Skip to main content
ReadMe DNA

Privacy Policy

Last updated: March 2026

1. Your Data, Your Control

ReadMe DNA is built with privacy at its core. Your raw genetic data file is processed entirely in memory on our servers and is never written to disk or stored in any database. Once your report is generated, the original file content is permanently discarded. We cannot retrieve, replay, or reconstruct your raw genetic data after processing.

2. What We Store

We store only the following:

  • Your generated report—genotype interpretations, findings, and recommendations (not raw genotype data). Reports are identified by a random UUID with no link to your identity.
  • A SHA-256 hash of your file—used solely for deduplication (preventing duplicate reports). This hash cannot be reversed to recover your genetic data.
  • Payment records—if you purchase a premium report, Stripe stores your payment details under their privacy policy. We store only the Stripe transaction ID to confirm your purchase.

No names, email addresses, or other personally identifiable information (PII) is required or collected unless you voluntarily create an account.

3. Data Retention

Reports are retained indefinitely so you can revisit your results at any time using your report link. You may request deletion at any time (see below). If you create an account and later delete it, all associated report data is deleted within 30 days.

4. Data Deletion & Your Rights

You may request deletion of your report at any time by contacting support@readmedna.com with your report ID. We will permanently delete your report data within 14 days of the request.

If you are located in the European Economic Area (EEA), United Kingdom, or California, you have additional rights under GDPR, UK GDPR, or CCPA respectively, including:

  • Right of access—request a copy of data we hold about you.
  • Right to erasure—request deletion of your data.
  • Right to rectification—request correction of inaccurate data.
  • Right to data portability—receive your report data in a portable format (PDF).
  • Right to object—object to certain types of processing.

To exercise any of these rights, contact support@readmedna.com.

5. Third-Party Services

We use the following third-party services:

  • Stripe—payment processing. Stripe handles all payment card data under their own privacy policy. We never see or store your credit card details.
  • Vercel—hosting and infrastructure. Vercel processes requests under their privacy policy.

We do not sell, rent, or share your genetic data or report data with any third party. Your data is never used for advertising, marketing, or research purposes.

6. Cookies & Analytics

ReadMe DNA uses only essential cookies required for the service to function (such as session management). We do not use tracking cookies, advertising pixels, or third-party analytics services that profile your browsing behavior. No genetic data is ever transmitted to analytics providers.

7. Security

All data is transmitted over HTTPS/TLS encryption. Genetic data is processed in isolated, ephemeral server-side memory and is never logged, cached, or written to persistent storage. We follow industry-standard security practices to protect the data we do store.

8. Children's Privacy

ReadMe DNA is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has used our service, please contact us and we will delete the associated data.

9. Changes to This Policy

We may update this privacy policy from time to time. The “Last updated” date at the top reflects the most recent revision. Continued use of the service after changes constitutes acceptance.

10. Contact

Privacy questions or data requests? Contact support@readmedna.com.

← Back to Home