Privacy Policy Highlights
These “Privacy Highlights” provide an overview of some core components of our data handling practices.
Information We Collect
We generally collect the following information:
Information we receive when you use our Services. We collect Web-Behavior Information via cookies and other similar tracking technologies when you use and access our website.
- Information you share with us. We collect and process your information when you place an order via our consent and indemnity form.
- Information from our DNA testing services. With your consent, we extract your DNA from your DNA sample and analyze it to produce your Genetic Information (the As, Ts, Cs, and Gs at particular locations in your genome) in order to provide you with MMG reports.
How We Use Information
We generally process Personal Information for the following reasons:
- To provide our Services. We process Personal Information in order to provide our Service, which includes processing payments, shipping kits to customers, DNA samples and DNA, and delivering results and powering tools that benefit our customers.
- To analyze and improve our Services. We constantly work to improve and provide new reports, tools, and Services. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience or assess our marketing campaigns.
Control: Your Choices
You have the ability to make decisions about how your data is shared and used. You choose:
- To store or discard your DNA sample after it has been analyzed.
- When and with whom you share your information, including friends, family members, health care professionals, or others outside our Services, including through third party services that accept MMG data and social networks.
Access To Your Information
Your Personal Information may be shared in the following ways:
- With our service providers as necessary for them to provide their services to us.
- MMG will not sell, lease, or rent your individual-level protected health information to a third party for research purposes without your consent.
- We will not share your data with any public databases.
- We will not provide any person’s data (genetic or non-genetic) to an insurance company or employer.
- We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information.
How We Secure Information
MMG implements measures and systems to ensure confidentiality, integrity, and availability of MMG data. These practices include, but are not limited to, the following areas:
- Anonymization, encryption, and data segmentation. Registration Information is stripped from Sensitive Information, including genetic and phenotypic data. This data is then assigned a random ID so the person who provided the data cannot reasonably be identified. MMG uses industry-standard security measures to encrypt sensitive personal data both when it is stored (data-at-rest) and when it is being transmitted (data-in-flight). Additionally, data are segmented across logical database systems to further prevent re-identifiability.
- Encryption. MMG uses industry-standard security measures to encrypt Sensitive Information both when it is stored and when it is being transmitted.
- Limited access to essential personnel. We limit access to information to authorized personnel, based on job function and role. MMG access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.