnostics account and data, at any time.
Access To Your Information
Your Personal Information may be shared in the following ways:
- With our service providers, as necessary for them to provide their services to us.
- With qualified research collaborators, with your consent.
Juno Diagnostics will not sell, lease, or rent your personal information to a third party for research purposes without your explicit consent.
- We will not share your data with any public databases.
- We will not provide any person’s data (genetic or non-genetic) to an insurance company or employer.
- We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information.
How We Secure Information
Juno Diagnostics implements reasonable measures and systems to ensure confidentiality, integrity, and availability of Juno Diagnostics data. These practices include, but are not limited to, the following areas:
- Encryption. Juno Diagnostics uses industry-standard security measures to encrypt Personal Information both when it is stored and when it is being transmitted.
- Limited access to essential personnel. We limit access of information to authorized personnel, based on job function and role. Juno Diagnostics access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.
Effective Date: July 1, 2020
This Privacy Statement applies to all websites owned and operated by Juno Diagnostics, Inc. (“Juno Diagnostics”), including www.junodx.com, and any other websites, pages, features, or content we own or operate, and to your use of the Juno Diagnostics web service content and mobile app and any related Services. Our Privacy Statement is designed to help you better understand how we collect, use, store, process, and transfer your information when using our Services.
Please carefully review this Privacy Statement and our Terms of Service (“TOS”). Unless otherwise defined in this Privacy Statement, terms used in this Privacy Statement have the same meanings as terms defined in our TOS. By using our Services, you acknowledge all of the policies and procedures described in the foregoing documents. If you do not agree with or you are not comfortable with any aspect of this Privacy Statement or our TOS, you should immediately discontinue use of our Services.
1. Key Definitions
- Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
- De-identified Information: information that has been stripped of your Personal Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual.
- Personal Information: information that can be used to identify you, either alone or in combination with other information. Juno Diagnostics collects and stores the following types of Personal Information:
- Registration Information: information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, address, user ID and password, and payment information).
- Genetic Information: information regarding your DNA generated through processing of your blood by Juno Diagnostics or by its contractors, successors, or assignees; or otherwise processed by and/or contributed to Juno Diagnostics.
- Self-Reported Information: information about yourself, including your health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys or forms.
- User Content: information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials – other than Genetic Information and Self-Reported Information-generated by users of Juno Diagnostics Services and transmitted, whether publicly or privately, to or through Juno Diagnostics.
- Web-Behavior Information: information on how you use any Juno Diagnostics owned Websites (e.g. browser type, domains, page views) collected through log files, cookies, and web beacon technology.
2. Information we collect
Information you provide directly to us or through a third party
- Registration Information. When you purchase our Services or create a Juno Diagnostics account, we collect Personal Information, which may include your name, date of birth, billing and shipping address, payment information (e.g., credit card) and contact information (e.g. email, phone number and license number).
- Self-Reported Information. You have the option to provide us with additional information about yourself through surveys, forms, features and applications.
- User Content. Some of our Services may allow you to create and post or upload content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission (“User Content“). For example, User Content includes any discussions, posts, or messages you send on our Forums.
- Social media features and widgets. Our Services may include Social Media Features, such as the Facebook “Like” or “Share” button and widgets (“Features”). These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. They may also allow third party social media services to provide us information about you, including your name, email address, and other contact information. The information we receive is dependent upon your privacy settings with the third-party social media service. Features are either hosted by a third party or hosted directly on our site. Your interactions with these Features are governed by the privacy statements of the third-party companies providing them. You should always review and, if necessary, adjust your privacy settings on third party websites and services before linking or connecting them to our website or Service.
- Third-party services (e.g., social media). If you use a third-party site, such as Facebook or Twitter, in connection with our Services to communicate with another person (e.g., to make or post referrals or to request that we communicate with another person), then in addition to that person’s name and contact information, we may also collect other information (e.g., your profile picture, network, gender, username, user ID, age range, language, country, friends lists or followers) depending on your privacy settings on the third party site. We do not control the third-party site’s information practices, so please review the third party’s privacy statement and your settings on the third party’s site carefully.
- Third-party sign in. You may create a Juno Diagnostics account and/or sign in to our Services using an account you created with a third-party service, such as Google. If you provide authorization to Juno Diagnostics, we will collect and use the information you share with us via that third-party service (such as your email address, name, and date of birth as specified in your third party service account) in accordance with this Privacy Statement. You are responsible for managing your credentials for your third-party service account, and for maintaining the security of your third-party service account. Juno Diagnostics does not have access to the credentials for your third-party service account. If you choose to use third party sign in and you lose access to your credentials for your third-party service account, you may not be able to access your Juno Diagnostics account. You may manage authorization for third party sign in through your Juno Diagnostics Account Settings or through your third-party service account.
- Referral information and sharing. When you refer a person to Juno Diagnostics or choose to share your Juno Diagnostics results with another person, we will ask for that person’s email address. We will use their email address solely, as applicable, to make the referral or to communicate your sharing request to them, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for Juno Diagnostics to communicate (e.g., via email) with him or her. The person you referred may contact us at email@example.com to request that we remove this information from our database.
- Customer service. When you contact our customer service department or correspond with us about our Service, we collect information to: track and respond to your inquiry; investigate any breach of our TOS, Privacy Statement or applicable laws or regulations; and analyze and improve our Services.
Information related to our genetic testing services
- Blood sample and biobanking. To use our genetic testing services, you must purchase a Juno Diagnostics Service testing kit, create an online account and register your kit, and ship your blood sample to us or our third-party laboratory. Your DNA will be extracted from your blood sample for analysis.
- Genetic Information. Information regarding your Genetic Information is generated when we analyze and process your blood sample, or when you otherwise contribute or access your Genetic Information through our Services. Genetic Information includes the Juno Diagnostics results reported to you as part of our Services, and may be used for other purposes, as outlined in Section 3 below.
- Web-Behavior Information collected through tracking technology (e.g. from cookies and similar technologies)
- help us recognize you when you use our Services;
- customize and improve your experience;
- provide security;
- analyze usage of our Services (such as to analyze your interactions with the results, reports, and other features of the Service);
- gather demographic information about our user base;
- offer our Services to you;
- monitor the success of marketing programs; and
- serve targeted advertising on our site and on other sites around the Internet.
We may receive reports based on the use of these technologies from third party service providers as de-identified, Individual-level Information or as Aggregate Information (as described in Section 4.c).
Google Analytics. Google Analytics may be used to perform many of the tasks listed above. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions). We have enabled the following Google Analytics Advertising features: Remarketing, Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting, and DoubleClick Campaign Manager integration. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings. To opt out of Google Analytics entirely please use this link.
Other Types of Information
We continuously work to enhance our Services with new products, applications and features that may result in the collection of new and different types of information. We will update our Privacy Statement and/or obtain your prior consent to new processing, as needed.
How we use your information
Juno Diagnostics will use and share your Personal Information with third parties only in the ways that are described in this Privacy Statement.
To provide you with Services and to analyze and improve our Services
We use the information described above in Section 2 to operate, provide, analyze and improve our Services. These activities may include, among other things, using your information in a manner consistent with this Privacy Statement to:
- open your account, enable purchases and process payments, communicate with you, and implement your requests (e.g., referrals);
- enable and enhance your use of our website and mobile application(s), including authenticating your visits, providing personalized content and information, and tracking your usage of our Services;
- contact you about your account, and any relevant information about our Services (e.g. policy changes, security updates or issues, etc.);
- enforce our TOS and other agreements;
- monitor, detect, investigate and prevent prohibited or illegal behaviors on our Services, to combat spam and other security risks; and
- perform research & development activities, which may include, for example, conducting data analysis in order to develop new or improve existing products and services, and performing quality control activities.
To process, analyze and deliver your genetic testing results
As described above, to receive results, you must create a Juno Diagnostics account, register your kit, and submit your blood sample to be analyzed by us or our third-party laboratory. Juno Diagnostics continuously works to improve our Services based on our research and product development, and developments identified in scientific literature.
To allow you to share your Personal Information with others
Juno Diagnostics gives you the ability to share information, including Personal Information, through the Services. You have the option to share directly with individuals with Juno Diagnostics accounts through our Forums, and other sharing features and tools. You may also have the ability to share information directly with individuals who have not participated in our Service via a unique, shareable URL or through a social media platform (such information is “User Content”). Some sharing features, including receiving sharing invitations, may require that you opt-out, however you will always be required to take a positive action, such as opting in, to share Personal Information.
You should be thoughtful about your sharing choices. Once you have chosen to share any Personal Information, the individuals with whom you share this information, may also use or share your Personal Information, including any Personal Information you choose to share.
To allow you to share your Personal Information for Juno Diagnostics Research purposes
You have the choice to participate in Juno Diagnostics Research by providing your consent. “Juno Diagnostics Research” refers to research aimed at publication in peer-reviewed journals. Juno Diagnostics Research may be sponsored by, conducted on behalf of, or in collaboration with third parties, such as non-profit foundations, academic institutions or pharmaceutical companies. Juno Diagnostics Research may study a specific group or population, identify potential areas or targets for diagnostic or therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on genetic research initiatives, or otherwise create, commercialize, and apply this new knowledge to improve health care. Juno Diagnostics Research uses Aggregate and/or Individual-level Genetic Information and Self-Reported Information as specified in the appropriate Consent Document, as explained in greater detail below.
Your De-identified Genetic and Self-Reported Information may be used for Juno Diagnostics Research if you have consented to this use by completing a Consent Document.
- Your Genetic Information and/or Self-Reported Information will be used for research purposes, but it will be de-identified and will not be linked to your Registration Information
- Juno Diagnostics may use individual-level Genetic Information and Self-Reported Information internally at Juno Diagnostics for research purposes.
- Juno Diagnostics may share summary statistics, which do not identify any particular individual with our qualified research collaborators and select third party research collaborators for Juno Diagnostics Research purposes.
Withdrawing your Consent. You may withdraw your consent to participate in Juno Diagnostics Research at any time by changing your consent status within your Juno Diagnostics Account Settings. Juno Diagnostics will not include your Genetic Information or Self-Reported Information in studies that start more than 30 days after you withdraw (it may take up to 30 days to withdraw your information after you withdraw your consent). Any research involving your data that has already been performed or published prior to your withdrawal from Juno Diagnostics Research will not be reversed, undone, or withdrawn. You may also discontinue your participation in Juno Diagnostics Research by deleting your Juno Diagnostics account (as described in Section 5.d.).
To provide customer support
When you contact us, we may use or request Personal Information as necessary to answer your questions, resolve disputes, and/or investigate and troubleshoot problems or complaints. In some instances, we may be required to process one customer’s Personal Information to resolve another customer’s dispute or request. For example, if a customer reports behavior that violates our Terms of Service, we will separately process both customers’ Personal Information and respond separately to each individual as appropriate. We will not share your Personal Information with another customer without your consent.
To conduct surveys or polls, and obtain testimonials
We value your feedback and may send you surveys, polls, or requests for testimonials to improve and optimize our Services. You are in control of the information you would like to share with us. If you do not wish to receive these requests, you can manage them in your Juno Diagnostics Account Settings.
To provide you with marketing communications
By creating a Juno Diagnostics account, you are agreeing that we may send you product and promotional emails or notifications about our Services, and offers on new products, services, promotions or contests. You may also opt-in to receiving similar notifications on the website or mobile application(s). You can unsubscribe from receiving these marketing communications at any time. To unsubscribe, click the email footer “unsubscribe” link or go to the “Preferences” section of your Juno Diagnostics Account Settings to edit your email notification preferences. To opt-out of receiving website and mobile notifications, you may do so within your browser or device settings. Please note, the opt-out process differs between web browsers and mobile devices. You may not opt-out of receiving non-promotional messages regarding your account, such as technical notices, purchase confirmations, or Service-related emails.
Information we share with third parties
- General service providers.
We share the information described above in Section 2 with our third-party service providers, as necessary for them to provide their services to us and help us perform our contract with you. Service providers are third parties (other companies or individuals) that help us to provide, analyze and improve our Services. While Juno Diagnostics directly conducts the majority of data processing activities required to provide our Services to you, we may engage some third-party service providers to assist in supporting our Services, including, but not limited to, in the following areas:
- Order fulfillment and shipping. Our payment processor processes certain Registration Information, such as your billing address and credit card information, as necessary to enable you to purchase a Juno Diagnostics kit from the online store. Our distribution centers ship your kit(s) to you, and in some cases help return your kit safely to us or to our third-party laboratory so your sample can be processed.
- Our CLIA-certified genotyping lab. To use our genetic testing services, you must purchase a Juno Diagnostics Service testing kit, and ship your blood sample to us or our third party laboratory. Once delivered, receiving personnel at the laboratory remove and discard kit packaging, which in some cases may contain “sender information” (e.g., name, address), before testing personnel receive the samples for processing. Receiving personnel do not perform testing, and testing personnel handle blood samples that are only identified by a unique barcode. For samples processed by our third-party genotyping laboratory, when the laboratory has completed their analysis, they securely send the resulting Genetic Information to us identified by your unique barcode.
- Cloud storage, IT, and Security. Our cloud storage providers provide secure storage for information in Juno Diagnostics databases, ensure that our infrastructure can support continued use of our Services by Juno Diagnostics customers, and protect data in the event of a natural disaster or other disruption to our Service. Our IT and security service providers assist with intrusion detection and prevention measures to stop any potential attacks against our networks. We have these third-party experts perform regular penetration tests and periodically audit Juno Diagnostics’ security controls.
- Marketing and analytics. When you use our Services, including our website or mobile app(s), our third-party service providers may collect Web-Behavior Information about your visit, such as the links you clicked on, the duration of your visit, and the URLs you visited. This information can help us improve site navigability and assess our Marketing campaigns.
NOTE: Our service providers act on Juno Diagnostics’ behalf. We implement procedures and maintain contractual terms with each service provider to protect the confidentiality and security of your information. However, we cannot guarantee the confidentiality and security of your information due to the inherent risks associated with storing and transmitting data electronically.
For individuals located in the Designated Countries: Where personal data are transferred to a third country or to an international organization, Juno Diagnostics implements appropriate safeguards, such as contractual obligations, relating to the transfer.
“Targeted advertising” service providers
We may share Aggregate Information with third parties. This Information is different from “Individual-level” information and is not Personal Information because it does not identify any particular individual or disclose any particular individual’s data. Juno Diagnostics will ask for your consent to share Individual-level Genetic Information or Self-Reported Information with any third party, other than our service providers as necessary for us to provide the Services to you.
As required by law
Under certain circumstances your Personal Information may be subject to processing pursuant to laws, regulations, judicial or other government subpoenas, warrants, or orders. For example, we may be required to disclose Personal Information in coordination with regulatory authorities in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Juno Diagnostics will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Juno Diagnostics may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Juno Diagnostics TOS and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of Juno Diagnostics, its employees, its users, its clients, and the public.
In the event that Juno Diagnostics goes through a business transition such as a merger, acquisition by another company, or sale of all or a portion of its assets your Personal Information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
Access to your account
We provide access to your Juno Diagnostics data within your Juno Diagnostics account. You can access and download data processed by Juno Diagnostics within your Juno Diagnostics Account Settings and within applicable Reports, Tools, and features. If you lose access to your Juno Diagnostics account, in certain circumstances, we may require that you submit additional information sufficient to verify your identity before providing access or otherwise releasing information to you. If you choose not to submit the required documentation, or the information provided is not sufficient for the purposes sought, Juno Diagnostics will not be able to sufficiently verify your identity in order to complete your request.
You may access, correct or update most of your Registration Information on your own within your Juno Diagnostics Account Settings. You may also review and update your consent to Juno Diagnostics Research. Please note that you may not be able to delete User Content that has been shared with others through the Service and that you may not be able to delete information that has been shared with third parties.
As noted in Section 3.g. you may be asked to opt-in to receive product and promotional emails or notifications when creating your Juno Diagnostics account or when using our Services. You may view or update your notification preferences for marketing communications by visiting your Juno Diagnostics Account Settings, opting out at the browser or device level, or by contacting our Privacy Administrator at firstname.lastname@example.org. You can also click the “unsubscribe” button at the bottom of promotional email communications, as applicable.
Sharing outside of the Juno Diagnostics Services
You may decide to share your Personal Information with friends and/or family members, doctors or other health care professionals, and/or other individuals outside of our Services, including through third party services such as social networks and third-party apps that connect to our website and mobile apps through our application programming interface (“API”). These third parties may use your Personal Information differently than we do under this Privacy Statement. Please make such choices carefully and review the privacy statements of all other third parties involved in the transaction. Juno Diagnostics does not endorse or sponsor any API applications and does not affirm the accuracy or validity of any interpretations made by third party API applications.
In general, it can be difficult to contain or retrieve Personal Information once it has been shared or disclosed. Juno Diagnostics will have no responsibility or liability for any consequences that may result because you have released or shared Personal Information with others.
If you no longer wish to participate in our Services, or no longer wish to have your Personal Information be processed, you may delete your Juno Diagnostics account and Personal Information within your Juno Diagnostics Account Settings.
Juno Diagnostics implements physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your Personal Information. Our team regularly reviews and improves our security practices to help ensure the integrity of our systems and your information. These practices include, but are not limited to the following areas:
- Encryption. Juno Diagnostics uses industry standard security measures to encrypt Personal Information both at rest and in transit.
- Limited access to essential personnel. We limit access to Personal Information to authorized personnel, based on job function and role. Juno Diagnostics access controls include multi-factor authentication, single sign-on, and strict least-privileged authorization policy.
Your Responsibility. Please recognize that protecting your Personal Information is also your responsibility. We ask you to be responsible for safeguarding your password, and other authentication information you use to access our Services. You should not disclose your authentication information to any third party and should immediately notify Juno Diagnostics of any unauthorized use of your password. Juno Diagnostics cannot secure Personal Information that you release on your own or that you request us to release.
Juno Diagnostics is committed to protecting the privacy of children as well as adults. Neither Juno Diagnostics nor any of its Services are designed for, intended to attract, or directed toward children under the age of 18.
Juno Diagnostics provides links to third party websites operated by organizations not affiliated with Juno Diagnostics. Juno Diagnostics does not disclose your information to organizations operating such linked third-party websites. Juno Diagnostics does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage you to read the privacy statements of each and every website that you visit. This Privacy Statement applies solely to information collected by Juno Diagnostics and our service providers on our behalf.
Pursuant to the California Consumer Privacy Act of 2018, California residents are afforded certain additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit our Privacy Notice for California Residents.
Changes to this Privacy Statement
Juno Diagnostics modifies this Privacy Statement from time to time. We recommend revisiting this page periodically to stay aware of any changes to this Privacy Statement. If we modify this Privacy Statement, we’ll make it available through our website. Whenever material changes to this Privacy Statement are made, we will provide you with notice before the modifications are effective, such as by posting a notice on our website or sending a message to the email address associated with your account.
By continuing to access or use the Services after changes to this Privacy Statement becomes effective, you agree to be bound by the revised Privacy Statement. If any changes are unacceptable to you, you may stop using our Services and delete your account at any time.
We also may provide additional “just-in-time” disclosures or additional information about the data collection, use and sharing practices of specific Services. Such notices may supplement or clarify our privacy practices or may provide you with additional choices about how Juno Diagnostics processes your Personal Information.
If you have questions about this Privacy Statement, or wish to submit a complaint, request or inquiry, please email Juno Diagnostics’ Privacy Administrator at email@example.com, or send a letter to:
Juno Diagnostics, Inc.
11535 Sorrento Valley Rd, Suite 407
San Diego, CA 92121