Privacy policy

Last Updated and Effective: May 2025

TABLE OF CONTENTS

  1. INTRODUCTION
  2. INFORMATION WE COLLECT
  3. HOW WE USE YOUR INFORMATION
  4. SHARING AND DISCLOSURE OF INFORMATION
  5. DATA RETENTION
  6. DATA SECURITY
  7. YOUR PRIVACY RIGHTS AND CHOICES
  8. COOKIES AND TRACKING TECHNOLOGIES
  9. THIRD-PARTY SERVICES AND LINKS
  10. CHILDREN'S PRIVACY
  11. INTERNATIONAL DATA TRANSFERS
  12. CALIFORNIA PRIVACY RIGHTS
  13. OTHER STATE PRIVACY RIGHTS
  14. CHANGES TO THIS PRIVACY POLICY
  15. CONTACT INFORMATION

1. INTRODUCTION

1.1 Overview

This Privacy Policy ("Policy") describes how Sage Cerebrovascular Diagnostics Inc. ("Sage Cerebro," "Company," "we," "us," or "our") collects, uses, discloses, and protects information about you when you use our website at https://sagecerebro.com, any associated mobile applications, and all related services (collectively, the "Service" or "Platform").

1.2 Acceptance

By accessing or using our Service, purchasing our products, or otherwise providing information to us, you acknowledge that you have read and understood this Policy and agree to its terms. If you do not agree with our practices, please do not use our Service.

1.3 Scope

This Policy applies to all information collected through our Service, as well as any related services, sales, marketing, or events. It does not apply to information collected by third parties or through third-party services linked from our Platform.

2. INFORMATION WE COLLECT

We collect several types of information from and about users of our Service:

2.1 Information You Provide Directly

Account Information

  • Name (first and last)
  • Email address
  • Password (encrypted)
  • Date of birth
  • Gender
  • Phone number
  • Mailing address
  • Billing information

Health and Biomarker Information

  • Biomarker test results
  • Sample collection information
  • Health questionnaire responses (if provided)
  • Self-reported health information
  • Lifestyle and wellness information

Purchase Information

  • Order history
  • Payment method details (processed by third-party payment processors)
  • Shipping addresses
  • Product preferences

Communications

  • Customer service inquiries
  • Email correspondence
  • Feedback and survey responses
  • Reviews and testimonials

2.2 Information Collected Automatically

Device and Usage Information

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Mobile network information
  • Time zone settings
  • Language preferences

Activity Information

  • Pages visited on our Service
  • Click patterns and navigation paths
  • Search queries
  • Access times and dates
  • Referring websites
  • Exit pages

Location Information

  • Approximate location from IP address
  • Location data from mobile devices (with permission)

2.3 Information from Third Parties

Service Providers

  • Payment transaction details from payment processors
  • Shipping and delivery information from logistics partners
  • Identity verification data (when required)

Analytics Providers

  • Usage analytics from third-party analytics services
  • Marketing attribution data

Social Media

  • Information from social media platforms when you interact with our social media content

2.4 Sensitive Information

We collect certain sensitive information only with your explicit consent:

  • Biomarker test results and data
  • Self-reported wellness information

This sensitive information is subject to additional protections as described in this Policy.

3. HOW WE USE YOUR INFORMATION

3.1 Primary Purposes

We use the information we collect for the following purposes:

Service Delivery

  • Process and fulfill your orders
  • Provide biomarker test results
  • Manage your account
  • Communicate about your orders and results
  • Provide customer support

Communication

  • Send order confirmations and updates
  • Deliver test results
  • Respond to inquiries
  • Send important service announcements
  • Provide educational content about biomarkers

Improvement and Development

  • Enhance our Service and user experience
  • Develop new products and features
  • Conduct research and analysis
  • Personalize your experience

Business Operations

  • Process payments and prevent fraud
  • Manage inventory and logistics
  • Conduct internal audits
  • Ensure quality control

3.2 Legal Bases for Processing

We process your information based on:

  • Consent: For sensitive health data and marketing communications
  • Contract: To fulfill our agreement to provide services
  • Legitimate Interests: For business operations and improvements
  • Legal Obligations: To comply with applicable laws

3.3 Research and Analytics

With your consent, we may use de-identified information for:

  • Scientific research
  • Publication in peer-reviewed journals
  • Statistical analysis
  • Product development
  • Public health initiatives

De-identified data cannot be used to identify you personally.

3.4 Marketing and Advertising

With your consent, we may use your information to:

  • Send promotional emails about products and services
  • Provide personalized product recommendations
  • Display targeted advertisements
  • Conduct market research

You can opt out of marketing communications at any time.

4. SHARING AND DISCLOSURE OF INFORMATION

4.1 Service Providers

We share information with third-party service providers who assist us in operating our Service:

Essential Service Providers

  • Laboratory Partners: For sample processing (e.g., Cellum Labs)
  • Sample Collection Partners: For kit delivery and collection (e.g., Tasso+)
  • Payment Processors: For secure payment handling (e.g., Stripe)
  • Shipping Partners: For product delivery
  • Cloud Storage Providers: For secure data storage
  • Email Service Providers: For communication delivery

Analytics and Marketing Partners

  • Website analytics services
  • Marketing automation platforms
  • Customer relationship management systems
  • Advertising partners (with consent)

4.2 Legal Disclosures

We may disclose your information when required by law:

  • To comply with legal processes or government requests
  • To protect our rights, property, or safety
  • To prevent fraud or illegal activities
  • To enforce our Terms of Service
  • In connection with legal proceedings

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control.

4.4 Aggregated and De-identified Data

We may share aggregated or de-identified data that cannot identify you personally for:

  • Research publications
  • Industry reports
  • Public health initiatives
  • Business partnerships

4.5 Your Consent

We may share your information with your explicit consent for specific purposes not covered above.

4.6 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their commercial purposes.

5. DATA RETENTION

5.1 Retention Periods

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Support business operations

5.2 Specific Retention Periods

  • Account Information: Active account duration plus 7 years
  • Biomarker Data: 10 years in de-identified form for research purposes
  • Transaction Records: 7 years for tax and legal compliance
  • Marketing Data: Until consent withdrawn plus statutory period
  • Communications: 3 years or as required by law

5.3 De-identification

After retention periods expire, we may de-identify data for research purposes rather than deleting it entirely.

6. DATA SECURITY

6.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

Technical Safeguards

  • Encryption in transit and at rest
  • Secure servers with firewall protection
  • Regular security audits and vulnerability assessments
  • Access controls and authentication
  • Intrusion detection systems
  • Regular backups

Organizational Safeguards

  • Limited access on a need-to-know basis
  • Employee training on data protection
  • Confidentiality agreements
  • Vendor security assessments
  • Incident response procedures

6.2 Your Responsibilities

You are responsible for:

  • Maintaining the confidentiality of your account credentials
  • Using secure networks when accessing our Service
  • Promptly reporting any suspected security breaches
  • Keeping your contact information current

6.3 Breach Notification

In the event of a data breach affecting your personal information, we will notify you in accordance with applicable law and take appropriate remedial measures.

6.4 Limitations

While we strive to protect your information, no security system is impenetrable. We cannot guarantee absolute security of your data.

7. YOUR PRIVACY RIGHTS AND CHOICES

7.1 Access Rights

You have the right to:

  • Request access to your personal information
  • Receive a copy of your data in a portable format
  • Know what information we collect and how we use it

7.2 Correction Rights

You may:

  • Update your account information at any time
  • Request correction of inaccurate data
  • Supplement incomplete information

7.3 Deletion Rights

You may request deletion of your personal information, subject to certain exceptions:

  • Legal retention requirements
  • Pending transactions
  • Legitimate business needs
  • Research purposes (in de-identified form)

7.4 Restriction and Objection Rights

You may:

  • Restrict processing of your data in certain circumstances
  • Object to specific uses of your information
  • Opt out of marketing communications
  • Withdraw consent for data processing

7.5 Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

7.6 Exercising Your Rights

To exercise any of these rights:

  • Email: legal@sagecerebro.com
  • Include proof of identity
  • Specify which rights you wish to exercise
  • Allow 30 days for response

7.7 No Discrimination

We will not discriminate against you for exercising your privacy rights.

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 Types of Technologies We Use

Essential Cookies

  • Session management
  • Security features
  • Load balancing
  • User preferences

Analytics Cookies

  • Google Analytics
  • Usage patterns
  • Performance monitoring
  • Error tracking

Marketing Cookies (with consent)

  • Advertising effectiveness
  • Retargeting campaigns
  • Conversion tracking
  • Social media pixels

8.2 Third-Party Cookies

Third parties may place cookies when you:

  • Use embedded content
  • Share on social media
  • Interact with advertisements
  • Use third-party features

8.3 Your Cookie Choices

You can control cookies through:

  • Browser settings
  • Cookie preference center
  • Global opt-out tools
  • Device settings

Note: Disabling cookies may affect Service functionality.

8.4 Do Not Track

Our Service does not currently respond to Do Not Track signals, but you can use browser settings to limit tracking.

9. THIRD-PARTY SERVICES AND LINKS

9.1 Third-Party Services

Our Service may contain links to third-party websites or services. We are not responsible for their privacy practices.

9.2 Third-Party Integration

Future integrations may include:

  • Wellness tracking devices
  • Lifestyle applications

Each integration will require your explicit consent.

9.3 Social Media

When you interact with our social media pages, the social media platform's privacy policy applies to that interaction.

10. CHILDREN'S PRIVACY

10.1 Age Restriction

Our Service is not intended for children under 18. We do not knowingly collect information from children.

10.2 Parental Rights

If you believe we have collected information from a child, contact us immediately at legal@sagecerebro.com for deletion.

11. INTERNATIONAL DATA TRANSFERS

11.1 Transfer Mechanisms

Your information may be transferred to and processed in the United States, where data protection laws may differ from your jurisdiction.

11.2 Safeguards

We implement appropriate safeguards for international transfers:

  • Standard contractual clauses
  • Data processing agreements
  • Technical security measures

11.3 Your Consent

By using our Service, you consent to the transfer of your information to the United States.

12. CALIFORNIA PRIVACY RIGHTS

12.1 California Consumer Privacy Act (CCPA)

California residents have additional rights under the CCPA:

Right to Know

  • Categories of personal information collected
  • Sources of information
  • Purposes for collection
  • Categories of third parties with whom we share

Right to Delete

  • Request deletion of personal information
  • Subject to legal exceptions

Right to Opt-Out

  • We do not sell personal information
  • You may opt out of certain sharing

Right to Non-Discrimination

  • Equal service regardless of privacy choices

12.2 Categories of Information Collected

Category Examples Collected
Identifiers Name, email, address Yes
Personal Records Billing info, orders Yes
Commercial Information Purchase history Yes
Biomarker Information Test results Yes
Internet Activity Browsing data Yes
Geolocation IP-based location Yes
Professional Information Not collected No
Education Information Not collected No
Inferences Preferences Yes

12.3 California Shine the Light

California residents may request information about disclosures to third parties for direct marketing purposes.

12.4 Exercising California Rights

Contact: legal@sagecerebro.com or +16179018658

13. OTHER STATE PRIVACY RIGHTS

13.1 Nevada Privacy Rights

Nevada residents may opt out of the sale of covered information. We do not currently sell covered information.

13.2 Other States

As other states enact privacy laws, we will comply with applicable requirements and update this Policy accordingly.

14. CHANGES TO THIS PRIVACY POLICY

14.1 Updates

We may update this Policy periodically to reflect:

  • Changes in our practices
  • New legal requirements
  • New features or services
  • User feedback

14.2 Notification

We will notify you of material changes by:

  • Posting on our website
  • Email notification
  • Service announcements

14.3 Effective Date

Changes are effective upon posting unless otherwise stated.

15. CONTACT INFORMATION

15.1 Privacy Questions

For privacy-related questions or to exercise your rights:

Email: legal@sagecerebro.com

Mail: Sage Cerebrovascular Diagnostics Inc.
Attn: Privacy Officer
4500 Park Granada Blvd, Suite 202
Calabasas, CA 91302

15.2 Response Time

We will respond to privacy requests within 30 days or as required by law.

15.3 Supervisory Authority

You may also contact your local data protection authority with complaints.

BY USING OUR SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.

© 2025 Sage Cerebrovascular Diagnostics Inc. All rights reserved.