Privacy Policy

Genomic Health Website Privacy Statement

Last Updated: August 1, 2017

This Privacy Statement (“Privacy Statement”) describes Genomic Health, Inc.’s (“GHI,” “our,” “us,” or “we”) practices and policies regarding the collection, use, storage and disclosure of personal information collected from our website www.GenomicHealth.com and related websites (each, the “Site”) as well as the services and features that we make available through the Site (the “Services”), and your choices and obligations regarding that information. GHI values the trust placed in us by patients, our employees, healthcare professionals and business partners (“you”). GHI is committed to upholding best practices in our use, collection, storage and disclosure of personal information.

By continuing to use the Site and/or the Services or by providing your personal information to us, you agree to the practices and policies described in this Privacy Statement.

Updates

Please make sure you review our most current Privacy Statements, as we may revise this Privacy Statement from time to time. Updated versions will be posted on the Site, and for significant changes, we will place a notice on the Site.

How we collect and use information

We do not require you to register with us to visit our Site. We do collect anonymous information, as further described below. We may also collect personal information (such as name, email address, postal code, mailing address or other information) when you voluntarily give it to us by registering for updates, providing us your contact information, or contacting us.

Information collected automatically/aggregate data collection
We trace visits to our Site and its webpages and use visitor logs to compile anonymous aggregate statistics, (e.g., information such as your web requests, browser type, browser language, domain names, referring and exit pages and URLs, platform type, pages viewed and the paths you took on our Site). We use this information to analyze trends, administer our Site, improve our Site design and otherwise enhance our Site and Services.

Use of cookies/web beacons
We may use cookies, both session and persistent cookies, or web beacons on certain webpages and/or html email correspondence to anonymously track visitors, save website preferences or allow us to recognize visits from the same computer and browser. You have the option to disable cookies in your browser and still use our Site, although it may limit your access to the Site.

Information you voluntarily provide
We may use your personal information to contact you regarding an inquiry or to provide you with more information about GHI or other marketing information we believe you may be interested in. We will send you email alerts or notification messages unless you unsubscribe.

When you send us an email
If you contact us about our Site or Services, we may retain the content of your email, your email address and our response to you. We may retain your information for a period of time to resolve disputes, troubleshoot problems or for other valid business or legal reasons.

How to unsubscribe
In the registration form, you have the opportunity to select certain communication methods from us. Any email from us will include instructions on how to update your personal information and on how to unsubscribe or change your communication preferences. Please follow these instructions to notify us of any changes to your information and/or marketing preferences. You may also unsubscribe or change your preferences at any time by contacting us at CustomerService@GenomicHealth.com.

How we share information

We do not sell or rent your personal information to any other third party. We do share your information with third party providers who perform services on our behalf, such as web analytics, and help us provide the Site and Services to you.

We may provide access or disclose your personal information as required by law, and/or if disclosure is necessary in accordance to a judicial or legal process (including to law enforcement authorities if required), or when disclosure is necessary to prevent physical harm. We reserve the right to transfer your information in the event of a corporate restructuring, merger, acquisition, or consolidation with, or sale of substantially all of our assets to a third party (including bankruptcy).

How we secure information

We secure information by using industry standard administrative, physical and technical safeguards. We encrypt information transmitted to us using Secure Sockets Layer (SSL) technology. All information is stored on controlled servers with restricted access. It is important for you to know that, despite using these current technical and industry-recommended practices, it is never possible to fully guarantee against breaches in security.

How you may access information

You may contact us to notify us of any changes to your name, email address or marketing preferences. If you have provided us with your personal information and would like access to or be able to review the information, you may submit a request to us by sending an email to Privacy@GenomicHealth.com.

Children

Our Site is directed toward adults and GHI does not knowingly collect information from children under the age of 13.

Links to other sites

This Privacy Statement does not apply to third-party websites. GHI may provide links to other websites (e.g., YouTube) and the terms and conditions of such other websites apply.

Notice to California Residents

This section only applies to individuals who are residents of California under the California Consumer Act of 2018 (“CCPA”), where the resident is acting in their own capacity and not acting on behalf of a company or organization in the context of business activities.

a. Notice of Information processed

The below chart provides an overview of our Personal Information collection practices for California residents, and includes terms defined under the CCPA, including but not limited to the categories of information listed.


Personal Information We Collect Information Automatically Collected
Categories of Information
  • Electronic Data, such as geolocation, IP address, and analytics data.
  • Inferred Data, including information derived from Personal Information or a profile or segment attribution.
Purposes for Collection of Personal Information We collect this information for the operation of our services, auditing, security, internal research and development, analytics, and quality and safety business purposes.
Sources of Personal Information We collect this information directly from the individual, through cookies and other tracking technologies, and from service providers acting on our behalf.
Types of Third Parties with Whom We Share Personal Information We share this information with our service providers.
Personal Information We Collect Information That You Manually Provide
Categories of Information
  • Identifiers such as name, email address, and postal address.
  • Electronic Data, such as geolocation, IP address, and analytics.
  • Commercial Information, such as products considered or purchasing tendencies.
  • Employment and Education Information, such as from health providers.
  • Inferred Data, including information derived from Personal Information or a profile or segment attribution.
Purposes for Collection of Personal Information We collect this information directly from the individual, through cookies and other tracking technologies, and from service providers acting on our behalf.
Sources of Personal Information We collect this information directly from the individual, through cookies and other tracking technologies, and from service providers acting on our behalf.
Types of Third Parties with Whom We Share Personal Information We share this information with our service providers and other third parties at the direction of the individual.

b. California Residents Rights

Under California laws including the CCPA, California residents have the following rights (“Rights”) listed below. Your Right to Access and Right to Deletion are not absolute and are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the Personal Information, your account with us, or the security of the business’s systems of networks.

  • Disclosure & Access Rights: California residents have the right to request in writing from a business, (i) a list of the categories of Personal Information, such as name, address, e–mail address, and the type of services provided to the customer, that a business has disclosed to third parties (including Independent Affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties' direct marketing purposes, and (ii) the names and addresses of all such third parties. In addition, California residents have the right to request that we disclose to them (i) the categories of Personal Information we have collected about them, (ii) the categories of sources from which Personal Information is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared Personal Information, and (v) the specific pieces of Personal Information we hold about an individual.
  • Deletion Rights: California residents have the right to have their Personal Information deleted, unless the Personal Information is necessary for the business or service provider to:
    • complete a transaction for which the Personal Information was collected, provide a good or service requested by the resident or otherwise perform a contract between the business and the resident;
    • detect security incidents;
    • protect against malicious, deceptive, fraudulent or illegal activity (or prosecute those responsible);
    • debug to identify and repair functionality errors;
    • exercise or ensure the right of another to exercise free speech or another legal right;
    • comply with the California Electronic Communications Privacy Act, which compels the production of or access to electronic communication information or electronic device information with a search warrant;
    • engage in research in the public interest (if the resident has provided informed consent);
    • to enable solely internal uses aligned with the resident's expectations given their relationship with the business;
    • comply with a legal obligation;
    • otherwise use the information internally in a lawful manner compatible with the context in which the resident provided it.
  • Do Not Sell: Californian residents have the right to opt-out of having their Personal Information sold. Californian residents acting on behalf of a company or organization in the context of business activities will also have the right to opt-out.

Californians can exercise their privacy rights by contacting us at the address below.

Response Time. We will handle request under applicable law in California. When a request is made, we may verify your identity to protect your privacy and security. We will respond to written rights requests within 45 days following receipt at the e–mail or mailing address listed. If we receive your request at a different e–mail or mailing address, we will respond within a reasonable period of time. Please note that we are only required to respond to each customer twice per calendar year.

How to Contact Us

If you have any questions about this Privacy Statement, please contact us at Privacy@GenomicHealth.com.