Last Updated: 01 October 2018
Myriad Genetics, Inc., 322 North 2200 West Salt Lake City, Utah 84116, U.S.A., and its affiliated companies in the United States and Europe, including Myriad International GmbH and Myriad Genetics GmbH, (collectively referred to herein as “Myriad”), are committed to adhering to applicable data protection laws. Myriad recognizes and respects the privacy rights of individuals with regard to their personal data. If you are from the European Economic Area (EEA), this Data Privacy Statement will explain Myriad’s legal basis for collecting and using your Personal Data and the specific context in which we collect it.
Myriad applies the General Data Protection Regulation (GDPR) EU 2016/679 to all Personal Data we control or process on behalf of others. Myriad may process your Personal Data because:
In addition, we may process your Personal Data on the basis of the legitimate interest of Myriad so long as it does not override your individual interests, rights or freedoms.
Myriad may collect Personal Data of patients in the course of providing our clinical laboratory testing and related services, including but not limited to, patient name, address, other contact information, medical history and records, and health insurance information. Myriad may process this Personal Data for the following purposes: providing clinical laboratory services, including molecular diagnostic test services; creating anonymized analyses of biomarker and cancer type data for publication and internal use; and providing customer service.
Myriad collects Personal Data of our employees in the course of their employment with us, including but not limited to, the employees name, address, other contact information, and job title and salary information. Myriad may process this Personal Data for general HR administrative functions, including hiring, performance assessment, promotion, and salary and benefits determinations.
Myriad may collect Personal Data of individuals who provide services on our behalf, including but not limited to, name, biographical information, address, and other contact information.Myriad may process this Personal Data for purposes of carrying out the service agreements it has with these individuals or their employers.
Myriad’s European affiliates, with offices in the EEA, store and transfer data, including Personal Data, to the United States and process it there. The level of data protection in the United States is considered not to be the same as in the EEA according to the absence of a respective adequacy decision of the EU Commission. Myriad ensures that such transfers are carried out in compliance with the applicable data protection laws and regulations. Any transfers to third countries outside the EEA are secured through appropriate contractual guarantees such as the EU Commissions Standard Contractual Clauses for transfers to the United States where applicable. You may request and receive a copy of such documents from us.
If you are a resident of the EEA, you have certain data protection rights. Myriad aims to take reasonable steps to allow you to correct, amend, delete or limit the Processing of your Personal Data. If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. Under the GDPR, you have the following data protection rights:
You have the right to obtain information as to whether we process your Personal Data and to receive a copy of your Personal Data retained by us as a Controller. In addition, you have the right to obtain certain information how and why we process your Personal Data.
You have the right to have your Personal Data amended or rectified where it is inaccurate and to have incomplete Personal Data about you completed.
You have the right to erasure of your Personal Data, inter alia, in the following cases:
You have the right to restrict our Processing of your Personal Data in the following cases:
You have the right to object to our Processing of your Personal Data, inter alia, in the following cases:
You have the right to receive your Personal Data which you have provided to us and you have the right that we send your Personal Data to another organization (or ask us to do so if technically feasible) where our lawful basis for the Processing is your consent, or where the Processing is necessary for the performance of our contract with you and the Processing is carried out by automated means.
You also have the right to withdraw your consent at any time where Myriad relied on your consent to process your Personal Data.
Please note that we may ask you to verify your identity before responding to such requests.
If you are not satisfied with our use of your Personal Data or our response to any exercise of these rights, we kindly ask you to first contact our Data Protection Officer using the contact details set forth below or write to us at [email protected].
You have the right to complain to a Data Protection Authority about our collection and Processing of your Personal Data. For more information, please contact your local data protection authority in the EEA.
Please note that we do no automated decision-making, including profiling concerning your Personal Data.
The data protection officer in accordance with the General Data Protection Regulation is: Attn: Ms. Alef Voelkner Fox-On Datenschutz GmbH Pollerhofstrasse 33a 51789 Lindlar/Köln, GERMANY Phone: 492266 9015920 Mail: [email protected]
If you have any questions, please email us at [email protected]. You may also write to us or call us at: Attn: Privacy Office Myriad Genetics, Inc. 322 North 2200 West Salt Lake City, UT 84116 (866) 485-1599 Download Spanish version