← Back to Home
Privacy Policy
Last updated: February 2026
🔒 The Most Important Thing
Your DNA data is permanently deleted within seconds of generating your reports. We never store your raw genetic data. We never sell it. We never share it. Period.
1. Information We Collect
Account Information: When you create an account, we collect your name, email address, and a password (which is encrypted).
Payment Information: Payments are processed by Stripe. We do not store your credit card information. Stripe handles all payment data securely.
Genetic Data: When you upload your DNA file, we temporarily process it in memory to extract relevant genetic markers. The raw DNA file is deleted within seconds — we do not store it.
Generated Reports: The reports we generate for you are stored in your account so you can access them anytime.
2. How We Handle Your DNA Data
- Upload: You upload your raw DNA file from 23andMe or AncestryDNA
- Processing: We extract only the specific genetic markers needed for your reports (approximately 50-100 SNPs out of the ~600,000+ in your file)
- Deletion: Your raw DNA file is permanently deleted from memory within seconds
- Report Generation: We use the extracted markers to generate your reports
- Final Cleanup: After reports are generated, even the extracted markers are deleted
We never:
- Store your raw DNA data
- Sell your genetic information
- Share your genetic data with third parties
- Use your data for research without explicit consent
- Allow access to your data by law enforcement without a court order
3. Your Generated Reports
Your personalized reports are stored securely in our database so you can access them anytime. These reports contain interpretations and recommendations — not your raw genetic sequence.
You can request deletion of your account and all associated reports at any time by contacting us.
4. How We Use Your Information
- To create and manage your account
- To process payments
- To generate and deliver your reports
- To communicate with you about your account
- To improve our services (using aggregated, anonymized data only)
5. Data Security
We implement industry-standard security measures:
- All data is encrypted in transit (HTTPS/TLS)
- Passwords are hashed using bcrypt
- Database access is restricted and monitored
- We use secure, SOC 2 compliant infrastructure providers
6. Data Retention
- DNA Files: Deleted immediately after processing (seconds)
- Extracted Markers: Deleted after report generation
- Reports: Retained until you delete your account
- Account Data: Retained until you request deletion
7. Your Rights
You have the right to:
- Access your data
- Download your reports
- Request account deletion
- Opt out of marketing communications
To exercise these rights, contact us at privacy@builtforgenetics.com
8. Third-Party Services
We use the following third-party services:
- Stripe: Payment processing
- Supabase: Database hosting
- Netlify: Website hosting
- Anthropic (Claude): AI report generation
Each provider has their own privacy policy and security measures.
9. Changes to This Policy
We may update this policy from time to time. We'll notify you of significant changes via email.
10. Contact Us
Questions about privacy? Contact us:
Email: privacy@builtforgenetics.com