We offer a range of Services in support of our mission to make the world’s health data useful so that people enjoy healthier lives. Our Services may include things like websites that we operate, apps and web-based platforms, and devices, including connected devices.
When you use the Services, certain types of data may be collected from you, including: (1) Non-Personal Information; and (2) Personally Identifiable Information. For more detailed information on personal information from children, please refer to the “Children and Parents” section below.
In some circumstances, Granular Insurance may also collect information about you from trusted partners, including marketing partners who provide us with information about potential customers of our Services, and security partners who provide us with information to protect against abuse.
Generally, we may use and disclose the information that we collect for our business purposes, including operation of the Services, as well as development of new products and services. Such use and disclosure of information may vary with respect to the type of information collected, including: (1) Non-Personal Information; and (2) Personally Identifiable Information.
We use Non-Personal Information collected through the Services to monitor the performance and effectiveness of the Services, to help personalize your experience, for statistical and research purposes and for improving the functionality of the Services. This information may also be used for administrative purposes including, without limitation, to troubleshoot and resolve problems with the Services and to protect Granular Insurance, the Services and our users. We may rely on third-party partners to collect and analyze Non-Personal Information based on our instructions and subject to appropriate privacy and security measures.
PII collected may be used for a variety of purposes, such as responding to requests for information, creation of user accounts, and processing and fulfillment of orders, as applicable. We may disclose your PII to:
(i) our affiliates in your local jurisdiction, or other locations as necessary or appropriate, to assist us with responding to requests for information, to process and fulfill orders, and to provide other activities contemplated by the Services; and
(ii) business partners or service providers we use to perform site hosting, analytics, and other information technology and support functions on our behalf, and such activities are performed based on our instructions and in compliance with appropriate privacy and security measures.
Where permitted, your PII may also be used to create de-identified data sets.
In addition to the activities described above, we may share personal information with companies, organizations or individuals outside of Granular Insurance if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to: (1) meet any applicable law, regulation, legal process or enforceable governmental request; (2) enforce applicable Terms of Service, including investigation of potential violations; (3) detect, prevent or otherwise address fraud, security or technical issues; or (4) protect against harm to the rights, property or safety of Granular Insurance, our users or the public, as required or permitted by law.
We aim to provide you with access to your personal information gathered through the Services. In some circumstances you may have the right to review or request your personal information, or request that it be updated or deleted, by contacting us using the method below under the caption “Contact Us.” However, to the extent permitted by law, we may reject requests that are unreasonably repetitive, unduly burdensome, risk the privacy of others, or would be very impractical to honor. To the extent practicable, where we can provide our users with information access and correction through the Services, we will do so for free, except where it would require a disproportionate effort. We aim to protect information gathered through the Services from accidental or malicious destruction.
We may provide links to other third-party websites through the Services solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that Granular Insurance endorses, is affiliated with or makes any representations concerning such third-party websites. Granular Insurance neither reviews, nor controls, nor is responsible for these third-party sites or any content therein. If you decide to access any of the third-party sites linked through the Services, you do so entirely at your own risk. Granular Insurance shall not be liable for any consequences arising from use of any third-party websites to which the Services link.
We work hard to prevent unauthorized accessing, alteration, disclosure, or destruction of the information we hold. We have many data security safeguards in place, and we regularly review our security practices to proactively guard against unauthorized access.
We strive to maintain the security of your information by using appropriate measures designed to protect our systems. However, we cannot guarantee the security of any information that is disclosed online. Consequently, we do not insure or warrant the security of any information you transmit, and you do so at your own risk.
For some data, you can request deletion whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary. When data is deleted, we follow internal policies and procedures to make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
Data That Expires After a Specific Period of Time: In some cases, we store data for a predetermined period of time. For each type of data, we set retention timeframes based on the reason for its collection. Where applicable, we also take steps to anonymize certain data within set time periods.
Information Retained for Extended Time Periods for Limited Purposes: Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:
We try to ensure that our Services protect information from accidental or malicious deletion. Because of this, there may be delays between when something is deleted and when copies are deleted from our active and backup systems. For our active systems, this process generally takes around two months from the time of deletion; however, data can remain on backup systems for up to six months.
When we transfer personal information from the European Economic Area and Switzerland to other countries, including to the United States, we use a variety of legal means to help ensure the data is appropriately protected. As described in our Privacy Shield certification, Granular Insurance Life Sciences LLC complies with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use and retention of personal information in the United States from European Union member countries, and the United Kingdom (UK) and Switzerland, respectively (“European Personal Information”). Granular Insurance has certified its commitment to subject to the Privacy Shield Principles all such European Personal Information received from the EU, the UK and Switzerland in reliance on Privacy Shield. We shall remain responsible for European Personal Information that we share under the Onward Transfer Principle with third parties for processing on our behalf, as described under the caption “How We Use and Disclose Information Collected.” Learn more about the Privacy Shield program here. If you have an inquiry regarding our privacy practices in relation to our Privacy Shield certification, we encourage you to contact us. Granular Insurance is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC). You may also file a complaint free of charge with your local data protection authority and we will work with them to resolve your complaint. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
If European Union (EU) data protection law applies to the processing of your information, you may contact us in order to exercise your rights to request access to, update, remove and restrict the processing of your information. You also have the right to object to the processing of your information or export your information to another service.
With Your Consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time.
When We’re Pursuing Legitimate Interests: We process your information for our legitimate interests and those of third parties while applying appropriate safeguards that protect your privacy. This means that we process your information for things like:
When We’re Providing Services
We process your data to provide Services you’ve asked for under contract. We may also process your data in the course of providing Services to our business partners, to which you may have provided your data; such processing is performed at the direction of our business partners.
When We’re Complying with Legal Obligations
We’ll process your data when we have a legal obligation to do so, for example, if we’re responding to legal process or an enforceable government request.
If you have questions, you can contact Granular Insurance and our data protection officer. You can also contact your local data protection authority if you have concerns regarding your rights under local law.
If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures and the mechanisms described in this policy so you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information.
Granular Insurance provides two mechanisms that allow you to submit requests to access, review, update and delete your information. You can submit such requests by (1) calling our toll-free number at 866.984.2067 (2) emailing us at email@example.com. You can also read more about Granular Insurance’s data retention periods, and the process we follow to delete your information.
Granular Insurance does not sell your personal information. We only share your information as described in this policy. Granular Insurance processes your information for the purposes described in this policy, which include “business purposes” under the CCPA. These purposes include:
Granular Insurance also uses information to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement. If you have additional questions or requests related to your rights under the CCPA, you can contact us using the mechanisms described above.
If you have any questions or concerns regarding the information gathered through the Services, or would like to submit a request related to your information (including requests to review, update or delete your information), please let us know by emailing us at firstname.lastname@example.org.