LunaDNA Privacy Policy

OUR PHILOSOPHY

  • The privacy and security of LunaDNA member data is of the utmost importance.
  • LunaDNA is a community comprised of members united by the principles that (1) aggregated genomic and related health data have the potential to radically improve healthcare outcomes and (2) those who share their data for discovery studies own and control their data and should be compensated for the use of their data.
  • As we do not own your data, we will not sell, lease, or rent your data to any third-party. We will, through our management company, LunaPBC, enter into agreements to use de-identified, aggregated data for ethical research studies. The proceeds from these contracts will be paid back to the LunaDNA members less a management fee to LunaPBC.
  • We understand and respect the sensitive nature of the information you may provide to us, and we strive to be transparent in our collection, use and disclosure of this information and to ask for your explicit consent to share such sensitive information with third-parties.
  • We are committed to providing a secure, private, and safe environment for our Services.

KEY DEFINITIONS

  • Administrative Information. Information that you provide to create your LunaDNA account, including name, email, etc. as well as communication between you and LunaDNA that are administrative in nature, i.e. not directly related to genetic or phenotypic research.
  • Aggregated Data. Data that has been shared by a LunaDNA member and combined with data shared by other members in order to provide enough scientific evidence to be meaningful while minimizing the likelihood of exposing individual information.
  • De-identified. Separation of all personal information from the genetic, health and other member data so that the data cannot be linked back to the individual.
  • Genomic. The complete set of genes or genetic material present in an individual.
  • Genomic Data. Information that a member shares with LunaDNA based on previous genetic tests that they have received. These may include consumer tests, such as 23andMe, Ancestry or others, or physician-ordered tests.
  • Health Data. Information that a member shares based on their medical history. This may include electronic health records (EHRs) from healthcare providers, hospitals, diagnostic labs, etc., health surveys, and other information collected from integrated apps and devices that the member authorizes to share with LunaDNA.
  • Personal Information. Personal Information is information that can identify you, either alone or in combination with other information. This includes Protected Health Information that is identified under HIPAA (Health Insurance Portability and Accountability Act of 1996), as well as account information (name, email address, password, etc.).

HOW WE SHARE/USE YOUR DATA

LunaDNA collects information when you register an account, contribute data, self-report information through surveys, forms, features or applications, use social media connections and features, refer your contacts to us, share information through various interactions with us and our partners, and also via cookies and similar tracking technologies.

LunaDNA will use your data (1) for population-level research using aggregated, de-identified data based on your consent at account creation, (2) to determine your eligibility for targeted research by third-parties (if you have chosen to opt-in to direct-research initiations in settings, (3) to improve LunaDNA’s services, and (4) as otherwise required by law.

  1. Population-Level Research: LunaDNA or a contracted third-party may perform population-level research based on a pre-defined study design. Based on the parameters of the study, a subset of aggregated, de-identified data is populated in a private compute environment still within LunaDNA's secure cloud service in order to complete the analysis required by the study design. This population-level research may have various purposes including the advancement of genomic science, identifying links between genomics and disease or other conditions, etc. The Genomic and Health data is only identified based on a unique identifier independent from your Personal Information.
  2. Targeted Research Participation: In some situations (i.e. clinical trial recruitment), the third-party may be interested in contacting members directly. LunaDNA enables this via an anonymous, automated process, which allows the third-party to invite you into a direct communication (but the third-party still has no knowledge of the your Personal or Administrative Information). It is then your choice whether you will engage in direct contact with the third-party or not. Preferences to receive these invitations can be turned on or off within your account settings page. The invitation list is typically determined by either LunaDNA or the third-party querying the database, again using the unique identifiers linked to Genomic and Health Data, and based on specific parameters defined by the third-party.
  3. Advertising: LunaDNA may display advertisements to you on our website. These advertisements will be chosen because LunaPBC believes that they will create value for members. They advertisements may or may not be targeted for you based on information that LunaDNA collects. If advertisements are targeted for you based on information that LunaDNA collects, they will be displayed in such a way that neither LunaDNA nor the advertiser will know which particular user or users are receiving the advertisements, unless a user identifies themselves by answering or otherwise responding to the advertisement.
  4. Improving LunaDNA Services: LunaDNA may use the information it collects to improve its services, for example, improving the design and structure of its database. However, it will only use de-identified Genomic and Health Data for this purpose.
  5. As Required By Law: LunaDNA may use or disclose any information it collects as required by law, for example, in responding to a court-issued subpoena. However, we believe the steps LunaDNA takes to protect your information, such as its data segregation architecture which does not allow for re-identification of Genomic and Health Data without the consent of the member provides substantial protection to contributors in these situations. Where allowed by law and where reasonably possible, we will notify members in advance of any such proposed use or disclosure of your data.

YOUR CHOICES

At LunaDNA, we believe that the individual owns their data. All information in LunaDNA only includes what members voluntarily authorize to share with LunaDNA.

  1. Consent: At any time, you can choose to revoke your consent. If you revoke your consent, your shared data is no longer usable for future research. See below for removal of data from research use. Please note: consent is required to be a member in LunaDNA and revoking your consent will cause you to forfeit your LunaDNA shares. We believe this is the best way to be fair to other members of LunaDNA who have not revoked access to their data.
  2. Remove Data: At any time, you can choose to remove some or all of your data. If you remove your data, it is no longer usable for future research. See below for removal of data from research use. Please note: LunaDNA will recover shares from your account based on the amount of data you remove.
  3. Removal of Data from Research Use: If you remove consent or some or all of your data, within 30 days from receipt of your request, LunaDNA will prevent that data from being used in any new research, and you can choose to remove your data from ongoing research analysis activities. Any research on your data that has been completed or published prior to this date will not be reversed, undone, or withdrawn.

SECURITY & PRIVACY MEASURES

LunaDNA takes the security and privacy of your data very seriously. LunaDNA uses all reasonable technical, physical, and administrative controls to protect member Personal Information, Genomic, and Health Data from unauthorized access or disclosure and to ensure the appropriate use of this information.

All Genomic and Health Data is anonymized (or de-identified) so that the information does not identify you based on individual pieces of information or combinations of information. Your Personal Information is removed, such that you cannot be reasonably re-identified as an individual. Each type of data is uniquely tagged with a sequence of characters that is determined by a one-way hash function, designed in such a way that it is incredibly difficult to reverse engineer the given value. This disaggregated data is stored across separate private, cloud storage sites, which increases the barriers for anyone trying to access any member’s complete data profile. LunaDNA leverages Amazon’s HIPAA compliant infrastructure and has a business associate agreement (BAA) with Amazon cloud services based on the Office of Civil Rights guidance.

We maintain a high level of data protection via safeguards such as data backup, audit controls, access controls, and data encryption. Our site and application program interfaces (APIs) use Secure Socket Layer / Transport Layer Security (SSL/TLS) technology to encrypt all connections to and from our site and APIs to enhance security of electronic data transmissions. Additionally, we use the latest standards and processes for securing and encrypting all member information at rest.

The member is in control of the selection and safety of their own password, but LunaDNA has put measures in place to assist. Additionally, LunaDNA requires two-step verification for members creating their LunaDNA account, and provides an optional two-factor authentication for member's to enable.

Children's Privacy. LunaDNA is not designed for, intended to attract, or directed toward children under the age of 13, and does not accept contributions of any information or data from children under the age of 13.

California Privacy Rights. California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. LunaDNA will never share your personal information without your explicit approval. If you have any questions, please send an email to privacy@lunadna.com or write us at: 415 South Cedros Suite 260, Solana Beach CA, 92075.

COOKIE POLICY

This cookie policy explains how LunaDNA uses cookies and similar technologies when you visit our website or any other websites, pages, features, or content we own or operate,and/or interact with LunaDNA online advertisements or marketing emails. We encourage you to read the full policy so that you can understand what information is collected using cookies and how LunaDNA uses that information

WHAT ARE COOKIES?

Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. To learn more about cookies, including how you can turn them off, you can visit allaboutcookies.org.

USE OF COOKIES ON OUR WEBSITE

We use cookies to collect information about your online preferences.

We use the following categories of cookies on our website:

STRICTLY NECESSARY COOKIES

These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services you have asked for such as remembering your login details cannot be provided.

PERFORMANCE COOKIES

These cookies collect anonymous information on how people use our website. For example, we use Google Analytics cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, data uploading experience and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established.

FUNCTIONALITY COOKIES

These cookies remember choices you make such as the country you visit our website from, language and search parameters such as size, colour or product line. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

TARGETING OR ADVERTISING COOKIES

These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers.

To learn more about advertising cookies and to control your preferences, visit aboutads.info

DELETING OR BLOCKING COOKIES

One of the great things about cookies is that you can control how they are used on your browser. To learn more about clearing and managing cookies, visit allaboutcookies.org/manage-cookies/clear-cookies-installed.html

CHILDREN'S PRIVACY

LunaDNA is not designed for, intended to attract, or directed toward children under the age of 13, and does not accept contributions of any information or data from children under the age of 13.

California Privacy Rights

California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. LunaDNA will never share your personal information without your explicit approval. If you have any questions, please send an email to privacy@lunaDNA.com or write us at: 415 South Cedros Suite 260, Solana Beach Ca, 92075.

CONTACT INFORMATION

LunaDNA, Inc.
415 S. Cedros Avenue
Solana Beach, CA 92075
Email: privacy@lunadna.com

CHANGES TO THESE TERMS

LunaDNA cannot foresee all of the potential applications of the data it collects, particularly in a rapidly developing field such as genomics. Therefore, LunaDNA reserves the right to update the privacy statement from time to time. However, before implementing any changes, LunaDNA will first notify you of the proposed changes and give you the opportunity to remove access to your data if you do not want to be bound by the revised terms. If you do not remove access to your information, you agree that you will be bound by the new terms. You are responsible for ensuring that your contact information (i.e. email listed on your profile page) remains up to date.

Effective September 24, 2018