Join our webinar Total Population: Where to Extract Value from Value-Based Health Contracts and Populations Tue, Apr 25, 2017 10am PST / 1pm EST

Privacy Policy – BaseHealth, Inc.

En Español

1. Introduction

A. BaseHealth, Inc. ("BaseHealth," "we," "us," or “our”) (formerly Genophen, Inc.) knows that you care how Personal Information about you is collected, used, shared, stored, accessed and corrected. "Personal Information" means information or combination of information that can be used to identify, contact, or locate a discrete individual. A large portion of the Personal Information we collect, use, share, and store is sensitive in nature, including, any and all medical information for example Genetic Data & Other Personal Information. Information that has been aggregated, de-identified, or anonymized is no longer considered Personal Information.

B. This Privacy Policy explains what Personal Information will be collected by BaseHealth when you use our Websites: www.basehealth.com and Service: Genophen (the "Service"), how Personal Information will be used, and how you can control the collection, correction and/or deletion of Personal Information.

C. This Privacy Policy should be read along with our Terms of Use posted at: http://www.basehealth.com/terms_en.html ("Agreement"), the Consent Form posted at: http://www.basehealth.com/consent_en.html , and all other operating rules, policies and procedures and additional terms and conditions published on our Website of which we provide you notice and all of which are incorporated by reference and govern your use of our Website and Service. Capitalized terms, if not defined in this Privacy Policy, are defined in the Agreement.

2. EU-U.S. Privacy Shield:

BaseHealth, Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. BaseHealth, Inc. is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. [https://www.privacyshield.gov/list]

BaseHealth, Inc. is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. BaseHealth, Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, BaseHealth, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, BaseHealth, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

3. U.S. - Swiss Safe Harbor

BaseHealth, Inc. complies with the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. BaseHealth, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view BaseHealth, Inc.’s certification, please visit https://safeharbor.export.gov/swisslist.aspx.

4. Based in the United States

Although we operate internationally, BaseHealth is a corporation organized under the laws of the State of California. The servers that host this Website are located in the United States, and any Personal Information you provide to us will be processed by BaseHealth in the United States. By using this Service, you will transfer data to the United States.

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this Policy.

5. Personal Information We Collect or You May Provide:

  1. You can visit our Website without telling us who you are or revealing any Personal Information about yourself.
  2. You provide us Personal Information when you register to use the Service on the Website ("Enrollment Information): To create an account and enroll to use the Genophen integrated health management platform ("Genophen"):
    1. Your name
    2. Your email address
    3. Your physical addresses
    4. Your telephone number(s)
    5. Your credit card information is collected by our third party payment processors. Your credit card numbers are not stored on our database or servers
    6. Date of Birth
    7. Sex
    8. Unique user name and password, answers to 3 security questions, and a PIN
  3. To use the Services in addition to Enrollment Information ("Genetic Data & Other Personal Information"):
  4. Genetic Data resulting from your genotyping or whole genome sequencing.
  5. Medical information which means, by way of example, your biometrics, medications, procedures, lab work, and health records.
  6. Family history that includes information about you, your parents, grandparents, other relatives, siblings, uncles, or children.
  7. Lifestyle information which means, by way of example, your nutrition, activities, sleep, stress, smoking/alcohol, relationship, confidential history, and environmental factors.
  8. Genophen integrates genomic and clinical data with behavioral analysis to engage patients with their physicians and help physicians create a detailed action plan uniquely suited to the patient. Genophen will prompt your physician to input your clinical data on your behalf. You decide if and how you want to disclose your Personal Information to third parties other than your physician or medical professional.
  9. We may also collect Personal Information from you as a result of your email communications with us, requests for information, products or services, your posts on our Website, completion of surveys, or to apply for employment. At any time, BaseHealth may require you submit additional Personal Information to verify your identity or to protect your security and privacy.
  10. You are required to enter your Personal Information as opposed to a third party on your behalf. You promise the Personal Information will be current, accurate, and complete to your best knowledge at the time provided and will use reasonable efforts to update all Personal Information as appropriate. BaseHealth disclaims any legal duty to verify the accuracy of any Personal Information you provide to us.
  11. We display personal testimonials on our Website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at privacy@basehealth.com.

6. Use of Your Personal Information

A. We compile, save, use and analyze your Personal Information in both a personally-identifiable form and an aggregated, non-personally identifiable form, for our business purposes and as not prohibited by law including but not limited to:

  1. Register you as a user and to identify you when you sign in to your account
  2. Administer your account
  3. Provide recommendations
  4. Respond to your inquiries, customer service requests, complaints, or your job application
  5. Verify activity as we deem necessary
  6. Send you a newsletter or other promotional communications
  7. Conduct research and analyze data for our business purposes
  8. Operate, maintain, improve and provide our Service
  9. Customize our communications with you
  10. Conduct our business
  11. Communicate with you

7. How We Share Your Personal Information with Third Parties:

  1. We may share your Personal Information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your Personal Information only as necessary to provide these services to us.
  2. (i) Your Personal Information:

      On an aggregated, non-personally identifiable form for disclosure to our existing or potential business partners, affiliates, sponsors, or other third parties.
    1. In certain situations, BaseHealth, Inc. may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
    2. As required by law, such as to comply with reporting requirements, a subpoena, bankruptcy proceedings or similar legal process.
    3. In connection with an investigation of fraud, intellectual property infringement, piracy, or other unlawful activity or as we believe reasonably necessary to protect or enforce our rights, protect your safety or the safety of others.
    4. With any third party with your prior consent to do so.
    5. In connection with a merger, acquisition, or sale of all or a portion of our assets.
  3. For genotyping, you will be instructed to send your saliva sample to our third-party Clinical Laboratory Improvement Amendments (CLIA) certified laboratory ("Laboratory"). The sample will be labeled with the unique barcode and no other identifier. The unique barcode identifies you to us but not to the laboratory. We are also required to provide sex and date of birth or age to the laboratory pursuant to CLIA requirements. No other Personal Information is required for the analysis. To protect your privacy, receiving personnel at the laboratory will remove and discard any identifying information (e.g. name, address) included with saliva samples before testing personnel receives the samples for genotyping. Receiving personnel do not perform testing, and testing personnel only handle samples labeled with the unique barcode. DNA and saliva samples are destroyed after the laboratory completes its work, provided that laboratory legal and regulatory requirements no longer require the actual samples to be maintained. The laboratory securely sends the resulting Genetic Data to us along with your unique barcode. Genetic Data is encrypted and stored securely; the laboratory also stores your Genetic Data, but labeled only with a sample barcode. The laboratory conducting DNA extraction and analysis does not have access to your name, other Enrollment Information, or any other Personal Information except your sex and date of birth or age, as required by CLIA.
  4. For whole genome-sequencing through Illumina Clinical Services Laboratory of Illumina, Inc., your physician will write the required prescription for your blood draw and arrangements will be made with you to have a sample of your blood drawn and submitted to the Laboratory for analysis. Your name, date of birth, sex, and ethnicity will be submitted with your physician's prescription. The Laboratory requires an additional written Patient Informed Consent Form be completed and payment information be provided and submitted along with your sample before analysis. Your blood sample will be analyzed for multiple parameters, including genetic testing. Your blood sample will be disposed by the Laboratory following completion of such testing and the analysis will be sent to BaseHealth or your Physician to be uploaded to your Genophen account. Additional information may be found at Illumina’s Website.
  5. Some of our pages utilize framing techniques to serve content to from our service providers while preserving the look and feel of our site, such as when you enter credit card information. Please be aware that you are providing your Personal Information to these third parties and not to www.basehealth.com. This Privacy Policy does not govern the privacy practices of these third parties.

8. How We Store and Protect Your Personal Information:

  1. We may store Personal Information in locations outside our direct control (for instance, on servers or databases co-located with hosting providers).
  2. We use Security Sockets Layer (SSL) encryption technology to encrypt sensitive Personal Information (such as your Genetic Data, Profile, and Genophen login credentials) before it travels over the internet. Credit card numbers are never stored on our database or servers.
  3. The security and protection of your Personal Information is important to us. We have implemented physical and technical security safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information we receive, maintain, and transmit. While BaseHealth is not subject to nor governed by HIPAA (the Health Insurance Portability and Accountability Act of 1996 as amended), it uses commercially reasonable efforts to implement best practices as to privacy and security to safeguard Personal Information. Further protection results from implementing two-factor authentication.

Ultimately, security is a shared responsibility with the users of Genophen. Protecting your Personal Information is also your responsibility. You are responsible for safeguarding your password, secret questions and answers, and other authentication information you use to access Genophen. You should not disclose your authentication information to any third party and should immediately notify BaseHealth of any unauthorized use of your password. BaseHealth cannot secure Personal Information that you release on your own or that you request us to release.

No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Website or of your Personal Information, you can contact us privacy@basehealth.com.

9. U.S. - Compromise of Personal Information

Personal Information, once released or shared, can be difficult to contain. We will notify promptly those affected by a security breach. Notwithstanding, BaseHealth: (a) is not responsible or liable for any consequences that may result because you have released or shared Personal Information with a third party; and (b) does not accept liability for any unintentional disclosure or a disclosure that occurs due to a security breach of our systems or facilities.

10. User Access and Choice:

  1. You may, of course, decline to submit Personal Information to us; in which case, you may not be able to use certain Services.
  2. You are free to access your Personal Information by contacting our Customer Service department by email at support@basehealth.com. You can request your Personal Information be modified by sending an email to us at support@basehealth.com with the words "UPDATE MY INFORMATION" in the subject line. Upon request BaseHealth, Inc. will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. To request this information please contact us at support@basehealth.com. We will respond to your request within 30 days. For your information, please note that it is our practice to monitor and in some cases record calls for staff training and quality assurance purposes.
  3. We may retain aggregated or non-personally identifiable information in accordance with this Privacy Policy. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.
  4. If you no longer wish to use Genophen, you may close your account by sending a request to support@basehealth.com or by contacting us by telephone or postal mail at the contact information listed in the Contact Us section below. When closing your account, your Personal Information will be stored and may continue to be used, shared, stored, accessed and corrected in accordance with this Privacy Policy for our business purposes and not as otherwise prohibited by law. Our contracted genotyping laboratory may also retain your Genetic Information as required by local law.

11. Notification, Electronic Communication and Opt-Out:

  1. You consent to our using your email address to send you Service-related notices, including any notices required by law, in lieu of communication by postal mail. You may not opt out of some Service-related communications.
  2. Upon registration, or on other areas of the site, you may opt-in to receive periodic messages from us, including changes to features of the Service, newsletters, promotions, and special offers. If you wish to subscribe to these emails, we will use your name and email address to send them to you. Out of respect for your privacy, you may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing email preferences manager on your account settings page, or you can contact us at support@basehealth.com. Opting out may prevent you from receiving email messages regarding updates, improvements, or offers.

12. Children's Privacy

Genophen is for use by adults only. If you are not over 18 years of age, do not use this Website. Genophen is committed to protecting the privacy of children. We do not intentionally collect Personal Information from any person we actually know is under the age of 18. If we learn that we have collected Personal Information from a child under age 18, we will delete that information as quickly as possible. If you believe that we might have any Personal Information from a child under 18, please contact us at support@basehealth.com.

13. Cookies, Analytics/Log Files and Clear GIFs:

BaseHealth and our partners and other service providers may use tracking technologies such as cookies or similar technologies to analyze trends, administer the Website, track users' movements around the Website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

A "cookie" is a small data file that we transfer to your computer's hard disk.

BaseHealth uses cookies for authentication, security, to store your language and communication preferences, and to provide you with features, insights, and customized content. Users can control the use of cookies at the individual browser level. You may refuse to accept cookies, or remove cookies, by editing your web browser preferences or options. You do not have to accept all cookies sent to you by this Website; however, depending on the particular cookie you reject, you may not be able to use some of the features of this Website. Our cookie policy is posted at www.basehealth.com/cookies_en.html. You can find out more about cookies at www.allaboutcookies.org.

Our third party partners use Local Storage (HTML5) to provide certain features on our Website, to display advertising based on your web browsing activities, and/or to store content information and preferences. Various browsers may offer their own management tools for removing HTML5.

We may also employ software technology known as "web beacons" or "clear GIFs" which helps us keep track of what content on our Website is effective. Web beacons are small graphics with a unique identifier that are used to track the online movements of Internet users. Web beacons are embedded in the web pages you review, so they are not stored on your hard drive. The web beacons we use do not track or collect any personally information about you and they are in no way linked to your personally identifiable information except when you log-in to your Genophen account and then as to your last name, first name, and sex.

We gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.

We partner with a third party to either display advertising on our Website or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this Website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here) Please note this does not opt you out of being served ads. You will continue to receive generic ads.

14. California Do Not Track

California law requires us to say how we respond to Do Not Track (DNT) signals. We support the Do Not Track browser setting. Do Not Track (DNT) is a preference you can set in your browser to let the websites you visit know that you do not want them collecting certain information from you. For more details about Do Not Track, including how to enable or disable this preference, visit this website: https://termsfeed.com/do-not-track.

15. Links to Other Websites, Blogs/Forums, and Social Media Widgets:

  1. Our Website includes links to other websites whose privacy practices may differ from those of BaseHealth. When you use a link to go from our Website to another website, such as that of our payments processors, the privacy policy for the other website governs. We encourage you to carefully read and understand the privacy policy of any website you visit.
  2. Our Website may offer a publicly accessible blog. You should be aware that any information you provide in these areas may be displayed publicly and read, collected, and used by others who access them. To request removal of your personal information from our blog, contact us at support@basehealth.com. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.
  3. Our Website includes social media features, such as the Facebook Like button, and widgets, such as the Share button. These features and widgets may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features and widgets are governed by the privacy policy of the company providing it.
  4. Among the vendors whose services we employ may be companies that help us deliver online advertisements such as banner ads. These companies may collect and use Personal Information you provide to us to better understand the offers, promotions, and types of advertising that are most appealing to our customers. After these third parties collect the Personal Information, it is aggregated so that it is not personally identifiable or tied to you or any other user. If you would prefer that these companies not collect your Personal Information, please email privacy@basehealth.com.

16. English Language

The English version of this Privacy Policy governs. All disputes, claims and causes of action (and related proceedings) will be communicated in English.

17. Changes to Our Privacy Policy - 30 day notice:

  1. If we make a material change to our privacy policies and procedures as to the collection, use, or disclosure of your Personal Information, we will post a notice of those changes on our Website and use commercially reasonable efforts to notify you by email to keep you aware of what information we collect, how we use it, and under what circumstances we may disclose it, prior to the change becoming effective. You are bound by changes to the Privacy Policy when you use the Website after those changes have been posted. We encourage you to periodically review our Website for the latest information on our privacy practices and all other terms and conditions governing use of our Website and Services.
  2. This Privacy Policy is governed by and construed in accordance with the laws of the State of California, without regard to its conflicts of law provisions. If any term or provision of this Privacy Policy shall be found to be invalid, illegal or otherwise unenforceable, such finding shall not affect the other terms or provisions of this Privacy Policy, or the whole of this Privacy Policy, but such term or provision shall be deemed modified to the extent necessary to render such term or provision enforceable, and the rights and obligations of you and BaseHealth shall be construed and enforced accordingly, preserving to the fullest permissible extent the intent and agreements set forth in this Privacy Policy. The prevailing party in any action relating to this Privacy Policy is entitled to recover its reasonable attorneys’ fees and costs.

Contact Us

If you have any questions about this Privacy Policy, the practices of this Website, or your dealings with this Website, including any bugs or actual or potential threats to the security of our Website and protection of your Personal Information, please contact us at privacy@basehealth.com, or at 111 West Evelyn Avenue, Suite 209, Sunnyvale, CA 94068, USA, and Telephone number: +1-650-453-3170.

This Privacy Policy is effective as of September 27, 2016.

Operate Proactively.
Effectively Measure Risk.
Manage Liability Exposure.

Schedule an Assessment