Additional Information for EEA, Swiss, and UK Residents
NeoGenomics Laboratories, Inc., U.S.A., (“NeoGenomics”) and its affiliated companies are committed to adhering to applicable data protection laws. This notice along with our Privacy Notice and other notices on our website disclose our practices with regard to the collection, processing and use of personal data.
This notice does not apply to data processing activities specifically relating to current or former NeoGenomics employees or applicants. The relevant Employee Privacy Policy or Applicant Privacy notice may be requested by contacting compliance@neogenomics.com.
Data Protection Legislation
Throughout this notice we refer to “Data Protection Legislation” which means the Data Protection Act 2018 which incorporates the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the General Data Protection Regulation which is the governing legislation that regulates data protection across the EEA. This includes any replacement legislation coming into effect from time to time, including the UK GDPR.
For the purposes of Data Protection Legislation, NeoGenomics or one of its affiliates, is the (“data controller”). This means that NeoGenomics is responsible for deciding how NeoGenomics holds and uses personal information about you. NeoGenomics are required under data protection legislation to notify you of the information contained in this privacy policy.
Legal Basis for Processing Your Information
If your personal information is protected by the Data Protection Legislation, the lawful bases for processing your personal data are:
- To perform a contract NeoGenomics has entered into, or is about to enter into,
- Where the processing of your data is necessary for our legitimate interests (or those of a third party and your interests and fundamental rights are not overridden by those interests),
- Where NeoGenomics needs to comply with a legal or regulatory obligation, and
- Where you have given your consent to the processing of your personal data including for marketing purposes.
NeoGenomics processes data in accordance with the legitimate interests of NeoGenomics in managing its business. When NeoGenomics processes your personal data for our legitimate interests or the interests of a third party, NeoGenomics will take reasonable measures to prevent unwarranted harm to you.
Our Legitimate interests include:
- Customer Relations
- Marketing
- Product Development
- Operational Management including HR
Storage and Processing of Your Information
Your personal information which NeoGenomics collects may be sent to and stored on secured servers located in the United States. Such storage is necessary in order to process the information. Personal information submitted may be transferred by us to our other offices and/or to the third parties described in our Privacy Policy, which may be situated outside the European Economic Area (EEA) and may be processed by staff operating outside the EEA. These countries may not have similar data protection laws to the EEA. Where NeoGenomics transfers your personal information to territories outside the EEA, NeoGenomics will take all reasonable steps to ensure that your privacy rights continue to be protected by using the appropriate safeguards and legal mechanisms that allows us to do so. By using the website, you agree to this storing, processing, and/or transfer.
When NeoGenomics or a subsidiary transfers personal data out of the EEA, NeoGenomics ensures a similar degree of protection is in place in the destination country by ensuring one of the following safeguards is implemented:
- Countries that have been deemed to provide an adequate level of protection for personal data by the European Commission,
- Specific contracts approved by the European Commission which give the controller the same protection it has in the EEA, including designated EU Standard Contractual Clauses and country specific addendums, or
- Countries possessing a suitable framework recognized by the relevant authorities or courts as providing an adequate level of protection for personal data.
Data Security, Integrity and Access
NeoGenomics takes reasonable precautions to protect European Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. NeoGenomics makes reasonable efforts to keep European Personal Data reliable for its intended use, accurate, current and complete. NeoGenomics provides European data subjects with access to their personal data with the opportunity to review and correct their personal data. European data subjects may request access to their personal data by submitting a written request to NeoGenomics’ Compliance & Ethics department. NeoGenomics reserves the right to take reasonable steps to authenticate the identity of any individual seeking access to their Personal Data.
Your Rights
If your personal information is protected by GDPR, you may have certain rights granted to you by GDPR.
Right to Access Your Personal Information. You have the right to access the personal information that NeoGenomics holds about you in many circumstances, including a copy of your medical record where available by making a request (“Subject Access Request”). If NeoGenomics agrees that it is are obligated to provide personal information to you (or someone else on your behalf), NeoGenomics will provide it free of charge and aim to do so within 1 Calendar month from when your identity has been confirmed. NeoGenomics will ask for proof of identity and sufficient information about your interactions with us in order to locate your personal information.
Right to Correct Your Personal Information. If any of the personal information NeoGenomics holds about you is inaccurate or out of date, you may ask us to correct it.
Right to Stop or Limit Processing of Your Data. You have the right to object to NeoGenomics processing your personal information if: (1) NeoGenomics is not entitled to use it anymore, (2) if NeoGenomics is keeping it too long, or (3) have its processing restricted in certain circumstances.
If you would like to exercise any of these rights, please contact us as set out below. NeoGenomics will make reasonable efforts to comply with the aforementioned requests, unless such requests are prohibited by law or there is a legitimate purpose to retain your personal information, in which case NeoGenomics will inform you without undue delay. NeoGenomics reserves the right to verify your identity before NeoGenomics processes any request relating to your personal information.
Choice and Opt-Out
Subject to your choices, NeoGenomics may also send you direct marketing communications via email. You may unsubscribe from marketing communications by clicking the “Unsubscribe” link contained in each of NeoGenomics’ email marketing communications.
NeoGenomics may send you email service communications relating to the services NeoGenomics provides (e.g. to inform you about changes to the service you requested from NeoGenomics, revisions of NeoGenomics’ terms and conditions, or this Policy). As such service communications are necessary for the purposes of providing you with NeoGenomics’ services or complying with NeoGenomics’ legal obligations, you will not be able to opt-out from receiving them.
Other Disclosures
In the case of a legally binding order for access to the European Personal Data by an authorized public authority, NeoGenomics may disclose European Personal Data to the extent necessary to comply with such binding order. NeoGenomics will reasonably object to any such demands from public authorities that we deem not legally binding, overbroad or otherwise inappropriate. Where legally required to produce personal data to the governmental body, NeoGenomics shall only provide information which is required to respond to such demand. In any such event, NeoGenomics will use its reasonable efforts to comply with the data disclosure rules under Data Protection Legislation and seek that any disclosures of the personal data by it to any public authority are not massive, disproportionate and indiscriminate in a manner that it would go beyond what is necessary.
More Information About Your Privacy Rights
For questions or complaints concerning the processing of your personal data, you can email NeoGenomics’ data protection officer at compliance@neogenomics.com. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.
How to Contact Us
If you would like to exercise your rights or would like additional information about NeoGenomics' privacy practices, you may contact:
By Mail: |
NeoGenomics Laboratories, Inc. |
By Email: | compliance@neogenomics.com |
By Telephone: | 1-(866) 776-5907 x5022 |
If you believe your privacy rights have been violated, you may also file a complaint with NeoGenomics’ Compliance & Ethics department or with the applicable agency listed below:
UK Based Individuals
Complaints may be reported to the Information Commissioner’s Office (ICO) https://ico.org.uk/, the UK supervisory authority for data protection.
E.U. Based Individuals
Complaints or suspected violations may be reported to the Data Protection Authority (DPAs) in the EU Member State in which the individual resides.
DPAs contact information: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Swiss Based Individuals
Complaints or suspected violations may be reported to the applicable Cantonal or Municipal Data Protection Authority (DPAs).
DPAs contact information: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html
Changes to this Notice
NeoGenomics reserves the right to change its practices and the terms of this Notice as, and to the extent permitted by law, to make the new Notice effective for all PHI and personal data we maintain without prior notice to you. The new Notice will be available upon request and on our web site.
Obtaining a Copy of this Notice.
You are permitted to print or make a copy of this Notice for your records. If you do not have the ability to print or make a copy, you may request one by contacting the NeoGenomics’ Compliance & Ethics department at the address listed above.
Effective Date
This Notice was revised and became effective as of January 31, 2023.