Privacy Policy

Dot Laboratories, Inc. (“DotLab™” or “We” ) is committed to protecting your privacy.  We are located in the USA and personal data provided to DotLab will be transferred to, used and maintained by us in the USA.   

This Privacy Policy describes the specific practices and guidelines that we follow to help ensure the confidentiality and security of your personal information when you use our websites located at www.dotlab.com, DotLab portal, mobile applications, and any websites or services that reference this Privacy Policy, (collectively the “Websites” or “Services”). For further information, see our “Terms of Use” and “Notice of Privacy Practices” - - also located on our website.

Information We Collect and Sources of the Information

  1. DotLab may collect, store, and use personal information when it is voluntarily submitted to DotLab by you (emails, Website review, submission of forms, correspondence, notes of telephone calls) or from activity with our Websites or Services.  You may provide this information to DotLab or it may come from your doctors or other healthcare providers when a test is ordered for you. 

    The California Consumer Privacy Act (“CCPA”) categories of information we collect are: 
    1. Category A:  Personal identifiers (such as name, address, telephone number, email address, account name and medical record identifiers)
    2. Category B:  Personal information categories listed in the CCPA (signature, name, health insurance information, financial information for payment purposes, medical information)
    3. Category C:  For employment and vendors, professional or employment-related history, performance evaluations, education, work history, credit information, bank account numbers or other financial information for payment and background checks
    4. Category D: Protected classification characteristics under California or federal law: age, race, marital status, medical condition, gender, military status and genetic information
    5. Category E: Biometric information regarding patient biomarkers
  2. Internet or other similar network activity may be automatically collected about you and your computing device when you use, browse, and interact with our Services. Our Websites and Services collect this information in a variety of ways, including when you view a webpage, click on a link, access our mobile application, or enter data in an online form.
    We will not collect additional categories of personal information nor use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

How We Use Your Personal Information

DotLab will only use your personal information for the purpose for which it was collected. We may use your personal information to contact you, to provide the information to your doctors, to obtain payment for our services, to respond to your inquiries and requests and to respond to inquiries and requests from your doctors. We only collect the personal data that we need to perform our healthcare services and to obtain payment for our Services.  We obtain the minimum amount necessary for our business purposes. 

We may also use your personal information to provide you with customer support and to maintain and improve our Services. We may combine your information with other information about you that is available to DotLab, including information from other sources, such as from your doctors, in order to maintain an accurate medical record of patients who receive our testing services.

De-identified data may be used for scientific research purposes related to the purpose for which we originally obtained your data. That research purpose is for the improvement and development of our women-focused diagnostic products. Research data is non-personally identifiable information, so no personal data and no protected health information (defined more specifically below) are used for research purposes.

Protected Health Information (“PHI”)

When generating laboratory results, receiving health information, or transmitting information to a healthcare provider, DotLab is subject to laws and regulations governing the use and disclosure of personal information including the Health Insurance Portability and Accountability Act of 1996 ("HIPAA").  

PHI is defined as personal data and health data related to past, present or future health conditions, treatments and payment. DotLab will only use or disclose PHI for treatment and other authorized purposes as stated in our “Notice of Privacy Practices.”

Sharing Your Personal Information

DotLab may share your information with you, your healthcare providers and doctors, your health insurance provider, individuals who you have authorized to receive it and as described in this Privacy Policy. 

We may occasionally hire third-party service providers to provide limited services on our behalf, such as our billing vendor or cloud provider.  DotLab will give these service providers only the personal information they require to perform the contracted-for services, and we require such providers to agree to contractual terms to maintain the confidentiality and security of the information they receive.

In the preceding 12 months, we have disclosed the following categories of personal information for a business purpose as described above (for more detail about the Categories see Information We Collect and Sources of the Information above):
Category A: Personal Identifiers
Category B: California consumer records 
Category D: Protected classification characteristics
Category E: Biometric data

This information was disclosed with your consent or in providing our Services for your healthcare treatment. 

We may need to access or disclose your personal information to comply with the law or legal process and to exercise our legal rights or defend against legal claims. We may share personal information and any additional information available to DotLab in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, or as otherwise required by law, such as for public safety purposes.  We do not use personal data for profiling or other automated decision purposes.

Selling of Personal Information

DotLab does not sell or rent your personal information for any purpose. No personal information has been sold or rented in the preceding 12 months.

Your Rights and Choices under CCPA

The CCPA provides consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights. It is important to remember that personal data attached to health data, including PHI, is subject to HIPAA regulations and not governed by CCPA.  Patient data rights under HIPAA are listed in our “Notice of Privacy Practices.” 

Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your identity as the requesting consumer, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you.
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights
Consumers have the right to request that we delete any personal information that we collected and retained, subject to certain exceptions. Once we receive and confirm your identity as the requesting consumer, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies, as set forth below.

DotLab may deny your deletion request if retaining the information is necessary for DotLab or our service providers to:

  1. Complete the transaction for which we collected the personal information, provide a good or Service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a consumer request to us by either:

Calling: 203.208.0024
Emailing: privacy@dotlab.com 

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a consumer request related to your personal information. You may also make a consumer request on behalf of your minor child.

You may only make a  consumer request for access or data portability twice within a 12-month period. The consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a consumer request does not require you to create an account with us.  We will only use personal information provided in a consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format
DotLab endeavors to respond to a consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with DotLab, we will deliver our written response to that account.  If you do not have an account with DotLab, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the 12-month period preceding the consumer request's receipt.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.  

For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Non-DiscriminationDotLab will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or Services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or Services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Security of Your Personal Information

DotLab will take reasonable and appropriate precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. It is important to remember, however, that no system can provide 100% security at all times. Accordingly, we cannot guarantee the privacy and security of information stored on or transmitted using our Services.

We have implemented state-of-the-art physical, administrative and technical safeguards to protect the confidentiality, integrity and availability of personal data residing on, processed by or transmitted by our servers.  These safeguards include, among other things, facility and data access control, password protection, encryption of data at rest and in transit, security monitoring tools and protocols and the appointment of a Security Officer and a Privacy Officer who oversee and manage privacy and security.

Cookies

Certain elements of DotLab Services and/or html email correspondence may use session cookies, persistent cookies or web beacons to anonymously track unique visitors, save website preferences, and to allow us to recognize visits from the same computer and browser. You have the option to reject some or all Website cookies on your computer and still use the Services. If you choose to reject all cookies, your access to the Website may be limited.

Aggregate Data Collection

DotLab tracks visits to our Services using visitor logs and tracking-codes to compile anonymous aggregate statistics. This aggregate information is collected service-wide, and includes anonymous website, application, and device statistics. When you browse our websites and access our applications, our system automatically collects information such as your web request, Internet Protocol ("IP") address, browser type, browser language, domain names, referring and exit pages, Uniform Resource Locator (URL), platform type, location, unique device identifier, pages viewed and the order of these page views, the amount of time spent on particular pages, the date and time of your request and one or more cookies that may uniquely identify your browser.

When you access our Services through a mobile device, we may receive or collect and store a unique identification numbers associated with your device or our mobile application (including, for example a Unique ID for Advertisers ("IDFA"), Google Ad ID, or Windows Advertising ID), mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, phone number, and, depending on your mobile device settings, your geographical location data or similar information regarding the location of your mobile device. 

Third-Party Services

DotLab uses certain third-party services and analytics providers to: (1) send you customized notifications if you have provided DotLab your email address, (2) analyze trends, (3) administer the Services, (4) improve the design of our Services, and (5) otherwise enhance, monitor, and troubleshoot the Services we provide.  DotLab does not directly display advertisements in our applications or Services. 

Linked Sites

DotLab may provide links to websites operated by third parties that are not covered by this Policy. DotLab does not maintain these sites and is not responsible for the privacy practices of sites it does not operate. We encourage you to review the privacy policies posted on those websites.

Information Access, Updates and Choice

You may choose to provide information to DotLab by completing the contact form, sending DotLab an email, engaging with our customer service team or otherwise contacting DotLab. DotLab email correspondence will include instructions on how to update certain personal information and how to unsubscribe from our emails, newsletters, and postal mail correspondence. 

You may “opt out” of receiving communications from DotLab related to our products and Services and/or to request the removal of your contact information from our database by writing to us at the email address set forth below. However, DotLab cannot withdraw any previous disclosures made with your authorization, and we reserve the right to retain and disclose your information as permitted or required by law or regulation. You may also request access to your personal data by writing to DotLab using the contact information below. 

Do Not Track

DotLab does not currently employ a mechanism to act upon "Do Not Track" instructions.

Children's Privacy

DotLab Services are directed toward adults. We do not knowingly collect any personal information from children under the age of 13. If you are under 13, you must have permission from your parent or legal guardian before accessing or using our Services. If we become aware that we have collected any personal information from children under 13, we will promptly remove such information from our Services.

International Users

DotLab Services are located in the United States. If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your information outside of those regions to the United States for storage and processing. By providing your information, you consent to any transfer and processing in accordance with this Policy.

Changes to Our Privacy Policy

DotLab reserves the right to update and revise this Privacy Policy as necessary.  If we change our Privacy Policy and Notices, we will post those changes on our Websites to keep you aware of what information we collect, how we use it, and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us With Questions

You can contact DotLab using our Website contact page or sending an email to the address below. We address questions and complaints about privacy and the collection or use of personal information in a timely manner. Please include your contact information and a detailed description of your request or privacy concern.

Dot Laboratories, Inc.
Attn: Privacy Officer
privacy@dotlab.com

Effective Date: September 25, 2022
Last Updated: September 25, 2022

Sign up to receive important announcements and updates:
DotLab will never share your information with third parties. We respect your privacy. We will only use this information to contact you. See our Privacy Policy for more information about how we collect and use personal data.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
All rights reserved DotLab 2023.
DotLab, DotEndo, and the "D" logo are trademarks of DotLab.
Privacy Policy
Notice of Privacy Practices
Terms of Use
Site Map