Choose your country
Select to view the solutions available in your location.
- Track orders, get results, manage your info, and more.
- Order tests, track orders, get results, and more.
Last Modified: 03/04/2025
Exact Sciences Corporation, together with its wholly owned subsidiaries Exact Sciences Laboratories, LLC; Exact Sciences Development Company, LLC; Exact Sciences Europe, Ltd.; Biomatrica, Inc.; Genomic Health, Inc.; Genomic Health Italy, S.r.l.; Exact Sciences France SAS; Exact Sciences UK, Ltd.; Exact Sciences Ireland, Ltd.; Exact Sciences Deutschland GmbH; Exact Sciences GmBH; Exact Sciences Poland Sp. z o.o.; Paradigm Diagnostics, Inc.; Data in Motion, LLC; Prevention Genetics, LLC; Exact Sciences Thrive, LLC; Genomic Health International Holdings, LLC; Oncotype Laboratories, Inc.; Sampleminded, Inc.; CG Growth, LLC; Exact Receivables, LLC; Exact Sciences RDX LLC; Exact Sciences Ventures, LLC; PSF Genomics, Inc.; Thrive Earlier Detection Securities Corp.; and any other affiliates or subsidiaries with the brand name “Exact Sciences” (collectively,“Exact Sciences”, “we”, “us” or “our”), are committed to safeguarding the privacy and personal information of our customers and business partners. We have created this privacy policy (“Policy”) to comprehensively inform individuals about our privacy practices and to demonstrate our firm commitment to privacy. This Policy describes how we collect, use, disclose, transfer, store, retain or otherwise process your personal information while performing our business activities, which includes the administration of the Exact Sciences websites and their sub-domains, including https://www.exactsciences.com (collectively, the “Website,” and together with our business activities, our “Services”).
When we refer to “you” or “your,” we mean the person about whom we collect personal information or data. If the person accessing the Website does so on behalf of, or for the purposes of, another person, including a business or other organization, “you” or “your” also means that other person, including a business organization, if applicable.
We provide our Services to businesses and individual consumers. Therefore, the data that we collect is regarding businesses and individual consumers. We may collect personal information about you when you visit our Website, if you sign up to receive our marketing communications, if we provide our Services to a company that you work with, or if you are a sole proprietorship and you engage with our Services.
Please read this Policy carefully.
Our Policy includes:
This Policy is supplemented by our:
Please note that by engaging with our Services or by visiting our Website, your personal information is being stored and processed in various countries around the world, including the United States, where our data center and servers are located and operated. The countries where we store and process your personal information may not have privacy laws that are as strong or comprehensive as the privacy laws in your own country. Your personal information may also be stored in a multi-tenant cloud environment hosted by our service providers.
If you do not wish to allow the collection and storage of your personal information by this Website outside of your country of residence, you should not use this Website and you should opt-out of the collection of cookies by following the guidelines in our section titled “How to Control Cookies” in our Cookie Policy.
This Policy sets forth our data policies and practices for the United States. If you are outside of the United States, please also review the provisions of our International Privacy Policy. Depending on your country of residence, applicable privacy laws may provide you with a right to additional disclosures as well as special consumer rights with regards to your personal information.
Please note that our collection or use of your personal information may be governed by a separate privacy notice. Our uses and disclosures of protected health information governed by the Health Insurance Portability and Accountability Act are explained in our HIPAA Notice of Privacy Practices.
This Policy applies only to our Website and Services, and not to other companies’ or organizations’ websites, mobile applications and services to which we link. We are not responsible for the privacy practices or the content of other websites, including any websites that may indicate a special relationship or partnership with us (such as co-branded pages or “in cooperation with” relationships). We do not share information we gather with other websites or any other entities or individuals unless such sharing is disclosed to you in advance through this Policy. Other linked websites, however, may collect personal information from you that is not subject to our control. To ensure the protection of your privacy, always review the privacy policy of the websites you visit.
In the course of performing our Services, we collect a variety of different kinds of personal information from a variety of different people. What information we collect and the purposes for which it is collected will depend on the context of our activities or the Service that is being performed. Therefore, just because this Policy lists a particular data collection practice does not mean that we have necessarily collected that data from you.
As a general rule, we will only collect this information directly from you unless we state otherwise in the section titled Your Information That We Receive From External Sources.
We collect personal information about our website visitors and actual or potential suppliers and customers. We may collect information from you directly (e.g., when you contact us through one of our Websites or sign up to receive our newsletters), automatically (e.g., through the use of cookies and trackers when you visit our Websites), or from other sources (e.g., through our vendors or analytics providers).
When you access the Services, we may collect the following categories of personal information directly from you:
We or our service providers may collect technical information automatically from your computer or mobile device over time and across different sites through the use of cookies or similar tracking technologies. A cookie is a small text file that can be placed on your computer’s hard drive with your permission. Cookies help analyze web traffic and let us know when and how you visit a particular site. Cookies allow web applications to respond to and tailor your experience with our Websites according to your individual preferences and to remember those preferences for the next time you visit the Websites. A cookie does not give us access to your computer or provide any information other than the data you choose to share. The personal information we may obtain through cookies includes:
For additional information regarding how we collect, process, and disclose personal information in the context of cookies, view our Cookie Policy.
We may use your personal information for the following purposes:
We also may obtain your personal information from third parties and sources, such as web-hosting providers, analytics providers, and advertisers. In some cases, these third parties collect information on our behalf as our processors or service providers. In other cases, we collect information from third parties based on the account or privacy settings that you have established with those third parties. The information we collect from other sources may include any of the types of personal information listed above.
In the course of our business we may disclose your personal information to others. We will only disclose your information with the following service providers or other external entities under the circumstances described below and solely to the extent that it is necessary to accomplish the goal and purpose of the disclosure. Therefore, we may disclose your personal information:
The Children’s Online Privacy and Protection Act (COPPA) regulates the online collection of information from persons under the age of 13. It is our policy to refrain from knowingly collecting or maintaining personal information relating to any person under the age of 18. If you are under the age of 18, please do not supply any personal information through the Website. If you are under the age of 18 and have already provided personal information through the Website, please have your parent or guardian contact us immediately using the information provided under Contact Us so that we can remove such information from our files. Please delete all Exact Sciences-related cookies and restrict the further collection of cookies using the methods outlined in the section “How to Control Cookies” in our Cookie Policy.
We retain your personal information for as long as necessary to carry out the purposes set out in this Policy unless a longer retention period is required by applicable law. To determine the appropriate retention time for your personal information, we consider the amount, nature, and sensitivity of personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve these purposes through other means, as well as applicable legal requirements. In some circumstances, we may anonymize personal information so that it may no longer be associated with an individual, and in such cases, we may use that anonymized information without further notice to you and outside of this Policy (because once anonymized, it ceases to constitute personal information).
You may opt-out of receiving marketing and promotional messages from us if those messages are powered by us, by following the instructions in those messages. If you decide to opt-out, you will still receive non-promotional communications that are necessary for the performance of our Services.
This Website has links to other websites. Once you link to another site, you are subject to the privacy policy of the new site and its operator. We encourage you to carefully review the privacy policy of each entity to which you provide information.
We implement technical and organizational measures to maintain a level of security appropriate to any risks presented to the personal information we process. These measures seek to ensure the ongoing integrity and confidentiality of personal information. Please note that no security measures can be 100% secure; however, we evaluate and test our chosen measures on a regular basis to protect your personal information in accordance with this Policy and applicable law.
Certain U.S. states provide specific consumer rights to residents of those jurisdictions regarding personal information. This section of this Policy describes the rights available to those individuals who are entitled to them. For more information, or to request to exercise your data rights, please use the information provided under How To Submit A Request. If you are a resident of California, you have access to special data rights and disclosures that are described in this Policy under a separate section titled Data Rights For California Consumers.
Because we are regulated by federal laws like the Health Insurance Portability and Accountability Act (HIPAA), we are only able to offer limited data rights to individuals in certain states due to legal and operational restrictions. This section does not describe your data rights with regards to your health information. You can find information about your rights relating to your health data in our HIPAA Notice of Privacy Practices.
If you are a consumer living in Colorado you have the following rights with regards to your personal information, which can be exercised as described in the section titled How To Submit A Request:
If you disagree with our decision to reject your CO data rights request or with any portion of our response, you have the right to appeal within a reasonable period of time. If you wish to appeal, please clearly and plainly describe your basis of disagreement with our decision by responding through the same means by which we communicated our refusal or by submitting your appeal through the information provided under Contact Us. We will review your appeal and either change our decision or reject your appeal, and in either case, we will provide a written explanation of the reason for the decision. This decision will be final.
However, if you still disagree with our decision, you have the right to submit a complaint to the Colorado Attorney General, who can be contacted through the means described here.
The California Consumer Privacy Act (“CCPA”) provides the residents of California with the right to request the data rights as described in this section. For more information, or if you have questions, you can contact us using the information provided under Contact Us.
Please note that certain kinds of personal information that is subject to federal law (like health information subject to the Health Insurance Portability and Accountability Act) is not covered by the CCPA even if you are a California resident. We may not be able to provide these CCPA rights to you with regards to this information due to legal and operational restrictions. You can find information about your rights relating to your health data in our HIPAA Notice of Privacy Practices.
Right to Know: California residents have the right to know what personal information Exact Sciences has collected about them, including the categories of personal information, the categories of sources from which the personal information is collected in the past 12 months, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom Exact Sciences discloses personal information, and the specific pieces of personal information Exact Sciences has collected about them.
The categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for which we collect personal information and the categories of third parties to whom we disclose personal information are found in the general Policy under the appropriate sections:
You may further request to know the specific pieces of personal information collected by Exact Sciences beyond 12 months into the past, but note that this additional time frame only applies to personal information collected by Exact Sciences after January 1, 2022, and Exact Sciences may have deleted your personal information in accordance with our data retention policy.;
California residents have a right to know if we are “selling” or “sharing” (which is a term used under California law to address the sharing of information for targeted advertising purposes) their personal information, what categories of personal information are “sold” or “shared,” and to whom. We do not “sell” personal information as defined under California law. We may share your information for advertising purposes. You have the right opt-out of such sharing as described in this Policy.
Right to Delete: California residents have the right to request the deletion of their personal information maintained by Exact Sciences.
California residents have the right to request that Exact Sciences delete the personal information that we maintain about them.
Right to Correct: California residents have the right to request that a business correct inaccurate personal information about them.
California residents have the right to request that a business correct inaccurate personal information maintained by the business about them. To verify any request to correct, you may be required to provide identity verification information. Failure to do so could result in Exact Sciences’ inability to comply with your request.
You may be required to provide documentation to support your assertion that your personal information as maintained by Exact Sciences is incorrect. If you fail to provide this documentation, your request may be rejected. We reserve the right to delete your inaccurate personal information instead of correcting it, if permitted by the CCPA.
Right to Non-Discrimination: California residents have the right to not be discriminated against due to the exercise of their privacy rights under the CCPA.
California residents have the right to be free from discriminatory treatment by Exact Sciences for the exercise of their privacy rights. However, the exercise of certain privacy rights by California residents may make it so that we are no longer able to provide those residents with certain services or communications. For example, if, at the request of a California resident, Exact Sciences deletes all of the California resident’s personal information that it maintains, Exact Sciences will no longer be able to send communications to that resident.
Right to Opt-Out: California residents have the right to opt-out of the “sale” or “sharing” of their personal information.
California residents can request that a business stop “selling” or “sharing” their personal information. We do not “sell” your personal information. If you would like to opt-out of the “sharing” of your personal information, you may do so by filling out the interactive form below.
Right to Limit Use and Disclosure of Sensitive Personal Information: California residents have the right to direct a business to limit its use and disclosure of their “sensitive” personal information.
California residents can request that a business limit its use or disclosure of their “sensitive” personal information to that use or disclosure which is necessary to perform the services or provide the goods reasonably expected by an average consumer, or to those uses or disclosures otherwise authorized by California law.
However, we do not use or disclose your “sensitive” personal information for any purpose other than for the specific purposes described under the CCPA regulation and always in a manner reasonably necessary and proportionate for these permitted purposes.
Right to Make Requests Through an Authorized Agent: California residents can designate an authorized agent to make a request under the CCPA on their behalf.
California residents can designate an authorized agent to make requests under the CCPA on their behalf relating to the residents’ personal information. Only you as a California resident, or a person you have designated in writing as your authorized agent, may make a consumer request related to your personal information. The Exact Sciences authorized agent form may be found here.
If you wish to have an authorized agent make a verifiable consumer request on your behalf, they will need to provide us with sufficient written proof that you have designated them as your authorized agent, such as a power of attorney pursuant to California Probate Code sections 4000 to 4465. We will still require you to provide sufficient information to allow us to reasonably verify that you are the person about whom we have collected personal information.
We can deny any request made by a purported authorized agent who does not submit proof that they has been authorized by the California resident to act on the California resident’s behalf.
You can submit your request to exercise your data rights through the below:
Once we receive your request to exercise a right, we will confirm receipt and begin to evaluate, and if appropriate, process the request. Please note that:
If you fail or refuse to provide the necessary information, we may not be able to process your request.
If we reject a request for any reason, we will inform you of the basis of the rejection. Not all individuals about whom we possess information will have access to these rights and we may not be able to provide these rights to everyone due to legal and jurisdictional limitations. We may not be able to comply with your request for a number of reasons, including:
If any of the above reasons apply, we will let you know in our response to your request.
We may amend this Policy at any time by posting revisions on our Website. If we make any material changes in the way we collect or process your personal information, we will notify you by prominently posting notice of the changes on our Website.
To submit questions, you can contact us by:
The above general Policy still applies to those individuals who reside outside of the United States or who have had personal information collected by Exact Sciences or its agents in a country other than the United States. However, due to various international regulations, those individuals may be entitled to additional disclosures and rights. This International Privacy Policy (the “International Policy”) supplements the above general Policy, but where the provisions of the general Policy and this International Policy cannot be construed consistently, this International Policy will govern.
Please note that by engaging with our Services or by visiting our Website, your personal information is being stored and processed in various countries around the world, including the United States, where our data center and servers are located and operated. The countries where we store and process your personal information may not have privacy laws that are as strong or comprehensive as the privacy laws in your own country. Your personal information may also be stored in a multi-tenant cloud environment hosted by our service providers.
Depending on your country of residence, you may have data rights as provided by various laws, regulations, and codes.
This International Policy applies to all personal information about you that we collect, hold, use and disclose, regardless of the way in which we collect it (i.e., whether through the website, the services, or otherwise).
Our International Policy includes:
You can find specific details about the personal information that we collect about you in the sections titled What Information We Collect From You And For What Purposes and Your Information That We Receive From External Sources of the Exact Sciences Privacy Policy.
Where we are the data controller with regard to the personal information that we process, you may exercise your rights as a data subject, including the right to object to the processing of your personal information when it is processed based on legitimate interests, as described in this International Policy. Where we are collecting your personal information on behalf of another entity (i.e., we are not the data controller), we will provide you with the identity of the data controller so that you may exercise your rights as a data subject directly with them.
As a general matter, we collect your personal information to perform our Services and administer our Website. You can find specific details about the purposes for which we collect personal information about you in the sections titled What Information We Collect From You And For What Purposes and Your Information That We Receive From External Sources.
We will only collect and process your personal information as is reasonably necessary for, or directly related to, one or more of our functions or activities, including for administering our Website or providing our Services to our customers.
Where required by law, we rely on the following legal grounds to process your personal information, namely:
Except when otherwise permitted by law or binding regulation, we will obtain the requisite consent from you prior to collecting and, in any case, prior to using or disclosing your personal information for any purpose other than as disclosed in this International Policy. You may provide your consent to us orally, in writing, by electronic communication, through your actions, or any other means reasonably capable of conveying your consent.
Generally, we will seek to obtain your explicit consent if we collect, use, or disclose sensitive personal information about you. However, your refusal to provide consent for collection (or your withdrawal of previously given consent) or to give your personal information when requested, can have negative consequences. For example, if you do not give consent for Exact Sciences’ collection of cookies, then the Website will not remember your prior log-in information or your preferences. In another example, if you do not provide your personal information when requested we may not be able to provide you with requested materials, disclosures, or Services.
We remain responsible for all personal information communicated to other entities for processing on our behalf. As such, we ensure that other entities that are engaged to provide products or services on our behalf and are provided with personal information are required to observe the intent of this International Policy by having comparable levels of security protection or, when required, by assuring us (through a confidentiality agreement) that they will not use or disclose the personal information for any purpose other than the purpose for which the personal information was communicated. You can find specific details about to whom Exact Sciences discloses your personal information in the section titled When And With Whom Do We Disclose Your Information.
We only collect the personal information necessary to fulfill the purposes identified to you prior to or at the time of collection, or any other reasonable and legitimate purposes or as required by law.
We do not use or disclose your personal information, except for the purposes for which it was collected, new purposes to which you have consented, or as required or otherwise permitted by applicable law.
We do not, as a condition of providing the Website or performing the Services, or as an administrative or management requirement, require consent to the collection, use, or disclosure of personal information beyond what is reasonably required for such purposes, or to comply with our obligations under applicable law or regulation.
We retain your personal information for as long as necessary to carry out the purposes set out in this Policy unless a longer retention period is required by applicable law. To determine the appropriate retention time for your personal information, we consider the amount, nature, and sensitivity of personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve these purposes through other means, as well as applicable legal requirements. In some circumstances, we may anonymize personal information so that it may no longer be associated with an individual, and in such cases, we may use that anonymized information without further notice to you and outside of this Policy (because once anonymized, it ceases to constitute personal information).
There are a number of data privacy laws that provide specific data subject rights to residents of certain jurisdictions. This section of this International Policy describes the rights available to those individuals who are entitled to them. Not all individuals about whom we possess information will have access to these rights, and we may not be able to provide these rights to everyone due to legal and jurisdictional limitations. We may not be able to comply with your request for a number of reasons, including:
If any of the above reasons apply, we will let you know in our response to your request. Note that we may be required to gather additional information from you in order to process your request. We will only use this information in the context of evaluating and responding to your request. If you fail or refuse to provide the necessary information, we may not be able to process your request.
Subject to the exceptions provided by applicable law or regulation, and depending on your country of residence, you may have the following rights regarding your personal information:
You can request to exercise these rights by emailing or calling with a request using the information provided under Contact Us. Please be as specific as possible in your request so that we can meet the applicable handling timelines.
Finally, you have the right to raise a complaint with Exact Sciences or the appropriate data protection authority of your country of residence if you feel that Exact Sciences’ processing of your personal information violates your individual rights, is not in line with this International Policy or violates the privacy principals, laws or regulations of your country of residence.
An interactive map showing the various Data Protection Authorities around the world and how to contact them can be found here.
We will make every reasonable effort to respond to your written request not later than 30 days after receipt of such request. We will advise you in writing if we cannot meet your request within this time limit. When applicable, you have the right to make a complaint to the appropriate supervisory authority, as detailed in this International Policy, with respect to this time limit.
We expect to be able to respond to your request without charge as a general matter. However, where allowed by law, we reserve the right to collect a reasonable charge when you request the transcription, reproduction, or transmission of such information. We will notify you, following your request of the appropriate amount that will be charged. You will then have the opportunity to withdraw your request.
We may require that you provide us with additional information to identify yourself before we provide information about the existence, use, or disclosure of your personal information in our possession. Any such information that you provide to us shall be used only for this purpose.
You may opt-out of receiving marketing and promotional messages from us if those messages are powered by us, by following the instructions in those messages. If you decide to opt-out, you will still receive non-promotional communications that are necessary to maintain the existing business relationship between you and Exact Sciences, to the extent that there is one.
If you participate in a text messaging program with Exact Sciences, text messaging originator opt-in data and consent will not be shared with any third parties for their own purposes.
We will use reasonable efforts to ensure that your personal information is kept as accurate, complete, and up-to-date as possible. We do not routinely update your personal information in our possession unless such a process is necessary. In order to help us maintain and ensure that your personal information is accurate and up to date, you must inform us, without delay, of any change in the data that you have provided to us.
You can, at any time, challenge the accuracy or completeness of the personal information we have about you, subject to the exceptions provided by applicable law. If you demonstrate that the personal information we have on you is inaccurate or incomplete, we will amend the personal information as required. Where appropriate, we will transmit the amended data to third parties to whom we have communicated your personal information.
We use security safeguards appropriate to the sensitivity of personal information to protect it from loss or theft, as well as unauthorized access, disclosure, copying, use or modification. These safeguards include physical measures, such as restricted access to offices and equipment, organizational measures, such as security clearances and publishing this policy to appropriate personnel with instructions to act in accordance with its principles (for example, limiting access on a “need to know” basis), and technological measures, such as the use of passwords and/or encryption.
To administer our business and provide our services, we may share your personal information with our affiliates or with third parties in locations around the world. When we transfer your personal information outside your jurisdiction, we will take steps to ensure that such data transfers comply with applicable data privacy laws. If you live in the European Economic Area (EEA) or the UK, your personal information, therefore, may be stored and processed outside the EEA and the UK and in countries that are not subject to an adequacy decision by the European Commission or the UK’s Information Commissioner’s Office and which may not provide for the same level of data protection. If we transfer or store personal information outside of the EEA, UK or other countries or economies that require legal protection for international data transfer, we will ensure that an adequate level of protection is provided, as further described below, entering into written intra-group data processing agreements with recipients that require them to provide the same level of protection, or relying on other legally-approved transfer mechanisms.
If you are a resident of the UK, Switzerland, or the European Economic Area (EEA), and your personal information is transferred outside of the UK or the EEA, we will:
Exact Sciences complies with the EU-U.S. and Swiss-U.S. Data Privacy Frameworks (“DPF”) and UK Extension to the Data Privacy Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the EEA, UK, or Switzerland to the United States. Exact Sciences has certified to the U.S. Department of Commerce that it adheres to the DPF Principles. If there is any conflict between the terms in this Policy and the Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please click here.
In compliance with the Principles, Exact Sciences commits to resolve complaints about our collection or use of your Personal Information. EEA, UK, and Swiss individuals with inquiries or complaints regarding our DPF Policy should first contact Exact Sciences at using the information in Section 15 below.
If Exact Sciences is unable to resolve your complaint, EEA, UK, and Swiss individuals may raise an unresolved DPF complaint with ICDR-AAA, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please click here for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you. Additionally, Exact Sciences is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”). Under certain conditions, you may have the right to invoke binding arbitration relating to the collection or use of your Personal Information in connection with the DPF. Exact Sciences remains liable, to the extent imposed by applicable law, for onward transfers to third parties.
Please direct all complaints or other inquiries regarding personal information, the general Policy, or the International Policy to privacy@exactsciences.com.
You can contact Exact Sciences’ data protection officer in writing through the below:
Exact Sciences Corporation
Attn: Corné Purcell
Email: DPO@exactsciences.com
Physical Address: 5505 Endeavor Lane, Madison, WI 53719