Effective Date: December 20, 2019
Last Reviewed: December 19, 2022
Table of Contents:
- Categories of Personal Information We Collect
- Categories of Sources of Personal Information
- Retention of Personal Information
- How We Use Personal Information
- How We Share Personal Information
- Cookies and Similar Technologies
- How to Access and Control Your Personal Information
- Additional Considerations
1. Categories of Personal Information We Collect
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device (“Personal Information”). In particular, we have collected the following categories of Personal Information from consumers within the last twelve (12) months:
|Personal Information Category||Examples||Collected||Business Purpose for Collection|
|A. Identifiers||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||Yes||For website analytics, employment applications, or interactions with our social media channels.|
|B. Personal Information categories listed in the California Customer Records statute Cal. Civ. Code § 1798.80(e))||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||Yes||For employment applications or research activities.|
|C. Protected classification characteristics under California or federal law||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||No||Not collected in this website.|
|D. Commercial Information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies||Yes||For research or survey purposes such as satisfaction surveys. For employee vehicle programs.|
|E. Biometric Information||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||Yes||For in-person research activities such as testing with emergency services.|
|F. Internet or other similar network activity||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||Yes||For website analytics to see how a user interacts with and moves through our website.|
|G. Geolocation data||Physical location or movements.||Yes||For website analytics on a country level and not precise geographical location.|
|H. Sensory data||Audio, electronic, visual, thermal, olfactory, or similar information.||Yes||For in-person visits to our office and other research activities.|
|I. Professional or employment related information||Current or past job history or performance evaluations.||No||We do not collect in this website.|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||No||We do not collect with this website.|
|K. Inferences drawn from other personal information||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||Yes||For in-person research activities such as testing with emergency services.|
|Sensitive Personal Information Category||Examples||Collected||Business Purpose for Collection|
|Government identifiers||Social security, driver’s license, state identification card, or passport number.||No||Not Collected.|
|Complete account access credentials||User names, account numbers, or card numbers combined with required access/security code or password.||No||Not Collected.|
|Precise geolocation||Your geolocation within a radius of 1,850 feet.||No||Not Collected.|
|Racial or ethnic origin||Information regarding your race or ethnicity.||No||Not Collected.|
|Religious or philosophical beliefs||Information regarding your religious or philosophical beliefs or practices.||No||Not Collected.|
|Union membership||Whether or not you are a union membership.||No||Not Collected.|
|Genetic data||Data pertaining to your DNA or genes.||No||Not Collected.|
|Mail, email, or text message contents not directed to us||Contents of any message that is not sent to MBRDNA.||No||Not Collected|
|Unique identifying biometric information||Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.||Yes||For in-person research activities such as testing with emergency services.|
|Health, sex life, or sexual orientation information||Information pertaining to your health, fitness, sexual orientation or identity or expression||No||Not Collected.|
MBRDNA does not “share”, any of the categories of data listed above as defined in the CPRA. The CPRA defines sharing as disclosing personal information to a third party for cross-context behavior advertising.
2. Categories of Sources of Personal Information
We obtain the categories of Personal Information listed above from the following categories of sources:
Directly from you. We collect profile information and other content you voluntarily provide us, which may include:
- Username and password
- Contact information when you register on our website, such as your name, street address, phone number, and/or email address.
- Any content or contributions you post in a public space on the website. This includes comments, videos and photos that you might submit. If you contact us through a social media site, we may collect your social media identifier.
- Any information you provide in communications with us, such as via social media, e-mail or through participation in research activities.
Indirectly from you. We collect information that is passively collected when you use the website, such as by our web servers, mobile applications, and by third party analytics tools we use:
- Our system logs may record certain information about visitors to our website, including the web request, Internet Protocol (“IP”) address, device and mobile ad identifiers, browser information, interaction with the website, pages viewed, app usage, and other such information; we may collect similar information from emails you receive from us that can help us track which emails are opened and which links are clicked by recipients.
- We may collect voice recordings that use speech in connected vehicle services that are processed and anonymized by a third party processor.
- We may detect the physical location by, for example, using GPS information collected by mobile applications, connected vehicle, or location information shared by your web browser. This information does not disclose precise geolocation. We collect this information for purposes of enhancing or facilitating our services, such as enabling certain functionalities of the website that can provide you with information about promotions or relevant product information near you. We may use your device’s physical location to better understand how our website and other services and functionality are being used. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. Please consult your device settings for further information.
3. Retention of Personal Information
All categories of personal data are retained only for as long as they are required to fulfill the business purpose for which it was collected. This varies from purpose to purpose. Once it is no longer useful for the business purpose, it is either anonymized or deleted.
4. How We Use Personal Information
We use Personal Information for the following business purposes:
- to address technical administration of the website
- to improve your experience with our products and services
- to respond to your inquiries and fulfill your requests
- to communicate with you about programs
- to inform you about our brand, products, promotions, events or other promotional purposes
- to permit you to participate in social sharing, including live social media feeds
- to perform analytics, quality control, research, and determine the effectiveness of our website, mobile applications, and develop new products and services
We may also use Personal Information as we believe to be necessary or appropriate for certain essential purposes, including:
- to comply with applicable law and legal process
- to respond to requests from public and government authorities, including public and government authorities outside your country of residence
- to detect, prevent, or investigate potential security incidents or fraud
- to facilitate the functionality of our website
- to enforce our terms and conditions
- to protect our operations or those of our affiliates
- to protect our rights, privacy, safety or property, security and/or that of our affiliates, you or others
- to allow us to pursue available remedies or limit the damages that we may sustain
5. How We Share Personal Information
We may disclose your Personal Information to third parties for business purposes. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose:
Personal Information categories listed in the California Customer Records statute
Internet or other similar network activity
Inferences drawn from other personal information
To the extent permitted by applicable law, your Personal Information may be disclosed to the following categories of third parties:
- to our third-party service providers who provide services such as website hosting, data analysis, IT services, processing or fulling orders
- to a third party in the event of any direct or indirect reorganization, including merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings)
- to a third party where we either aggregate, anonymize, de-identify or otherwise strip data of all personally identifiable characteristics
- in connection with the essential purposes described above (e.g., to comply with legal obligations) in the preceding twelve (12) months, MBRDNA has not sold Personal Information, as that term is defined in the CCPA.
6. Cookies and Similar Technologies
Most browsers automatically accept cookies. You can prevent cookies from being stored on your hard drive by setting your browser to not accept cookies. The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your hard drive at any time. The choices available, and the mechanism used, will vary from browser to browser. Such browser settings are typically found in the “options”, “tools” or “preferences” menu. You may also consult the browser’s “help” menu. For example:
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
There are online tools available for clearing all cookies left behind by the website you have visited, such as www.allaboutcookies.org. Usually, deletion of cookies will anonymize the information associated with the pixel and a web site will not receive any further associated information.
We use a tool called “Google Analytics” to collect information about use of this website. Google Analytics sets a cookie on your browser and only collects the IP address assigned to you on the date you visit this website, rather than your name or other identifying information. You can prevent your data from being collected and used by Google Analytics by installing the Google Analytics opt-out browser add-on. If you choose not to accept cookies, you can still visit our website, however this may result in a reduced availability of the services provided by our website.
Our website also may include plug-ins from “YouTube.” When you visit one of our YouTube plug-in-enabled sites, you will also be connected to YouTube servers. If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
We occasionally use a variety of new technologies and social media options to communicate and interact with our visitors. These Third-Party website and Applications (TPWA) consist of popular social networking and media website including, but not limited to, Facebook, LinkedIn, Instagram, YouTube, and Vimeo. TPWA’s are web-based technologies that are not exclusively operated or controlled by us. If you submit personal information to any of those sites, their privacy statements govern your information. When interacting with TPWA’s, you may reveal certain personal information to us or to third parties. For further information, please visit the corresponding privacy policies for the following social networks below:
7. How to Access and Control Your Personal Information
Upon written request, MBRDNA or its representatives will inform you by letter without delay what Personal Information is stored by us as defined by applicable law. Should such data be incorrect, we will at your request correct that information for you, you also have the option of viewing, deleting or amending your Personal Information.
If you are a resident of the State of California and upon a verified request, you may request:
(1) the correction, update, or deletion (subject to certain exceptions) of your Personal Information,
(2) the categories of Personal Information MBRDNA has collected,
(3) the categories of sources from which MBRDNA has collected your Personal Information,
(4) the business or commercial purpose(s) for collecting and disclosing your Personal Information,
(5) a copy of your Personal Information retained by MBRDNA, to be delivered in a structured, commonly used and machine readable format to review or to transfer or transmit to another entity without hindrance, to the extent that that is technically feasible,
(6) the categories of third parties with whom MBRDNA shares your Personal Information,
(7) the specific pieces of Personal Information MBRDNA has collected about you, and
(8) to limit the use and disclosure of sensitive information
Please note that under the CCPA as amended by the CPRA, you have the right to opt-out of the sale of your Personal Information to third parties, however, MBRDNA does not sell Personal Information, as that term is defined in the CCPA. You also have the right not opt-out of sharing your information for advertising purposes, however, MBRDNA does not share your information for advertising purposes as it is defined in the law.
We may need you to provide additional information to verify your request, such as providing certain data elements so that we can confirm they match the Personal Information already maintained by us. We will not use this additional information for anything other than handling your request. You may designate an authorized agent to make a request in certain circumstances on your behalf. Such authorized agent must be registered with the California Secretary of State. We endeavor to respond to all such requests within forty-five (45) days, although there may be a brief delay in processing a request while we verify that the request is valid and originates from you as opposed to an unauthorized third party. If we require more time, we will inform you of the reason and extension period in writing. We will not discriminate against you for exercising your rights.
Any of the above requests may be made by contacting us at:
Attn: Data Protection
309 North Pastoria Avenue
Sunnyvale, CA USA 94085
Toll-free number: 1-888-655-1703
8. Additional Considerations
MBRDNA uses reasonable technical and organizational security measures in order to protect the Personal Information we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorized persons. Our security procedures are continually enhanced as new technology becomes available.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request, once a year, certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. We do not disclose Personal Information to third parties for their direct marketing purposes.
Do Not Track (“DNT”)/Global Privacy Control (“GPC”)
We will respect any DNT or GPC signals and will not collect information via cookies.
Children’s Online Privacy Protection Act (COPPA)
Our Site is a general audience site that is not designed nor intended to collect Personal Information from children under the age of 18. Therefore, we do not knowingly collect or maintain any Personal Information from children under the age of 18. To respect the privacy of children and to comply with the Children’s Online Privacy Protection Act, children under the age of 18 should not provide any Personal Information on this Site. We ask that parents supervise their children while online. In the event we learn that we have collected Personal Information from a child under the age of 18, we will delete such Personal Information without undue delay.
Third Party Services
Changes to This Information