At OneOme, LLC (“OneOme”) the privacy of our patients and those using our services is very important to us. OneOme delivers information that helps healthcare providers and patients (collectively referred to herein as “you” and “your”) make more informed, individualized treatment decisions through the use of our pharmacogenomic tests (“Tests”). In addition, you may have access to a third-party healthcare provider network arranged for and/or made accessible to you through OneOme (“Provider Network Program”). Ultimately, the results of the Test (“Results”) are delivered to the provider or the patient through our Provider and Patient Portals (“Portal”) or by other secure channels as requested by the provider and or patient. Collectively, the Tests, Provider Network Program, Results and Portals comprise the OneOme Service(s) (“Service(s)”).

For healthcare providers and patients who use the Tests: individuals provide a DNA sample in the form of a cheek swab or blood sample which is delivered to OneOme. OneOme then runs the Test on the DNA sample and provides the healthcare provider and/or the patient with the Report containing the test results by making the Report accessible on the Portal.

This privacy policy (“Policy”) is designed to inform you of how OneOme collects, uses, stores, processes and transfers your information when Services are provided and when you use our website at www.oneome.com. OneOme will not share your personal information with any third parties without your permission, except as provided in this Privacy Statement. If you do not agree with the terms of this Privacy Statement, please do not access or use the Services.

OneOme’s Notice of Privacy Practices is available here: Notice of Privacy Practices. This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

You acknowledge that you have reviewed this Privacy Policy and accept its terms when registering to use the Services, and you have expressly consented to our use of your personal information as stated in this Privacy Policy. You may withdraw your consent to the use of your personal information by sending your written request to privacy@oneome.com. OneOme’s continued use of your personal information, after you withdraw your consent to its use, may be required for OneOme to comply with applicable laws and regulations.

We will change this Privacy Policy periodically. We will not reduce your rights without your consent. The date at the end of this Privacy Policy indicates when the most recent changes to this Privacy Policy were posted.

Information collected and how we use it

Information Collected Via the Website

When you visit our website, we automatically obtain certain information about you from your computer. This information may include:

  • The name of the domain from which you access the Internet;
  • The Internet Protocol address (“IP Address”) of the computer you are using;
  • The type of browser and operating system you are using;
  • The date and time you access our website;
  • The internet address of the site from which you linked directly to our website;
  • The pages on the website you have visited;
  • The search terms you use; and
  • The links on which you click.

OneOme may keep and use your personal information that we have collected through this website to personalize your experience with this website. We may also keep and use your personal information to:

  • provide you with requested technical support;
  • remind you of our terms of service;
  • contact you with information that might be of interest to you about our Services;
  • use for analytical purposes and to research, develop and improve programs, products, services and content;
  • (if you are a U.S. healthcare provider), link your name, National Provider Identifier (NPI), state license number, and/or your IP address to web pages you visit, for compliance, marketing, and sales activities;
  • enforce this Privacy Policy and other rules about your use of this website to protect someone's health, safety or welfare;
  • protect our rights or property; and
  • comply with a law or regulation, court order or other legal process.

Cookies and Web Beacons

At OneOme, we collect and maintain information you provide directly to us as well through automated means, specifically through the use of Cookies. We collect information about your use of the Website and Services through the use of Cookies. Cookies are small files that a software application stores on your computer’s hard drive or other memory for record-keeping or other administrative purposes.

If you are concerned about the use of cookies, you can choose to enable a feature in your browser that will erase cookies, block all cookies, or warn you before cookies are stored or exchanged on your system. If you reject cookies, you may not have access to all features or functionality offered by the Software. To learn more about our use of Cookies, and how you can control the collection of information by limiting the use of Cookies, please visit our cookie policy.

Personal Information Collected through the Services

OneOme collects, stores and uses personally identifiable information including, date of birth, payment information (e.g., credit card) and contact details such as email address, phone number, shipping/billing address, and contact preferences when they are voluntarily submitted to us for purposes of considering or ordering Tests, receiving Services and/or when you register for updates, or contact us via the website or other channels.

OneOme may use this information to contact you for administrative communications, including contacting you by email or phone to:

  • notify you when a healthcare provider has ordered Services on your behalf;
  • collect payment for the Services;
  • communicate with you in connection with rendering the Services (e.g., notify you that a Report is available in the Portal), and
  • provide you with information about OneOme, the Provider Network Program; or
  • provide you with information that OneOme believes may be of interest to you.

In addition, OneOme may send you promotional communications, including updates on products and services offered by OneOme. You have the ability to opt-out of receiving promotional communications by updating your account settings or by following the unsubscribe instructions within any promotional communication you receive from OneOme.

Sharing Personal Information with Third Parties

To facilitate the Services, OneOme may share some personal information with third parties that we engage to perform services or functions on our behalf. For example, we may use different vendors or suppliers to ship products that you order on our website. In these cases, we provide the vendor with the required personal information to process your order such as your name and mailing address. When we share your personal information with our third-party partners, we do not authorize them to use, share or disclose your personal information with others for purposes other than the provision of services they have been retained to provide.

OneOme will not sell or rent your personal information to any other company or organization. Information about you, including personal information, may be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy or receivership in which information is transferred to one or more third parties as one of our business assets.

Linked Websites

The website may contain links to third party external websites. OneOme does not maintain these third-party websites and is not responsible for the privacy practices of third party or external websites. Please refer to the specific privacy policies or statements posted on any third-party or external websites you choose to access.

Personal Information Provided by Healthcare Providers

Healthcare providers, whether directly engaged by you as patient, or through our Provider Network Program, may provide us with information about their patients and their practices, including NPI numbers, address, phone number, email, and the name, job title, and contact information of other providers involved in an individual’s care.

Aggregate Data Collection

OneOme, and our third-party partners, track visits to our website, contacts with the Provider Network Program, and use of the Services to compile anonymous aggregate statistics. OneOme uses various technical measures to gather and anonymize these statistics to mask them from being associated with any particular individual. This tracking is necessary to help us customize and continually improve our users’ experience, to provide you with access to a healthcare provider from the Provider Network Program should you choose that option, to gather demographic information about our user base and the visitors to our Website, to offer our products and services, to monitor and track our marketing programs, and to serve targeted advertising on our website and on other websites around the Internet.

California Residents and Your Rights Under the California Consumer Privacy Act Of 2018 (“CCPA”)

California Civil Code Section 1798.83 permits users who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. OneOme, through our website or through the provision of Services, may have collected information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household (“personal information”). To learn more about the personal information we may have collected and what your rights are under the CCPA please review our Notice to California Residents under the CCPA.

Residents from Outside the United States

At OneOme, we are committed to being transparent with our customers regarding our privacy practices and compliance with the European Union (“EU”) privacy regulations the General Data Protection Regulations (“GDPR”), the United Kingdom (“UK”) Privacy Act of 2018, and other applicable data privacy regulations globally. In certain situations, OneOme may transmit personal information collected on this website and through the use of the Services to our affiliates or third-party service providers in other countries, but at all times such data transfer will be in furtherance of the purposes set out in this Privacy Policy. If personal information is transmitted from Europe to other countries. we will ensure that all personal information will be transferred with safeguards equivalent to those provided by the European data protection laws. For more information on the safeguards implemented by OneOme, please review our GDPR Privacy Practices Statement.

Children

If you are under the age of 13, you must obtain the authorization of a responsible adult (parent, legal custodian, or teacher) before using or accessing the Site. We will not knowingly collect or use any personal information from any children under the age of 13. If we become aware that we have collected any personal information from children under 13 without their parent or guardian’s consent, we will promptly remove such information from our databases.

Provider and Patient Portals

Tests and Services are ordered by healthcare providers and their authorized representatives pursuant to compliance with the OneOme Terms of Service (www.oneome.com/terms). The OneOme Portal is used for the storage and transmission of Protected Health Information between OneOme, healthcare providers, patients, and their authorized representatives. OneOme’s Notice of Privacy Practices is available here: Notice of Privacy Practices. This notice describes how medical information about you may be used and disclosed and how you can request access to this information. Protected Health Information is used in accordance with the Health Information Portability and Accountability Act (HIPAA) and applicable international, federal and state laws governing patient privacy and protected personal information. Protected Health Information may only be used by or disclosed to your healthcare provider for purposes of treatment and other authorized purposes as stated in the Terms of Service. Information accessed through use of the Service, including Protected Health Information, is secured using administrative, physical and technical safeguards.

User Credentials for Services

You will be issued a secure user ID and have the opportunity to set up your password for access to the secure OneOme Portal and OneOme Services. Individuals with user IDs are solely responsible for the maintenance and security of their individual user ID and password. You also agree that you will be solely responsible for any activities conducted in connection with the Portal and the Services. User IDs and passwords are personal, unique to each individual user, and should never be shared with or disclosed to anyone other than the designated user.

It is your obligation and responsibility to ensure that you keep your user ID and password for the Portal and Services strictly confidential and you are responsible for any and all actions taken using your accounts and passwords. You are also responsible for immediately notifying OneOme at privacy@oneome.com of any known or suspected unauthorized use of your user ID and/or password of which you become aware.

Information that you provide to OneOme through our Services is encrypted using industry standard Secure Sockets Layer / Transport Layer Security (SSL/TLS) technology, with the exception of information you send to us via email. Your information is processed and stored on controlled servers with restricted access. Unfortunately, due to factors outside our control (patient-owned computers infected with malware, etc.), we cannot ensure or warrant the security of any information you transmit, and you therefore understand and agree that you do so at your own risk.

Individual Choices

You may choose to decline to share certain personal information with OneOme. In some cases, we may not be able to provide you with some of the features and functionality of the Service without that information. You may request to remove, amend, modify or transfer your personal information by contacting us at privacy@oneome.com.

In addition, at times you may have an opportunity to elect to receive certain communications, including emails, from us. If you choose to stop receiving such communications at any time, you may unsubscribe by following the instructions found within each communication sent by OneOme. Please be aware that, if you opt-out of receiving email from us, it may take up to ten (10) business days for us to process your request and during that time you may receive promotional communications from us that you have opted-out from during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the Services.

Many data processing operations are only possible with your express consent. You may revoke your consent at any time by sending written revocation of your consent to the processing of your data to OneOme at privacy@oneome.com. All data processed before OneOme receives your revocation of consent will be considered legally processed with your consent. In addition, you may request that all of your data be removed from OneOme’s systems and processes by sending written request for removal and destruction of all your data to OneOme at privacy@oneome.com. Upon receipt of such a request OneOme will take all steps necessary to completely and permanently remove all of your data unless we are unable to do so for legal, compliance or other legitimate reasons.

Right to File Complaints with Regulatory Authorities

If you believe that OneOme has violated any applicable data protection legislation pertaining to your personal information, you may file a complaint with the pertinent regulatory authorities within your jurisdiction.

Right to Data Portability

You have the right to request that all your personal data which OneOme maintains within its processes or system based on your consent or in fulfillment of a contract, be automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible. To make such a request you must contact OneOme in writing, requesting that OneOme gather all of your personal information, by sending an email to privacy@oneome.com.

Governing Law

Our Services are controlled and operated by OneOme. By choosing to visit our website, use any of the Services, or provide your personal information to OneOme, you agree that any dispute over privacy or the terms contained in this Privacy Statement will be governed in accordance with the governing Dispute Resolution and Arbitration provisions of the OneOme Terms of Service found at WWW.ONEOME.COM/TERMS. If you are accessing our Website or Services from any location with regulations or laws governing personal data collection, use or disclosure that differ from United States (“U.S.”) laws or regulations, please note that through your continued use of the website or our Services, you are transferring personal information to the U.S. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the website and our Services. By providing any information, including personal information, on or to the website and the Services, you consent to such transfer, storage, and processing.

Updates to the Privacy Policy

OneOme may revise this Privacy Policy from time to time. All updates will be posted on this website at www.oneome.com/privacy. Please check the website for the most current version of our Privacy Policy. Your continued use of the website after we have posted notice of the change in our Privacy Policy on the website constitutes your acceptance of such changes. If any term or condition in this Privacy Policy is found to be or becomes illegal, invalid or unenforceable in any jurisdiction, that shall not affect the validity or enforceability of any other provision in this Privacy Policy or the OneOme Terms of Use.

Contact Information

Please contact us with any questions or comments about this Privacy Policy, our use and handling of your personal information, our use of third-party partners, your choices and rights regarding the use and disclosure of your personal information by emailing us at privacy@oneome.com or by calling OneOme at +1 (844) 663-6635 (U.S. toll free).

Page updated as of: June 30, 2020