Privacy Policy

1. Information We Collect

Information You Provide to Us

You may provide information directly to us when you submit a contact form, request information about our services, communicate with us by email or phone, request support, or use a DS2 online service. This information may include your name, company name, title, email address, phone number, mailing address, organization information, and the content of your message or request.

Client Portal Information

If you use a DS2 client portal or related online tool, we may collect information needed to create, authenticate, administer, secure, and support your account. This may include login credentials, user role, organization affiliation, portal activity, service requests, supply orders, specimen logistics information, support tickets, integration details, and other operational information submitted through or generated by the portal. Portal use may also be governed by separate terms, client agreements, Business Associate Agreements, or portal-specific notices.

Business and Service Information

If you are a client, prospective client, vendor, partner, healthcare provider, laboratory, or other business contact, we may collect information related to our relationship with you, including contact details, account information, billing-related information, support communications, operational details, and information necessary to provide, manage, or improve our services.

Patient or Health-Related Information

In connection with services such as specimen collection, courier logistics, medical support services, client support, portal operations, or technology integrations, DS2 may receive limited patient, specimen, appointment, provider, insurance, laboratory, or health-related information from clients, healthcare providers, laboratories, patients, or other authorized parties. Where such information is protected health information under HIPAA, DS2 handles it in accordance with HIPAA, applicable Business Associate Agreements, client agreements, and DS2's separate HIPAA policy or Notice of Privacy Practices, as applicable.

Information Collected Automatically

When you visit our website or use online services, we may automatically collect technical information such as IP address, browser type, device type, operating system, pages visited, referring website, date and time of visit, session activity, and website or portal usage data. We may use cookies, analytics tools, logs, and similar technologies to operate, secure, troubleshoot, and improve our website and online services.

2. How We Use Information

We may use information for the following purposes:

• To respond to inquiries, support requests, and service requests
• To provide, manage, support, and improve DS2 services
• To administer, authenticate, secure, and support client portal access
• To coordinate logistics, specimen collection, supplies, courier services, integrations, reporting, and related workflows
• To communicate with clients, vendors, partners, providers, patients, and other authorized parties
• To maintain the security, availability, and integrity of our website, portals, systems, and services
• To comply with legal, regulatory, contractual, healthcare, and compliance obligations
• To protect the rights, safety, and property of DS2, our clients, patients, users, and others

3. How We Share Information

Service Providers: We may share information with trusted vendors and service providers who help us operate our business, website, client portals, technology systems, communications, logistics, billing, compliance, or other business functions. These parties are expected to use information only as needed to perform services for DS2 and to protect the information they process on our behalf.

Clients, Healthcare Providers, Laboratories, and Authorized Parties: When necessary to provide services, we may share relevant information with clients, ordering providers, laboratories, couriers, collection partners, technology vendors, portal users, patients, payors, or other authorized parties involved in the requested service or workflow.

Legal and Compliance Purposes: We may disclose information when required or permitted by law, regulation, subpoena, court order, government request, legal process, or to protect rights, safety, security, or property.

Business Transfers: If DS2 is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, information may be transferred or disclosed as part of that transaction.

With Your Consent or Direction: We may share information for other purposes with your consent or at your direction.

4. Cookies and Analytics

Our website and online services may use cookies, analytics tools, logs, and similar technologies to operate the site, support security, understand usage, troubleshoot issues, and improve functionality. You can adjust your browser settings to refuse or delete cookies. Some features may not function properly if cookies are disabled.

5. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, use, disclosure, alteration, or destruction. However, no website, portal, system, or transmission of information over the internet is completely secure, and we cannot guarantee absolute security.

6. Data Retention

We retain information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, provide services, support client relationships, comply with legal, regulatory, contractual, healthcare, and accounting obligations, resolve disputes, maintain business records, and enforce agreements. Retention periods may vary depending on the type of information, the nature of our relationship, applicable law, and client contractual obligations.

7. Your Choices and Requests

You may contact us to request access to, correction of, or deletion of personal information that DS2 maintains about you, subject to applicable legal, contractual, operational, regulatory, and healthcare limitations. Depending on the nature of the information, DS2 may need to verify your identity or direct your request to the appropriate client, healthcare provider, laboratory, or other entity that controls the information.

For protected health information subject to HIPAA, rights and requests may be governed by DS2's separate HIPAA policy or Notice of Privacy Practices, applicable Business Associate Agreements, and the policies of the covered entity or client that controls the information.

8. Third-Party Links

Our website or online services may contain links to third-party websites or services. DS2 is not responsible for the privacy practices, content, or security of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

9. United States Website and Services

Our website and services are intended for use in the United States. If you access our website or online services from outside the United States, you understand that information may be processed in the United States, where privacy laws may differ from those in your location.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be effective when posted on our website, unless otherwise stated. The Effective Date above reflects the date this Privacy Policy was last updated.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us: