Information we collect
“Personal Information” means any information that can be used to identify you, directly or indirectly, as an individual person. In connection with the Service, we collect:
- Information obtained from cookies automatically, such as anonymous usage statistics by using cookies, server logs, and other similar technology as you use the Service.
- GRAIL is the controller of this information.
How we collect Personal Information
How we use your information
We use information about you for various purposes, including to:
- Provide, maintain and improve the Service.
How we share your information
Within GRAIL. We share your Personal Information within GRAIL for the purposes set forth above.
Business Partners and Service Providers. We may share Personal Information with our business partners participating in the Summit Study, and with our third-party vendors and service providers, to comply with legal obligations, to protect and defend our rights and property, and with your permission. We do not rent, sell, or share Personal Information about you with other people or non-affiliated companies for their direct marketing purposes, unless we have your permission. We may share any information we receive with vendors and service providers we use to help us provide and improve the Service. For example, we may disclose information to the service providers that help host the Service.
Regulatory, Legal Process, Safety and Terms Enforcement. We may access, preserve, and disclose collected information, if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; comply with the law; or protect your, our, or others’ rights, property, or safety.
Business Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of GRAIL assets, or transition of service to another provider, your information may be disclosed in connection with the negotiation of such transaction, and/or sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such entities may use or disclose such information.
We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of the Service is directed to children under the age of 13. If you learn that your child has provided us with Personal Information without your consent, you may alert us as described in the “Contact us” section below. If we learn that we have collected any Personal Information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.
Links to other websites
Legal basis for processing
We may process Personal Information subject to our own legitimate interests, such as to operate, evaluate, and improve our business, including supporting the Summit Study; or to facilitate a sale of assets or merger or acquisition.
We may face any threat of legal claim and in that case, we may need to apply a “legal hold” that retains information beyond our typical retention period. In that case, we will retain the information until the hold is removed, which typically means the claim or threat of claim has been resolved.
Rights with respect to the Personal Information
Under the European Union’s General Data Protection Regulation, in certain circumstances, a European Economic Area (EEA)-resident data subject has certain individual rights with respect to the Personal Information that we hold about them. In particular, you may have the right to:
- Request access to any data held about you;
- Ask to have inaccurate data amended;
- Request data held about you to be erased, provided the data are not required by us to perform a contract, protect our rights, interests or those of a third party, defend against a legal claim or to comply with applicable laws or regulations;
- Prevent or restrict processing of data that is no longer required; and
- Request transfer of appropriate data to a third party if technically feasible.
Additionally, in the circumstances when you may have provided your consent to the collection, processing, and transfer of your Personal Information for a specific purpose, you have the right to withdraw your consent for that specific purpose at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes to which you originally agreed, unless we have another legitimate basis for doing so in law.
To exercise any of these rights, please contact us using the contact details set out under the “Contact us” heading below. If you are a resident of the EEA, you are also entitled to direct any complaints in relation to our processing of your Personal Information to your national or local data protection supervisory authority.
Transfer of Personal Information outside of the EEA
We will process your Personal Information in the United States, which does not provide the same level of data protection as the EEA. Where your Personal Information is processed by us or third parties outside of the EEA, we will ensure that appropriate safeguards are in place to adequately protect your Personal Information, to the extent required by applicable law, if the recipients are not located in a country with adequate data protection (as determined by the European Commission). Such safeguards may include the execution of standard contractual clauses; EU-US Privacy Shield framework; consent of the individual to whom the Personal Information pertains; or other safeguards permitted by applicable EEA requirements.
1525 O’Brien Drive
Menlo Park, California 94025
A cookie is a string of information, including a unique reference code, that a website stores on a visitor’s computer when visiting a website and that the visitor’s browser provides to the website each time the visitor returns. A number of cookies we use will last only for the duration of your web session and expire when you close the browser. Other cookies last longer and are used to recognize your computer when you return to the Service.
The cookies you receive from the Service are served by GRAIL. However, some cookies served by us use code provided by a third party delivering analytical services on our behalf. We and our service providers use the following categories of cookies:
- Essential Cookies: These cookies are strictly necessary to provide you with features available through the Service and to use some of their features, such as contact forms. Because these cookies are strictly necessary to deliver the Service, you cannot refuse them without affecting how the Service functions.
- Performance and Functionality Cookies: These cookies are used to enhance the performance and functionality of the Service but are non-essential to its use. However, without these cookies, certain functionality of the Service may become unavailable.
Most web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can review your Internet browser settings, typically under the sections “Help” or “Internet Options”, to exercise choices you have for certain cookies.
Please note that by blocking or deleting cookies used on the Service, you may not be able to take full advantage of the Service.
You can also learn more about how to manage all cookies across different types of browsers by visiting www.allaboutcookies.org. The site includes additional information on cookies.
Please note that new services using cookies may be added to the Service from time to time. Accordingly, this Cookies Policy is subject to occasional revision. We will notify you of changes by posting the new Cookies Policy on the Service. Such changes to the Cookies Policy will become effective when posted. Please review this Cookies Policy periodically and become aware of any modifications.