WHAT PERSONAL INFORMATION WE COLLECT
DNAFit collects the following types of Personal Information:
Providing your Personal Information other than registration information is voluntary and there are ways you can control your information held by DNAFit. You can access personal details through your account profile, set your browser settings to determine how we track your web behaviour, opt out of direct marketing and R&D and choose when to share information on public forums, discussion boards and social media.
As stipulated in the TOS, DNAFit does not provide direct to consumer services to anyone under the age of 18 years and therefore does not knowingly collect, process, share or store data for such individuals. All reasonable effort is made to ensure Users are not minors but should we discover a User to be under the age threshold then this would be considered a violation of the TOS and all contracts will be terminated, services revoked and data will be deleted as detailed in ‘ACCOUNT CLOSURE AND DATA RETENTION’.
HOW YOUR INFORMATION IS USED
DNAFit collects Personal Information from you to meet our contractual commitments. This includes the availability, provision and improvement of our services and the set-up and maintenance of User accounts.
We may also use the information to offer new products and services to you, inform you about events, invite you to participate in relevant research projects; obtain testimonials for promotional purposes, perform quality control checks and to conduct other R&D.
We will not share your Personal Information with any third party, except with those listed below under these circumstances and as detailed in the Consent Document:
Personal Information may be processed, transferred and stored outside the UK for operational purposes. In doing so, relevant data protection regulations and directives will be observed to protect your individual rights and we require all Data Processors to have appropriate security measures to protect that information. You will provide specific consent allowing information to be transferred to our global teams to enable DNAFit to provide the services as requested.
Any Data Processors or other third-party service providers will be required to contractually comply with the principles and objectives of the DNAFit policies and will be asked to sign a confidentiality agreement to confirm that data will not be collected, used, shared or stored for any other purpose than that instructed by DNAFit at the consent of Users.
SELF-DIRECTED SHARING AND DISCLOSURE
We provide you with the ability to engage with other Users and share your information through Our Site, including your Genetic Information. Sharing information is voluntary and you control what you share. Please do not post any information you do not want publicly accessible.
We would like Users to have the freedom to share their journey, express opinion and review their experience with us. However, DNAFit reserves the right to remove without notice any posts that are deemed in violation of the TOS.
INFORMATION DISCLOSURE AS REQUIRED BY LAW
Under some circumstances we may need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary. These details may include your Genetic Information. You understand and accept that DNAFit will only share these details if we are compelled by law to do so, or in the good faith that such disclosure is necessary in such cases but not limited to:
Unless prohibited by law or court order and where time permits, we will let you know when we must share information. We will verify demands as genuine and challenge demands if we feel the request is not appropriate.
While we cannot guarantee unauthorised access, disclosure, misuse or loss of Personal Information, DNAFit frequently reviews and implements physical, technical, and administrative measures to prevent information security incidents and to maintain the integrity of information.
All connections to Our Site and our mobile applications are encrypted using Secure Socket Layer (SSL) technology and internal systems protected with anti-virus software.
Only authorised personnel of DNAFit and contracted third parties have access to data.
Please understand that protecting your Personal Information is also your responsibility. We ask that you keep your login credentials secure and not share them with any third parties. Your password for your account will be used only for online login. We will not ask for your password under any other circumstances. Inform DNAFit immediately of any unauthorised use of your account. Should you wish to reset or change your password, you can do so by clicking on the relevant links on your my.dnafit.com portal
Sharing self-reported information through surveys, or other website features, is voluntary and your liability. DNAFit cannot take responsibility for information that you release or that you request us to release publicly.
In the event of a security incident, DNAFit internal procedures and those prescribed by the EU data protection regulation will be followed. You will be notified of any material impacts or direct consequences to you as an individual.
MANAGING PRIVACY SETTINGS, CORRECTING PERSONAL INFORMATION AND INFORMATION REQUESTS
If there are any changes in your Personal Information, you can correct or update them by accessing ‘Edit Profile’ in your account.
To change any other privacy settings from that specified during registration or consent, you should request this by emailing firstname.lastname@example.org .
You have the right to obtain access to your personal data any time by sending your request via email. We will contact you to undertake identity verification before any disclosure and discuss your needs fully. We will provide this within one month of your request or two months for complex requests.
ACCOUNT CLOSURE AND DATA RETENTION
Accounts will be closed within 30 days upon request of the User. In circumstances where DNAFit terminate the agreement as detailed in the TOS, account closure may be immediate but no later than 30 days.
All Genetic Information will be deleted from your account and the DNAFit database with the following exceptions:
All Data Processors will be instructed to delete any information stored unless subject to the above exceptions.
Your Genetic Information will not be used in any new DNAFit research or R&D after your account is closed.
Personal Information will be retained for as long as accounts are active and only thereafter in the exceptions as detailed in this section for as long as necessary.
HOW TO CONTACT US