Privacy Policy

Justlabs ("we," "us," or "our") is committed to protecting your privacy and the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

Personal Information

We collect information you provide directly to us, including:

• Name, email address, phone number, and mailing address
• Date of birth and gender
• Payment information (processed securely through Stripe)
• Account credentials

Protected Health Information (PHI)

In connection with our lab testing services, we may collect:

• Lab test orders and results
• Medical history relevant to testing
• Health questionnaire responses
• Information from healthcare providers (with your consent)

Automatically Collected Information

When you access our services, we automatically collect:

• Device information (browser type, operating system)
• IP address and location data
• Usage data (pages visited, time spent, clicks)
• Cookies and similar tracking technologies

2. How We Use Your Information

We use your information to:

• Process and fulfill your lab test orders
• Deliver test results securely to you
• Communicate with you about your orders and account
• Process payments and prevent fraud
• Improve our services and develop new features
• Comply with legal and regulatory requirements
• Send promotional communications (with your consent)

3. How We Share Your Information

We may share your information with:

• Quest Diagnostics: Our laboratory partner that processes your tests
• Payment Processors: Stripe for secure payment processing
• Healthcare Providers: When you request we share results with your doctor
• Service Providers: Who help us operate our business (hosting, analytics)
• Legal Authorities: When required by law or to protect rights and safety

We do not sell your personal information or health data to third parties for marketing purposes.

4. Data Security

We implement robust security measures to protect your information:

• 256-bit encryption for data at rest
• TLS/SSL encryption for data in transit
• Secure cloud infrastructure (Google Cloud Platform)
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Employee training on data protection

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Medical records and lab results are retained for 7 years in accordance with healthcare regulations. You may request deletion of your account, though certain information may be retained for legal compliance.

6. Your Rights

You have the right to:

• Access your personal and health information
• Correct inaccurate information
• Request deletion of your data (subject to legal requirements)
• Receive a copy of your data in a portable format
• Opt out of marketing communications
• Restrict certain processing of your data

For health information rights under HIPAA, please see our HIPAA Notice.

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver personalized content. You can control cookies through your browser settings, though some features may not function properly if cookies are disabled.

8. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, please contact us immediately.

9. California Privacy Rights

California residents have additional rights under the CCPA, including the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at contact@palomahealth.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: