Privacy & Data Collection Policy

---

Effective Date: 03-28-2022
Notice Version: 1.0

Data Controller Contact Information: 

Virus Geeks 

3010 LBJ Freeway Suite 1200

Dallas, Texas 75234

support@virusgeeks.com  

1-800-731-8815

The following privacy notice applies to Virus Geeks Inc and its association with Matrix Diagnostics Inc, hereinafter and collectively referred to as “Virus Geeks”.

Our privacy notice governs our privacy practices when you are using any of our websites such as but not limited to https://virusgeeks.com, https://my.virusgeeks.com/testreg, https://my.virusgeeks.com, and any of our mobile applications such as but not limited to Virus Geeks Mobile App, hereinafter and collectively referred to as our website.

Our privacy notice tells you what personal data and nonpersonal data we collect from you, how we collect them, how we protect them, how we disclose them, how you can access and change them, and how you can limit our disclosing of them. Our privacy notice also explains certain legal rights that you have about your personal data. Any capitalized terms not defined herein will have the same meaning as where they are defined elsewhere on our website.

Definitions 

‘NONPERSONAL DATA’ (NPD) means any information that is in no way personally identifiable.

‘PERSONAL DATA’ (PD) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person can be identified directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. PD is in many ways the same as Personally Identifiable Information (PII). However, PD is broader in scope and covers more data.

‘SENSITIVE PERSONAL DATA’ (SPD) means a consumer’s social security, driver’s license, state identification card, or passport number; a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security, access code, password, or credentials allowing access to an account; a consumer’s exact geolocation; a consumer’s ethnic or racial origin, religious or philosophical beliefs, or union membership; the contents of a consumer’s mail, text messages, and email unless the business is the intended receiver of the communication; a consumer’s genetic data; the processing of biometric data to uniquely identify a consumer; personal information collected and analyzed about a consumer’s health; sex life or sexual orientation.

COVID-19 App Limited Use Disclosure 

Apps created specifically for the COVID-19 response may not access personal and sensitive data that is not required to directly support the public health emergency and may only use the data collected to support COVID-19-related efforts or epidemiological research or to comply with valid legal process.

Using Your Phones Camera and Other Features: 

Our Virus Geeks Mobile App asks for the following permissions: users can allow or deny these permission requests:  
 

1. To share your phone’s location data to help find nearby Virus Geeks COVID-19 testing locations.  

2. Access to your phone’s camera 

• To read your driver’s license bar code to auto-populate personal information if registering or scheduling an appointment for a Virus Geeks COVID-19 test.  
• To capture an image of your or your dependent’s COVID-19 vaccination card. 
• To scan your or your dependent’s Smartcard QR code to save your vaccination information. 

3. Access to your phone’s files (as an example, to upload a document or image) 

• To upload a picture of your or your dependent’s COVID-19 vaccination card.
• To upload a picture of your or your dependent’s Smartcard QR code.
• To download PDFs with COVID-19 test result information.

Topics Covered in Our Privacy Notice 

YOUR RIGHTS 

INFORMATION WE COLLECT AND HOW WE COLLECT IT 

HOW YOUR PD IS USED AND DISCLOSED
RETAINING AND DESTROYING YOUR PD 
PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES 

DO NOT TRACK SETTINGS 

LINKS TO OTHER WEBSITES 

PROTECTING CHILDREN’S PRIVACY 

OUR EMAIL POLICY
OUR SECURITY POLICY 

USE OF YOUR CREDIT CARD 

TRANSFERRING PD FROM OTHER COUNTRIES 

CHANGES TO OUR PRIVACY NOTICE
 

YOUR RIGHTS 

Contact us using the information at the top of this privacy notice to exercise any of your legal rights contained within this privacy notice. We will respond to your request within 30 days after receiving it. Occasionally it may take longer for multiple requests or complex circumstances.
 

When using our website and submitting PD to us, you have certain rights under privacy laws in the United States including the California Consumer Privacy Act (CaCPA), the California Privacy Rights Act (CPRA), and maybe the privacy laws of other U.S. states. Even if not listed here, we will make reasonable efforts to honor data subject access requests even though we may be under no legal obligation to do so. However, we reserve the right to decline any data subject access request that we are not legally obligated to comply with. Your rights may include but are not limited to the following: 

1. The right to equal service, price, and not be discriminated against even if you exercise your privacy rights. 
2. The right to one or more means where you can submit requests under this privacy notice including (at minimum) a toll-free telephone number and an email address if the business operates a storefront and a website. If the business operates only an Internet website, then it must have a dedicated email address where you can submit requests for information required to be disclosed by law. 
3. The right to know whether your PD is sold or disclosed and to whom. 
4. The right to request that we do not sell any of your PD.  
5. The right to be informed about the PD that we collect from you and how we process them.  
6. The right to get confirmation that your PD are being processed and you can access your PD. 
7. The right to have your PD corrected if they are inaccurate or incomplete. 
8. The right to request the removal or deletion of your PD if there is no compelling reason for us to continue processing them. However, the right to deletion is not absolute and can be overridden to continue data processing in some cases where we still have a legal ground or overriding legitimate interest to process your data. 
9. The right to ‘block’ or restrict the processing of your PD. When your PD are restricted, we are permitted to store your PD, but not to process them further. 
10. The right to request the PD that you provided to us and use them for your own purposes. Upon express request, we will provide your data to you or another service or product provider within 30 days of your request subject to commercial and industrial secrets. 
11. The right to object to us processing your PD for the following reasons: 
12. processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); 
13. direct marketing and targeted advertising (including profiling); 
14. processing for purposes of scientific/historical research and statistics. 
15. The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects regarding you or similarly significantly affects you.  
16. The right that we limit the collection of your PD to that which is "adequate, relevant and reasonably necessary with the purposes for which the data is processed. 
17. The right that we do not process your PD for purposes that are neither reasonably necessary nor compatible with the disclosed purposes for which such personal data is processed, as disclosed to you unless the controller obtains your consent. 
18. The right to designate an authorized agent to make a request on your behalf. When designating an authorized agent, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification. 
19. The right to file a complaint with supervisory authorities if your information has not been processed in compliance with your rights under privacy laws.  
     

INFORMATION WE COLLECT AND HOW WE COLLECT IT 

Generally, you control the amount and type of information that you provide to us when using our website. 

Automatic Information 

We automatically receive information from your web browser or mobile device. This information may include the IP address of your computer or the proxy server you use to access the Internet, your Internet service provider’s name, your web browser type, the type of mobile device, your computer operating system, and data about your browsing activity when using our website. We use all this information to help improve our website.

When Entering and Using Our Website 

When you enter and use our website and agree to accept cookies, some of these cookies may contain your PD.

Our Use of Cookies 

Our website uses cookies. A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well.  

By agreeing to accept our use of cookies you are giving us and the third parties with which we partner permission to place, store, and access some or all the cookies described below on your computer and or mobile device.  

• Strictly Necessary Cookies - These cookies are necessary for the proper functioning of the website, such as displaying content, logging in, confirming your session, responding to your request for services, and other functions.  
• Performance Cookies - These cookies collect information about the use of the website, such as pages visited, traffic sources, users’ interests, content management, and other website measurements. 
• Functional Cookies - These cookies enable the website to remember users’ choices, such as their language, usernames, and other choices while using the website.  
• Media Cookies - These cookies can be used to improve a website’s performance and provide special features and content. They can be placed by us or third parties who provide services to us. 
• Advertising or Targeting Cookies - These cookies are usually placed and used by advertising companies to develop a profile of your browsing interests and serve advertisements on other websites that are related to your interests.  
• Session Cookies - These cookies allow websites to link the actions of a user during a browser session. They may be used for remembering what a user puts in their shopping cart as they browse a website. Session cookies also permit users to be recognized as they navigate a website so that any item or page changes they make are remembered from page to page. Session cookies expire after a browser session. 
• Persistent Cookies - These cookies are stored on a user’s device between browser sessions, which allows the user’s preferences or actions across a website or across different websites to be remembered. Persistent cookies may be used for remembering users’ choices and preferences when using a website or target advertising to them. 
• We may also use cookies for: 
• identifying the areas of our website that you have visited; 
• personalizing the content that you see on our website; 
• our website analytics; 
• remarketing our products or services to you; 
• remembering your preferences, settings, and log-in details; 
• targeted advertising and serving ads relevant to your interests; 
• allowing you to disclose content with social networks. 

Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to access features on our website correctly or at all.

Web Beacons 

We may use a technology called web beacons to collect general information about your use of our website and your use of special promotions or newsletters. The information we collect by web beacons allows us to statistically watch the number of people who open our emails.

At User Registration or When Buying Products or Services 

When you register as a user or when buying our products and or services, we may collect some or all the following PD: your email address, password, full name, birth date, physical address,  

phone number, sex, race or ethnicity, insurance information (optional), vaccination card photo (optional), vaccine manufacturer, date(s), location vaccination was received, and other information listed.

Collecting Information About Your Physical Location 

When you use our services, we may collect and process information about your actual physical location. We use several technologies such as GPS and IP tracking to determine your location. These technologies may also give us information about nearby cell towers, Wi-Fi access points, and other devices.

Google API 

By using our website, you are subject to the Google Privacy Policy and Terms of Service.  
When collecting and processing user data, including PD from Google APIs, we will follow Google API Services User Data Policy. We also require that our employees, contractors, and agents comply with the Google API Services User Data Policy.

Chat Software or Contact Forms 

Our website contains chat software or contact forms that enable visitors to communicate with us online or offline by email. Sometimes, visitors can communicate with us without buying our products and services. When you use our chat software or contact forms, we may collect some or all the following information: your email address, first name, last name, location, and any other information you willingly choose to give us. You should limit the information you give to us to one that is necessary to answer your questions.

Google Analytics 

Our website uses Google Analytics to collect information about the use of our website. Google Analytics collects information from users such as age, gender, interests, demographics, how often they visit our website, what pages they visit, and what other websites they have used before coming to our website. We use the information we get from Google Analytics to analyze traffic, improve our marketing, advertising, and website. We do not combine the information collected using Google Analytics with PD. You can prevent Google Analytics from using your information by opting out at this link: https://tools.google.com/dlpage/gaoptout 

Disclosing Your PD for Lookalike or Similar Audience Marketing 

We may disclose your PD with third parties for similar audience marketing purposes. Similar audience marketing is also called lookalike audience marketing. The third parties we disclose your PD with for this type of marketing include Facebook and/or Google. Using your PD for similar audience marketing or lookalike audience marketing helps us find new audiences (users and customers) based on similar interests to yours. This helps us improve our marketing services. Your PD is only disclosed with Facebook and Google for this marketing. By using our website and agreeing to our privacy notice you are giving consent for your PD to be used for the marketing purposes described within this section.

What Happens If You Don’t Give Us Your PD 

If you do not provide us with enough PD, we may not be able to provide you with all our products and services. However, you can access and use some parts of our website without giving us your PD.

HOW YOUR PD IS USED AND DISCLOSED  
We use the PD we receive from you to:
 

• respond to any requests from you regarding sales and support;  
• provide our products and services to you; 
• contact you regarding any agreements or accepted terms that you may have with us for our services;  
• contact you regarding changes to our services or website;  
• charge you for our products and or services and collect payment;  
• help personalize your searches; 
• solve any technical problems you have;  
• personalize and customize our content;  
• make improvements to our website; 
• contact you with updates to our website, products, and services; 
• resolve problems and disputes. 

Communications and Emails 

When we communicate with you about our website, we will use the email address you provided when you registered as a user or customer. We may also send you emails with promotional information about our website or offers from us or our affiliates unless you have opted out of receiving such information. You can change your contact preferences at any time through your account or by contacting us using the information at the top of this privacy notice.

Text Messaging, SMS, Push Notifications, and Telephone Calls 

If you provide a mobile telephone number, or landline telephone number to us, you are giving your express consent and authorize us or a third party to contact you by using any of these communication methods. You are not required to give us your consent to contact you through these communication methods. However, withholding your consent may interfere or prevent us from providing some or all our services to you. You can stop receiving text messages, push notifications, and telephone calls by contacting us or using one of our opt-out methods.

Disclosing Your PD to Third Parties 

We do not sell or rent your PD to third parties for marketing purposes. However, for data aggregation purposes we may use your NPD, which might be sold to other parties at our discretion. Any such data aggregation would not contain any of your PD.

Disclosing Your PD to Service Providers and or Contractors 

At times we give your PD to service providers and or contractors whom we hire to provide services to us. These service providers and or contractors may include but are not limited to payment processors, web analytics companies, data management services, help desk providers, accountants, law firms, auditors, shopping cart and email service providers, and shipping companies.

Legally Required Releases of Information 

We may disclose your PD if such disclosure is (a) required by subpoena, law, or other legal processes; (b) necessary to assist law enforcement officials or government enforcement agencies; (c) necessary to protect us from legal action or claims from third parties, including you and or other users; or (d) necessary to protect the legal rights, personal and or real property, or the personal safety of our company, users, employees, and business partners.
 

Disclosures to Successors 

If our business is sold or merges in whole or in part with another business that would become responsible for providing the website to you, we retain the right to transfer your PD to the new business. The new business would retain the right to use your PD according to the terms of this privacy notice as well as to any changes to this privacy notice as instituted by the new business. We also retain the right to transfer your PD if our company files for bankruptcy and some or all of our assets are sold to another individual or company.

HOLDING AND DESTROYING YOUR PD  
We only retain your PD for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for PD, we consider the amount, nature, and sensitivity of the PD. When your information is no longer needed, we will destroy, delete, or erase it.

PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES 

If you make any postings on our website that contain information about third parties, you agree that you have permission to include that information. While we are not legally liable for the actions of our users, we will remove any postings about which we are notified if such postings violate the privacy rights of others.

DO NOT TRACK SETTINGS 

Some web browsers have settings that enable you to request that our website not track your movement within our website. Our website does not obey such settings when transmitted to and detected by our website. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.

LINKS TO OTHER WEBSITES 

Our website may contain links to other websites. These websites are not under our control and are not subject to our privacy notice. We have no responsibility for these websites, and we provide links to these websites solely for your convenience. You accept that your use of and access to these websites are solely at your risk.

PROTECTING CHILDREN’S PRIVACY 

Our website is not designed for use by anyone under the age of 13. We do not knowingly collect PD from children under the age of 13 without parental consent. If you are a parent or guardian and believe that your child is using our website and they are under the age of 13, please contact us. Before we remove any information we may ask for proof of identification to prevent malicious removal of account information. If we discover that a child under the age of 13 is accessing our website, we will delete their information within a reasonable period of time.

OUR EMAIL POLICY  
You can always opt out of receiving email correspondence from us or our affiliates. We will not sell, rent, or trade your email address to any unaffiliated third party without your permission except in the sale or transfer of our company, or if our company files for bankruptcy as described in the section Disclosures to Successors.

OUR SECURITY POLICY  
We have built our website and services using industry-standard security measures and authentication tools to protect the security of your PD. We and the third parties who provide services to us also maintain technical and physical safeguards to protect your PD. SPD is protected at a higher level than most PD. Unfortunately, we cannot guarantee the prevention of loss or misuse of your PD or secure data transmission over the Internet because of its nature. We strongly urge you to protect any password you may have for our website and not disclose it to anyone.

USE OF YOUR CREDIT CARD  

You may have to provide a credit or debit card to buy products and services from our website. We use third-party billing services and have no control over them. We use commercially reasonable efforts to ensure that your credit card number is kept strictly confidential by using only third-party billing services that use industry-standard encryption technology to protect your credit card number from unauthorized use. However, you understand and agree that we are in no way responsible for any misuse of your credit card number. 

TRANSFERRING PD FROM OTHER COUNTRIES 

PD that we collect from you may be stored, processed, and transferred among any countries in which we operate. The European Union has not found the United States and some other countries to have an acceptable level of protection of PD under Article 45 of the GDPR. Our company relies on derogations for specific situations as defined in Article 49 of the GDPR. If you are a European Union user, or a user from another country, with your consent your PD may be transferred to the United States or other countries when you request information from us. When you buy goods or services, we will use your PD to perform a contract with you. Wherever we transfer, process, or store your PD, we will try to apply reasonable safeguards to protect it. We will use the information we collect from you by following the practices described in our privacy notice. Also, we enter into data processing agreements and standard contractual clauses when appropriate. By using our website, services, or products, you agree to the transfers of your PD described within this section.

CHANGES TO OUR PRIVACY NOTICE 

We reserve the right to change this privacy notice at any time. If our company decides to change this privacy notice, we will post those changes on our website so our users and customers are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide advance notice by email sent to the email address on file in your account. Otherwise, we will use and disclose our users’ and customers’ PD in agreement with this privacy notice in effect when the information was collected. Your continued use of our website, services, and products after any change to this privacy notice will constitute your acceptance of such change. If you have questions about our privacy notice, please contact us through the information at the top of this privacy notification.