Privacy Policy

1. Overview

This Privacy Policy describes how ReadMyDNA ("we", "us", "our") handles information when you use our browser-based DNA analysis service. We are committed to protecting your privacy, particularly when it comes to sensitive genetic data.

2. Your DNA Data — Complete Local Processing

This is the most important part of our privacy policy:

• Your DNA data NEVER leaves your browser. It is not uploaded, transmitted, or sent to any server.
• No DNA data is stored on our servers. We do not have databases, storage buckets, or any infrastructure for holding genetic data.
• All genomic analysis runs locally via WebAssembly in your web browser. The analysis engine and reference databases are downloaded to your browser as static assets, and all computation happens on your device.
• We cannot access your results. Analysis results are generated and displayed entirely within your browser session. We have no mechanism to view, collect, or recover them.
• We do not sell, share, or have access to any genetic data.

3. Information We Do Collect

While we never touch your DNA data, we do collect minimal information necessary to process payments and operate the service:

Payment Information

When you purchase access to ReadMyDNA, payment is processed by Stripe, a PCI-compliant payment processor. Stripe collects your name, email address, and payment details (such as credit card number). We receive your name and email address from Stripe for order confirmation and support purposes. We do not receive or store your full credit card number.

Analytics (Privacy-Respecting)

We use privacy-respecting analytics that do not use cookies, do not track individual users across sessions, and do not collect personally identifiable information. We collect only aggregate, anonymized usage statistics such as page views and general geographic region (country-level) to improve the service.

4. How We Use Collected Information

• To process your one-time payment and deliver access to the analysis engine
• To send you an order confirmation email
• To provide customer support if you contact us
• To understand aggregate usage patterns and improve the service

5. Third-Party Services

We use the following third-party service:

• Stripe — Payment processing. Stripe's privacy policy governs their handling of your payment information. Visit stripe.com/privacy for details.

We do not use any third-party services that process, access, or store your genetic data.

6. Reference Databases

The reference databases used for analysis (such as ClinVar, GWAS Catalog, and other publicly available scientific datasets) are served as static assets. These are publicly available scientific data and do not contain any user information. They are loaded into your browser alongside the analysis engine.

7. Cookies and Tracking

We do not use tracking cookies, advertising cookies, or third-party cookies. We may use essential cookies strictly necessary for the functioning of the payment system and session management. We do not engage in cross-site tracking or behavioral profiling.

8. Data Retention

• DNA data: Not applicable. We never receive or store your DNA data.
• Payment records: We retain order records (name, email, purchase date, amount) as required for accounting and legal obligations, typically for the duration required by applicable tax law.
• Analytics data: Aggregate analytics data is retained indefinitely but contains no personally identifiable information.

9. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Right to access: Request a copy of the personal data we hold about you (limited to payment and order information).
• Right to deletion: Request that we delete your payment and order records, subject to legal retention requirements.
• Right to correction: Request correction of inaccurate personal data.
• Right to portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, contact us at privacy@readmydna.bio.

10. Children's Privacy

ReadMyDNA is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@readmydna.bio.