Privacy Policy

Natero, Inc. (“Natero” or “we” or “us” or “our”), makes available a service that enables a customer that collects time-series data (e.g., website clickstream data, mobile application usage data) to define and view custom analytical reports based on such data and information (the “Service”). A customer that desires to use the Service must execute a separate online agreement with Natero (the “Natero Service Agreement”). A customer that executes such an agreement is referred to herein as a “Natero Customer”. Under such agreement, the Natero Customer grants Natero permission to collect and store time-series data from where it is generated or stored as specified by the user. This data and the information provided to Natero to permit us to access such data for collection are collectively referred to as “Customer Data.” Natero also collects Registration Data as defined below.

Natero provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information that we receive from you. This Privacy Policy may be updated from time to time. We will notify you of any material changes which you can review as the updated Privacy Policy posted on the Natero website (the “Site”). If you do not accept the updated Privacy Policy, you may terminate Service as provided in the Natero Service Agreement; otherwise the updated Privacy Policy will apply to you.

As used in this policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates.

Information Collection and Use of Information on the Natero Website

Natero collects some personal information and some anonymous information about visitors to our website in order to maintain the website and to tailor the website to their needs, referred to as “Registration Data.” In this case, Natero acts as the data controller for this data. We do not collect personal information that is connected to their online activities over time or across third-party websites or online services (but we may collect this type of anonymous information about them through the use digital re-targeting technology). We may use personal information collected through our website to complete a transaction they request. For example, to provide Natero business information to them that they have specifically requested. If they give us permission, Natero and its third party partners may also use their mailing address, telephone number or email address to alert them about updates to the Service or to discuss potential sales of the Service. If they give us permission to use their personal information for a specific purpose and they decide later they don’t want us or our third party partners to contact them, they have the ability to rescind their permission. Anonymous information collected through our website is used for maintenance and monitoring of the website, and market research.

Information Collection and Use of Information through the Natero Service

Natero collects some personal information about users of the Natero service, including name and email address. We use this personal information to provide updates on the service, contact users who are experiencing service issues, and as part of the identification required to provide access to the service itself. Natero may collect anonymous or personal information relating to a user’s use of the Service, for example, usage of the Service, renewal data and clickstream data. Anonymous information gathered from a user’s use of the Service may be used in conjunction with personal information gathered at the same time to prepare reports for our customers on how their users are using the Service. For example, we may gather information about how many times a specific user name in under a Service account uses a certain feature of the Service and for what length of time, and include the same in a report provided to you. Natero also collects information about how the users of the Natero service interact with the service for purposes of improving the service and debugging service issues. We also use personal information provided to us by our users, or which you upload to the Service via the platform, in accordance with your authorization under the Terms of Service to assist you with questions and to resolve problems relating to your use of the Service. In the case of data collected about the users of the Natero service, Natero acts as the data controller for the data.

Natero also may collect personal information about the customers of our customers. Natero handles personal data we receive from our customers, as such we are not the data controller and do not determine what specific personal data will be transferred. Having said that, the range of potential data may include individual name, email address and physical address. Personal Information we collect from our customers’ customers is collected and used for the sole purpose of providing the Service to that customer. Natero uses anonymous information to efficiently operate the Service, to enhance your experience using the Service, to optimize the performance of the Service, and to show potential customers how the Service is used by other customers. For example, we may use anonymous information to diagnose and correct any problems you or others are having with the Service or include anonymous information in a Service usage report during a sales pitch to a potential customer to show how the Service is used by existing customers.

Cookies

Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use cookies for two purposes. First, we may utilize persistent cookies to save your registration ID and login password for future logins to the Site. Second, we utilize session ID cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by Natero Users and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and Service and then close your browser. Third-party advertisers on the Site may also place or read cookies on your browser. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the Service.

Phishing

Identity theft and the practice currently known as “phishing” are of great concern to Natero. Safeguarding information to help protect you from identity theft is a top priority. We do not and will not, at any time, request your credit card information, your account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.

Information Sharing and Disclosure

Aggregate Information and Non-Identifying Information. We may share aggregated information about Registration Data that does not include personally identifiable information and we may otherwise disclose non-identifying Information with third parties for industry analysis, demographic profiling and other purposes. Any aggregated information shared in these contexts will not contain your personally identifiable information. Otherwise, we will never share any Customer Data, aggregated or not, unless required to by law as described below.

Service Providers. We may employ third-party companies and individuals to facilitate our Site and Service, to provide the Service on our behalf, to perform Site-related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Site’s features) or to assist us in analyzing how our Site and Service are used. These third parties may have access to your Registration Data or Customer Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Compliance with Laws and Law Enforcement. Natero cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will only disclose information about you to government or law enforcement officials or private parties as necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Natero or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, any illegal, unethical or legally actionable activity. Natero respects the ownership rights of Natero Customers in Customer Data and, accordingly, Natero will exercise commercially reasonable efforts to inform you of any request made to us for disclosure of your Customer Data and to cooperate with you in taking those measures permitted by law for limiting disclosure of your Customer Data.

Business Transfers. In the case of a merger, acquisition or reorganization, Natero may sell, transfer or otherwise share some or all of its assets, including your Customer Data, in order to provide you continued service.

Changing or Deleting Your Information

All Natero Customers may review, update, correct or delete their Registration Data and Customer Data, including the personally identifiable information in their registration profile by contacting us. If you completely delete all such information, then your account may become deactivated. If you would like us to delete your record in our system, please Contact us at privacy@natero.com with a request that we delete your personally identifiable information from our database. We will use commercially reasonable efforts to honor your request. We will respond to your request for deletion within 30 business days.

Security

Natero is very concerned with safeguarding your information. We employ administrative, physical and electronic measures designed to protect your information from unauthorized access.

We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email or conspicuous posting on this Site in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

Privacy Shield

Natero complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Natero has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Natero is responsible for the processing of personal information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Natero complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions.

With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Natero is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Natero may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-US and Swiss-US Privacy Shield Principles, Natero commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact Natero at:

Email: privacy@natero.com

Physical mail:
201 San Antonio Circle, Suite 290
Mountain View, CA 94040
USA

Natero has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration before a Privacy Shield Panel when other dispute resolution procedures have been exhausted.

Notice. When Natero collects personal information from individuals in European Union and Switzerland, we will inform them about the purposes for which this information is being collected and used, the types of third parties to which we may disclose such information, and the choices and means that we offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Natero or as soon as practicable thereafter, and in any event before we use the information for a purpose other than that for which it was originally collected.

Choice. When Natero collects personal information from visitors to it’s website, they have the opportunity to opt-out of having their information disclosed to a non-agent third party, or used for a purpose other than the purpose for which it was originally collected by emailing us with your request at privacy@natero.com. If you choose to opt-out in this manner, your request will be processed immediately and take effect within 30 days.

Onward Transfers to Third Parties. Natero will use reasonable efforts to obtain assurances from its third party partners that they will safeguard personal information consistent with the policies set forth in this Privacy Policy. Examples of appropriate assurances that may be provided by third party partners include a contract obligating the third party partner to provide at least the same level of protection for the personal information it has access to as is required by the Privacy Shield Principles. If we become aware that a third party partner is using or disclosing personal information in violation of this Privacy Policy, we will take reasonable steps to prevent or stop the use or disclosure. In cases of onward transfer of the data of individuals in the European Union and Switzerland to third party processors received pursuant to the EU-US Privacy Shield and Swiss-US Privacy Shield, Natero is potentially liable for violations of the Privacy Shield Principles by such parties. Natero is partnered with Mailgun to support the performance of the Service by processing your personal information or the personal information of your customers as the same is downloaded by you into the Service platform. Natero is partnered with Amazon Web Services to support the performance of the Service by processing your anonymous information in order to provide usage reports that you request and to optimize and enhance the Service.

Security. Natero will take reasonable and industry standard precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Data Integrity and Purpose Limitation. Natero will only use personal information for the purpose for which it was collected or subsequently authorized by the individual. We will take reasonable steps to ensure that personal information is relevant to its intended use, complete, and current.

Access. Natero acknowledges that EU and Swiss individuals have the right to access the personal information that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to privacy@natero.com. If requested to remove data, we will respond within a reasonable timeframe.

Recourse, Enforcement and Liability. Natero will conduct compliance audits of its privacy practices to verify adherence to this Privacy Policy. Natero employees that are found to have violated this Privacy Policy will be subject to disciplinary action up to and including termination of their employment with Natero.

Links to Other Sites

Our Site contains links to other websites. If you choose to visit a third party website, e.g. an advertiser by “clicking on” a banner ad or other type of advertisement, or click on another third-party link, you will be directed to that third party’s website. The fact that we link to a website or present a banner ad or other type of advertisement is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third-party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

Our Policy Toward Children

Our Site and Service is not directed to children under 13. We do not knowingly collect personally identifiable information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should Contact us at privacy@natero.com. If we become aware that a child under 13 has provided us with personally identifiable information, we will delete such information from our files.

Contacting Natero

If you have any inquiries or complaints regarding this Policy or our compliance with Privacy Shield, you should first contact Natero at:

Email: privacy@natero.com
Postal mail: 201 San Antonio Circle, Suite 290, Mountain View, CA 94040, USA

Last updated: October 27, 2017