DecodeMyBio
Sign in

Privacy Policy

Effective date: February 2025. DecodeMyBio ("we", "us", "our") is committed to protecting your privacy. This policy describes how we collect, use, store, and protect your information.

Information We Collect

Account Information

When you create an account, we collect your email address for authentication purposes. We use passwordless magic link authentication.

Genetic Data

When you upload a raw DNA data file, we process the file to extract pharmacogenomically relevant genetic variants. We do not store your complete raw DNA file permanently. Raw files are processed server-side and auto-deleted within 30 days of upload.

Report Data

Generated pharmacogenomic reports (variant calls, star alleles, phenotypes, drug-gene interactions) are stored in association with your account so you can access them.

How We Use Your Information

  • To generate your pharmacogenomic Medication Safety Report.
  • To authenticate you and provide account access.
  • To send transactional emails (magic links, report notifications).

We do not sell, rent, or share your personal or genetic data with third parties. We do not use your genetic data for research, advertising, or any purpose other than generating your report.

Data Storage and Security

Your data is stored using Supabase infrastructure with encryption at rest and in transit (TLS 1.2+). Authentication tokens are managed securely through Supabase Auth. Raw DNA files are processed server-side and are not accessible to other users.

Data Retention

  • Raw DNA files: Auto-deleted within 30 days of upload.
  • Report data: Retained as long as your account is active.
  • Account data: Retained until you request deletion.

Your Rights

Regardless of your location, we provide the following rights aligned with GDPR and CCPA:

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Request deletion of your account and all associated data, including report data.
  • Portability: Request an export of your report data.
  • Correction: Request correction of inaccurate personal data.

To exercise any of these rights, contact us at support@decodemybio.com.

Third-Party Services

  • Supabase: Authentication and database hosting.
  • Vercel: Application hosting and deployment.
  • Stripe: Payment processing (Stripe does not receive your genetic data).

Cookies

We use essential cookies for authentication session management only. We do not use tracking cookies or third-party analytics cookies.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users. The effective date at the top of this page indicates when the policy was last updated.

Contact

For privacy-related inquiries or data requests, contact us at support@decodemybio.com.

Last reviewed: February 2025 · DecodeMyBio Editorial Team

Medical Disclaimer

DecodeMyBio provides informational pharmacogenomic reports only. This is not medical advice. Always consult your healthcare provider before making medication changes.