This Privacy Notice is made in English and translated into other languages. In the case of discrepancy, the English version shall prevail.
Statement of Policy
We treat your information with the importance it deserves.We are committed to protecting your information, handling it responsibly and securing it with administrative, technical, and physical measures and safeguards. All test results and any Personal Information are maintained under a strict policy of confidentiality.
Statement of Practices
CircleDNA is a range of services offered by Prenetics Limited, a Digital Preventative Health Technology Company, combining lab diagnostics and digital technology platforms to make cutting edge scientific information available.
Personal data we collect
It is voluntary for you to provide any information we request, however in the event that you do not provide such information, we may not be able to provide you with our products or services.
Statement of Purpose
Prenetics is a genetics and diagnostic health testing company, with a mission to decentralize health care by focussing on comprehensive testing capabilities covering prevention, diagnostics, and personalized care.
We process both Personal Data and Personal HealthInformation for the following purposes:
To provide our service to you: We process Personal Data in order to provide our service, which includes customer support, processing payments, shipping kits to customers, creating customer accounts and authenticating logins, analysing DNA samples and DNA, to provide you with our reports, dependent on the service purchased and powering tools that benefit our customers such as allowing you to share your Personal Data with others.
To Improve Our Products and Service: We collect information when you send, receive, or engage in messaging with Prenetics. We do this to delegate your inquiries to the correct department. We may use your Personal Data to investigate, respond to and resolve complaints and service issues.
If you interact with Prenetics via telephone, your call maybe recorded for training and monitoring purposes.
We also use analytics to determine ongoing service and resource needs and perform quality control checks to maintain best standards of practice. We conduct customer surveys and constantly work to improve and provide new reports, tools, and services. We may also need to fix bugs or issues, analyse use of our website to improve the customer experience or assess our marketing campaigns.
Marketing and Advertising: With your consent we may send you direct marketing communications. We may also direct advertising to you via third party sites including social media. We will only send marketing material to you where you have opted in to such communications or as determined by your web browser/cookie settings. You can unsubscribe from receiving these marketing communications at any time via your account settings.
Who we share your personal data with
Except as stated below, we will only share your PersonalData with a third party when we are required by law or in good faith believe that such disclosure is necessary in such cases. Such disclosure includes but is not limited to:
We will only share your Personal Data with those categories of third parties listed below and under these circumstances -
Any Processors or other third-party service providers will be required to contractually comply with the principles and objectives of any Prenetics policies, including this Privacy Notice, and other Applicable Law and will be required to sign a data processing agreement to confirm thatInformation will not be collected, used, shared, stored or otherwise for anyPurpose other than those instructed by Prenetics.
We may be unable to provide our products or services to you should you wish such data sharing to not take place.
How long your personal data will be kept
Our data retention policy is to take all practicable steps to ensure that the personal data collected is kept no longer than necessary to fulfil the purpose for which it is used or fulfil our contractual and legal obligations.
Prenetics implements measures and systems to ensure confidentiality, integrity, and availability of Circle data.
Anonymisation, encryption, and data segmentation. Registration Information is stripped from Sensitive Information, including genetic and phenotypic data. This data is then assigned a random ID so the person who provided the data cannot reasonably be identified. Circle uses industry standard security measures to encrypt sensitive personal data both when it is stored (data-at-rest) and when it is being transmitted(data-in-flight). Additionally, data is segmented across logical database systems to further prevent re-identifiability.
Limiting access to essential personnel. We limit access of information to authorized personnel, based on job function and role. Circle access controls include a strict least-privileged authorization policy.
Detecting threats and managing vulnerabilities. Prenetics uses state of the art intrusion detection and prevention measures to stop any potential attacks against its networks. We have integrated continuous vulnerability scanning in our build pipeline and regularly engage third party security experts to conduct penetration tests.
You have the following rights: