Our Privacy Statement is designed to help you better understand how we collect, use, store, process, and transfer your information when using our Services. Our Privacy Statement is applicable to all new and existing Users of our Services, and applies to all websites owned and operated by Prima Nexus Sdn Bhd and its subsidiaries and/or affiliates (collectively referred "Prima Nexus", “we”, “us” and “our”), including www.primanexus.com.my, and any other websites, pages, features, or content we own or operate, and to your use of the mobile app and any related Services.
Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
Anonymised Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual, also known as pseudonymized information.
Individual-level Information: information about a single individual's genotypes, diseases or other traits/characteristics, but which is not necessarily tied to Registration Information.
Personal Information: information that can be used to identify you, either alone or in combination with other information. Prima Nexus collects and stores the following types of Personal Information:
Registration Information: the information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, phone number, address, user ID and password, and payment information).
Genetic Information: information regarding your genotypes (i.e. the As, Ts, Cs, and Gs at particular locations in your genome), generated through processing of your DNA sample by Prima Nexus or by its contractors, successors, or assignees; or otherwise processed by and/or contributed to Prima Nexus.
Self-Reported Information: the information you provide directly to us, including your disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your Prima Nexus account.
Sensitive Information: information about your health, Genetic Information, and certain Self-Reported Information such as racial and ethnic origin, sexual orientation, and political affiliation.
User Content: all information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials - other than Genetic Information and Self-Reported Information-generated by users of Prima Nexus Services and transmitted, whether publicly or privately, to or through Prima Nexus.
Web-Behavior Information: information on how you use Prima Nexus Services collected through log files, cookies, web beacons, and similar technologies, (e.g., browser type, domains, page views).
Information Collected by Our Services
We may receive a confirmation when you open an email or text message from us if your computer or cellular device supports this type of program. We use this confirmation to help us make our emails more interesting and helpful and to improve our Service. If you do not want to receive email, text messages, or other mail from us, please contact us at email@example.com. Please note that if you have opted out of receiving emails or other messages from us, we may still need to contact you via email, but only with regard to the status of your account (for example, to notify you when your subscription is about to expire); you cannot opt-out of these emails, unless you cancel your account entirely.
Information You Provide to Us Directly
Information you share directly with us. We collect and process your information when you place an order, create an account, register your Prima Nexus DNA Collection Kit, complete surveys, post on our platform or use other messaging features, and contact Customer Care. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content such as your name, date of birth, billing and shipping address, payment information (e.g., credit card) and contact information (e.g. email, phone number and license number). All sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
Self-Reported Information. You have the option to provide us with additional information about yourself through surveys, forms, features and applications. For example, you may provide us with information about your personal traits (e.g., eye color, height), ethnicity, disease conditions (e.g. Type 2 Diabetes), and other health-related information (e.g. pulse rate, cholesterol levels, visual acuity), and, where applicable, family history information (e.g. information similar to the foregoing about your family members). Before you disclose information about a family member, you should make sure you have permission from the family member to do so.
User Content. Some of our Services allow you to create and post or upload content, such as data, text, software, music, audio, photographs, graphics, video, messages, or other materials that you create or provide to us through either a public or private transmission ("User Content"). For example, User Content includes any discussions, posts, or messages you send on Prima Nexus’s platforms.
Social media features and widgets. Our Services include Social Media Features. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. They may also allow third-party social media services to provide us information about you, including your name, email address, and other contact information. The information we receive is dependent upon your privacy settings with the social network. Features are either hosted by a third-party or hosted directly on our site. Your interactions with these Features are governed by the privacy statements of the third party companies providing them. You should always review and, if necessary, adjust your privacy settings on third party websites and services before linking or connecting them to our website or Services.
Third party services (e.g., social media). If you use a third party site, such as Facebook or Twitter, in connection with our Services to communicate with another person (e.g., to make or post referrals or to request that we communicate with another person), then in addition to that person's name and contact information, we may also collect other information (e.g., your profile picture, network, gender, username, user ID, age range, language, country, friends lists or followers) depending on your privacy settings on the third party site. We do not control the third party site's information practices, so please review the third party’s privacy statement and your settings on the third party’s site carefully.
Referral information and sharing. When you refer a person to Prima Nexus, we will ask for that person's email address. We will use their email address solely, as applicable, to make a referral to them, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for us to communicate (e.g., via email) with him or her. The person you referred may contact us at firstname.lastname@example.org to request that we remove this information from our database.
Gifts. If you provide us with Personal Information about others, or if others give us your information, for the purpose of ordering the Service as a gift, we will only use that information for the specific reason for which it was provided to us. Once a gift recipient registers for his or her Services and agrees to our Privacy Statement, our Terms of Service, and if applicable, provides certain consent , his or her Personal Information will be used in manners consistent with this Privacy Statement, and will not be shared with the purchaser, unless they independently choose to share their own Personal Information through the Services with the purchaser.
Customer service. When you contact Customer Care or correspond with us about our Service, we collect information to: track and respond to your inquiry; investigate any breach of our Terms of Service, Privacy Statement or applicable laws or regulations; and analyze and improve our Services.
How is the collected information used?
The information we gather from you enables us to (i) personalize and improve our Services, including but not limited to giving you other information, (ii) allow you to set up an account and profile that can be used to participate in our Services, which includes processing payments, shipping kits to customers, creating customer accounts and authenticating logins, analyzing DNA samples and DNA, and delivering results and powering tools that benefit our customers. (iii) provide you with information, updates, offers and other communications related to our Services, (iv) analyze and report on the results of the Services in an aggregate manner for the benefit of our partners and (v) support your use of the Services. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
When you contact Customer Care, we may use or request Personal Information, including Sensitive Information, as necessary to answer your questions, resolve disputes, and/or investigate and troubleshoot problems or complaints. In some instances, we may be required to process one customer’s Personal Information to resolve another customer’s dispute or request. For example, if a customer reports behavior that violates our Terms of Service, we will separately process both customers’ Personal Information and respond separately to each individual as appropriate. We will not share your Personal Information with another customer without your consent.
We value your feedback and may send you surveys, polls, or requests for testimonials to improve and optimize our Services. You are in control of the information you would like to share with us. If you do not wish to receive these requests, you can manage them in your Account Settings. Our legal basis for processing your Personal Information for the purpose described above is based on our legitimate interest. We think it is important to continue improving our Services to ensure your continued enjoyment.
By creating a Prima Nexus account, you are agreeing that we may send you product and promotional emails or notifications about our Services, and offers on new products, services, promotions or contests. You can unsubscribe from receiving these marketing communications at any time. To unsubscribe, click the email footer “unsubscribe” link or go to the “Preferences'' section of your Account Settings to edit your email notification preferences. You may not opt-out of receiving non-promotional messages regarding your account, such as technical notices, purchase confirmations, or Service-related emails.
Information Related to Our Genetic Testing Services
DNA samples. To use our genetic testing services, you must purchase, or receive as a gift, a Prima Nexus DNA Sample Collection kit, create an online account and register your kit, and ship your DNA sample to our laboratory. Our laboratory will extract your DNA from your DNA sample for analysis. Your DNA sample and DNA are destroyed after our laboratory completes its work, subject to legal and regulatory requirements. Information from our DNA testing services. With your consent, we extract your DNA from your DNA sample and analyze it to produce your Genetic Information (the As, Ts, Cs, and Gs at particular locations in your genome) in order to provide you with reports.
As described above, to receive results through the Personal Genetic Service, you must create a Prima Nexus account, register your kit, and submit your DNA sample to our laboratory. Your sample to provide us would be analyzed to generate your raw Genetic Information. Once we have your raw Genetic Information, we further analyze it to provide you with our reports, dependent on the Service purchased. Prima Nexus continuously works to improve our Services based on our research and product development, and genetic associations identified in scientific literature. If you are eligible to receive additional reports or updates in the future, you may be notified of or may directly access these updates. We may process your biological sample with our partner laboratories which reside in Singapore, South Korea & Japan. NO sample or personal data will be processed in the People's Republic of China and the State of Israel.
For Prima Nexus, with your consent. If you choose to consent to participate in our research, our researchers can include your anonymised Genetic Information and Self-Reported Information in a large pool of customer data for analyses aimed at making scientific discoveries. Prima Nexus’s Research may be sponsored by, conducted on behalf of, or in collaboration with third parties, such as non-profit foundations, academic institutions or for healthcare companies. Prima Nexus Research may study a specific group or population, identify potential areas or targets for therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on genetic research initiatives, or otherwise create, commercialize, and apply this new knowledge to improve health care.
Research is an important aspect of Prima Nexus’s Services and we want to ensure interested participants are aware of additional opportunities to contribute to interesting, novel scientific research conducted by academic institutions, healthcare organizations, pharmaceutical companies, and other groups. If you have chosen to participate in Prima Nexus’s Research, from time to time we may inform you of third party research opportunities for which you may be eligible. For example, if a university tells us about a new cancer research project, we may send an email to Prima Nexus research participants who potentially fit the relevant eligibility criteria based on their Self-Reported Information to make them aware of the research project and provide a link to participate with the research organization conducting the study. However we will not share Individual-level Genetic Information or Self-Reported Information with any third party without your consent. If you do not wish to receive these notifications, you can manage them by editing your preferences in your Account Settings.
If you choose not to provide consent to us or complete any additional agreement with Prima Nexus, your Personal Information will not be used for Prima Nexus’s Research. However, your Genetic Information and Self-Reported Information may still be used by us and shared with our third party service providers in order for us to provide our Services to you as outlined in thisPrivacy Statement. Our legal basis for processing your Sensitive Information for the purpose described above is based on your consent. You may withdraw your consent at any time, however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal. Prima Nexus’s Research uses Aggregate and/or Individual-level Genetic Information and Self-Reported Information as specified in the appropriate Consent form, as explained in greater detail with our Research Consent.
Sharing of the information
Personal Information about our customers is an integral part of our business. We neither rent nor sell your Personal Information in personally identifiable form to anyone. We share your Personal Information in personally identifiable form only as described below. Services users (including personal or party): We may share personal information to other Services users after you have agreed to set up connection with them when accessing certain or all Services.
Agents: We employ other companies and people to perform tasks on our behalf and as a result, we may need to share your Personal Information with them to provide these Services to you. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond.
Business Transfers/Corporate Transactions: In some cases, we may choose to buy or sell assets, conduct merger or acquisition, joint venture or other corporate transactions. In these types of transactions, customer information is typically one of the business assets that is transferred. Moreover, if Prima Nexus, or substantially all of its assets were acquired, or in the unlikely event that we go out of business or enter bankruptcy, customer information is one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of Prima Nexus may continue to use your Personal Information as set forth in this policy.
Information We Share with Third Parties
With Your Consent: Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and you will be able to prevent the sharing of this information. Order fulfillment and shipping. When you purchase a Prima Nexus’s kit from the www.primanexus.com.my online store, our payment processor processes certain Registration Information, such as your billing address and credit card information, as necessary to enable you to purchase a Prima Nexus kit online. Our logistic services providers ship your kit(s) to you, and help return your kit safely to our laboratory so your sample can be processed. If you purchase a Prima Nexus kit from retail outlets, our logistic services providers help return your kit to our laboratory.
Cloud storage, IT, and Security. Our cloud storage and other services providers provide secure storage for information in Prima Nexus databases, ensure that our infrastructure can support continued use of our Services by Prima Nexus customers, and protect data in the event of a natural disaster or other disruption to the Service. Our IT and security providers assist with intrusion detection and prevention measures to stop any potential attacks against our networks. We have these third party experts perform regular penetration tests and periodically audit Prima Nexus’s security controls. You may decide to share your Personal Information with friends and/or family members, doctors or other health care professionals, and/or other individuals outside of our Services, including through third party services such as social networks and third party apps that connect to our website and mobile apps through our application programming interface ("API"). These third parties may use your Personal Information differently than we do under this Privacy Statement. Please make such choices carefully and review the privacy statements of all other third parties involved in the transaction. We do not endorse or sponsor any API applications, and does not negate the accuracy or validity of any interpretations made by third party API applications. In general, it can be difficult to contain or retrieve Personal Information once it has been shared or disclosed. Prima Nexus will have no responsibility or liability for any consequences that may result because you have released or shared Personal Information with others.
We may share Aggregate Information, which is information that has been stripped of your name and contact information and combined with information of others so that you cannot reasonably be identified as an individual, with third parties. This Information is different from "Individual-level" information and is not Personal Information because it does not identify any particular individual or disclose any particular individual’s data. For example, Aggregate Information may include a statement that "45% of our male users share a particular genetic trait," without providing any data or testing results specific to any individual user. In contrast, Individual-level Genetic Information or Self-Reported Information consists of data about a single individual's genotypes, diseases or other traits/characteristics information and could reveal whether a specific user has a particular genetic trait, or consist of all of the Genetic Information about that user. Prima Nexus will ask for your consent to share Individual-level Genetic Information or Self-Reported Information with any third party, other than our service providers as necessary for us to provide the Services to you.
We may share some or all of your Personal Information with other companies under common ownership or control of us, which may include our subsidiaries, our corporate parent, or any other subsidiaries owned by our corporate parent in order to provide you better service and improve user experience. Generally, sharing such information is necessary for us to perform on our contract with you. We may provide additional notice and ask for your prior consent if we wish to share your Personal Information with our commonly owned entities in a materially different way than discussed in this Privacy Statement.
Under certain circumstances your Personal Information may be subject to processing pursuant to laws, regulations, judicial or other government subpoenas, warrants, or orders. For example, we may be required to disclose Personal Information in coordination with regulatory authorities in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Prima Nexus will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that Prima Nexus may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce our Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of us, its employees, its users, its clients, and the public.
In the event that we go through a business transition such as restructuring, merger, acquisition by another company, or sale of all or a portion of its assets, your Personal Information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
We collect the following types of information from you:
Your information is only accessible by a limited number of persons who have special access rights, and are required to keep the information confidential. All sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
Personal Information You Provide to Us:
We receive and store any information you enter in connection with our Services or provide to us in an authorized way. The types of Personal Information that is collected may include the following:
Registration Information is information that we collect from you when you purchase or sign up for the Prima Nexus services. Examples of such information include your name, age, mailing address, phone number and contact information, such as an email address. We also collect your credit card information to process payment for Prima Nexus.
Self-Reported Biomarker Information includes not only your DNA/genetics test result information, blood test result information, but also other information you provide on the Prima Nexus platform, such as ethnicity, gender, height, weight, pulse rate, and other health and well-being related information (including without limitation other sensitive medical information).
User Content is all information other than health-related test information or self-reported information provided by the users of the Prima Nexus services and transmitted, whether publicly or privately, to Prima Nexus. User content may include data, text, software, music, audio, photographs, graphics, video, messages, or other materials. For example, user content includes posts made to the Prima Nexus community forums or emails to customer support.
Web Behavior Information is information on how you use the website (e.g. browser type, domains, pageviews) collected through log files, cookies, and web beacon technology. Those information will be provided by you through the Services, so that we will support you to deliver messages, in the way of email or SMS, to the personnel for operating full Services) . If you have purchased any hardware from Prima Nexus and are using it in connection with the Services, we will also collect the serial number of the hardware. You can choose not to provide us with certain information, but then you may not be able to register with us or take advantage of all of our Services offerings.
Personal Information Collected Automatically:
We may receive a confirmation when you open an email or text message from us if your computer or cellular device supports this type of program. We use this confirmation to help us make our emails more interesting and helpful and to improve our Service. If you do not want to receive email, text messages, or other mail from us, please contact us at support@Prima Nexus.com. Please note that if you have opted out of receiving email or other messages from us, we may still need to contact you via email, but only with regard to the status of your account (for example, to notify you when your subscription is about to expire); you cannot opt-out of these emails, unless you cancel your account entirely.
Links to other third party sites
Prima Nexus is committed to protecting the privacy of children as well as adults. Neither Prima Nexus nor any of its Services are designed for, or directed toward children under the age of 18. A parent or guardian, however, may collect a DNA sample from, create an account for, and provide information related to, his or her child who is under the age of 18. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to Prima Nexus about his or her child is kept secure and that the information submitted is accurate.
Your privacy is important to us. We comply with the applicable requirements of the Personal Data Protection Act 2010 (Act 709) in Malaysia and other applicable regulations specific to Malaysia.
Prima Nexus implements physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your Personal Information.
Prima Nexus produces secure applications by design. Prima Nexus incorporates explicit security reviews in the software development lifecycle, quality assurance testing and operational deployment.
Anonymisation. Registration Information is stripped from Sensitive Information, including Genetic and Self-Reported Information. This data is then assigned a randomly generated ID so an individual cannot reasonably be identified.
Encryption. Prima Nexus uses industry standard security measures to encrypt Sensitive Information both at rest and in transit.
Separation of Environments. Prima Nexus ensures processing, production, and research environments are separated and access is restricted. Data, including Registration Information, Genetic Information, and Self-Reported Information are segmented across logical database systems to further prevent re-identifiability.
Limiting access to essential personnel. We limit access to Personal Information to authorized personnel, based on job function and role. Prima Nexus access controls include strict least-privileged authorization policy.
Detecting threats and managing vulnerabilities. Prima Nexus uses state of the art intrusion detection and prevention measures to stop any potential attacks against its networks. We have integrated continuous vulnerability scanning in our processes and regularly engage third party security experts to conduct penetration tests.
Incident Management. Prima Nexus maintains a formal incident management program designed to ensure the secure, continuous delivery of its Services. Prima Nexus has implemented an incident management program using industry best practices.
Managing third party service providers. Prima Nexus requires service providers to implement and maintain accepted industry standard administrative, physical and technical safeguards to protect Personal Information.
Your information collected through the Service may be stored and processed in countries (Singapore, South Korea & Japan ONLY) in which Prima Nexus or its subsidiaries, affiliates or service providers maintain facilities and, therefore, your information may be subject to the laws of those other jurisdictions which may be different from the laws of Malaysia and your country of residence.
Your Responsibility. Your Personal Information is protected by a password for your privacy and security. You need to prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer, mobile device, and browser by signing off after you have finished accessing your account. You should not disclose your authentication information to any third party and should immediately notify Prima Nexus of any unauthorized use of your password. Prima Nexus cannot secure Personal Information that you release on your own or that you request us to release.
Access, changes, or deactivation of personal information
Our Services aim to provide you with access to the personal information you submit and the means to update it. If you wish to access, inquiry, review, amend, correct, suppress or request a copy of or delete Personal Information about you or request that we cease collecting, processing or using it as permitted by applicable, you should log into our Services or contact us using the contact information below. Under certain circumstances, we may ask you to verify your identity before your request is processed. This will be done free of charge except where it would require a disproportionate effort. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes).
If you desire to deactivate your account please contact us using the contact information below. Upon your request, your account will be deactivated and your Personal Information and Records will be securely archived. We retain archived information for a period of ten years (or longer if required by law) as necessary to comply with legal obligations, resolve disputes and enforce our agreements and other authorized uses under this Policy. Further, we will retain the aggregated, non-personally identifiable information and data, which may be generated from or based on the information relevant to your account, even after you deactivate or terminate your account.
Legal Retention Requirements. Prima Nexus and our laboratory will retain your Genetic Information, date of birth, and sex as required for compliance with applicable legal obligations. Prima Nexus will also retain limited information related to your account and data deletion request, including but not limited to, your email address, account deletion request identifier, and record of legal agreements for a period of time as required by contractual obligations, and/or as necessary for the establishment, exercise or defense of legal claims and for audit and compliance purposes.
If you have questions or concerns regarding this policy, please contact us at email@example.com