- Information We Collect from You
- How We Use and Disclose Information Collected
- Non-Personal Information Use and Disclosure
- Personally Identifiable Information Use and Disclosure
- Disclosures with Your Consent
- Additional Disclosures
- Access to Your Information
- Do Not Track Signals
- Linked Third-Party Sites
- Information Security
- Data Retention and Deletion
- Cross-Border Transfer of Information
- Compliance and Cooperation with Regulatory Authorities
- European Requirements
- California Requirements
- Contact Us
We offer a range of Services in support of our mission to make the world's health data useful so that people enjoy healthier lives. Our Services may include things like websites that we operate, apps and web-based platforms, and devices, including connected devices.
Information We Collect from You
When you use the Services, certain types of data may be collected from you, including: (1) Non-Personal Information; and (2) Personally Identifiable Information. For more detailed information on personal information from children, please refer to the “Children and Parents” section below.
Personally Identifiable Information
In some circumstances, Verily may also collect information about you from trusted partners, including marketing partners who provide us with information about potential customers of our Services, and security partners who provide us with information to protect against abuse.
Children and Parents
How We Use and Disclose Information Collected
Generally, we may use and disclose the information that we collect for our business purposes, including operation of the Services, as well as development of new products and services. Such use and disclosure of information may vary with respect to the type of information collected, including: (1) Non-Personal Information; and (2) Personally Identifiable Information.
Non-Personal Information Use and Disclosure
We use Non-Personal Information collected through the Services to monitor the performance and effectiveness of the Services, to help personalize your experience, for statistical and research purposes and for improving the functionality of the Services. This information may also be used for administrative purposes including, without limitation, to troubleshoot and resolve problems with the Services and to protect Verily, the Services and our users. We may rely on third-party partners to collect and analyze Non-Personal Information based on our instructions and subject to appropriate privacy and security measures.
Personally Identifiable Information Use and Disclosure
PII collected may be used for a variety of purposes, such as responding to requests for information, creation of user accounts, and processing and fulfillment of orders, as applicable. We may disclose your PII to:
(i) our affiliates in your local jurisdiction, or other locations as necessary or appropriate, to assist us with responding to requests for information, to process and fulfill orders, and to provide other activities contemplated by the Services; and
(ii) business partners or service providers we use to perform site hosting, analytics, and other information technology and support functions on our behalf, and such activities are performed based on our instructions and in compliance with appropriate privacy and security measures.
Where permitted, your PII may also be used to create de-identified data sets.
Disclosures with Your Consent
In addition to the activities described above, we may share personal information with companies, organizations or individuals outside of Verily if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to: (1) meet any applicable law, regulation, legal process or enforceable governmental request; (2) enforce applicable Terms of Service, including investigation of potential violations; (3) detect, prevent or otherwise address fraud, security or technical issues; or (4) protect against harm to the rights, property or safety of Verily, our users or the public, as required or permitted by law.
Access to Your Information
We aim to provide you with access to your personal information gathered through the Services. In some circumstances you may have the right to review or request your personal information, or request that it be updated or deleted, by contacting us using the method below under the caption “Contact Us.” However, to the extent permitted by law, we may reject requests that are unreasonably repetitive, unduly burdensome, risk the privacy of others, or would be very impractical to honor.
To the extent practicable, where we can provide our users with information access and correction through the Services, we will do so for free, except where it would require a disproportionate effort. We aim to protect information gathered through the Services from accidental or malicious destruction.
Do Not Track Signals
Linked Third-Party Sites
We may provide links to other third-party websites through the Services solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that Verily endorses, is affiliated with or makes any representations concerning such third-party websites. Verily neither reviews, nor controls, nor is responsible for these third-party sites or any content therein. If you decide to access any of the third-party sites linked through the Services, you do so entirely at your own risk. Verily shall not be liable for any consequences arising from use of any third-party websites to which the Services link.
We work hard to prevent unauthorized accessing, alteration, disclosure, or destruction of the information we hold. We have many data security safeguards in place, and we regularly review our security practices to proactively guard against unauthorized access.
We strive to maintain the security of your information by using appropriate measures designed to protect our systems. However, we cannot guarantee the security of any information that is disclosed online. Consequently, we do not insure or warrant the security of any information you transmit, and you do so at your own risk.
Data Retention and Deletion
For some data, you can request deletion whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary. When data is deleted, we follow internal policies and procedures to make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
Data That Expires After a Specific Period of Time: In some cases, we store data for a predetermined period of time. For each type of data, we set retention timeframes based on the reason for its collection. Where applicable, we also take steps to anonymize certain data within set time periods.
Information Retained for Extended Time Periods for Limited Purposes: Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:
- Security, fraud & abuse prevention
- Financial record-keeping
- Complying with legal or regulatory requirements
- Ensuring the continuity of our Services
- Direct communications with Verily
We try to ensure that our Services protect information from accidental or malicious deletion. Because of this, there may be delays between when something is deleted and when copies are deleted from our active and backup systems. For our active systems, this process generally takes around two months from the time of deletion; however, data can remain on backup systems for up to six months.
Cross-Border Transfer of Information
When we transfer personal information from the European Economic Area and Switzerland to other countries, including to the United States, we use a variety of legal means to help ensure the data is appropriately protected. As described in our Privacy Shield certification, Verily Life Sciences LLC complies with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use and retention of personal information in the United States from European Union member countries, and the United Kingdom (UK) and Switzerland, respectively ("European Personal Information"). Verily has certified its commitment to subject to the Privacy Shield Principles all such European Personal Information received from the EU, the UK and Switzerland in reliance on Privacy Shield. We shall remain responsible for European Personal Information that we share under the Onward Transfer Principle with third parties for processing on our behalf, as described under the caption “How We Use and Disclose Information Collected.” Learn more about the Privacy Shield program here.
If you have an inquiry regarding our privacy practices in relation to our Privacy Shield certification, we encourage you to contact us. Verily is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC). You may also file a complaint free of charge with your local data protection authority and we will work with them to resolve your complaint. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
Compliance and Cooperation with Regulatory Authorities
We also adhere to several self-regulatory frameworks, including the EU-US and Swiss-US Privacy Shield Frameworks. When we receive formal written complaints, we will contact the person who made the complaint to follow-up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.
If European Union (EU) data protection law applies to the processing of your information, you may contact us in order to exercise your rights to request access to, update, remove and restrict the processing of your information. You also have the right to object to the processing of your information or export your information to another service.
With Your Consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time.
When We’re Pursuing Legitimate Interests: We process your information for our legitimate interests and those of third parties while applying appropriate safeguards that protect your privacy. This means that we process your information for things like:
- Providing, maintaining and improving our Services to meet the needs of our users
- Developing new products and features that are useful to our users
- Understanding how people use our Services to ensure and improve the performance of our Services
- Customizing our Services to provide you with a better user experience
- Marketing to inform users about our Services
- Detecting, preventing or otherwise addressing fraud, abuse, security or technical issues with our Services
- Protecting against harm to the rights, property or safety of Verily, our users or the public, as required or permitted by law
- Performing research that improves our Services for our users and benefits the public
- Fulfilling obligations to our partners
- Enforcing legal claims, including investigation of potential violations of applicable Terms of Service
When We’re Providing Services
We process your data to provide Services you’ve asked for under contract. We may also process your data in the course of providing Services to our business partners, to which you may have provided your data; such processing is performed at the direction of our business partners.
When We’re Complying with Legal Obligations
We’ll process your data when we have a legal obligation to do so, for example, if we’re responding to legal process or an enforceable government request.
If you have questions, you can contact Verily and our data protection officer. You can also contact your local data protection authority if you have concerns regarding your rights under local law.
If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures and the mechanisms described in this policy so you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information.
Verily provides two mechanisms that allow you to submit requests to access, review, update and delete your information. You can submit such requests by (1) calling our toll-free number at 833-821-6366 (2) emailing us at firstname.lastname@example.org. You can also read more about Verily’s data retention periods, and the process we follow to delete your information.
Verily does not sell your personal information. We only share your information as described in this policy. Verily processes your information for the purposes described in this policy, which include “business purposes” under the CCPA. These purposes include:
- Protecting against security threats, abuse, and illegal activity. Verily uses and may disclose information to detect, prevent and respond to security incidents, and to protect against other malicious, deceptive, fraudulent, or illegal activity. For example, to protect our services, Verily may receive or disclose information about IP addresses that malicious actors have compromised.
- Auditing and measurement. Verily uses information for analytics and measurement to understand how our services are used, as well as to fulfill obligations to our partners like publishers, advertisers, developers, or rights holders. We may disclose non-personally identifiable information publicly and with these partners, including for auditing purposes.
- Maintaining our services. Verily uses information to ensure our services are working as intended, such as tracking outages or troubleshooting bugs and other issues that you report to us.
- Research and development. Verily uses information to improve our services and to develop new products, features and technologies that benefit our users and the public.
Verily also uses information to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement. If you have additional questions or requests related to your rights under the CCPA, you can contact us using the mechanisms described above.
If you have any questions or concerns regarding the information gathered through the Services, or would like to submit a request related to your information (including requests to review, update or delete your information), please let us know by emailing us at email@example.com.