Privacy Policy

Last Updated: January 14, 2026

For a printable version of this Privacy Policy, please click here.

Gentuity, LLC, 142 North Road, Suite G, Sudbury, MA 01776-1142, privacy@gentuity.com (“Gentuity,” “us”, “we”, or “our”) is the controller in accordance with applicable privacy laws, including but not limited to the EU General Data Protection Regulation (“EU GDPR”) or UK General Data Protection Regulation (“UK GDPR”, EU GDPR and UK GDPR together the “GDPR”) and operates the https://gentuity.com/ website and other services where this Privacy Policy is posted (collectively, the “Services”). We are committed to protecting your Personal Data and your right to privacy. If you have any questions or concerns about this Privacy Policy or our practices regarding your Personal Data, please contact privacy@gentuity.com.

When you use our Services, we understand and appreciate that you are trusting us with your Personal Data. We take your privacy very seriously. In this Privacy Policy, we aim to clearly explain the information we collect, how we use it, and your rights. Please read through our Privacy Policy carefully. If there is anything in this Privacy Policy that you do not agree with, please discontinue use of our Services immediately.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Service.

This Privacy Policy applies solely to information collected on the Services. This Privacy Policy does not apply to:

  • Links to other websites, such as to relevant online resources, our partners’ websites, and other third-party websites. We are not responsible for the privacy practices or the content of these other websites.
  • Any specific contracts agreed to by the parties and relationships that may be governed by further privacy agreements. If you are engaging with us on behalf of your employer, others in your company, or are otherwise providing the Personal Data of others, by engaging with us, you acknowledge and agree that you have considered the legal basis for transferring it us, for example, by obtaining the consent of the other individual to provide that individual’s information to Gentuity.
  • This Privacy Policy does not pertain to information that is collected offline.

Table of Contents

  • Information Collection and Use
  • Cookies and Similar Technologies
  • How We Use Personal Data and Legal Basis for Processing
  • Sharing of Personal Data
  • Sale or Sharing of Personal Data for Individuals Located in the U.S.
  • Cross-border Transfer of Data
  • Security of Data
  • Links to Third Party and External Pages
  • Children’s Privacy
  • Disclaimer Regarding Video Content
  • Your Privacy Rights and Choices
  • Financial Incentives
  • How We Respond to Do Not Track Signals
  • Data Retention Policy
  • Material Changes to This Privacy Policy
  • Contact Us

Information Collection and Use

While using our Service, we may ask you to provide us with information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household (“Personal Data”). We collect Personal Data directly from you when you provide it to us. For instance, if you contact us with a question, we may process those communications, including any Personal Data you include in them, so we can effectively respond to you. We may receive Personal Data about you from your health care provider when you participate in a clinical trial. We may also receive your Personal Data directly from your employer when we are asked to create an account on your employer’s behalf. We may also collect Personal Data from third parties, such as business partners, service providers, and via online tracking technologies like cookies when you visit or interact with our Services. Please see the section “Cookies and Similar Technologies” for more information about these tools.

Below, we describe how we handle your Personal Data and describe the information we may have collected, how it may be used, and the sources:

  • Identifiers, which may include first and last name, address, phone number, or email address.
  • Account Information, such as your name, professional title, mailing address, email address, employment information, and your phone number.
  • Audio, Electronic, Visual or Similar Data, such as photos, videos, diagnostic imaging, or similar content.
  • Commercial Data, such as Services purchased, your name, professional title, mailing address, email address, employment information, and your phone number.
  • Characteristics of protected classifications, such as age or gender.
  • Health Data, such as Medical Record Number, medical diagnosis or treatment information, or your participation in a clinical study.
  • Internet, technical or other similar network activity, which may include usage and browsing history; IP address; browser type; browser version; the pages of our Services that you visit; the time and date of your visit; the time spent on those pages; unique device identifiers and other diagnostic data.
  • Financial Data, such as financial account information or other billing information.
  • Location Data, such as your general location via your IP address.
  • Content of Communications, which may include the content of your phone calls, texts, or emails when you contact us, including your preferences in receiving communications from us.
  • Professional or Employment Data, including any business or organization you are associated with, and your title and contact information.
  • Sensitive Personal Data, such as health information or financial information.
  • Inferences drawn from other Personal Data, which may include a profile reflecting a person’s preferences, interests, and characteristics. We use this information to fulfill or meet the reason you provided the information or for marketing. We do not disclose this information to third parties.
  • Other Personal Data, including any other Personal Data you may provide to us or that we may collect or process in the course of our normal business activities.

Aggregate Information and Deidentified Information. We collect statistical information relating to the use of the Services and some of this information is derived from Personal Data. This statistical information cannot directly identify you. We may also use or create deidentified data, which is data that cannot be reasonably used to infer information about you or otherwise be linked to you. We maintain and use any deidentified data in deidentified form and will not attempt to reidentify that information.

Cookies and Similar Technologies

We use, and allow certain third parties to use cookies, social media pixels, web beacons, Software Development Kits (“SDKs”), and other similar online tracking technologies (collectively, “cookies”) to provide our services and to help collect data. We, or third parties, may use session cookies or persistent cookies. Session cookies only last for the specific duration of your visit and are deleted when you close your browser. Persistent cookies remain on your device’s hard drive until you delete them or they expire.

We may also use software tools called “session replay technology” to monitor how you interact with our Services. The Personal Data collected by this technology may include which links you click on, pages and content you view, information that you type into our online forms, recordings of mouse clicks and movements, and information about your device or browser.

Please see our Cookie Policy for more information.

How We Use Personal Data and Legal Basis for Processing

Gentuity may use the collected data for various purposes:

  • For the performance of a contract (Art. 6 (1) (b) GDPR).
  • To provide and maintain the Services.
  • To notify you about changes to our Services.
  • To allow you to participate in interactive features of our Services when you choose to do so (for example, by using the contact form or submitting an online job application).
  • To provide customer care and support.
  • To monitor the usage of the Services.
  • To protect our Services, network, business operations, customers, and to stop activities that may violate our policies or be fraudulent or illegal.
  • To fulfill or meet the reason you provided the data.

In other cases:

  • To improve the Services, including with the help of analysis. For this purpose, we rely on our legitimate interest (Art. 6 (1) (f) GDPR).
  • To generate web analytics and compile user information for marketing purposes, advertising, conducting marketing analysis, providing you with recommendations for products or services based on your profile, and promotional material planning and distribution. For this purpose, we may rely on our legitimate interest (Art. 6 (1) (f) GDPR, where permitted, or with your consent (Art. 6 (1) (a) GDPR). Please note that you can opt out of receiving promotional communications from us at any time by following the instructions within those communications.
  • To comply with applicable laws or legal process and/or respond to requests from public and government authorities, such as to comply with valid law enforcement requests or court orders. For this purpose, we rely on Art. 6 (1) (c) GDPR.

Sharing of Personal Data

With Your Consent. We may share or disclose Personal Data if you ask, direct, or authorize us to do so.

Affiliates, Strategic Partners, Agents, Other Unaffiliated Parties. We may share or disclose Personal Data to our affiliates, strategic partners, agents, and other unaffiliated parties. For example, we may contact you with an offer or advertisement related to a product or service that we believe you may be interested in.

Third-Party Service Providers. We may engage third-party service providers to perform services in connection with the operation of our business. Examples of these services include fraud protection, Service evaluation, and data analysis. We provide Personal Data to these third-party service providers, but we authorize them to use this information only in connection with the services they perform.

Reorganization. In the unlikely event of a direct or indirect reorganization process including, but not limited to, assignments, mergers, acquisitions, divestitures, bankruptcies, insolvencies, and sales of all or a part of our assets, we may disclose your Personal Data following completion of such transaction and/or during the assessment process pending transfer.

Legal Requirements. Gentuity may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation.
  • To protect and defend the rights or property of Gentuity.
  • To prevent or investigate possible wrongdoing in connection with the Services.
  • To protect the personal safety of users of the Services or the public.
  • To protect against legal liability.

When we share your personal information, we enter into contractual arrangements between Gentuity and the external companies in accordance with Art. 28 GDPR. This is to ensure adequate protection of your personal information.

Sale or Sharing of Personal Data for Individuals Located in the U.S.

If you are a resident of the US, the following may apply: We work with third-party advertising and analytics partners and social media sites, and these partnerships may be considered a “sale” or “sharing” under certain U.S. state privacy laws, even though no money changes hands. For example, when you visit or interact with our Services or a webpage where third-party advertising or analytics cookies are present, any exchange of Personal Data may be considered a “sale” or “sharing” of your Personal Data. Information that we may “sell” or “share” includes your identifiers and your internet and other technical information. We do not knowingly “sell” or “share” the Personal Data of children (defined as individuals under the age of 16).

International Transfers of Data

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

You understand that by providing your Personal Data to us, your Personal Data (i) will be used for the uses identified in accordance with this Privacy Policy, and (ii) may be transferred to the U.S. as indicated above, in accordance with applicable law. For example, where Personal Data is transferred from the European Economic Area (“EEA”) or the United Kingdom (“UK”) to areas which have not been determined to have an adequate level of protection,  we take measures designed to transfer the information in accordance with lawful requirements, such as standard contractual clauses (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). Otherwise, a transfer will only take place if an exception pursuant to Art. 49 GDPR applies.

Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. You play a role in protecting your Personal Data as well. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, and you understand that any information that you transfer to us is done at your own risk.

If we learn of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Services or providing Personal Data to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Service. We may post a notice via our Services if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

Links to Third Party and External Pages

Our Services may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s website. We strongly advise you to review the privacy policy of every website you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

Children’s Privacy

We do not knowingly collect Personal Data from anyone under the age of 16 (a “child” or “children”). If you are a parent or guardian and you are aware that your children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children, we take steps to remove that information from our servers.

Disclaimer Regarding Video Content

The Services may contain video content, audiovisual content, or content of a like nature (collectively, “Video Content”). In connection with our provision of Video Content, the Services may utilize online tracking technologies and code-based tools, including, but not limited to, Software Development Kits (“SDKs”), pixels, and cookies (i.e., advertising or analytics cookies) that track information about your activity and webpage-viewing history on the Services (collectively, “cookies”). Cookies on the Services may result in information about your activity on the Services being transmitted from your browser to us and third parties, which, in turn, may result in the display of targeted advertisements on third-party websites, platforms, and services, including advertisements for our content. In addition, whether cookies on the Services result in your browser’s transmission of information to third parties depends on a number of factors that may be outside of our knowledge or control, including what third-party websites you use, what information you have provided to such third parties, and whether (and the extent to which) you have limited the use of cookies by the operators of those third-party websites, platforms, and services.

For further details and information regarding the applicable legal bases for such processing, please refer to our Cookie Policy.

Your Privacy Rights and Choices

Depending on your location or residence, the rights available to you may differ in some respects. We will respond to any rights request in accordance with local legal regulations.

  • Email Opt-out: We communicate with our members and other individuals via email. Generally, users cannot opt-out of these transactional communications, as they will be informational in nature, and relevant for the contractual relationship, rather than promotional. However, if we send you an email that promotes a commercial product or service, you may click on the “unsubscribe” link provided within that communication. We will process your unsubscribe request as soon as possible and in accordance with applicable law, but please be aware that in some circumstances you may receive additional messages prior to the unsubscribe request being processed. You also may opt-out of receiving such promotional emails by clicking on the “unsubscribe” link within the text of the email.
  • Text or SMS Messaging: We may also offer text/SMS messaging to you. In some circumstances, we might require you to opt-in to receive text messages from us. At any time, you may opt-out of receiving particular text messages from us by texting STOP in response to any text message.
  • California’s “Shine the Light” Law: California Civil Code Section 1798.83 permits visitors to our Services who are California residents to request certain information regarding the Gentuity’s disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please contact us at the address provided below. Please indicate in your request that you are a California resident making a “Shine the Light” inquiry.
  • Nevada’s Privacy Law: Residents of Nevada have the right to opt-out of the sale of certain pieces of their Personal Data to third parties. We do not sell your information for monetary compensation.

For Individuals Located in the European Economic Area, the U.K., or Switzerland

If you are located in the EU, UK, or Lichtenstein, Norway, Iceland (“EEA”), or Switzerland, then you may have additional rights under the GDPR or other applicable laws with respect to your Personal Data, as outlined below:

  • Right to Access or Update Your Information – You may have the right to access or update your information. Subject to the exceptions set out in applicable law, we will provide you with access to any of your Personal Data that we have collected, used, or disclosed upon written request. We will also advise you to whom that Personal Data has been disclosed, except where we are permitted or required not to do so by applicable law. Upon request, we will provide a list of service providers who may receive Personal Data.
  • Right to Rectification/Correction – You may have the right to rectify, correct, or complete your Personal Data if inaccurate or incomplete.
  • Right to Erasure (‘Right to Be Forgotten’) – You may have the right to the erasure of your Personal Data in certain circumstances.
  • Right to restriction of processing – You may have the right to seek restriction to the processing of personal information.
  • Right to Lodge a Complaint with a Supervisory Authority – We are committed to working with you in the event that you have a complaint about privacy. If you need help lodging a complaint, you can contact us through the contact methods provided at the end of the Privacy Policy. You may also have the right to lodge a complaint with a supervisory authority.
  • Right to Data Portability – You may have the right to receive the Personal Data that you have given us, in a structured, commonly used and machine-readable format. You have the right to send that Personal Data to another controller if the processing is based on consent pursuant to or on a contract and is carried out by automated means.
  • Right to Withdraw Consent – Where the processing of Personal Data is based on your consent, you may have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
  • Automated decision-making, including profiling – You may have the right not to be subject to a decision based solely on automated processing, including profiling, except under certain exceptions under local law. Gentuity does not use automated decision-making technologies for profiling purposes.

Right to Object

You have the right to object, where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your Personal Data on this ground. You also have the right to object where your Personal Data is processed for direct marketing purposes, including profiling.

To exercise any of these rights, you may contact us at privacy@gentuity.com, or by mail using the information provided in our Contact Us section below.

For California Residents

If you are a California resident you may have the following rights regarding the processing of your Personal Data, subject to some exceptions:

  • Right to Know and Access – You may request information about the categories and specific pieces of Personal Data we have collected about you, as well as the categories of sources from which such information is collected, the purpose for collecting such information, and the sale or disclosure for business purposes of your Personal Data to third parties, and the categories of third parties with whom this information was shared. You may also request a copy of the Personal Data we have collected, and upon request, we will provide this information to you in electronic form.
  • Right to Request Deletion – You may have a right to request that we delete Personal Data under certain circumstances.
  • Right to Opt-Out – You may have a right to opt-out from “sales” of Personal Data or its “sharing” for targeted advertising purposes. We do not knowingly “sell” the Personal Data of children under 16 years old.
  • Right to Correction – You may have the right to request we correct your Personal Data if inaccurate.
  • Right to Limit – You may have the right to request we limit the use and disclosure of your Sensitive Personal Data if we use such information to infer characteristics about you.
  • Right to Non-Discrimination – You have the right not to be discriminated against for exercising any of these rights.

You can exercise your rights by contacting us using the details set out in the Contact Us section below. To protect your Personal Data, we may need to verify your identity before processing your rights request. In some cases we may need to collect additional information to verify your identity, such as a government issued ID. Further, to provide or delete specific pieces of Personal Data we will need to verify your identity to the degree of certainty required by law.

You may designate an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

Financial Incentives

We may offer various financial incentives from time to time. The terms of a financial incentive will be provided at the time you sign up for a financial incentive. You may withdraw from any of the financial incentives. We have calculated the value of a financial incentive by using the expense related to the offer, and the value of your data is the value of the offer presented to you.

How We Respond to Do Not Track Signals

The “Do Not Track” (“DNT”) privacy preference is an option that may be made in some web browsers allowing you to opt-out of tracking by websites and online services. At this time, global standard DNT technology is not yet finalized and not all browsers support DNT. We, therefore, do not recognize DNT signals and do not respond to them. For more information on tracking and targeted advertising, please see our Cookie Policy.

Record Retention Policy

We will maintain your Personal Data for our records only for as long as necessary to fulfill the purpose for which it is collected, to resolve disputes, and enforce our agreements, unless a longer retention period is required or permitted by law.

Material Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make a material change to the Privacy Policy, we will let you know via a prominent notice on our Services, prior to the change becoming effective and update the “Last Updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • Please address to: Gentuity, LLC
  • By email: privacy@gentuity.com
  • By mail: 142 North Rd., Suite G, Sudbury, MA 01776, USA
  • By phone: (978) 202-4108