Privacy Policy

Effective Date: May 3, 2024 

Last Update: May 3, 2024

This Privacy Policy describes how Babson Diagnostics (collectively, the “Company,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information. This Privacy Policy also tells you about your rights and choices with respect to your personal information, and how you can reach us to get answers to your questions. Babsondx.com and BetterWay.com ("BetterWay™", “BetterWay blood testing”) are owned and operated by Babson Diagnostics.

While this Privacy Policy addresses our obligations to secure protected health information (“PHI”) as required by the Health Insurance Portability and Accountability Act (“HIPAA”), the Privacy Policy does not describe in full how we collect and use your PHI. For a complete description of how we collect and use your PHI, including your rights as related to your PHI, please refer to our Notice of Privacy Practices.

You can jump to particular topics by going to the headings below:

Information We Collect

We collect information about you in a variety of ways depending on how you interact with us and our websites, mobile applications, and services, including:

  • Directly from you when you provide it to us, such as when you register for an account, sign up to receive communications from us, place an order/make a purchase, or contact us by phone, email, or otherwise.
  • Automatically through the use of cookies, server logs, and other similar technologies when you interact with our websites, mobile application, and emails.
  • From other sources, including, for example, our affiliates, business partners, service providers, other third parties, or from publicly available sources.

The following provides examples of the type of information that we may collect in a variety of contexts and how we use that information.

Account Registration

Types of Data
We may collect your name and contact information, and either a tax ID or patient ID when you create an account. We also collect information relating to the actions that you perform while logged into your account.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in providing account related functionalities to our users. In some cases, we provide you with account related functionality to perform our contract to provide you with products or services.

Cookies and First-Party Tracking

Types of Data
We use cookies and clear GIFs. “Cookies” are small pieces of information that a website sends to a computer’s hard drive while a website is viewed.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in making our website operate efficiently.

Cookies and Third-Party Tracking

Types of Data
We may place tracking technology on our website that collects analytics, records how you interact with our website, or allows us to participate in behavior-based advertising. This means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can report analytics to us or provide advertising about products and services tailored to your interests.

Primary Purpose for Collection and Use of Data
We use this information to understand our users and serve tailored advertisements. Where required by law, we base the use of third-party cookies upon consent.

Customer Information, Including Health Data

Types of Data
In order to provide our Services, we collect the following information:

  • Customer name
  • Customer DOB
  • Customer address
  • Customer sex
  • Customer insurance information (if insurance pay)
  • Customer payment information (if self-pay)
  • Customer phone number
  • Customer email address
  • Blood tests ordered (self or clinician)
  • Clinician name
  • Clinician NPI
  • Clinician location

Primary Purpose for Collection and Use of Data
We use this information for purposes of carrying out health care treatment, payment and operations.

Email Interconnectivity

Types of Data
If you receive email from us, we may use certain tools to capture data related to when you open our message, click on any links or banners it contains and make purchases.

Primary Purpose for Collection and Use of Data
We use this information for purposes of carrying out health care treatment, payment and operations.

Where required by law, we base the use of email interconnectivity upon consent.

Feedback/Support

Types of Data
If you provide us feedback or contact us for support we will collect your name and email address, as well as any other content that you send to us, in order to reply.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in receiving, and acting upon, your feedback or issues.

Location Information

Types of Data
We may collect location information.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in understanding our users and providing tailored services. Where required by law, we base our collection and use of location information upon consent.

Mailing List

Types of Data
When you sign up for one of our mailing lists we collect your email address or postal address.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in sharing information about our products or services. Where required by law, we base our use of mailing list information upon consent.

Mobile Devices

Types of Data
We may collect information from your mobile device such as unique identifying information broadcast from your device when visiting our website or mobile application.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in understanding how users interact with us on their mobile devices.

Order Placement

Types of Data
We collect your name, billing address, shipping address, email address, phone number, and credit card number when you place an order.

Primary Purpose for Collection and Use of Data
We use your information to perform our contract to provide you with products or services.

Partner Promotion

Types of Data
We collect information that you provide as part of a co-branded promotion with another company.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in fulfilling our promotions.

Surveys

Types of Data
When you participate in a survey, we collect information that you provide through the survey. If the survey is provided by a third party service provider, the third party’s privacy policy applies to the collection, use, and disclosure of your information.

Primary Purpose for Collection and Use of Data
We collect survey information with your consent. We also have a legitimate interest in understanding your opinions, and collecting information relevant to our organization.

Website interactions

Types of Data
We may use technology to monitor how you interact with our website. This may include which links you click on, or information that you type into our online forms. This may also include information about your device or browser.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in understanding how you interact with our website to better improve it.

Web logs

Types of Data
We may collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.

Primary Purpose for Collection and Use of Data
We have a legitimate interest in monitoring our networks and the visitors to our websites. Among other things, it helps us understand which of our products is the most popular.

How We Use Information

In addition to the purposes and uses described above, we may use information in the following ways:

  • To identify you when you visit our websites or our mobile application.
  • To provide products and services.
  • To conduct analytics.
  • To communicate with you, such as to respond to and/or follow-up on your requests, inquiries, issues, or feedback.
  • To send marketing and promotional materials including information relating to our products, services, sales, or promotions, or those of our business partners.
  • To detect and protect against malicious, deceptive, fraudulent, or illegal activity, including violation of our policies and terms and conditions, security incidents, and harm to the rights, property, or safety of our company and our users, employees, or others.
  • To debug, identify and repair errors that impair existing intended functionality of our website and services.
  • To comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim.
  • For internal administrative purposes, as well as to manage our relationships.
  • For such other purposes as you may approve of.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you complete an online purchase, we may collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your order. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.

To the extent we maintain and use personal information in a deidentified form, we will not attempt to reidentify the information, except for the purpose of determining whether our deidentification processes satisfy our legal obligations.

How We Share Information

In addition to the specific situations discussed elsewhere in this Privacy Policy and in the Notice of Privacy Practices, we may disclose personal information in the following situations:

  • Healthcare Treatment, Payment and Operations. We may use and disclose your protected health information as further stipulated in the Notice of Privacy Practices for purposes of healthcare treatment, payment, and operations.
  • Affiliates and Acquisitions. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
  • Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third-party intermediary.
  • Public. Some of our websites may provide the opportunity to post comments, or reviews, in a public forum. If you decide to submit information on these pages, that information may be publicly available.
  • Partner Promotion. We may offer contests, sweepstakes, or other promotions with third party partners. If you decide to enter a contest, sweepstakes, or promotion that is sponsored by a third party partner the information that you provide will be shared with us and with them. Their use of your information is not governed by this privacy policy.
  • Service Providers. We may share your information with service providers. Among other things service providers may help us to administer our website, conduct surveys, provide technical support, process payments, and assist in the fulfillment of orders.
  • Other Disclosures with Your Consent. We may disclose your information to other third parties when we have your consent or direction to do so.

Your Choices

Some jurisdictions give you a right to make the following choices regarding your personal information:

  • Access To Your Personal Information. You may request access to your personal information or confirmation that we have information about you. In certain limited circumstances, you may also request to receive access to your data in a portable, machine-readable format.
  • Changes To Your Personal Information. We rely on you to update and correct your personal information. Our websites allow you to modify or delete your account profile. If our website does not permit you to update or correct certain information, you can contact us at the address described below in order to request that your information be modified. You may ask us to correct information that is inaccurate or incomplete. Note that we may keep historical information in our backup files as permitted by law.
  • Deletion Of Your Personal Information. You may request that we delete your personal information. If required by law, we will grant a request to delete information, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another business purposes.
  • Objection to Certain Processing. You may object to our use or disclosure of your personal information by contacting us at the address described below.
  • Online Tracking. We do not currently recognize the “Do Not Track” signal.
  • Promotional Emails. You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, surveys, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in emails that you receive. If you decide not to receive promotional emails, we may still send you service-related communications.
  • Promotional Text Messages. If you receive a text message from us that contains promotional information you can opt-out of receiving future text messages by replying “STOP.”
  • Revocation Of Consent. Where we process your personal information based upon consent, you may revoke consent. Please note, if you revoke your consent for the processing of personal information then we may no longer be able to provide you services.

Please note, not all of the rights described above are absolute, and they do not apply in all circumstances. In some cases, we may limit or deny your request because the law permits or requires us to do so, or if we are unable to adequately verify your identity. We will not discriminate against individuals who exercise their privacy rights under applicable law.

Submitting Requests

You may exercise the rights described above by contacting us as indicated in the “Contact Information” section below. If you disagree with how we handled a request, you may appeal our decision by contacting us with the subject line “Appeal.”

Note that, as required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name, the last item you purchased from us, or the date of your last purchase from us. We may also ask you to provide a signed declaration confirming your identity. Following a request, we will use reasonable efforts to supply, correct or delete personal information about you in our files.

In some circumstances, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf. If you are an authorized agent submitting a request on behalf of an individual, you must attach a copy of a signed declaration from the consumer indicating that you have permission to act on his or her behalf.

How We Protect and Retain Information

We are required under HIPAA to safeguard all PHI that we receive through our website or other services. While no method of transmission over the internet, or method of electronic storage, is fully secure, we have implemented appropriate technical, physical, and administrative safeguards to keep your information secure when it is transmitted through our website, including through your customer account  In the event of a security breach of our website or associated services, we will follow the protocols as outlined in our Breach Notification Policy, including notifying the affected party or parties as soon as we become aware of the breach.

We retain your personal information for at least six years, but may retain your information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we obtained the information and whether we can achieve those purposes through other means, as well as applicable legal requirements.

Transmission Of Information To Other Countries

Your information may be processed in a foreign country where privacy laws may be less stringent than the laws in your country. Nonetheless, where possible we take steps to treat personal information using the same privacy principles that apply pursuant to the law of the country in which we first received your information. By submitting your personal information to us you agree to the transfer, storage, and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below. You may also request a copy of any Standard Contractual Clauses we use for the transfer of your data outside of the EEA, which includes the categories of information transferred by contacting us using the contact information below.

Third-Party Applications/Websites

For your convenience, we may provide links to websites and other third-party content or services that we do not own or operate. The websites and third-party content to which we link may have separate privacy notices or policies. Please note, we have no control over the privacy practices websites, or services that we do not own. We encourage you to review the privacy policies of any third-party website or application for details about such third party’s privacy practices.

Changes To This Privacy Policy

We may change our privacy policy and practices over time. To the extent that our policy changes in a material way, the policy that was in place at the time that you submitted personal information to us will generally govern that information unless we receive your consent to the new privacy policy. Our privacy policy includes an “effective” and “last updated” date. The effective date refers to the date that the current version took effect. The last updated date refers to the date that the current version was last substantively modified.

Contact Information

If you have any questions, comments, or complaints concerning our privacy practices, or if you need to access this Privacy Policy in an alternative format due to having a disability, please contact us at the appropriate address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.

Email: privacy@babsondx.com
Telephone: +1 (512) 877-8770

If you are not satisfied with our response, and are in the European Union or United Kingdom, you may have a right to lodge a complaint with your local supervisory authority.

Additional Information For California Residents

California law requires us to disclose the following additional information related to our privacy practices. If you are a California resident, the following privacy disclosures apply to you in addition to the rest of the Privacy Policy.

  • California Shine the Light. If you would like more information concerning the categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing, please submit a written request to us using the information in the Contact Information section above.  
  • Notice of Collection. The table below describes the categories of personal information we collect, disclose for a business purpose. Please note, in addition to the recipients identified below, we may disclose any of the categories of personal information we collect with government entities, as may be needed to comply with law or prevent illegal activity. We do not “sell” or “share” your personal information as those terms are defined under California law. For details regarding how we use personal information, please see the Information We Collect section of the Privacy Policy. For information regarding how long we retain personal information, please refer to the How We Protect and Retain Information section of the Privacy Policy.

Category of Personal Information

Identifiers – this may include real name, alias, postal address, unique personal identifier, online identifier, email address, account name, or other similar identifiers.

Category of Recipients Disclosures for a Business Purpose

  • Third-party payment processors for processing transactions.
  • Customer relationship management (CRM) software providers for managing customer interactions.
  • Partner organizations for fulfilling orders.

Category of Personal Information

Government Issued Identification – this may include your Tax ID or reseller ID.

Category of Recipients Disclosures for a Business Purpose

  • Regulatory bodies for compliance purposes.
  • Tax authorities for tax reporting requirements.

Category of Personal Information

Financial Information – this may include bank account number, credit card number, debit card number, and other financial information.

Category of Recipients Disclosures for a Business Purpose

  • Financial institutions for processing payments.
  • Auditors for financial auditing purposes.

Category of Personal Information

Health Data – this may include insurance information, clinician name, clinical location, and tests ordered.

Category of Recipients Disclosures for a Business Purpose

  • Healthcare providers for fulfilling orders or prescriptions.
  • Insurance companies for claims processing.
  • Third-party service providers for managing healthcare benefits.

Category of Personal Information

Commercial information – this may include information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Category of Recipients Disclosures for a Business Purpose

  • Marketing agencies for targeted advertising.
  • Product suppliers for inventory management.

Category of Personal Information

Internet or other electronic network activity information – this may include browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.

Category of Recipients Disclosures for a Business Purpose

  • Website analytics providers for analyzing website traffic.
  • Advertisers for targeted advertising campaigns.

Category of Personal Information

Inferences drawn from any of the information listed above

Category of Recipients Disclosures for a Business Purpose

  • Marketing analytics firms for customer segmentation.
  • Customer support software providers for improving service quality.

Category of Personal Information

Additional categories of personal information described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) – this may include signature, physical characteristics, or description, insurance policy number.

Category of Recipients Disclosures for a Business Purpose

  • Legal advisors for legal compliance.
  • Third-party service providers for handling insurance claims.