DecodeMyBio
Get Started Free

Privacy Policy

Effective date: April 2025. DecodeMyBio ("we", "us", "our") is committed to protecting your privacy. This policy describes how we collect, use, store, and protect your information.

Information We Collect

Account Information

When you create an account, we collect your email address for authentication purposes. We support email sign-in links and sign-in with Google.

Genetic Data

When you upload a raw DNA data file, we process the file server-side to extract pharmacogenomically relevant genetic variants. Your uploaded data is encrypted at rest and in transit and is retained in association with your account so your results stay available. You can export or delete it anytime from your account.

Results Data

Generated pharmacogenomic results (variant calls, star alleles, phenotypes, drug-gene interactions) are stored in association with your account so you can access them.

How We Use Your Information

  • To generate your pharmacogenomic results.
  • To authenticate you and provide account access.
  • To send transactional emails (email sign-in links, results notifications).

We do not sell, rent, or share your personal or genetic data with third parties. We do not use your genetic data for research, advertising, or any purpose other than generating your results.

The one exception is advertising measurement: if you reach us from a Google ad, we may share a hashed (irreversible) version of your email address with Google solely to measure ad conversions. This measurement data never includes your genetic data, which we never share for advertising or with insurers or employers.

Data Storage and Security

Your data is stored using Supabase infrastructure with encryption at rest and in transit (TLS 1.2+). Authentication tokens are managed securely through Supabase Auth. Raw DNA files are processed server-side and are not accessible to other users.

Data Retention

  • Raw DNA files: Encrypted and retained while your account is active so your results stay available. Delete anytime.
  • Results data: Retained as long as your account is active.
  • Account data: Retained until you request deletion.

Your Rights

Regardless of your location, we provide the following rights aligned with GDPR and CCPA:

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Request deletion of your account and all associated data, including results data.
  • Portability: Request an export of your results data.
  • Correction: Request correction of inaccurate personal data.

To exercise any of these rights, contact us at support@decodemybio.com.

Third-Party Services

  • Supabase: Authentication and database hosting.
  • Vercel: Application hosting and deployment.
  • Stripe: Payment processing (Stripe does not receive your genetic data).

Cookies

We use essential cookies for authentication session management only. We do not use tracking cookies or third-party analytics cookies.

Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a person under 18, we will take steps to delete that information promptly. If you believe we may have collected information from a minor, please contact us at support@decodemybio.com.

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users. The effective date at the top of this page indicates when the policy was last updated.

Contact

For privacy-related inquiries or data requests, contact us at support@decodemybio.com.

Last reviewed: April 2025 · DecodeMyBio Editorial Team

Medical Disclaimer

DecodeMyBio provides informational pharmacogenomic insights only. This is not medical advice. Always consult your healthcare provider before making medication changes.