Privacy Policy
Effective as of November 19, 2019.
DIYA SENGUPTA, LLC respects the privacy of members and visitors to our websites. We reserve the right to change this policy at any time, which we will do through an online posting or a direct email message.
This Privacy Policy describes how DIYA SENGUPTA, LLC collects and uses the personal information you provide to us on our website: www.lovethealchemist.com and www.dirtydna.life (both referred to as the “site”), and the choices you have regarding our use of your personal information and how you can access and update this information.
Privacy Statement Change Notifications
We may update this Privacy Policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the email address specified in your account), or by means of a notice on this site prior to the change becoming effective. We encourage you to periodically review this policy for the latest information on our privacy practices.
Use and Collection of Personal Information
We collect personal information from you to provide and efficient meaningful and customized experience for you on the site. We may collect the following personal information from you:
1. Contact information such as name, email address, mailing address, and phone number
2. Billing information such as credit card number and billing address
3. Unique identifiers such as username, account number, and password
4. Preferences information such as product wish lists, order history, and marketing preferences.
As is true of most websites, we automatically gather information about your computer such as your IP address, time and date you visit, browser type, referring/exit pages and operating system. We may log this information for system administration, order verification, internal marketing and system troubleshooting purposes.
We use this information to fulfill your order, send you order confirmation, recommend products you may be interested in purchasing, send you requested product or service information, send product updates or warranty information, respond to customer service requests, administer your account, send you a newsletter, send you marketing communications, respond to your questions and concerns, improve our site and marketing efforts, conduct research and analysis, display content based upon your interests.
To review and update your personal information to ensure it is accurate, contact us at lovethealchemist@gmail.com.
We do not intentionally gather personal information from visitors who are under the age of 13. If a child under 13 submits personal information to us and we learn that the personal information is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any personal data from a child under 13, please contact us at lovethealchemist@gmail.com.
HIPPA Compliancy
DIYA SENGUPTA, LLC is not an entity that is covered by HIPAA. This HIPAA privacy rules apply to health plans, health care clearing houses, to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA (the “covered entities”) and their service providers (“business associates”). This means that the information that you provide to us is not protected by the HIPAA privacy rules and regulations.
Information Sharing
We do not sell your personal information to third parties, and we do not authorize the collection of our members’ or visitors’ personally identifiable information by any third parties for the third parties’ use.
We may provide your personal information to companies that provide services to help us with our business activities such as charging your order, shipping your order, or offering customer service. These companies are authorized to use your personal information only as necessary to provide these services to us.
We may also disclose your personal information (a) as required by law such as to comply with a subpoena or similar legal process; (b) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request; or (c) to any other third party with your prior consent to do so.
We may share non-personal information (such as the number of daily visitors to a particular web page or the size of an order placed on a certain date) with third parties such as advertising partners. This information does not directly personally identify you or any user.
Security
The security of your personal information is important to us. We do our best to follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
Our store is hosted on Stripe and PayPal. Stripe and PayPal provide us with the online platform that allows us to sell our products to you. Your data is stores through Stripe and PayPal’s data storage, databases, and the general application, which is stored on a secure server behind a firewall.
When you complete a purchase on our site, then Stripe and PayPal store your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stores only as long is necessary to complete your purchase transaction. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover. DCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more information about these platforms and data collections, you may want to read Stripe and PayPal’s individual Terms of Service and Privacy Statement found on their unique websites.
If you have any questions about security on our site, you can contact us at lovethealchemist@gmail.com
Third-Party Websites
Our site may contain links to third party websites. When you click on a link to any other website or location, you will leave our site and go to another site, and another entity may collect personal data or anonymous data from you. We have no control over, do not review, and cannot be responsible for these outside websites or their content.
Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your personal information after you click on the links to such outside websites.
We encourage you to read the privacy policies of every website you visit. The links to third-party websites or location are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.
Choice/Opt-Out
You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us at lovethealchemist@gmail.com.
You may change any of your personal information in your account by editing your profile within your account or by sending an email to us at the email address set forth above. You may request deletion of your personal information by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements).
When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud or similar purposes.
For Users Outside of the United States
If you are a non-U.S. user of the site, by visiting the site and providing us with data, you acknowledge and agree that your personal information may be processed for the purposes identified in the Privacy Policy. In addition, your personal information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of personal information may be less stringent than the laws in your country. By providing your data, you consent to such transfer. At this time, we do not ship products outside the United States.
For any questions regarding this Privacy Policy, contact us at lovethealchemist@gmail.com.
DIRTYDNA.LIFE Privacy Policy
DIYA SENGUPTA LLC dba "DIRTYDNA.LIFE"
PRIVACY POLICY
At DIYA SENGUPTA LLC, we respect and protect the privacy of our customers and those who use our websites, products and services. DIYA SENGUPTA LLC, (“DIRTYDNA” or “we” or “us”) is committed to protecting your privacy. We prepared this privacy policy (the “Privacy Policy”) to describe our practices regarding the information we collect from users of our websites that link to this policy, and use of our related services, including without limitation our testing services and web applications.
PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR VIEWS AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. BY SUBMITTING INFORMATION THROUGH OUR WEBSITE OR USING OUR SERVICES, YOU ARE EXPRESSLY ACCEPTING AND CONSENTING TO THE PROCESSING DESCRIBED IN THIS PRIVACY POLICY.
1. TYPES OF INFORMATION WE COLLECT.
1.1 Information You Provide Us Directly. We may collect information related to you, including, but not limited to your username, first and last name, e-mail, password, phone number, mailing address, and credit card information, when you create an account to log in to our network or at other times. If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply. For customers who engage us for our testing services, we may also collect genetic information and other basic information in order to perform the applicable service and/or test. This information may include but is not limited to DNA, date of birth, gender, blood transfusion and bone marrow transplant history, height and weight. This information is used to provide accurate and complete testing results applicable to the test requested by the client. We may also collect information that is necessary for our legitimate interests, which will be disclosed to you at the time of collection. DIRTYDNA will use this information for the purposes of which it was collected.
1.2 Information Collected via Technology. To make our website and related services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. We also use Cookies (as defined below) and navigational data to gather information regarding the date and time and duration of your visit and the solutions and information for which you searched and which you viewed. This information includes, without limitation, characters you type, your search and browsing history, articles you click, and pages you view. Like most Internet services, we automatically gather this information and store it in log files each time you visit our website or access your account on our network. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing a web site. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our website. Persistent Cookies can be removed by following Internet browser help file directions. If you choose to disable Cookies, some areas of our website or service may not work properly. We use Google Analytics on our site. Google Analytics is a web analytics service provided by Google. Google Analytics uses cookies to collect anonymous traffic data to help use analyze how users use the website. The information generated by a cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the site, compiling reports on site activity for us and providing other services relating to site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. By using the website, you consent to the processing of data about you by Google in the manner and for the purposes described in this Privacy Policy.
1.3 Do Not Track. We do not respond to browser-based “do not track” signals. We do not have any third parties that push content to our site.
1.4 US – EU Privacy Shield. The United States Department of Commerce and the European Commission have agreed on a set of data protection principles (the “Privacy Shield Principles”) to enable U.S. companies to satisfy the EU law requirement that all personal information transferred from the European Economic Area (“EEA”) to the United States be adequately protected. DIRTYDNA has elected to participate in the Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of all personal data received from the EEA. We certify that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Privacy Shield program, and to view our certification or find more information on the Privacy Shield, please visit http://www.privacyshield.gov or at our Privacy Shield Policy.
2. USE OF YOUR DATA.
2.1 General Use. In general, information you submit to us is used either to respond to requests that you make, or to aid us in serving you better. DIRTYDNA uses your information to facilitate the creation of and secure your account on our network; identify you as a user in our system; provide improved administration of our website and services; improve the quality of experience when you interact with our website and services; send you administrative e-mail notifications; respond to your inquiries related to employment opportunities or other requests; to enhance our website for optimal user experience; to monitor the usage and performance of our website and services; to facilitate transactions and process payments; to provide maintenance, support, and customer service for our site; to conduct research and analysis; and to fulfill other legitimate purposes permitted by applicable law.
2.2 Use of your Information. Except as expressly provided herein, we will only use your information in order to provide you the services you have requested, process your order, respond to any order or billing related questions, and to send you promotional and marketing information as further described herein.
2.3 Creation of Anonymous Data. We may create anonymous data records from your information by excluding information (such as your name) that makes the data personally identifiable to you. We use this anonymous data to analyze request and usage patterns so that we may enhance the content of our services and improve site navigation. DIRTYDNA reserves the right to use anonymous data for any purpose in its discretion.
Feedback. If you provide feedback on any of our services to us, we may use such feedback for any purpose, provided we will not associate such feedback with your information. DIRTYDNA will collect any information contained in such communication and will treat the information in such communication in accordance with this Privacy Policy and our Terms of Use.
3. DISCLOSURE OF YOUR INFORMATION.
3.1 Affiliates. We may share some or all of your information with our parent company, any subsidiary, or any other company under a common control (collectively, “Affiliates”), including for marketing purposes. If we do share your information, we will require our Affiliates to honor this Privacy Policy. If another company acquires our company or our assets, that company will possess the information collected by it and us and will assume the rights and obligations regarding your information collected by us as described in this Privacy Policy.
3.2 Services Providers. We may share your information with agents to the extent necessary for them to provide their products and services to us, or to provide you with the products and services that you have requested. For example, if you engage us for testing services through a local laboratory, the laboratory is acting as our agent. Other examples include, database storage, file storage and file destruction, hosting services, marketing assistance, analyzing user data, processing payment card information, and for other legitimate purposes permitted by applicable law.
3.3 Business Partners. We may partner with other companies and individuals with respect to particular products or services. These third parties may be provided access to your information, and/or may hold your information, based on the need to perform their function. To restrict sharing of information with these third parties for their marketing purposes, please see the section below titles “Your Choices and Rights Regarding Your Information.”
3.4 Other Disclosures. Regardless of any choices you make regarding your information (as described below), DIRTYDNA, may disclose information if it believes in good faith that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on DIRTYDNA; (b) protect or defend the rights or property of DIRTYDNA, or users of our services; (c) to protect against fraud or for risk management purposes; or (d) or to honor a request that you have made to DIRTYDNA.
4. THIRD PARTY WEBSITES.
We may link to third party websites. Our provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. When you click on such a link, you will leave our site and go to another site. During this process, another entity may collect information from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or framed websites, or to any collection of data after you click on links to such outside websites.
5. YOUR CHOICES REGARDING YOUR INFORMATION.
5.1 Choices. We offer you choices regarding the collection, use, and sharing of your information. We will periodically send you free newsletters and e-mails that directly promote the use of our website or services and may contain advertisements for third party companies or our Affiliates. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly at lovethealchemist@gmail.com. Should you decide to opt-out of receiving future mailings, we may share your e-mail address with third parties to ensure that you do not receive further communications from third parties, except that any such third party may have its own opt-out policy to stop receiving further communications from such third party, and such opt-out policy will be included in the communications received from such third party. Despite your indicated e-mail preferences, we may send you emails related to your account or transactions there under, or notices of any updates to our Terms and Conditions or Privacy Policy.
5.2 Withdrawal of Consent You have the right to withdraw your consent to processing that is currently underway with your consent. Consent can be withdrawn by sending an email. Without your consent, DIRTYDNA will use information, only insofar as such processing is permitted by applicable law (e.g., for the performance of an Agreement between DIRTYDNA and you) or where such processing is necessary for compliance with a legal obligation to which DIRTYDNA is subject.
5.3 Accessing, deleting and updating your information. At your request, we will inform you of what personal information we have on file. In accordance with applicable data protection laws, you may have the right to request: access to, rectification, and erasure of your personal information; restriction of processing of personal information; objecting to certain processing of personal information; and the right to data portability. To exercise your rights under these provisions, please contact us at the “Contact Information” details below. When we receive your requests, we may ask you to verify your identity before we can act on your request. We may withhold information where the search for that information would require disproportionate effort or have a disproportionate effect to, for example, the cost of providing the information, the time it would take to retrieve the data, or how difficult it may be to obtain the information requested. Please note that we may be required (by law, accrediting bodies, or otherwise) to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). Please be advised that by deleting your personal information, it will limit or eliminate our ability to provide future communication or explanation regarding any products or services, test results or other offerings in connection with DIRTYDNA. Please be further advised that after your personal information is deleted that residual copies may take a period of time before they are deleted from all latent and backup systems.
6. RETENTION OF DATA.
The data you provide to us may be necessary to carry out tasks prior to testing, such as verifying identity or payment details when signing in to use an account. We retain required data based on testing regulatory requirements and other standards, such as meeting our financial obligations and to carry out our responsibilities and enforce our rights arising from service agreements entered into between you and us. The following summarizes the data retention timeframes based on two main categories of testing.
Legal/Chain of Custody/Accredited Tests-We store your samples for a minimum of six months or according to contractual and legal requirements if longer. All accompanying data and records associated with these tests are maintained as required by accrediting bodies, which is a minimum of five years or longer in some instances as required by law. New York Department of Health requires all testing records be maintained for a period of 7 years. All such accompanying data will be destroyed following the minimum timeframes at intervals annually thereafter.
Non-Legal/Non-Chain of Custody Tests-We store your samples for a period of 6-8 weeks or according to contractual and legal requirements if longer. All accompanying data and records associated with these tests are maintained for a minimum period of one year and will be destroyed at intervals annually thereafter.
7. SECURITY OF YOUR INFORMATION.
We are committed to protecting the security of your information. We use a variety of reasonable security technologies and procedures to help protect your information from unauthorized access, use, or disclosure. Access to your personal information is limited and we take reasonable measures to ensure that your personal information is not accessible. Although DIRTYDNA attempts to protect the personal information in its possession, no security system is perfect, and DIRTYDNA cannot promise that your personal information will remain absolutely secure in all circumstances.
8. DISPUTE RESOLUTION.
If you have any questions or concerns, please contact DIRTYDNA by email at lovethealchemist@gmail.com. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If you and DIRTYDNA are unable to reach a resolution to the dispute, you may submit your complaint to JAMS (located in the United States) for mediation under the JAMS International Mediation Rules, which are accessible on the JAMS website at https://www.jamsadr.com. Questions or comments regarding this policy should be submitted vis email to lovethealchemist@gmail.com.
Where you believe that we have not processed your information in accordance with applicable data protection laws, you may lodge a complaint with your respective supervisory authority or data protection regulator.
9. A NOTE TO USERS OUTSIDE OF THE UNITED STATES.
DIRTYDNA is based, and this website is hosted, in the United States of America. If you are from a country outside of the United States of America with laws governing data collection, use, and disclosure that may differ from U.S. law and you provide information to DIRTYDNA, please note that any information that you provide to DIRTYDNA may be transferred to the United States of America. By providing your information, you hereby specifically and expressly consent to such transfer and processing and the collection, use, and disclosure set forth herein or in any terms and conditions related to the use of and access to the website and our Services as describe in this Privacy Policy.
10. CHANGES TO THIS PRIVACY POLICY.
This Privacy Policy is subject to occasional revision, and if we make any substantial changes in the way we use your information, we will notify you by sending you an e-mail to the last e-mail address you provided to us and/or by prominently posting notice of the changes on our website or on our service. Any material changes to this Privacy Policy will be effective upon the earlier of thirty (30) calendar days following our dispatch of an e-mail notice to you or thirty (30) calendar days following our posting of notice of the changes on our site or on our service. These changes will be effective immediately for new users of our website or services. Please note that at all times you are responsible for updating your information to provide us with your most current e-mail address. In any event, changes to this Privacy Policy may affect our use of information that you provided us prior to our notification to you of the changes. If you do not wish to permit changes in our use of your information, you must notify us prior to the effective date of the changes that you wish to deactivate your account with us. Continued use of our website, or services, following notice of such changes shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.
11. CONTACT INFORMATION.
We welcome your comments or questions regarding this Privacy Policy. Please e-mail us at lovethealchemist@gmail.com