We are HIPAA-compliant, GDPR-compliant, and CCPA-compliant. In general, the Legacy team believes deeply that privacy is a fundamental human right, and we make every attempt to anonymize and encrypt your data wherever possible. You can learn more below about your rights as a consumer under CCPA and GDPR, and we will facilitate this process to the greatest extent possible.

We clearly outline in this Privacy Policy exactly what data we may be collecting, and seek to provide as many examples as possible for you to understand how we may use your data.

What Data We Collect, Why, and How it’s Shared

Personal Data or Personal Information (PI) is information that relates to you, your household, or one of your devices.

Legacy collects personal information about you from various sources to provide our service and to manage our site. Some data is provided by you. Other data is collected automatically.

Contact Information

We collect your contact information (name, email, phone number, address) when you purchase our service or contact us by email or through our website. We use the information you provide to respond to your questions, to provide our service, and to provide customer support. We also send emails to market our own services.

We share this information for business purposes with third parties and service providers in the following categories:

  • Core providers to deliver our service (such as a identity verification and medical providers)

  • Sales and marketing tools (for sending marketing emails)

  • Internal business operations (such as email providers and data storage)

  • Customer support (such as our phone provider)

Payment Information

When you pay for our service, you directly provide payment information to a payment processor who processes the transaction on our behalf.

Commercial Information

Commercial information consists of your buying habits and purchases. When you purchase our products, we retain records of your purchasing history through our payment processor. This information is also shared with third parties and service providers in the following categories:

  • Internal business operations (such as our email provider and contract storage)

  • Sales and marketing tools (such as referral marketing tracking)

Electronic Activity, Device Information, and IP Information

We collect IP address and electronic activity (i.e. how you use our website or application), along with information about your device type and operating system when you visit our website and purchase our products. This information is collected on our behalf by third parties that provide services for:

  • Sales and marketing tools (such as our client relationship management [CRM] system and digital advertising publishers)

  • Data analytics (to understand how you use our website)

  • Core providers to deliver our service (such as identity verification)

We use this information to operate and improve our website, products, and marketing efforts.

Behavioral Profile

We use electronic activity data to determine what service you’re most interested in. This information is a feature for our CRM.

Biometric Information, Medical Data, and Protected Class

We collect biometric and medical information in order to provide services such as sperm analysis, freezing, and storage. During this process, we necessarily collect protected class information (such as biological sex).

This information is shared with core providers critical to delivering our service, such as medical clinics.

Audio Information and Visual Information We collect audio information if you leave a voicemail and visual information if have a visible profile picture uploaded through email. This information is disclosed to service providers, such as our email and phone providers.

Data Retention

We retain all customer records such as purchases and support tickets indefinitely. Requests to fulfill rights as described below will be retained for at least 24 months.

Children’s Privacy

We will never knowingly collect the personal information of children under 18. Our website is not intended or developed for children or minors.

Cookie Policy

This website uses cookies to recognize you when you visit our website.

Cookies are small text files that are stored on your computer. They are designed to hold a small amount of data specific to a website or server that can be accessed either by the website or your computer. We use cookies to capture information described in the What Data We Collect, Why, How It’s Shared section, such as IP address and electronic activity data.

We use this information to remember your site preferences. Additionally, we use this data to analyze site traffic, provide targeted advertising, and to understand the effectiveness of our marketing efforts.

GDPR Notice

This section of the Privacy Policy applies only if you use our website or Services covered by this Privacy Policy from a country that is a Member State of the European Union, and supplements the information in this Privacy Policy.

Legal Basis for Data Processing

We process Personal Data for the purposes set out in this Privacy Policy:

  • As necessary for the performance of the contract between you and Legacy (for example, to provide you with the Services you request and to identify and authenticate you so you may use the website)

  • As necessary to comply with legal requirements (for example, to comply with regional rules and best practices for the distribution of donor sperm);

  • As necessary for our legitimate interests (for example, to manage our relationship with you and to improve the website and our Services)

  • Based on consent by our customers (for example, to communicate with you about our products and services and provide you with marketing information), which may subsequently be withdrawn at any time (by emailing info@givelegacy.com) without affecting the lawfulness of processing based on consent before its withdrawal.

Your Rights

You may be entitled, in accordance with applicable law, to object to or request the restriction of processing of your Personal Data, and to request access to, rectification, erasure and portability of your own Personal Data. Requests should be submitted by contacting us by emailing privacy@givelegacy.com.

Information we collect

Information you provide to us

We collect the personal information you provide to us when you purchase our service. The categories of information we may collect include:

  • Personal Identifiers, including name, email address, postal address, and telephone number
  • Commercial and Financial Information, including purchases, other purchasing behavior, signature, credit card or debit card number, and bank or other financial account number
  • Characteristics of Protected Classifications, including age, disability, sex or gender, race or color, and medical condition
  • Professional, including non-public education records
  • Medical, including medical information
  • Physical and Audio Data, including physical characteristics or descriptions

We collect the personal information you provide to us when you visit and browse our website. The categories of information we may collect include:

  • Personal Identifiers, including email address, telephone number, name, and postal address

Information collected automatically

We automatically collect internet or other electronic information about you when you visit our website, such as IP address, browsing history and interactions with our website. This data may be collected using browser cookies and other unique personal identifiers.

Do Not Track. Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. When we detect a Do Not Track signal, we place a U.S. Privacy String setting in your browser so that any third party who respects that signal will not track your activity on our website. We also respect the Global Privacy Control (GPC) signal, a user-enabled global privacy control that opts you out of the sale of personal information. GPC is supported by certain internet browsers or as a browser extension.

Information from other sources

We may collect personal information about you from third-party sources, including Ad Networks, Data Analytics Providers, and Other consumers (e.g., referrals).

How we share and disclose information

Information Disclosed for Business or Commercial Purposes in the Last 12 Months, and Categories of Parties Disclosed To

We may disclose the following personal information about you when you purchase our service:

Personal Information Disclosed Recipient (by Category)
Personal Identifiers Service Providers, Business Operations Tool, Payment Processors, Shipping Services, and Data Analytics Providers
Internet Activity Service Providers, Data Analytics Providers, and Ad Networks
Commercial and Financial Information Business Operations Tool, Service Providers, Payment Processors, Data Analytics Providers, and Ad Networks
Online Identifiers Service Providers, Shipping Services, Business Operations Tool, Data Analytics Providers, and Ad Networks
Characteristics of Protected Classifications Service Providers, Shipping Services, and Business Operations Tool
Medical Business Operations Tool and Service Providers
Professional Service Providers
Physical and Audio Data Service Providers
Geolocation Information Service Providers, Data Analytics Providers, and Ad Networks

We may disclose the following personal information about you when you visit and browse our website:

Personal Information Disclosed Recipient (by Category)
Personal Identifiers Service Providers and Shipping Services
Online Identifiers Service Providers, Data Analytics Providers, and Ad Networks
Internet Activity Data Analytics Providers, Service Providers, and Ad Networks

California Privacy Notice (CCPA)

This section provides additional information for California residents under the California Consumer Privacy Act (CCPA). The terms used in this section have the same meaning as in the CCPA. This section does not apply to information that is not considered "personal information," such as anonymous, deidentified, or aggregated information, nor does it apply to publicly available information as defined in the CCPA.

Collection and Disclosure of Personal Information

The personal information we collect is described above in Information we collect. The personal information we disclose for business or commercial purposes is described above in How we share and disclose information. The length of time for which we retain personal information is described above in How long we keep your data.

Business and Commercial Purposes for Collection

We collect personal information for the following business purposes:

  • Advertising and Marketing
  • Audit Current Interactions
  • Employment-Related
  • Error Management
  • Internal Research
  • Provide Products or Services
  • Quality Assurance
  • Security

We also "share" and "sell" (as defined in the CCPA) personal information for commercial purposes, including to advertise and market our products.

Information “Sharing” and “Selling”

We “share” certain personal information with third party ad networks for purposes of behavioral advertising, including: Commercial and Financial Information, Geolocation Information, Internet Activity, and Online Identifiers. This allows us to show you ads that are more relevant to you.

We use third party data analytics providers and this may be considered a “sale” of information under the CCPA.

You may opt-out of these data practices here.

CCPA Rights

Your CCPA rights are described below. You can make a Request to Know or a Request to Delete under the CCPA by submitting a Privacy Request at the top of this page, or by clicking here.

Right to Know

You have the right to request to know the following about the personal information we have collected about you in the past 12 months:

  • the categories and specific pieces of personal information we have collected about you
  • the categories of sources from which we collect personal information about you
  • the business and commercial purposes for which we collect personal information
  • the categories of third parties with whom we share the information
  • the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose

If you make a Request to Know more than twice in a 12-month period, we may require you to pay a small fee for this service.

Right to Delete

You have the right to request that we delete any personal information about you that you have provided to us. We will permanently delete from our records any personal information that is not necessary for our business operations and direct our service providers to do the same.

We consider information to be necessary for our business operations if it is used to:

  • Complete an obligation to you that you have requested
  • Detect and resolve issues related to security or functionality
  • Comply with legal obligations
  • Enable solely internal uses

Right to Non-Discrimination

If you exercise your CCPA consumer rights:

  • We will not deny goods or services to you
  • We will not charge you different prices or rates for goods or services, including through the use of discounts or other benefits or penalties
  • We will not provide a different level or quality of goods or services to you

Right to Opt-Out

You have the right to opt-out of any selling and sharing of your personal information.

You may exercise your right to opt-out here.

Request Verification

Before we can respond to a Request to Know or Request to Delete, we will need to verify that you are the consumer who is the subject of the CCPA request. Verification is important for preventing fraudulent requests and identity theft. Requests to Opt-Out do not require verification.

Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you. If we cannot verify your identity based on our records, we cannot fulfill your CCPA request.

For a request that seeks specific personal information, we ask that you sign a declaration stating that you are the consumer whose personal information is the subject of the request, as required by the CCPA.

In some cases, we may have no reasonable method by which we can verify a consumer's identity. For example:

  • If a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request.
  • If the only data we have collected about a consumer is gathered through website cookies (i.e. the consumer visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.

Authorized Agent

A California resident's authorized agent may submit a Request to Know or a Request to Delete under the CCPA by emailing us at privacy@givelegacy.com. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request in accordance with the process described above. We will also ask for proof that the person who is the subject of the request authorized an agent to submit a privacy request on their behalf. An authorized agent that has power of attorney pursuant to California Probate Code section 4121 to 4130 must submit proof of statutory power of attorney, but consumer verification is not required.

If you have trouble accessing this notice, please contact us at privacy@givelegacy.com.

Contact Us

If you have any privacy-related questions, please send them to privacy@givelegacy.com.