Privacy Policy
At Starfish.com, safeguarding your private information is a priority for us. This Privacy Policy outlines how we handle the personal and health-related information (together referred to as “Personal Information”) of individuals who visit our website and utilize our services. It applies to all interactions with Starfish.com, setting forth how we collect, use, and protect your data. By accessing our website, you agree to the terms outlined in this policy. Please be aware that additional privacy notices, including HIPAA Notices of Privacy Practices, might apply to data shared with third-party healthcare providers via our services or to third-party sites linked from our website. We encourage you to review all relevant privacy notices, as we cannot be held responsible for the privacy practices of third parties.
Personal Information We May Collect About You
We gather Personal Information directly from you and through third-party partners, including healthcare providers and labs, when you visit our site, inquire about our services, create an account, email us, order tests, or engage with our services in other ways. This may include:
– Contact details such as your name, email address, billing address, and other similar information.
– Your test order history, including specifics about the tests you have selected.
– Demographic data like age, gender, and mailing address.
– Health or medical information for wellness evaluations, depending on the services you use.
– Information related to your sexual orientation or history if relevant to certain services or test results.
– Medical history information collected through questionnaires linked to our services.
– Discussions from confidential phone calls with our health specialists, for quality control purposes.
– Information from chat specialists before you make a purchase or create an account.
– Payment details processed by our PCI-certified vendor.
– Usage details of our site, including technical information about your browser or device.
– Any additional information you choose to provide us.
We may also generate anonymous or aggregated data from the use of our services or third-party sources.
How We Use Your Information
We use your Personal Information for various business and commercial purposes, such as:
– Managing and providing access to your account and services.
– Responding to your inquiries and fulfilling service requests.
– Informing you about other products or services from Starfish.com or our partners.
– Fraud prevention, rights and property protection, and policy enforcement.
– Legal compliance and responding to regulatory inquiries or requests.
– Creating de-identified data records to improve our site and services.
Sharing Your Information
Starfish.com does not sell, rent, lease, or give your Personal Information to third parties for their marketing purposes. We share your information with trusted third-party lab partners and healthcare providers for service provision and compliance with our privacy policy and laws. We may also share your Personal Information to comply with legal requirements, protect rights and safety, and in case of business transfers like mergers or reorganizations.
HIPAA Compliance and Use of Protected Health Information
At Starfish.com, part of FPK Services LLC, we are committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) to ensure the confidentiality, integrity, and security of protected health information (PHI). This section outlines how we may use and disclose PHI in accordance with HIPAA standards:
- For Treatment: We may use or disclose your health information to healthcare providers involved in your care. For example, if you require hospitalization, we may share necessary health information with the hospital to facilitate your treatment.
- In Emergencies or to Avert a Serious Threat to Health or Safety: We may use or disclose your health information if we believe it is necessary to prevent a serious threat to the health and safety of you or others.
Your Rights Under HIPAA
As a user of Starfish.com, you have certain rights regarding the PHI we maintain about you. These rights include:
- The Right to Access and Copy Your Health Information: You have the right to inspect and obtain a copy of your health information.
- The Right to Request Amendments: You can ask us to correct or amend health information you believe is incorrect or incomplete.
- The Right to an Accounting of Disclosures: You have the right to request an accounting of certain disclosures we have made of your health information.
- The Right to File a Complaint: If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services.
To exercise any of these rights, please contact us at [email protected].
Our Legal Duties Concerning PHI
We are required by law to maintain the privacy of your health information, to provide you with this notice of our legal duties and privacy practices with respect to PHI, and to notify affected individuals following a breach of unsecured PHI.
Contact Information for Privacy Concerns
If you have any questions about this section or need further assistance regarding your rights or the information we hold about you, please contact our Privacy Team at:
Email: [email protected]
Your Privacy Rights
Depending on your location, you may have rights to access, correct, or delete your Personal Information, among others. To exercise these rights or if you have questions, please contact us via email at [email protected] or through our contact form.
Individuals in California or other jurisdictions may have certain data subject rights, subject to certain limitations and/or restrictions. These rights may include the right to request access to and rectification or erasure/deletion of their personal information; and the right to ask for a copy of your personal information to be provided to you, or to a third party, in a digital format; and the right not to be discriminated against for the exercise of your privacy rights. If you would like to exercise your privacy rights, or have any questions with regard to those rights, please contact us via email to: [email protected].
For California residents, California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the business’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, businesses may have in place a policy not to disclose personal information to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt out of such information sharing. We do not share Personal Information to third parties for their direct marketing purposes. We also do not sell Personal Information to third parties.
Communication Preferences
We communicate test results and other important information via email. You can opt out of marketing messages at any time. We respect your communication preferences and offer various options to manage how we contact you.
Your Nevada Rights
Nevada SB 220 gives consumers that are Nevada residents the right to opt-out of the sale of covered personal information that a website operator has collected or will collect about them. Starfish.com does not sell personal information as defined by this Nevada Law, but will document and abide by verifiable opt-out requests in the event we change this practice. Consumers that are Nevada residents may submit requests to opt-out to [email protected]. Please indicate “Nevada Rights” in the subject line of your email. Note that submitting your Nevada opt-out preferences in this manner will NOT unsubscribe you from receiving text messages or email communications from Starfish.com. All consumers, including Nevada residents, can do that as directed in any text you receive from us, or by clicking the unsubscribe link in commercial email communications you receive from us.
California Consumer Privacy Act
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of your personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected] or write us at: 11150 S Wilcrest Dr, Suite 200 Houston, TX 77099.
Starfish.com does not sell your personal data as defined by this law but will document and abide by all verifiable, data collection, right not to share, right not to sell, right to delete (other than as required by certain public health institutions like the California Department of Public Health a subdivision of the California Health and Human Services Agency and or the Centers for Disease Control Prevention or (“CDC”)) opt-out requests in the event we change this practice.
Security Measures
We employ various security measures to protect your Personal Information, including encryption and industry-standard practices. However, we cannot guarantee absolute security due to the inherent risks of internet data transmission.
Data Retention
We retain your Personal Information as long as necessary for service provision, legal compliance, and dispute resolution, considering factors like the nature of the data and legal obligations.
Cookies and Tracking Technologies
Cookies are small, sometimes encrypted text files that are stored on computer hard drives by websites that you visit. They are used to help users navigate websites efficiently as well as to provide information to the owner of the website. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please visit www.allaboutcookies.org.
When you visit the Site, we may place a “cookie” or other online tracking device (e.g. web beacons) in order to improve your experience by recognising you when you visit the Site, such as by assigning a session ID and to deliver content specific to your interests. The cookies we place may also collect information about your IP address, or clickstream data within our Site (i.e. the actions taken in connection with the Site). This information helps us improve the functionality of the Site.
We also use cookies provided by Google Analytics to help us measure how visitors use the Site. The information collected is used for a variety of purposes, including, but not limited to, site traffic reporting, unique visitor counts, and content optimization. Although Google Analytics logs the information coming from the website on our behalf, we control how the data may and may not be used. If you do not want to help us learn how to improve the Site, you can opt-out of this website analysis tool by clicking: https://tools.google.com/dlpage/gaoptout.
Web browsers often allow you to erase existing cookies from your hard drive, block the use of cookies and/or be notified when cookies are encountered. If you elect to block cookies, please note that you may not be able to take full advantage of the features and functions of the Site.
Starfish.com may keep track of the websites and pages users visit within the Site, in order to determine which Starfish.com services are most popular. This data is used to deliver advertising from Starfish.com to customers whose behavior indicates that they are interested in a particular subject area. To opt out of such interest-based advertising, visit Digital Advertising Alliance’s Choices page at optout.aboutads.info.
We do not, however, engage in the collection of personally identifiable information about your online activities over time across third-party websites or online services. We do not respond to automated browser signals regarding tracking mechanisms, which may include “do not track” instructions.
Children’s Information
We do not knowingly collect information from anyone under the age of 18. If we become aware of such collection, we will take steps to delete the information promptly.
International Users
Starfish.com is designed for use within the United States by U.S. residents. Access or use from other jurisdictions is not intended and should be avoided if prohibited by local laws.
Policy Updates
We evaluate our privacy policies and procedures to implement improvements and refinements from time to time. If we make any material changes to this Privacy Policy we will notify you by means of a prominent notice on the Site prior to the change becoming effective. We will also post an updated version on our website. Please check back periodically for updates.
Contact Us
If you have any questions or comments about our Privacy Policy, you would like to opt-out of receiving communications from us, or would like to exercise other data subject rights, please feel free to contact us at [email protected]