Kitlab Privacy Policy
LAST UPDATED: March 18, 2024
About Us
Kitlab Inc. is a healthcare technology company that owns and operates a direct-to-consumer online healthcare website that facilitates access to diagnostic-enabled care to empower people to live their healthiest lives. Kitlab offers individuals and healthcare providers convenient access to lab-quality diagnostic tests collected at home and at the point-of-care, as well as access to on-demand telehealth consultations and treatment options for a wide range of health and wellness needs.
About this Privacy Policy
Personal data is any information that can be used to identify you (“Personal Data”). This Privacy Policy (“Policy”) describes how we use and process your personal data when you use our products, services, websites, mobile apps, or otherwise interact with us. We encourage you to read this Policy since it has important information.
Changes to this Policy
We will update this Policy if there is a change in our privacy practices or privacy laws. Please check this Policy regularly to understand our current practices. We will list the date of change above, next to “Last Updated” when we make changes to the Policy.
How to Contact Us
-
By email at legal@kitlab.com,
-
By U.S. postal mail at the following address: Kitlab Inc., 8 THE GRN, A STE Dover DE, 19901,
-
By telephone toll-free at 833.KIT.LAB1 or 833.548.5221.
When You Act on Behalf of Another Person
You may not share another individual’s personal data unless the following applies 1) the individual is a minor and you are the parent, legal custodian or guardian of the minor 2) you are the legal custodian or guardian of an adult 3) you have documented Power of Attorney to act on behalf of the individual.
Kitlab Website
The Kitlab Inc. may use chat an artificial intelligence to help you navigate our website. We may contract with a third party who provides the chat and/or artificial intelligence. Kitlab.com chat will never ask for your name, email address, phone number or any identifiable data from you and you should never provide any identifiable data.
Kitlab.com chat is not intended to provide healthcare advice, diagnosis information, or treatment-related services and is not intended for nor directed to anyone under the age of 18.
Health Information and HIPAA
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) protects personal health information (known as Protected Health Information or PHI) if it is used by a covered entity or a business associate. Covered entities include healthcare providers, health plans, and organizations called healthcare clearing houses. Business associates work on behalf of covered entities. KitLab Inc is not a covered entity or a healthcare clearing house.
We sometimes act as a business associate to covered entities. Examples of this are when a doctor is treating you through Kitlab Virtual or Telehealth Care, or our services are offered to you as part of your employee benefit plan.
If we act as a business associate, this Policy does not apply. Instead, you should review the “HIPAA Notice of Privacy Practices” from the covered entity we act on behalf of. We will treat your health information in accordance with this Policy and privacy laws that apply to us.
Personal Data We Collect
The types of personal data we collect from you depends on how you interact with us. We collect information that helps us contact you or to provide our services to you. We also use your personal data to carry out certain business purposes.
The types of personal data we collect can fall into one or more of the following categories:
| Category of Personal Information |
Categories of Recipients |
| Identifiers |
Information that identifies you, like your name, address, phone numbers, or IP address. |
| Customer records |
We collect and maintain your personal data in our customer records. This includes your birth date, test results, and any individuals you add to your account, and the contents of your service requests when you are a customer of Kitlab. We also collect any photographs, audio, or video files depending on the settings of your device. |
| IProtected class and demographic information |
We may collect information about your age, gender, or other demographics or protected classifications if you apply for employment with us. |
| Commercial information |
We collect information about your purchases, memberships, subscriptions, payment history, and the services that you’ve shown interest in. |
| Internet or other electronic network activity information |
We may collect information about your use of our websites, apps, or devices. Examples include browsing history, search history, device IDs, and browser information. We also collect Bluetooth® data and service set identifiers (which are unique identifiers that provides the name of the network you are using to connect to our services).
|
|
Geolocation data
|
We may collect the geolocation of your device if you connect with it to use our Services. This can include precise geolocation depending on the setting.
|
|
Audio, electronic, visual, thermal, olfactory, or similar information
|
We collect camera, audio, images, and video you take and submit via your mobile device’s camera and microphone,
|
|
Professional or employment related information
|
We may collect information about your current employment and your employment history, such as your job title, employer, business contact details, and reference information if you apply for employment with us.
|
|
Inferences (a characteristic that can be made about you based on personal data we have about you)
|
We may draft inferences about you based on the categories of information described above, including about your preferences and qualifications.
|
|
Sensitive personal data
|
We also collect information that is sensitive in nature, such as your information about your health (including your test results), information about your sexual orientation, race, and ethnicity, and government-issued IDs, and depending on your application or device settings.
|
How We Collect Your Personal Data
Most personal data we collect is directly from you. Examples are when you contact us for support or provide information through the website or app. It can also happen when you use our AI chatbot, the Kitlab Concierge. We may also receive personal data from the following sources:
| Source
|
Description |
|
From other individuals
|
Depending on how you use our products and services, we may receive personal data about you from other individuals or through your use via other individuals’ Kitlab accounts. This can happen when someone is legally authorized to act on your behalf. This can also happen if you create a user profile under another individual’s Kitlab account. Other examples include employers who secure our products and services for you or when a healthcare provider uses our products and services to treat you.
|
|
From other businesses
|
We may collect personal data from other businesses. Examples include service and content providers, our affiliated companies and subsidiaries, business partners, data brokers, social media companies or other parties who interact with us.
|
|
Through tracking technologies
|
When you use our digital services (like our website or mobile app), we may automatically collect information or inferences about you. Examples include cookies and other tracking technologies. This may include information about how you use and interact with our digital services, information about your device, and internet usage information.
|
|
From publicly available sources
|
We may collect personal data about you from publicly available sources, such as public profiles and websites.
|
How We Use Your Personal Data
We use your personal data to run our business and improve the services we offer to you. One or more of the following purposes below can apply depending on how you interact with us:
How We Use Your Personal Data
We use your personal data to run our business and improve the services we offer to you. One or more of the following purposes below can apply depending on how you interact with us:
|
Purpose
|
Description
|
|
Providing our products and services
|
We use your personal data to deliver our products and services to you, including to maintain your profile and documents, managing your account, and delivering your test results and other products and services you request. We may pass your personal data within our company in order to provide you with services based on your request.
|
|
Offering support and customer service
|
We use your personal data to answer any questions you ask (both on our customer service phone line, via email, or via the Kitlab Concierge) and address crashes or errors associated with the use of our services.
|
|
Communicating with you
|
We use your personal data to send you mail, emails, in-app notifications, and text messages to tell you about new opportunities, products, or services that we or our business partners offer. We may also communicate with you regarding updates to our services, to verify your email account, and other administrative or transactional topics.
|
|
Personalizing your experience
|
We use your personal data to remember your preferences (such as your communication preferences), save your account credentials, and deliver advertisements that are tailored to your interests or internet browsing behavior.
|
|
Improving our products and services
|
We use your personal data to improve and enhance our existing products and services by developing new products, features, and functionality.
|
|
Conducting research and analysis
|
We use your personal data to conduct research on what you like and don’t like about our services, which products are easy or difficult to use, and the ways we can make your interactions with us better.
|
|
Preventing fraud
|
We use your personal data to verify your identity when you use the Kitlab App to prevent unauthorized access. (in limited situations and with your consent).
|
|
Complying with our legal obligations
|
We use your personal data to comply with our legal obligations, such as to maintain records and submit reports to state or federal health agencies to ensure public safety and prevent further spread or infection.
|
We may also de-identify your personal data. De-identified data means the data cannot be reasonably linked to you. We will do this in accordance with HIPAA or other privacy laws we are subject to. We commit to only using the information in de-identified form and will not try to re-identify it, except as may be required or permitted by law.
We may also aggregate your personal data. This is different from de-identification. Aggregated data is information relating to a group of persons and has individual identifiers removed. Aggregated data is not reasonably linkable to an individual.
We understand that some of your information is sensitive to you. This sensitive personal data can only be used for the following business purposes: (i) performing services an average person would expect to be provided; (ii) detecting security incidents; (iii) addressing malicious, deceptive, or illegal actions; (iv) ensuring the physical safety of individuals; (v) for short-term, temporary use directly related to our current interaction with you; (vi) performing or providing internal business services; and (vii) ensuring the quality or safety of a service or product.
Sharing Your Personal Data
We may share or disclose your personal data to third parties who help us operate our business. This allows us to provide our products and services to you. We may also disclose personal data to third parties who use personal data for their own purposes. It is our policy to require these third parties to agree to conditions on how they will use your personal data as required or allowed under applicable laws and this Policy.
Depending on the purpose for disclosing, this may include:
|
Third Party Category
|
Description
|
|
Service providers
|
Vendors and service providers help us run our business and provide services to us. It is our policy to enter contracts with these service providers to limit how they may use and disclose your personal data.
|
|
Healthcare providers and health plans
|
Healthcare providers or professionals, health plans, or other members of your healthcare team for the diagnosis and treatment need your personal data for conditions you use our services for.
|
|
Employers and benefits consultants
|
Employers, benefit consultants, or managers who contract with us to provide you our products and services. We must provide some of your personal data to them to fulfill our contractual obligations (and to provide services to you).
|
|
Advertising and marketing partners
|
Partners that help us with advertising and marketing our products and services. Examples are placing advertisements, including ad platforms, networks, and social media platforms, partners who work with us on promotional opportunities (including co-branded products and services), and third parties whose cookies and tracking tools we use.
|
|
Government agencies
|
To report to state or federal health agencies when legally required for public safety and related reasons. An example of this may include required reporting for certain Sexually Transmitted Infections (“STIs”).
|
|
Parties involved in a company transaction
|
To other companies in connection with a transaction involving Kitlab. Examples are if we acquire or sell or transfer all or a portion of our business or assets including through a sale in connection with bankruptcy and other forms of corporate change.
|
|
Third parties for legal purposes
|
Examples of these parties include regulatory authorities, courts, law enforcement, government agencies, consultants, attorneys, and business partners.
We may be required to or think it is in our best interest to share your personal data as required by law. Examples include responding to a legal process, or to protect our rights or the rights of others.
|
Our Cookie Policy and Do Not Track Disclosures
We may collect information about your device (such as your browser type, operating system, IP address, and domain name) via cookies and other tracking technologies.
Some web browsers use a “Do Not Track” (“DNT”) feature. DNTs make a signal to websites to tell them to not track your online activity and behavior. If the website recognizes the DNT, it will be blocked from collecting some types of tracking information.
Not all browsers have DNTs, and DNTs are not yet set to an industry standard. Because of this, we do not recognize or respond to DNT signals like many other digital service providers.
How Long We Keep Your Personal Data
We keep personal data for the period necessary to provide the products and services you request and to maintain our business relationship with you. We use different criteria to help us determine how long we keep your personal data.
Some examples of the criteria we use include but are not limited to: to improve our business so we can serve you better, to ensure the ongoing legality, safety, and security of our products and services, to comply with legal and regulatory requirements, to defend potential claims against us or as required or allowed under applicable laws.
You can learn more about retention periods by contacting us in any of the ways listed in the “Contact Us” section of this Policy.
Security Measures We Use to Safeguard Your Personal Data
We use appropriate administrative, physical, and technical safeguards to protect your personal data. We evaluate our safeguards to adapt to new threats to the confidentiality, integrity, and availability of your personal data.
Even with the safeguards we use, we cannot completely guarantee the security of your personal data. Keep your login details in a safe place. Report any suspected security violations or incidents involving personal information by contacting us at legal@kitlab.com or by calling us at 833.KIT.LAB1 (833-548-5221).
Rights Over Your Personal Data
Depending on where you live (such as in California, Colorado, or certain other U.S. states), you may have certain rights over the personal data we maintain about you. Kitlab Inc. will comply with the respective personal data privacy rules of the various states in which we do business.
You may exercise your rights by emailing us at support@kitlab.com or calling us at 833.KIT.LAB1 (833.548.5221).
Please note that you may not be able to use or access certain features of our services if you exercise some rights.
Your rights may include the following:
|
Right
|
Description
|
|
Right to know
|
To request information about the categories of personal data we have collected about you, the categories of sources from which we collected the personal data, the purposes for collecting, selling, or sharing the personal data, and to whom we have disclosed your personal data and why.
You may also request the specific pieces of personal data we have collected about you. Some of this information may already be in your Kitlab account, which you can access upon signing in.
|
|
Right to delete
|
To delete personal data that we have collected from you.
|
|
Right to correct
|
To correct inaccurate personal data that we maintain about you. You can also correct your personal data by signing into your Kitlab account and making any necessary updates.
|
|
Right to opt out of sales and sharing for targeted advertising
|
To opt out of (i) the sale or sharing of your personal data and (ii) targeted advertising.
|
|
Right to opt out of profiling
|
To opt out of being subject to a decision based only on automated means (where there is no human involved). The decision must produce legal effects on you or must impact you significantly in a similar way for this right to apply.
|
|
Right of no discrimination
|
To not discriminate against you in any way if you exercise your rights.
|
|
Right to limit use and disclosure of sensitive personal data
|
To limit uses to certain business purposes. This does not apply where we provide you products or services you request, or as permitted or required by law.
|
Right to Appeal
Certain laws may give you a right to appeal denials of your request to exercise your rights. Please Email us at support@kitlab.com and include any new information you feel should be considered. If you disagree with the outcome of the appeal, you may file complaint directly with a privacy authority.
Right to File a Complaint Directly with a Privacy Authority
Please contact us at legal@kitlab.com to report any broken links.
Opting Out of Targeted Advertising
To opt out of sales and sharing for targeted advertising, you can:
-
Click the “Unsubscribe” link at the bottom of the email you received from us, or
-
Email us at legal@kitlab.com
Nevada residents: Individuals may contact us at support@kitlab.com to ask about your right to opt out of the sale of your personal data.
Additional Disclosures for California Residents
This section describes our general collection, use, and disclosure practices over the last 12 months. California residents are entitled to the following additional disclosures about our data processing activities:
|
Category of Personal Data
|
Categories of Third Parties to Whom We Disclose Personal Data for a Business or Commercial Purpose
|
Categories of Third Parties to Whom Personal Data is Sold or Shared for Targeted Advertising
|
|
Identifiers
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Customer Records
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Protected Class and Demographic Information
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Commercial Information
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Internet or other Electronic Network Activity Information
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
Shared with advertising and marketing partners and not sold
|
|
Geolocation Data
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Audio, Electronic, Visual, Thermal, Olfactory (scent or smell), or Similar Information
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Professional or Employment-Related Information
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Inferences
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
|
Sensitive Data
|
- Service providers
- Healthcare providers and health plans
- Employers and benefits consultants
- Government agencies
- Parties involved in a company transaction
- Third parties for legal purposes
|
We do not sell or share for targeted advertising purposes
|
Note to International Users
Our services are mainly for use within the United States and Canada. We are based in the United States and use service providers that are based in the United States. We also use service providers who can be located anywhere in the world.
This means that there may be different privacy protections than those where you are located. If this happens, we will take appropriate measures to protect your personal data in accordance with this Policy and privacy laws that apply to us.
You understand that your personal data will be processed within the US and countries where our service providers are located when you access or use our products and services or otherwise provide personal data to us.
Children’s Privacy Policy
To protect the privacy of children’s Personal Data, we follow requirements from the Children’s Online Privacy Protection Act (“COPPA”). Personal Data is defined as any information that can identify an individual. This Children’s Privacy Policy provides information about our privacy practices regarding children.
The Kitlab products and services are intended for adult users (18 years or older). However, parents or legal guardians can create accounts for their children. Children are not able to create accounts for themselves without involving a parent or legal guardian.
We will use reasonable efforts to quickly delete any personal data we accidentally collect from a child that does not have parent or legal guardian consent.
Parents and legal guardians can add profiles to their account including for their children and minors aged 17 or under. We collect the following personal data from parents or legal guardians about the children. This personal data allows them to manage the child’s profile, review test results, and use other Services:
- First, middle, and last name, which may be a unique identifier or pseudonym provided at the discretion of the parent or legal guardian,
- Relationship to the authorized account user,
- Date of Birth,
- State of Residence,
- Zip Code,
- Test results, and
- New personal data created by the use of the Services through the Kitlab App.
Any personal data collected will not be used for any other purpose than what is communicated in this section and our Policy.
Parents or legal guardians must consent to the collection and use of their child’s personal data.
Personal data is retained for as long as the account is active. If a parent or legal guardian does not complete the registration and consent process, the account will not be activated, and all personal data will be deleted after 30 days. If a parent or legal guardian requests their child’s account be closed, all associated personal data will be deleted within 45 days of the request.
Parents and legal guardians can:
- Refuse to participate in Kitlab services,
- Request deletion of their child’s profile and their own Personal Information,
- Deny further collection of the personal data of their children, and
- Request information through us about all third parties that handle Personal Information on our behalf as related to your child’s data.
We can be contacted in any of the following ways:
-
By email at info@kitlab.com, to our Privacy Officer and Legal Department,
- By U.S. postal mail at the following address:
- Kitlab Inc.
- 8 THE GRN
- A STE,
- Dover, DE 19901, or
- By telephone toll-free at 833.KIT.LAB1 or 833.548.5221.
External Links
Our services may contain links to information, websites, and other digital services provided by third parties. You should review the privacy policy of any third parties to understand how they collect your information through their services.
Detecte tres infecciones de transmisión sexual comunes (y tratables): clamidia, gonorrea y tricomonasPrecio regular Desde $99.00Precio regularPrecio unitario por
Prueba de todas las principales ETS: clamidia, gonorrea, tricomonas, VIH 1 y 2, sífilis y hepatitis (B, C)Precio regular Desde $179.00Precio regularPrecio unitario por
Detectar una gama más amplia de ETS, incluidas clamidia, gonorrea, tricomonas, VIH 1 y 2 y sífilis.Precio regular Desde $149.00Precio regularPrecio unitario por
