Security and Privacy - Genivity

Security and Privacy

Below is our formal Privacy and Security Notice (“Notice”), which is incorporated by reference into our Terms of Service (collectively referred to as the “Terms”). This Notice applies to all products and services offered by Genivity.

Data Ownership

The most important part of this Notice is the simple principle that personal information belongs to the person to whom it pertains. A person is not transferring the ownership of his/her personal information by storing it in Genivity.

Information We Collect and How We Use It

We may collect the following types of information:
  • Information an Individual Provides.When a person establishes a Genivity account, or otherwise uses a Genivity product, we ask for personal information. We use the information entered to provide the Genivity services, and develop personalization to make our services more relevant. We also analyze all of our customer information in aggregate to understand more about the average Genivity user.
  • Contact Information.An individual may be asked for an email address or other personal contact information, which we will never share with or sell to third parties without the consent of, or prior notice to, the individual.
  • When an individual visits Genivity, we send one or more cookies to his/her computer or other device. We use cookies to improve the quality of our services, store user preferences and track user trends.
  • Log Information.When an individual accesses Genivity, our servers automatically record certain information in an industry-standard way. These logs may include information such as web request, interaction with a service, Internet Protocol address, browser type, browser language, the date and time of the request and one or more cookies that may uniquely identify the browser or account. We use logs to improve the quality of our services, debug problems, and track user trends.
  • User Communications.Any messages, email or communications that an individual sends to Genivity may be retained so that we can process inquiries, respond to requests or improve the quality of our services. We may use an individual’s email address and other personal contact information to communicate with the individual about our services.
  • Affiliated Genivity services delivered through other sites.Some of our services may be offered through other web sites. An individual’s use of those web sites is subject to such sites’ own privacy policies, but if information that an individual sends to those sites is shared with Genivity in order to deliver the service, we process that information under this Notice.
  • Other sites.This Notice applies to Genivity services only. We do not have any control over the web sites offered by our partners, or sites that integrate Genivity services. Those sites are governed by their own privacy policies, which individuals should read before using them.
Genivity processes personal information on our servers in the United States of America, and may do so in other countries. In some cases, we may process personal information outside an individual’s own country.

Information Sharing – Identifiable Personal Information

Genivity only shares identifiable personal information with other companies or individuals outside of our company in the following limited circumstances:
  • We have the individual’s consent. We require opt-in consent for the sharing of any confidential identifiable personal information. This consent can include, but is not limited to, when an individual chooses to integrate Genivity services with other third party software or services or to share identifiable personal information with a financial advisor or other person or entity.
  • We may, but as of this writing do not, provide such identifiable personal information to our subsidiaries, affiliated companies or other trusted businesses or persons, solely for the purpose of processing that information on our behalf. We require that these parties agree to process such information based on our instructions, in compliance with this Notice, and utilizing similar confidentiality and security measures.
  • We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Genivity, its users or the public as required or permitted by law. If Genivity is ordered by a legal process or government to provide data about one or more individual users, we will notify those users of our compliance with that order, to the extent permitted by law.
  • If Genivity becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, we will ensure the confidentiality of any identifiable personal information involved in such transactions and provide notice before identifiable personal information is transferred and becomes subject to a different privacy policy.
  • We utilize the identifiable personal information in individual Genivity accounts to assist the account holders with support requests, to troubleshoot problems, or to monitor the performance and effectiveness of the system. In addition, we utilize aggregated data across the entire Genivity platform to improve its effectiveness, develop insights, or monitor the performance and effectiveness of the system.
“Identifiable personal information” means: data, such as name, phone number, email, address, health services, information on physical or mental health conditions, credit card number, or social security number, that can be used on its own or with other information to identify an individual.

Information Sharing – De-Identified Personal Information

Genivity shares, and may sell, de-identified personal information with other companies or individuals outside of our company.  “De-identified personal information” means data that does not reflect an individual’s name, phone number, email, address, health services, information on physical or mental health conditions, credit card number, social security number, or any other data that reasonably, in our judgment, can be used to identify the individual.

Information Security

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of personal information. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal information. Encryption is a method of converting an original message of regular text into encoded text in such a way that only authorized parties can read it. We restrict access to personal information to only the Genivity employees, contractors and agents who need to know that information in order to process it on our behalf. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

Accessing, Editing and Sharing Your Information

Each individual may access, edit, or share the personal information he/she enters for an account at any time.

Deleting Personal Information

We believe that personal information belongs to the individual to whom it pertains, and therefore, each individual user may delete his/her account at any time. To request that an account be deleted, please contact us at support@genivity.com. Because of the way we maintain our services to protect the integrity of personal information, residual copies may take a period of time before they are deleted, and such personal information may remain in our backup systems. However, our systems are designed so that such personal information will drop out of active use for all of the uses that we described above. Confirmation of deletion can be provided upon request.

Changes to this Notice

Please note that this Notice may change from time to time. We will not materially reduce an individual’s rights under this Notice without his/her explicit consent. We will post any Notice changes at http://www.genivity.com/privacy and, if the changes are significant in our judgment, we will provide an email notification of Notice changes. Please direct any questions about this Notice to support@genivity.com.

Breach Notification

In the event of a breach of unsecured personal information contained in an electronic personal health record maintained through Genivity or any of its products or services, we will provide notification in accordance with, and to the extent required by, the Federal Trade Commission’s Health Breach Notification Rule.  A “breach” is an unauthorized disclosure. “Unsecured” information means identifiable personal information that is not encrypted or destroyed. 

Want to report a security concern?

Please email us at security@genivity.com. Revised June 24, 2017

Pin It on Pinterest