Fortuna Helix Terms of Service

Effective Date: May 14, 2025

1. Introduction and Acceptance of Terms

Welcome to Fortuna Helix, Inc. ("Company," "we," "us," or "our"). These Terms of Service ("Terms") govern your use of our genetic testing services, including DNA analysis, health risk assessment reports, lifestyle recommendations, and related offerings (collectively, the "Services"), provided through our website (www.fortunahelix.com) or mobile applications. By accessing or using the Services, you ("User," "you," or "your") agree to be bound by these Terms and our Privacy Policy. If you do not agree with any part of these Terms, you must not use the Services.

Our Privacy Policy, available at www.fortunahelix.com/legal/privacy-policy, explains how we collect, use, and protect your personal information and genetic data.

2. Description of Services

Fortuna Helix provides the following Services, hosted on Amazon Web Services (AWS) and managed in compliance with ISO 27001:

  • Genetic Testing: Analysis of your DNA from a saliva sample to calculate polygenic risk scores (PRS) for 37 major diseases and BMI-related obesity risks.
  • Health Risk Assessment Report: A personalized report detailing your genetic predispositions based on your genetic data.
  • Lifestyle Recommendations: Tailored suggestions for diet, exercise, and other lifestyle adjustments to mitigate identified risks.

Disclaimer: The Services are informational tools, not diagnostic or medical advice. Consult a healthcare professional before making health-related decisions. Results are based on current scientific knowledge and may change as research evolves.

3. User Eligibility and Account Registration

  1. You must be at least 18 years old and have the legal capacity to enter into a contract under U.S. law to use the Services.
  2. To access the Services, you must create an account with accurate and complete information (e.g., name, email, shipping address for sample kits) and update it promptly if it changes.
  3. We may refuse or terminate your account if:
    • You provide false, incomplete, or misleading information.
    • You were previously banned from our Services.
    • Your use violates these Terms or applicable law.
    • We cannot verify your identity for security purposes.
  4. You are responsible for maintaining the confidentiality of your account credentials and for all activities under your account.
  5. The Services are primarily designed for U.S. residents. If you access the Services from outside the U.S., you are responsible for complying with local laws.

4. Consent for Genetic Testing

By using the Services, you explicitly consent to:

  • The collection, processing, and storage of your genetic data as described in these Terms and our Privacy Policy.
  • The analysis of your DNA, acknowledging that results may have implications for you and potentially your family.
  • Submitting a saliva sample that is your own, or, if for a minor or dependent, confirming your legal authority to provide it.

You may withdraw consent at any time by contacting support@fortunahelix.com, after which we will cease processing and delete your genetic data, except as required by law.

5. Data Protection and Security

We prioritize the security of your genetic data and personal information, adhering to ISO 27001, the international standard for Information Security Management Systems (ISMS).

5.1 ISO 27001 Compliance

Our ISO 27001 certification ensures:

  • Risk Management: Regular risk assessments to identify and mitigate threats to your data.
  • Encryption: Data is encrypted in transit and at rest using AES-256 standards.
  • Access Controls: Strict authentication and authorization protocols limit data access to authorized personnel only.
  • Audits: Annual third-party audits verify compliance with ISO 27001 requirements.
  • Incident Response: A documented process for detecting, responding to, and reporting security incidents promptly.

5.2 AWS Hosting

The Services are hosted on Amazon Web Services (AWS), which enhances our security framework:

  • Physical Security: AWS data centers are protected by 24/7 monitoring and restricted access.
  • Network Security: Firewalls, DDoS protection, and intrusion detection systems safeguard our infrastructure.
  • Compliance: AWS aligns with ISO 27001, ensuring our hosting environment meets stringent security standards.
  • Data Location: Your data is stored in AWS U.S. data centers, with backups maintained for redundancy and disaster recovery.

5.3 Third-Party Processing

We may engage third-party providers (e.g., laboratories for DNA analysis) to process your data. These providers are contractually obligated to comply with ISO 27001 and maintain equivalent security standards. A list of third-party processors is available in our Privacy Policy.

5.4 User Rights

You have the right to:

  • Access: Request a copy of your personal information and genetic data.
  • Correct: Update inaccurate or incomplete information.
  • Delete: Request deletion of your data, subject to legal retention requirements.
  • Opt-Out: Decline participation in research or marketing uses of your data.

To exercise these rights, contact support@fortunahelix.com. We will respond within 30 days, as required by applicable law.

5.5 Data Breach Notification

In the unlikely event of a data breach, we will notify affected users within 72 hours of discovery, or as required by law, and take immediate steps to mitigate harm, in accordance with ISO 27001 incident response protocols.

6. Use of Genetic Data for Research

We may use de-identified genetic data for research to improve our Services or advance scientific knowledge, such as:

  • Enhancing polygenic risk score algorithms.
  • Conducting studies with academic or healthcare partners.

De-identification Process: We remove all personally identifiable information (e.g., name, email) using industry-standard anonymization techniques, ensuring data cannot be linked to you. You may opt out of research use at any time via your account settings or by emailing support@fortunahelix.com without affecting your access to the Services.

7. Intellectual Property

  1. Company Property: The Services, including software, reports, and content we create, are owned by Fortuna Helix and protected by U.S. copyright and intellectual property laws. You may not copy, modify, or distribute them without our written consent.
  2. User Property: Your genetic data and submitted content remain yours. You grant us a non-exclusive, worldwide, royalty-free license to use, process, and store it as necessary to provide the Services and as permitted by these Terms and our Privacy Policy.
  3. Reports: Health risk assessment reports are our intellectual property and may not be shared publicly without our permission.

8. User Obligations

You agree not to:

  1. Submit false information or another person's sample without authorization.
  2. Attempt to hack, reverse-engineer, or interfere with our systems.
  3. Post content that is defamatory, obscene, or violates third-party rights.
  4. Use the Services for commercial purposes without our consent.
  5. Share your account credentials with others.

9. Payment and Refund Policy

  1. Fees: You agree to pay all fees for the Services as displayed at purchase, processed through third-party payment providers (e.g., Stripe, PayPal).
  2. Non-Refundable: Fees are non-refundable except in the following cases:
    • Sample processing fails due to our error (e.g., lab mishandling), in which case you may request a refund within 30 days.
    • You cancel your order before we ship your sample collection kit, subject to a $25 processing fee.
    • As required by applicable consumer protection laws.
  3. Refund Process: To request a refund, contact support@fortunahelix.com with your order details. Refunds are processed within 14 business days.
  4. Taxes: You are responsible for any applicable sales taxes, which will be included in the checkout process.

10. Service Modifications and Termination

  1. Modifications: We may modify or discontinue the Services for operational, technical, or legal reasons. We will notify you of significant changes at least 14 days in advance via email or in-Service notifications.
  2. User Termination: You may terminate your account at any time by contacting support@fortunahelix.com or using the account deletion feature. Upon termination, we will delete your data, except as required by law.
  3. Company Termination: We may suspend or terminate your account if you violate these Terms, engage in illegal activity, or if required by law. We will notify you of the reason and provide an opportunity to appeal, unless prohibited by law.
  4. Inactivity: Accounts inactive for 12 months may be deleted, with 30 days' prior notice sent to your registered email.

11. Limitation of Liability

  1. To the fullest extent permitted by law, Fortuna Helix is not liable for indirect, incidental, special, or consequential damages (e.g., emotional distress, lost profits) arising from your use of the Services.
  2. Our Services are provided "as is." We do not guarantee the accuracy, completeness, or reliability of Reports, which are for informational purposes only.
  3. Our total liability for any claim is limited to the amount you paid for the Services in the preceding 12 months.
  4. Force Majeure: We are not liable for delays or failures due to events beyond our control, such as natural disasters, cyberattacks, or government actions.

12. Indemnification

You agree to indemnify and hold harmless Fortuna Helix, its affiliates, officers, and employees from any claims, damages, or losses arising from your violation of these Terms, misuse of the Services, or submission of unauthorized samples.

13. Dispute Resolution

  1. Governing Law: These Terms are governed by the laws of the State of California, without regard to conflict of law principles.
  2. Arbitration: Any disputes will be resolved through binding arbitration in San Francisco, California, under the rules of the American Arbitration Association (AAA). Each party will bear its own costs, except as otherwise determined by the arbitrator.
  3. No Class Actions: You waive the right to participate in class actions or collective arbitration.
  4. Exceptions: Either party may seek injunctive relief in a court of competent jurisdiction for issues like intellectual property violations or data breaches.
  5. Small Claims: Disputes within the jurisdiction of small claims courts may be resolved there instead of arbitration.

14. Ethical Commitment

Fortuna Helix is committed to the responsible use of genetic data. We pledge to:

  • Maintain transparency about data handling practices.
  • Empower you with control over your data.
  • Use de-identified data ethically to advance genetic research while prioritizing your privacy.

15. Communications and Notices

  1. Service Communications: We may send you Service-related notices (e.g., account updates, security alerts) via email or in-Service notifications.
  2. Marketing Communications: You may receive promotional emails, which you can opt out of via your account settings or by contacting support@fortunahelix.com.
  3. Contact Us: For questions, complaints, or requests, email support@fortunahelix.com. Our support team is available Monday–Friday, 9 AM–5 PM PST, with responses typically within 48 hours.

16. International Users

The Services are designed for U.S. residents and hosted in the U.S. If you access the Services from outside the U.S.:

  • You are responsible for complying with local laws.
  • You acknowledge that your data will be stored and processed in the U.S., subject to ISO 27001 standards.
  • We are not responsible for ensuring compliance with non-U.S. data protection laws.

17. Miscellaneous

  1. Entire Agreement: These Terms, along with our Privacy Policy, constitute the entire agreement between you and Fortuna Helix regarding the Services.
  2. Severability: If any provision is unenforceable, the remaining provisions remain in effect.
  3. Waiver: Our failure to enforce a right does not waive it.
  4. Assignment: You may not assign these Terms without our consent. We may assign them to an affiliate or successor in a merger or acquisition.
  5. Accessibility: These Terms are available in English. Contact us for assistance if you require accommodations (e.g., screen reader-compatible formats).
  6. Updates: Material changes to these Terms will be notified 30 days in advance via email or the Services. Continued use after the effective date constitutes acceptance.