Privacy Shield Policy

Privacy Shield Policy

Please see also our Web Privacy Policy.

Invivoscribe, Inc. and all its US subsidiaries, LabPMM LLC and Genection Inc. (collectively called “IVS”) complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries (“EU”) and Switzerland. IVS has certified that it adheres to the Privacy Shield principles. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page please visit https://www.privacyshield.gov/.

This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by IVS whether in electronic, paper or verbal format.

IVS is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

IVS no longer relies on the EU-US Privacy Shield Framework or the Swiss-US Privacy Shield Framework to transfer data that originated in the EU or Switzerland to the U.S.

Definitions

“Personal Information” or “Information” means information that (1) is transferred from the EU or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual. “Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.

Privacy Principles

IVS shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which IVS discloses or may disclose that Information. IVS shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to IVS, or as soon as practicable thereafter, and in any event before IVS uses or discloses the Information for a purpose other than for which it was originally collected.

We collect various types of information from you, including information you voluntarily provide us and information we get from your use of our Site or Products. For instance, in order to access certain portions of the Site, order Products, or even use some Products you may be required to first register with us. You may be asked to provide your contact information (e.g., name, institution/company, address, phone number, email, username, etc.). Information we collect about your use of our Site or Products may, for example, include:

  • The Internet Protocol (“IP”) address of your Internet Service Provider.
  • The content you access.
  • The functions, products, or services you use on the Site or Products.
  • Your computer’s operating system.
  • Up-time and other usage statistics about the Site or Products.
  • Location information.
  • Your computer’s unique identifier (e.g., CPU serial number).
  • Web browser used.
  • The date and time of your visit to the Site or use of the Product.

How Information is Collected

Some of this information is collected through your voluntary submissions of information. Some of this information is collected through the use of cookies, which may be placed onto your computer. Some of this information is collected through other technologies (e.g., Google Analytics, WalkMe, Adobe Analytics, Mixpanel, New Relic, fullstory). The Site or other Products may also use cookies to store user-provided information during your sessions. You can usually set your browser to reject cookies or to alert you before one is placed, if you prefer, but this may mean that you cannot use all features of the Site or the Products.

How We Use the Information We Collect

We may use the information collected:

  • To improve the Site, the Products, including any applications, products, services, and software available through them.
  • To improve the customer experience.
  • For marketing purposes.
  • To store your interests and preferences in order to customize your use of the Site or Products.
  • To communicate with you (such as for product support and billing issues).
  • To verify compliance with the terms of use, license, subscription agreement or other agreement governing the use of the Site, the Product, or other of our products or services (“Terms of Use”).
  • To authenticate users.
  • To improve our products and services.
  • To compile and analyze trends.
  • To carry out transactions in connection with you.
  • We also may aggregate the collected information with information from other customers and users of the Site, Products, or other products and services for analysis such as to determine user and performance trends. Generally, any such aggregation will involve de-identified or anonymous data.

Employee Information

We collect Employee information from prospective and present Employees only for legitimate business purposes, including (1) the management and operations of our company, its functions and activities, (2) Employee communications, including Employee surveys, (3) maintaining a global directory, (4) carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements, (5) development and training programs, (6) recruiting and hiring job applicants, (7) assessing qualifications and performance, (8) performing background checks and verifying references, (9) managing Employee performance, (10) determining Employee compensation or payment, (11) managing the Employee termination process, and (12) other general human resources purposes.  Our European Union Employees at the time of their employment are notified in detail how their Personal Information will be used. Employee information on health, performance evaluations, and disciplinary actions and other sensitive Employee matters, whether it is stored manually or electronically, is accessible by other IVS Employees only if necessary with respect to legitimate human resource functions or issues.  IVS will obtain affirmative consent from an Employee before using such Employee’s Personal Information for any purpose other than described above. Employees may decline to provide this consent, and Employees may withdraw their consent at any time.

For legitimate human resources purposes, Employees may choose to voluntarily disclose Personal Information about family members. If our Employees choose to do this, their family member’s Personal Information shall be treated, for the purposes of this Policy, the same as an Employee’s Personal Information. Employee Personal Information is never sold, leased, or rented to any third party. Employee Personal Information will never be disclosed to third parties except as follows: (1) to those retained by IVS as agents for the purposes set forth in the paragraph above, (2) where required pursuant to an applicable law, governmental or judicial order, law or regulation, or to protect the rights or property of IVS, (3) where authorized in writing by the Employee, and (4) where the Employee voluntarily provides Personal Information and the context makes it clear that such information will be provided to a third party.

Where personal data is transferred from the EU to the US in the context of the employment relationship, we will cooperate in investigations by and to comply with the advice of the competent EU Authorities.

IVS will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, IVS will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. IVS shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information.

If you wish to choose to opt out please contact us at [email protected].

Except as otherwise provided herein, IVS discloses Personal Data only to Third Parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.

If IVS may provide Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, IVS may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by IVS and they must agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy;

IVS also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure. Please be aware that IVS may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. IVS is liable for appropriate onward transfers of personal data to third parties.

IVS shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. IVS has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. IVS cannot guarantee the security of Information on or transmitted via the Internet.

IVS shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, IVS shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.

IVS shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. For all your requests related to access of personal information, please contact [email protected].

IVS uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.

This privacy policy may be amended from time to time consistent with the requirements of the EU-US Privacy Shield or Swiss-US Privacy Shield Frameworks. We will post any revised policy on this website.

Privacy Complaints by European Union and Swiss Individuals

In compliance with the Privacy Shield Frameworks, IVS commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact IVS using the contact information below.

Invivoscribe, Inc.
Attn: Legal Department
10222 Barnes Canyon Rd. | Bldg. 1
San Diego, CA 92121-2711 USA
[email protected]

IVS has further committed to refer unresolved privacy complaints under the Privacy Shield Principals to an independent dispute mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by IVS, you may contact the BBB EU PRIVACY SHIELD program at: http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

For complaints involving human resource Personal Data of EU or Swiss individuals, IVS commits to cooperate with the panel established by the EU Data Protection Authorities (“DPA Panel”), and for Swiss Data Subjects, the Swiss Federal Data Protection and Information Commissioner (“FDPIC”), and comply with the advice given by the panel with regard to human resources data transferred from the EU or Switzerland in the context of the employment relationship. Complaints regarding processing of HR personal data pertaining to EU or Swiss individuals may be reported by the individual to the relevant Data Protection Authority.

This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by IVS whether in electronic, paper or verbal format.

Contact Information

Questions, comments or complaints regarding IVS’s Privacy Policy or data collection and processing practices can be mailed or emailed to:

Invivoscribe, Inc.
Attn: Legal Department
10222 Barnes Canyon Rd. | Bldg. 1
San Diego, CA 92121-2711 USA

Email: [email protected]

Effective Date: November 20, 2020