Silverberry Approach to DNA Data Privacy
DNA test and genetic assessment can inform our lifestyle and enable us to optimize our daily wellness decisions. At the same time, there are valid concerns about what else can be done with our DNA data and how our data is managed. In this page, we outline Silverberry approach to DNA Data Privacy in very simple terms.
Before getting into the details, we have produced a unique approach on how to protect your data in various steps that is needed to produce your reports. In this method, your data is anonymized at 3 levels (we call it Three Degrees of Anonymization (TM). It means, any piece of information generated by you is anonymized at every step to ensure maximum privacy and security of your data.
Find answers to most important questions when it comes to your privacy following.
Short answer is one word: you. Silverberry Genomix is built around a strict approach to privacy, and it is done by-design, not an afterthought. Our Founder and CEO has been one of the pioneers in the privacy field and introduced Personal Data Protection Initiative back in 2011, to create awareness about privacy risks driven by use of smartphones and mobile apps, and educate consumers on how to manage their risk.
In our view, there is one principle when it comes to privacy: you own and control your data. Period.
The only information we collect from you is what you provide us when you sign up, order a product, or put the information on Release Form when mailing your saliva sample. There are also some data that are collected as default rules of services used to serve you, such as cookies saved by browser that will be used in services such as Google Analytics, or if you use a social media service to login to your silverberry Account. We don’t harvest, try to aggregate or attempt to collect any other personal data that you have not shared with us outside using our services or websites.
We use the best-in-class secure software and servers to store your data that comply with security and privacy rules.
The security measures are applied to your data when it is stored or in transition. Once you delete your account with us, we remove your personal information from Silverberry Severs and break the link with the DNA file which is already.
Your name and the products you have purchased will remain in our supporting systems such as e-commerce module, ticketing system or email marketing (which are separate subsystems). It will enable us address your future needs if any, such as to unlock your reports in future in case you change your mind, so you won’t pay again to get your reports. Since we comply with GDPR (General Data Protection Regulation), per your request, we can remove such records in the subsystems as well.
Access to your data is explicitly restricted to the internal admins that provide support to ensure your reports are processed properly. Also if you contact our support to resolve an issue, your data might be reviewed, we restrict such access on a need-basis; for instance if you are inquiring about a payment transaction, only such information will be reviewed.
If you provide consent separately to participate in genomics studies, administrations of those studies can get access to your data.
If you take the DNA test with us, our partner lab produces your file and naturally they will have access to your DNA file and personal information you have shared. We also share your data with our Ancestry Reports partner that generates your ancestry reports.
We use external ecommerce website (shopify) and support systems (i.e. Zendesk), Email systems to send you emails and communicate with you on account updates, newsletter, etc. While those services have access to your information and can store it, such as first name, last name, email, physical address and what reports you have ordered, no DNA Data or wellness reports are shared with any of those third party services.
We may also share your anonymized DNA file with third party services (called sub-processes) to generate/validate your wellness reports; in such cases, a unique anonymized ID is created for your file and no personal information is shared.
In certain circumstances, we may be required by law to comply with a valid court order, valid trial, grand jury, subpoena, or search warrant for genetic or personal information. We require valid legal process in order to consider producing information about our users only in response to a valid administrative subpoena, trial, or grand jury. Unless we are legally barred from doing so, our policy for any request is to notify users of the request and supply a copy of the request prior to disclosure.
Our business strategy is to build value-added services to enable you to better manage your health and wellness. We are not selling or sharing data for business growth or revenue purposes.
Silverberry is one of the few companies that has formed an Internal Institutional Review Board (or IRB). The task of IRBs (usually established by government agencies and universities) to oversee ethical and social implications of research.
If any opportunity or project comes up which requires data sharing for research, we obtain approval from IRB committee which enforces rules of informing our users and obtaining their consent for any use of their data, in addition to other measures. Learn more about our IRB and the code of conduct we follow at About page.
Feel free to send your questions regarding this important matter to [email protected]