DataBlood ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Service.

Account Information: When you create an account, we collect your email address and authentication credentials. This information is stored securely using AWS Cognito.

DNA Data: When you upload a raw DNA file for analysis, the file is processed entirely in-memory. We do not store, log, copy, or retain your genetic data on any persistent storage at any point.

Usage Data: We may collect anonymized usage analytics such as page views and feature usage to improve the Service. This data cannot be used to identify you personally.

We use your information to: (a) provide and maintain the Service; (b) authenticate your identity; (c) process your DNA data and generate supplement recommendations; (d) communicate with you about your account; (e) improve the Service.

Your genetic data receives the highest level of protection:

• DNA files are processed entirely in-memory during analysis
• No genetic data is written to disk, databases, or any persistent storage
• Once analysis is complete and results are returned, the file data is permanently discarded
• All data transfers occur over encrypted HTTPS connections
• We maintain a strict zero-retention policy for genetic data

We do not sell, trade, or share your personal information or genetic data with third parties. We may share anonymized, aggregated statistics that cannot identify any individual user.

We implement industry-standard security measures including encryption in transit (TLS/HTTPS), secure authentication via AWS Cognito, and in-memory-only processing of sensitive genetic data. However, no method of transmission over the internet is 100% secure.

The Service may contain links to third-party websites (e.g., Amazon). These sites have their own privacy policies that we do not control. We encourage you to review the privacy policies of any third-party sites you visit.

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

You have the right to: (a) access the personal information we hold about you; (b) request correction of inaccurate information; (c) request deletion of your account and associated data; (d) withdraw consent at any time. To exercise these rights, contact us at the email below.

Account information is retained for as long as your account is active. You may request deletion of your account at any time. As stated above, DNA data is never retained beyond the duration of a single analysis session.

The Service is not intended for users under 18 years of age. We do not knowingly collect information from minors.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the Service after changes constitutes acceptance.

If you have questions or concerns about this Privacy Policy, contact us at support@datablood.org.