fbpx

VIDACHECK LLC
PRIVACY POLICY

Last updated: April 29, 2020

INTRODUCTION:

VidaCheck, LLC (“VidaCheck”) and its affiliate, Quansys Biosciences, Inc. (“Quansys”), are in the business of providing serological antibody tests to companies and individuals for personal use. Individuals register online to receive these testing services and provide VidaCheck with the necessary consents and approvals. VidaCheck shares the test samples and information received from customers with Quansys. Quansys performs the lab testing and analysis of the serological antibody tests, and then provides the results to VidaCheck to distribute to the individual customers. In this Privacy Policy, “we” and “our” refer to both VidaCheck and Quansys.

VidaCheck and Quansys respect your privacy and are committed to protecting it. Please read this Privacy Policy carefully to understand how we collect and use your personal information and data. This Privacy Policy covers all Personal Information that we receive from various sources, as outlined below. By using or accessing our websites in any way, or by engaging in transactions with us through any other means, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent to our collection, use and disclosure of your information in the manner described herein. If you do not agree with this Privacy Policy, please do not use this website or transact business with us.

For purposes of this Privacy Policy, “Personal Information” may include any information that can be used to identify or locate you, such as your name, address, IP address, mailing address, contact information, email address or phone number and other information you may produce to us. Both federal and state law in the United States define Personal Information or Personal Data, as do the laws of Canada, the European Union, and other countries and jurisdictions. This Privacy Policy is intended to include the most expansive definition. However, please recognize that your rights related to Personal Information, and how Personal Information is defined, differs somewhat from state to state and country to country. For example, a California resident likely has different rights than a Utah resident, and each of them likely has different rights than a resident of Canada.

Protected Health Information (PHI) and HIPAA. Some of the Personal Information collected and processed by us also constitutes Protected Health Information or “PHI,” as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In addition to this Privacy Policy, please see our Notice of Privacy Practices at this link: https://www.vidacheck.com/notice-of-privacy-practices, which governs our use of PHI. If there is a conflict between this Privacy Policy and the Notice of Privacy Practices relating to PHI, the Notice of Privacy Practices will have priority.

Changes to Privacy Policy. We review this Privacy Policy regularly and may update it from time to time. We will post any changes on this page and may also provide notice of material changes to our Privacy Policy on the portal to a customer’s online account or in emails to customers. If you object to any changes to this Privacy Policy, you may close your account and discontinue use of our website and services. Each time you use any of our services, you agree that the current version of this Privacy Policy applies.

PERSONAL INFORMATION THAT WE COLLECT:
In connection with our business, we collect and process the following categories of Personal Information of individuals:

  • contact information, including name, physical address, and email address.
  • other individual identifiers, including date of birth and sex.
  • payment information, such as credit card type and number and bank account number. However, please note that we and our employees will not have access to credit card data. A third party payment processor will be collecting and processing credit card payment.
  • purchasing history: information regarding products and services you have acquired from us.
  • public IP addresses from your electronic device(s).
  • information relating to your use of our website(s).
  • Serological antibody positive and negative test results.
  • regulatory information (to satisfy regulatory obligations such as tax and other reporting obligations).

HOW WE COLLECT YOUR DATA:
General. We collect Personal Information (including PHI) when:

  • you (or your parent or guardian or authorized family member) registers an account with us and fills out the requested information,
  • you visit our website or run a search query on our website,
  • you use our services,
  • you participate in a survey or a feature of our website that requests or requires Personal Information,
  • you otherwise transact business with or correspond or communicate with us.

We also generate Protected Health Information when we perform serological antibody testing on samples provided to us by our customers.

We also collect Personal Information in the following ways:

Data obtained for marketing purposes. We obtain Personal Information from third parties, including customer referrals and employers, that we use to reach out to inform potential customers and others of the services offered by our organization. The Personal Information collected generally includes the email address of a potential customer or other and may also include their name and phone number. We also use the contact information provided to us by our customers to communicate information about our products and services, which may include marketing our products and services.

Cookies and Other Tracking Technologies: We use tracking technologies such as cookies to collect information from your web browser through our servers or filtering systems when you visit our website(s).

Cookies are small text files placed on a user’s computer with the user’s browser to collect standard internet log information and to enable our website to track a user’s activities on the website. We use cookies to: (1) keep you signed in on our website; (2) enable website features for you; (3) help us understand how you use our website and what products or services may be most relevant to you; (4) provide analytics to improve website performance and effectiveness; (5) store user preferences; and (6) facilitate relevant targeted advertising on advertising platforms or networks. Cookies may also be set within emails in order to track how often our emails are opened. We may share this information with our affiliates and service providers.

You can change your web browser settings at any time to stop accepting cookies or to prompt you before accepting a cookie from the sites you visit. If you do not accept cookies, however, our website may not function properly for you, and you may not be able to use some sections or functions of our websites.

To learn more about cookies and how to manage and delete them, visit http://www.allaboutcookies.org.

We may also use other web-based user tracking technologies, such as clear GIFs, Flash cookies, pixel tags, or web beacons.

Information collected may include but is not limited to your browser type, your operating system, your language preference, any referring web page you were visiting before you came to our site, the date and time of each visitor request, and information you search for on our sites. We can also track the path of page visits on a website and monitor aggregate usage and web traffic routing on our sites.

Information from Third Party Platforms.  If you access our website or communicate with us using your account or account credentials from a third-party owned or operated platform/service (e.g., Amazon, Apple, AWS, Facebook, Google, Shopify, Twitter, etc.), post content from our website to a social network, or use various social media features (e.g.,“Like” button), we may process certain information from the third parties, such as your username, “likes”, location, birthday, comments and reviews, preferences, network reach and influence, and any other information you provided to the third parties in connection with your account. Depending on your account and privacy settings, we may also be able to see information that you post when using these third parties whether or not you are an active customer. We may also collect Personal Information about you from our third party service providers who provide us with e-commerce and/or technical services related to the website. The information you post or provide to third parties, as well as the controls surrounding these disclosures are governed by the policies of these third parties.

Personal Information of children and minors. We collect and process Personal Information of children under age 13 only where the parent or guardian of the child provides that information. We collect and process Personal Information of adolescents (minors ages 13-17) when (i) the adolescents themselves provide us with their own Personal Information, or (ii) a parent or guardian provides the adolescent’s Personal Information to us. VidaCheck must share children’s Personal Information with Quansys in order to perform lab testing services, but parents and guardians may prohibit us from disclosing children’s Personal Information to other third parties.

Special categories of data. We do not actively collect or otherwise process data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, data relating to criminal offenses, biometric data for the purpose of uniquely identifying a natural person, or data concerning a natural person’s sex life or sexual orientation.

HOW WE USE YOUR DATA:
We may use and process Personal Information for any purpose that is permitted under applicable data protection laws in accordance with this Privacy Policy. “Processing” of Personal Information includes collecting, recording, organizing, structuring, storing, altering or modifying, retrieving, transmitting, disclosing or otherwise making available to third parties, deleting, and otherwise using or dealing with your Personal Information. We may process your Personal Information with or without automatic means.

These purposes include:

  • Purposes related to our serological antibody testing services. These purposes include managing customer accounts, performing serological antibody tests, communicating test results to customers, providing customer service and replacement products, monitoring systems, and providing data security. We also use Personal Information to communicate with our customers to inform them of other information that may be helpful or informative.
  • Our other business purposes, including addressing customer questions and service issues; processing sales leads, invoices and payments; planning and conducting marketing activities, tradeshows, trials, consultations, seminars, webinars, and demonstrations; responding to inquiries; conducting web analytics, security monitoring, and business operations and administration; and addressing tax and other regulatory requirements.
  • We send customers and potential customers marketing communications to inform them of new or updated products and services, promotions, or other special events or offers that might be of interest to them, which may include information about products and services of companies that we partner with (“Special Offers”). When you register for one of our products or services, you consent to receiving communications about Special Offers. Cookies may also be used for marketing purposes. In connection with Special Offers, we may ask for contact information or other Personal Information. If you would like to stop receiving information about Special Offers from us, please see the “YOUR RIGHTS RELATING TO YOUR DATA” section of this Privacy Policy below.
  • For the Protection of VidaCheck, Quansys and Others. If we, in good faith, determine that you have used our service, product or website for any unlawful or improper reason, including to menace, threaten, harass, intimidate or otherwise deceptively pose as another person, or in any other way that is a violation of law, or have made an attempt to do so, you have no expectation of privacy, and we may use and disclose any and all information for the protection of VidaCheck, Quansys and others.
  • Pursuant to Law, Rule or Regulation. If required or permitted to do so by law or if, in good faith, we believe that such action is necessary to: (1) comply with laws and regulations or with legal processes; (2) protect and defend our rights and property or prevent fraud; (3) protect us against abuse, misuse or unauthorized use of our products or services; (4) protect the personal safety or property of our personnel, users of our website or the public; and/or (5) comply with tax reporting requirements, then we may use and disclose any and all information as needed. The servers that serve our website automatically identify a computer by its IP address.
  • Aggregated and de-identified data. We may anonymize data to create statistical data or system usage data, by removing all personal identifiers and/or aggregating your Personal Information with other’s data so that it is not identifiable as to any particular person. Such de-identified data may be retained and used by us to improve our products and services and for other proper purposes, including providing aggregated and de-identified data to public health officials, scientific entities, or other third parties, provided that such disclosure and use is permitted by applicable laws.

Legal basis. We base our processing of Personal Information on the need to perform our obligations to provide medical testing services and results to our customers and our legitimate activities as a provider of such services. We also process Personal Information to comply with applicable law and to exercise our legal rights. We may also use your Personal Information for internal purposes, including auditing, data analysis, system troubleshooting, and research. In these cases, we base our processing on legitimate interests in performing the activities of the organization.

HOW WE SHARE OR DISCLOSE YOUR DATA:
No sale of Personal Information. We never sell or rent Personal Information to third parties.

Disclosures of Personal Information. We may disclose or share your Personal Information with other parties in the following circumstances:

  • Lab testing services. Medical testing services are provided by Quansys. VidaCheck discloses Personal Information and medical specimens provided by its customers to Quansys for the performance of such testing services, and Quansys shares the results of such analysis and testing with VidaCheck to deliver to customers. Some employees who have access to Personal Information may be personnel of both VidaCheck and Quansys.
  • Third-party service providers. We use other third-party service providers (or subprocessors) to process Personal Information to facilitate your use of our products and services and in the operation of our business. This includes providing Personal Information to third parties for their processing in performing functions on our behalf, particularly the functions listed above in the “HOW WE USE YOUR DATA” section. These functions include processing payments, providing database services, performing security services, analyzing data, performing surveys, administering our website(s), and/or providing technical support services. These third party providers will be contractually and/or legally required to protect Personal Information from additional processing (including for marketing purposes) and transfer in accordance with applicable laws. Under certain data protection laws, we may be liable if a third party subprocessor that we have engaged to process Personal Information fails to fulfill its data protection obligations.
  • Compliance with law and protecting our legal rights. We may disclose your Personal Information to regulatory bodies if we have a good-faith belief that doing so is required under applicable laws or regulations. This may include submitting Personal Information required by tax or other governmental authorities, or lawfully requested by governmental agencies, including law enforcement and judicial authorities. We may also disclose your Personal Information in order to exercise or defend our legal rights; to take precautions against liability; to protect the rights, property, or safety of our companies or any individual or third party; to maintain and protect the security and integrity of our information system; to protect ourselves against fraudulent, abusive, or unlawful acts; or to investigate and defend ourselves against third-party claims or allegations.
  • Corporate Transactions. If a third party acquires all or substantially all of the assets of, or ownership interests in, VidaCheck and/or Quansys, whether by merger, acquisition, reorganization or otherwise, we may transfer our databases and records, including all Personal Information contained therein, to the acquiring entity.
  • Aggregated and de-identified data. We reserve the right to aggregate and de-identify the results from our medical testing of specimens (both positive and negative test results) and to provide such aggregated, de-identified data and statistics to third parties for scientific studies and research (for example, the extent of geographical spread of COVID-19) or for other legal purposes.

STORAGE OF PERSONAL INFORMATION:
We may store Personal Information that we have collected (through the means described above) on our premises and in our information system at our facilities, in third party data centers, in the systems of third party service providers, and in cloud storage solutions. We are located in the United States. Currently hosting services are provided by Amazon Web Services (AWS) and the servers that host customers’ Personal Information are located in the United States. If we transfer Personal Information from one country to another, we will ensure that the information is transferred in accordance with this Agreement and the Privacy Policy, and as permitted by applicable data protection laws.

We store all information in state of the art physical storage facilities and cloud storage. In doing so, we use appropriate physical, organizational and technological measures to protect the Personal Information you provide to us against loss or theft, and unauthorized access, disclosure, copying, use, or modification. This includes limiting access on a “need-to-know” basis. Where third parties (such as AWS) are used to host our products, we use third parties who meet required privacy and security standards.

However, no electronic data transmission can be guaranteed to be secure from access by unintended recipients and we will not be responsible for any breach of security unless this breach is due to our negligence or wrongdoing. Although we are committed to employing reasonable technology in order to protect the security of our website, even with the best technology, no website is 100% secure. In transacting business with us through our website, you assume the risk inherent in transacting business online.

To offer our website, products and services to you, we rely on plugins and services from third parties such as internet service providers, email service providers and plugins, calendar plugins, Customer Relationship Management (CRM) systems, credit card processors, and third party data storage. To the extent these providers have access to your Personal Information, we will require that they are legally or contractually committed to comply with applicable privacy laws, In the case of credit card processors, we require that they be PCI DSS-compliant. However, we cannot guarantee with certainty that the computer systems and storage systems whereon these services are offered will not be accessed by unauthorized parties. This is a risk inherent in providing any information or, or conducting any business, online. In transacting business with us through our website, you assume the risk inherent in transacting business online.

PERSONAL INFORMATION SECURITY:
We use technical and organizational measures to protect the Personal Information that we store, transmit, or otherwise process, against accidental or unlawful destruction or disclosure, loss, alteration, or unauthorized access. Our security controls and risk management program and processes are designed to implement appropriate technological and organizational measures to ensure a level of security appropriate to the risks. We regularly consider appropriate new security technology and methods. Security measures implemented include:

  • Passwords used for account registration require minimum password strength attributes;
  • Role-based security is applied to system access;
  • Data encryption is used where appropriate;
  • Industry-standard security measures are used to protect the security of Subscriber data while traversing public networks;
  • Regular maintenance is performed on systems;
  • Payment card information, such as account numbers, is processed via a third-party vendor that specializes in payment processing and has committed to PCI DSS compliance;
  • All of our employees are contractually obligated to maintain the confidentiality of Personal Information accessible through their employment; and
  • All of our employees are required to attend security and privacy training.

RETENTION OF PERSONAL INFORMATION:
We process Personal Information for a reasonable period of time to fulfill the processing purposes mentioned above. Personal Information is then archived for time periods as required or necessitated by law or legal considerations. We reserve the right to delete a customer’s data, including Personal Information provided by that customer, from our system after 12 months from the date of completion of services for the applicable customer. We will also delete Personal Information in response to an individual’s request, as set forth in the “YOUR RIGHTS RELATING TO YOUR DATA” section below.

We reserve the right to retain usage data relating to our products and services, as well as data that has been anonymized and/or aggregated, to the extent permitted by applicable laws. With respect to any Personal Information collected by us for marketing or for our own internal purposes, we will retain that data for a reasonable time in order to fulfill those purposes.

We regularly review our retention policy to ensure compliance with our obligations under data protection laws and other regulatory requirements. We regularly audit our databases and archived information to ensure that Personal Information is only stored and archived in alignment with our retention policy.

YOUR RIGHTS RELATING TO YOUR DATA:
If you wish to have us delete your, your child’s, or a family member’s Personal Information (including Protected Health Information or PHI) from our system, limit our use of your child’s Personal Information, or otherwise opt out from any of the uses of Personal Information that are specified in this Privacy Policy, please contact us as described in the “OUR CONTACT INFORMATION” section below. Please note that your subsequent disclosure of Personal Information to us may override prior opt-out requests. We do not discriminate against those who opt out. However, opting out may prevent us from providing some or all services and information to you. Please note that in some cases we may be required to retain Personal Information despite a deletion request, such as in the case of legal proceedings or where your information is required for tax and transactional purposes.

Individuals are also entitled to request to review their protected health information (PHI) that is in our system or possession. Please see our Notice of Privacy Practices for additional information regarding your rights relating to PHI.

Parents and legal guardians are entitled to request access to their child’s Personal Information and PHI to review that information and/or have the information deleted. Parents and guardians will also be given the opportunity to prevent further use or online collection of a child’s Personal Information.

Unsubscribing to marketing communications. If we are sending you email communications of a marketing nature, an ‘unsubscribe’ option is provided in the footer of every email. You may also contact us directly to unsubscribe to marketing emails or other marketing communications, at the contact information set forth in the “OUR CONTACT INFORMATION” section below. If you have agreed to receive marketing communications, you may always opt out at a later date.

Your California privacy rights. As it relates to California’s Shine the Light law, Section 1798.83 of the California Civil Code, we do not share Personal Information with any third parties for the purpose of direct marketing by such third parties. We are not at this time subject to the California Consumer Privacy Act (CCPA). If you are a California resident and have any questions or requests regarding our use of your Personal Information, please contact us.

Your Canadian privacy rights. This section applies to Canada residents only.
Your Personal Information will be transferred outside of Canada for processing. we and our service providers also store Personal Information on servers located in other jurisdictions, including the United States. Please note that privacy laws in such jurisdictions differ from Canadian privacy laws (e.g., PIPEDA) and that in some jurisdictions your Personal Information may be accessed by law enforcement authorities or the courts in such jurisdictions. If you wish to:

  • obtain information or have any questions about our Privacy Policy and practices relating to handling of your Personal Information outside of Canada,
  • find out if we have your Personal Information and how we have used it,
  • access your Personal Information that is in our possession,
  • request that your Personal Information be corrected or deleted from our database, or
  • obtain a list of any other organizations to which your Personal Information has been disclosed,

you may contact our privacy officer at the contact information set forth below. We will respond to your request relating to your Personal Information within 30 days. We may be unable to remove information to the extent that it is permitted or required to be retained by applicable law or document retention and data backup policies, or if removal is not practicable due to technological reasons. Please note that removal of your Personal Information may prevent or hinder us from providing further services and information to you.

If you request an accounting, we may require you to provide sufficient information to permit us to provide you with an account of the existence, use, and disclosure of Personal Information in our possession. The information provided shall only be used for this purpose.

PRIVACY POLICIES OF OTHER WEBSITES:

Our websites may contain links to other websites. This Privacy Policy applies only to our websites, so if you click on a link to another website, you should read their privacy policy.

OUR CONTACT INFORMATION:

If you have any questions about this privacy policy or your Personal Information that we hold, would like to cease receiving marketing materials from us, have any complaints, or would like to exercise any of your other rights related to your Personal Information, please contact us:

VidaCheck, LLC
Attn: Privacy Officer
Address: 365 N 600 W, Logan UT, 84321

E-mail: privacy@vidacheck.com
Phone: 435-750-0959

If you wish to report a complaint or if you feel that we have not addressed your concerns in a satisfactory manner, you may also contact your state or local data protection authority