Definitions

We/Us/Our/GGC means General Genetics Corporation.

You/Your/Yourself means the User of the Website.

Welcome to the website of General Genetics Corp. (“GGC”). The website is operated by GGC whereby it provides information in relation to the range of DNA testing services (the “Services”) that are offered by the company.

This Privacy Policy sets out how we deal with your personal identifiable data (“Personal Data”) as well as other information that we collect from the Users of the website and from those that sign up for our Services. GGC respects your privacy and seeks to protect your personal data. In this Policy, we shall explain our practices for collecting, using, maintaining, protecting and disclosing such data. This Privacy Policy applies to data we collect through:

(i) the signing up to our Services,

(ii) text and electronic messages between you and GGC and

(iii) any other means of communications used.

Privacy Compliance

By accessing any areas of the Website, You agree to be bound by this Privacy Policy set forth below. In this respect, kindly refrain from subscribing to our Services, if you do not find yourself in agreement with this Privacy Policy and with our requirement to collect personal data on yourself.

The said Privacy Policy is in line with the General Data Protection Regulation and we reserve the right to update this Privacy Policy at any time as we deem necessary. It is in your interest to read our Policy every time you access our website in order to be aware of any amendments carried out. If you do not find yourself in agreement with any revised sections of the Policy, kindly send your queries at dataprotection@ggc-dna.com. The date when this Policy has been last updated shall be found at the beginning of the Policy.

 

–  What kind of information do we collect about you?
–  How do we use your information?
–  Disclosure and transfer of information
–  Updating or correcting your personal data/ rights of the data subject
–  Lawful bases for processing
–  Information obtained as data processors
–  Data security
–  Direct marketing
–  Payments
–  How do you contact us with questions?

What kind of information we collect about you

We collect several types of information about visitors to our website and/or users of our Services. This information may be gathered automatically when you browse through our Websites or else directly from you when you choose to sign up for our Services. Indeed:

(a) We will collect and process your personal data when you either register for a Service or else when you submit your feedback, even through other means of communication. The information we shall ask for shall depend upon the activity and the use thereof of the Services (e.g. paying for the Service). If you do not provide the data which would be needed for a particular activity, then you will not be able to engage and use that activity.

We also collect your Internet Protocol (“IP”) address. We use your IP address to diagnose problems with our servers and/or software, to administer our Services, and to gather demographic information.

(b) We may collect certain information that does not by itself identify a specific individual. Such information tells us about your equipment, browsing actions and the resources that you access and use through the Services, such as your operating system and browser type. We use analytics and similar services, as explained in our Cookie Policy, to help us deliver a better and more personalized service to users by enabling us to estimate usage patterns, customize our Services according to your individual preferences, and speed up your searches.

(c) When you contact us for customer support we may collect additional information to resolve your issues.

(d) Our website and Service are not targeted at children or those under the age of 16. Therefore any individual under this age is not allowed to use our website or any of our services.

How we use your information

We use the personal data you provide in a manner that is consistent with this Privacy Policy and for the reasons for which it was primarily collected. In the event that the data will not be used for the intended purpose you will be advised in advance. We will process any personal data supplied to us by yourself, whether orally or in writing, for all or any of the following purposes: To provide you with the Service you would have signed up for and to perform our obligations according to the terms of the agreement which would be entered into between you and us.

 

  • To communicate with you about the Service you would have ordered. For example, if you contact us via email we will use the data to address your questions or troubleshoot any issues.
  • GGC and its subsidiaries may also use your Personal Data and other personal non-identifiable information collected to help us to better understand our users and to improve the Services.
  • In other ways described in the said Policy or to which you have consented or otherwise requested.
  • In order to establish, exercise or defend any legal action.
  • For the protection of our legitimate interests and the proper conduct of our business.
  • We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information you’ve provided to them or they’ve collected from your use of their services.
  • As may be allowed or required by or under any law.

Further to the above, kindly note that data collected is not used for any e-mail, mail shots, newsletters or mass mailing marketing purposes. However, should we decide to use data for the said purpose, this would only occur after obtaining the required consent from you.

Disclosure and Transfer of Information

Data can be disclosed or shared with our employees in order to provide you with the Service signed up for. Data shall not be disclosed to unauthorised personnel.

When you complete and forward to us an online form which includes the information of another person, you confirm that you are giving your explicit consent on behalf of yourself and all other persons specified in the form. You would need to bring the said Privacy Policy to the attention of the other persons and would have also obtained their respective consent.

Through the use of our Services as well as through the direct or indirect collection of personal data, you are hereby acknowledging an accepting that GCC may  be required to share your  personal data with third parties, whether the latter are directly or indirectly related to GCC, in order to provide the Service required by you. The data will only be shared in ways set forth below.

This transfer may include, but is not limited to:

(a) Service providers: We provide and support some of our Services through contractual arrangements with service providers and other third parties. We and our service providers use a technology called ‘cookies’ which is a piece of software that enables us to collect data about how the website and services are being used and to manage them more efficiently as well as data is collected to deliver Services. For example, we may share your information with our Third Party Agents (TPAs), virtual offices or the testing laboratories so as to provide you with the Service. The company is represented in some countries by authorized TPAs who may require your data in order to provide you with the Service. The laboratories we work with may also have access to your data to provide the Service. This data is then stored or disposed according to laboratory’s standard operating policies.

(b) Cross-border: Due to the company’s international operations, we may transmit client data across borders to other countries to our affiliates, subsidiaries, service providers and authorised TPAs as necessary to provide the Service.

(c) Legal Requirements: If required to do so by law or in good faith belief this action is necessary we may have to disclose your Personal Data to (i) comply with a legal obligation, (ii) protect and defend the rights or property of GGC, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

(d) Business Continuity : Should GGC enter into the sale of all or part of its assets, we reserve the right to include your data, including personal data, among the assets transferred to the acquiring or surviving company.

It is worth highlighting that data sent via the internet can be transmitted across international borders even when the sender and the received of the data are located in the same country. Thus, your data can be transmitted through a country that has a lower level of data protection than that existing in your country of residence.

Updating or Correcting your Personal Data/ Rights of the Data Subject

As a data subject, you are entitled to certain rights. Indeed, it is your right to be able to oversee the use of your personal data we have about you, including the ability to:

 

  • Amend or Rectify Data: You can contact us to edit your personal data especially if it is inaccurate. Under certain circumstances we may request proof to back up this request.
  • Delete Data: You have the right to request that we delete all or some of your personal data particularly if it is no longer required to provide the Service to you or the Service has been concluded. There are however certain restrictions where this may not apply such as for example in the event of a test performed under Legal/Chain of Custody conditions.
  • Right to Access and/or Take Your Data: You have the right to request a copy of your personal data on file in a machine readable format.

We will process any request by you to amend, delete or modify your information within 30 days from your request.

All requests made will be considered in light of the nature of the Service and commitments we have entered into, our obligations to store data and any applicable laws.

You can request modifications, deletion, or information about your personal data by sending a data request via email to dpo@ggc-dna.com or writing to us at any of our local offices or branches worldwide.

Lawful Bases for Processing

In order for data to be processed, certain data protection principles need to be adhered to. Once of the said principles, is indeed the lawfulness behind the processing itself. There are various lawful grounds to process data. Indeed, one of the grounds is consent. Data can be processed for the performance of a contact to which the data subject is a party. We would only process data if such processing is based on a lawful ground.

Where the basis for processing is consent, explicit consent will be requested from the participants. Where the basis is contract, then you will be asked to agree to the terms of the contract and provide all the necessary personal data to allow us to provide the Service and fulfil our contractual obligations.

Where the basis for processing your personal data is legitimate interests, whether ours or that of third parties, this will only be undertaken on the basis that such interests are not overridden by the data subject interests or fundamental rights and freedoms. Examples of legitimate interests include complying with local legislation and in the face of possible threats to us or yourself (e.g. bank fraud, chargebacks etc.)

If processing of data is based on consent, it is your right to withdraw your consent at any time after it was given. You can contact us via email at dataprotection@ggc-dna.com to find out more about your right to withdraw consent or object.

Information obtained as Data Processors

In certain occasions we shall process data that shall be provided by the TPA, thus we shall be considered as the data processors in the said occasions. We will use the data as required to comply with our legal obligations with these data controllers who will, in turn, have their own privacy policy covering the use of your data. We recommend that you contact the data controller directly if you have questions about how they handle any personal data.

Data Security

We have taken all necessary precautions to ensure that we protect your data to the best of our abilities. Indeed, we have implemented security policies, rules as well as technical measures to protect your personal data. Nonetheless, the Internet is not a secure medium and thus data sent through the Internet can be subject to unauthorised acts by third parties which we shall not be held liable of. Thus, we shall not accept any responsibility or liability for the security of your data while the latter is in transit through the Internet.

Should we believe that any of your personal data in our control has been compromised we will inform you via the contact details provided by yourself and primarily using your email address if it has been provided.

Direct Marketing

We currently do not share personal data with third parties for any mass email or mail marketing purposes. In the event we decide to share this information this would only happen once we have obtained your permission beforehand.

We currently advertise online and use cookies, specifically first party cookies for Google Analytics and other first-party identifiers, and third party cookies such as Google Advertising cookies to inform, optimize, and serve ads based on past visits to our website. More specifically we utilize Google Analytics to implement a specific feature called remarketing. Remarketing is a feature of Google’s AdWords that uses a visitor’s previous visit to our site to specifically target their interests and optimise the delivery of the ad’s content.

For more information about remarketing lists in Google Analytics please visit the following site –https://support.google.com/analytics/answer/2611268.

If you would like to opt-out of Google Analytics for display advertising you may do so by using the Ads Preferences Manager.

There is also a Google Analytics opt-out browser add-on that you can download at https://tools.google.com/dlpage/gaoptout/. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

We may work together with a third party to manage our advertising on other sites. Through the use of cookies they may gather information about your activities on this website to match the advertising they provide you with personal interests they determine through your browsing patterns. If you do not wish this information used for this purpose, you may opt-out by clicking here – http://preferences-mgr.truste.com/  (or if located in the European Union click here – http://www.youronlinechoices.eu/

If you do not agree with the usage of Google Analytics, kindly opt out as per the above mentioned options.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

PayPal

Their Privacy Policy can be viewed at – https://www.paypal.com/webapps/mpp/ua/privacy-full

Endeavour Secure Payment Gateway

Their policies can be viewed at – https://www.cardpaydirect.com/CardPayDirect/web/footer/Privacy.htm

How do you contact us with questions?

For any questions or complaints regarding this Privacy Policy, we invite you to email us directly at dataprotection@ggc-dna.com or contact our Customer Support.

If contacting us does not resolve your complaint you have more options. Residents in Designated Countries may also have the right to contact our Data Protection Officer at dpo@ggc-dna.com

Residents in Designated Countries may have additional rights under their laws and should refer to their local data protection organisation for guidance.

Registered corporate address:

General Genetics Corporation,

2711 Centerville Road, Suite 400, Wilmington, New Castle County, Delaware 19808, USA.