OVERVIEW

Endeavor DNA, Inc., (“EDL” or “we” or “us”) is committed to protecting your privacy. We prepared this privacy policy (the “Privacy Policy”) to describe our practices regarding the information we collect from users of our website that link to this policy, and use of our related services, including without limitation our testing services and web applications. By submitting information through our website or through our related services, you agree to the terms of this Privacy Policy and you expressly consent to the processing of your information in accordance with this Privacy Policy.

SECTION 1 – TYPES OF INFORMATION WE COLLECT.
a. Information You Provide Us Directly. We may collect information from you, including, but not limited to your username, first and last name, e-mail, password, phone number, and mailing address, when you create an account to log in to our network or at other times. If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply, and any information that you submit to us, such as a resume. For customers who engage us for our testing services, we may also collect your genetic information and the genetic information of other individuals necessary for testing purposes (“Testing Information”).

b. Information Collected via Technology. To make our website and related services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. We also use Cookies (as defined below) and navigational data to gather information regarding the date and time and duration of your visit and the solutions and information for which you searched and which you viewed. This information includes, without limitation, characters you type, your search and browsing history, articles you click, and pages you view. Like most Internet services, we automatically gather this information and store it in log files each time you visit our website or access your account on our network. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing a web site. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our website. Persistent Cookies can be removed by following Internet browser help file directions. If you choose to disable Cookies, some areas of our website or service may not work properly. We use Google Analytics on our site. Google Analytics is a web analytics service provided by Google. Google Analytics uses cookies to collect anonymous traffic data to help use analyze how users use the website. The information generated by a cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the site, compiling reports on site activity for us and providing other services relating to site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. By using the website, you consent to the processing of data about you by Google in the manner and for the purposes described in this Privacy Policy.

c. Do Not Track. We do not respond to browser-based “do not track” signals. We do not have any third parties that push content to our site.

d. US – EU Data Privacy Framework. The EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF) were respectively developed in furtherance of transatlantic commerce by the U.S. Department of Commerce and the European Commission and the UK Government to provide U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union / European Economic Area and the United Kingdom (and Gibraltar) while ensuring data protection that is consistent with EU and UK law. EDL has elected to participate in the Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of all personal data received from the EU and the United Kingdom. We certify that we adhere to the Data Privacy Framework Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/ or  EDL’s EU-US Data Privacy Framework.

e. EU General Data Protection Regulation 2018. The General Data Protection Regulation (GDPR), which will apply from 25 May 2018, creates consistent data protection rules across Europe. It applies to companies that are based in the European Union and global companies that process personal data about individuals in the EU and the United Kingdom. In summary, the GDPR gives consumers the rights of access, rectification, automated decision making and profiling, as well as the rights to erasure, restrict processing, data portability and object. You may learn more about GDPR through the European Commissions page under Data Protection.

SECTION 2 – USE OF YOUR DATA.
a. General Use. In general, information you submit to us is used either to respond to requests that you make, or to aid us in serving you better. EDL uses your information to facilitate the creation of and secure your account on our network; identify you as a user in our system; provide improved administration of our website and services; improve the quality of experience when you interact with our website and services; send you administrative e-mail notifications; or respond to your inquiries related to employment opportunities or other requests.

b. Use of your Testing Information. We will only use your Testing Information in order to provide you the services you have requested, process your order, and respond to any order or billing related questions. Your de-identified sample data may be used for internal research purposes. If you would like to “opt-out” from us using your de-identified sample data, please contact us at optout@endeavordna.com and provide your case number.

c. Creation of Anonymous Data. We may create anonymous data records from information (including without limitation, Testing Information) by excluding information (such as your name) that makes the data personally identifiable to you. We use this anonymous data to analyze request and usage patterns so that we may enhance the content of our services.

d. Feedback. If you provide feedback on any of our services to us, we may use such feedback for any purpose, provided we will not associate such feedback with your information. EDL will collect any information contained in such communication and will treat the information in such communication in accordance with this Privacy Policy and our Terms of Service.

SECTION 3 – DISCLOSURE OF YOUR INFORMATION.
a. Resellers. We may share some or all of your information with our parent company, any subsidiary, or any other company under a common control (collectively, “Resellers”), including for marketing purposes. If we do share your information, we will require our Resellers to honor this Privacy Policy. If another company acquires our company or our assets, that company will possess the information collected by it and us and will assume the rights and obligations regarding your information collected by us as described in this Privacy Policy.

b. Agents. We may share your information with agents to the extent necessary for them to provide their products and services to us, or to provide you with the products and services that you have requested. For example, if you engage us for testing services through a local laboratory, the laboratory is acting as our agent. Other examples include, database storage, file storage and file destruction.

c. Business Partners. We may partner with other companies and individuals with respect to particular products or services. These third parties may be provided access to your information needed to perform their function. To restrict sharing of information with these third parties for their marketing purposes, please see the section below titles “Your Choices Regarding Your Information.”

d. Subprocessors. We may share your information with subprocessors to the extent necessary for them to provide their products and services to us, or to provide you with the products and services that you have requested. To restrict sharing of information with these third parties for their marketing purposes, please see the section below titles “Your Choices Regarding Your Information.”

e. Other Disclosures. Regardless of any choices you make regarding your information (as described below), EDL, may disclose information if it believes in good faith that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on EDL; or (b) protect or defend the rights or property of EDL, or users of our services.

SECTION 4 – THIRD PARTY WEBSITES.

We may link to third party websites. Our provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. When you click on such a link, you will leave our site and go to another site. During this process, another entity may collect information from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or framed websites, or to any collection of data after you click on links to such outside websites.

SECTION 5 – YOUR CHOICES REGARDING YOUR INFORMATION.
a. Choices. We offer you choices regarding the collection, use, and sharing of your information. We will periodically send you free newsletters and e-mails that directly promote the use of our site or services and may contain advertisements for third party companies or our Resellers. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly at optout@endeavordna.com. Should you decide to opt-out of receiving future mailings, we may share your e-mail address with third parties to ensure that you do not receive further communications from third parties. Despite your indicated e-mail preferences, we may send you emails related to your account or transactions there under, or notices of any updates to our Terms of Service or Privacy Policy.

b. Changes to information. You may change any of your information in your account by sending an email to us at customercare@endeavordna.com. You may request deletion of your information by us, but please note that we may be required (by law or otherwise) to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives.

c. Storage of information. We may store your DNA samples for up to a 6-month period pursuant to storage availability and accreditation requirements. Per AABB record archive requirements, records related to AABB-accredited casework for United States of America clients shall be archived for a period of 5 years. Per the Ministry of Justice record archive requirements, records related to MoJ-accredited casework for United Kingdom clients shall be archived for a period of 12 months. Per the ISO record archive requirements, records related to ISO-accredited casework shall be archived for a period of 12 months. Records relating to peace of mind and notarized informational casework shall be archived for a period of 6 to 12 months.

SECTION 6 – SECURITY OF YOUR INFORMATION.
We are committed to protecting the security of your information. We use a variety of industry-standard security technologies and procedures to help protect your information from unauthorized access, use, or disclosure.

SECTION 7 – DISPUTE RESOLUTION.
If you have any questions or concerns, please contact EDL by email at privacy@endeavordna.com. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If you and EDL are unable to reach a resolution to the dispute, you may submit your complaint to the Better Business Bureau for mediation under the BBB Dispute Handling and Resolution, which are accessible on the BBB website at www.bbb.org. Questions or comments regarding this policy should be submitted to privacy@endeavordna.com.

SECTION 8 – AGE OF CONSENT.
By using this site and our services, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. We do not intentionally gather information about visitors who are under the age of majority. If you are under the age of majority you should not use our site or service.

SECTION 9 – A NOTE TO USERS OUTSIDE OF THE UNITED STATES.
Your information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of information may be less stringent than the laws in your country. See our EU – US Data Privacy Framework if you are a resident of the EU and the United Kingdom.

SECTION 10 – DATA BREACH.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

SECTION 11 – CONTACT INFORMATION.
Any questions or comments regarding this privacy policy may be directed to our Data Protection Officer at:

Endeavor DNA, Inc.
[Re: Data Protection Officer]
6955 North Mesa Street
Suite 109
El Paso, TX 79912
privacy@endeavordna.com
+1 (915) 519-1600

SECTION 12 – CHANGES TO THIS PRIVACY POLICY.
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you. Continued use of our website, or services, following notice of such changes shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.

Revised Sept 29, 2023