Your genetic data privacy and security are our highest priorities. Learn how we protect your information across our website and mobile applications with industry-leading security measures and transparent data practices.
This privacy policy governs how Gene2Rx may process or use your personal data across all of our services, including the Gene2Rx website ("Website") and the Gene2Rx iOS mobile application ("App"). Together, the Website and the App are referred to as the "Service." You can contact us via the contact form on Gene2rx.com if you have any questions or concerns regarding your privacy.
Gene2Rx is a genetic annotation system that creates a personal report (a "Report") based on a raw DNA data file ("DNA Data File") uploaded by the user, using the scientific and medical literature cited by the Clinical Pharmacogenetics Implementation Consortium (CPIC®). We do not have any affiliation with the CPIC organization. Gene2Rx is a platform for genetic analysis, that allows its users to: (i) upload DNA Data Files generated by different DNA testing service providers; (ii) optionally store DNA Data Files; (iii) generate Reports based on the uploaded DNA Data Files; (iv) optionally create a private account through which they can manage the DNA Data Files and the Reports; and (v) access their pharmacogenetic results and related health tracking tools through the Gene2Rx mobile application.
Important: Gene2Rx is a service for a personal, private and informational use only and may not be used in connection with any clinical purpose and/or commercial or research endeavors. Illegal and/or unauthorized use of Gene2Rx is prohibited.
Your privacy is important to us. By using the Service (including the Website and/or the App) and uploading a DNA Data File, you consent to the collection, use and storage by us of your DNA Data File and other personal data in accordance with this Privacy Policy, until deleted by you or by us.
If you upload a DNA Data File and/or create an account, your DNA Data File and your email address will be processed by us. We will process this information for as long as needed to provide you with the service. We collect the full name, country of residence and age of new users during account signup to ensure compliance with privacy laws and better serve our users.
If you make a payment to use Gene2Rx, we use the Stripe service for billing (on the Website) or Apple In-App Purchase (in the App) and therefore we do not store your credit card information or other billing information on Gene2Rx; it is stored by the respective payment processor and we do not have access to it.
When you generate a Report, you must enter your email address for the Report to be emailed to you.
The Gene2Rx iOS App is a companion application to the Website that allows you to view your pharmacogenetic results, track medications, log symptoms and moods, and optionally integrate with Apple HealthKit. The App collects and processes the following categories of data:
On-device storage: Medication logs, symptom data, mood entries, dose tracking, and HealthKit data are stored exclusively on your device. This data is not uploaded to Gene2Rx servers and will be deleted if you uninstall the App.
The App may request your permission to read health data from Apple HealthKit, including heart rate, blood pressure, body weight, blood glucose, step count, resting heart rate, and sleep analysis. Access to HealthKit data is entirely optional and requires your explicit authorization through the iOS permissions system.
HealthKit data is used solely to display health metrics alongside your pharmacogenetic information within the App. We adhere to the following strict policies regarding HealthKit data:
You may revoke HealthKit access at any time through the iOS Settings app under Privacy & Security > Health > Gene2Rx.
Gene2Rx maintains a copy of your report and DNA data file on our servers unless otherwise requested. If you delete your account, your server-side data will be deleted with it.
You can log into your account at any time and request to delete any of your data. While your DNA Data File is stored with Gene2Rx, you can re-generate a Report with the latest CPIC guidance.
If you upload a DNA Data File but you do not continue and generate a Report, the DNA Data File is automatically deleted within 24 hours.
Data stored locally on your device by the App (including medications, symptoms, mood entries, dose tracking, and HealthKit data) remains on your device and is managed by your device's storage. Uninstalling the App will remove all locally stored data.
DNA data storage is optional. You may opt-out from the storage option at the time of requesting the Report, in which case we will delete your DNA Data within 24 hours of your Report being generated. If you create an account and store DNA Data in it, you can delete your data at any time after your Report is generated. Otherwise, an encrypted copy of your data will be maintained on our servers.
We do not claim any ownership rights in your DNA Data File and genome and it belongs to you only.
By uploading your DNA Data File, you grant us a temporary, limited, revocable, royalty-free, world-wide license to process and use your DNA Data File for the purpose of providing you with the service. i.e., for generating and re-generating Reports, and if you created an account and stored your DNA Data File, also to use it with new genetic features of the service we may develop in the future, at no additional cost to you. You may delete your DNA Data File at any time.
By uploading DNA Data to Gene2Rx, you acknowledge that you acquire no rights in any research or commercial products that may be developed by us (whether or not they relate to the said DNA Data).
We may use your personal data under the following circumstances:
Security Measures: All traffic between your browser or the App and our servers is encrypted via HTTPS. Uploads are retained in well-protected locations. Authentication tokens in the App are stored in the iOS Keychain. We take industry standard security measures to ensure the privacy protection of the personal data provided by you.
When you provide us with any personal data, that personal data may be transferred to and stored by us in our secure data centers which may provide a different level of protection for personal data than in your country of residence. By providing us with personal data, you specifically consent to the transfer and processing of personal data and its storage in our data centers. By using services, you consent to have your personal data transferred to and processed in the United States and you acknowledge that your personal data may be used as described herein.
We have implemented commercially reasonable security measures in place to attempt to protect users' data under our control. However, we cannot guarantee unauthorized use. You acknowledge that you provide your personal data at your own risk.
You hereby acknowledge and agree that:
Your personal data (including the DNA Data Files and/or the Reports) will never be sold, licensed or otherwise shared by us with any other third parties without your explicit informed consent, except in the very specific scenarios described below:
Insurance Protection: We will never sell or license your DNA information to insurance companies under any circumstances.
We may send to you the following types of emails:
You cannot unsubscribe from transactional and notification emails, and by providing your email address you give your consent to receive such emails as necessary.
Push notifications (App): The App may request permission to send local push notifications for medication reminders, health check-in prompts, and adherence milestones. These notifications are generated entirely on your device and do not involve transmission of data to our servers. You can enable or disable push notifications at any time through the iOS Settings app.
Under EU data protection law, all processing of personal information is justified by a "condition" for processing. In the majority of cases, any processing will be justified on the basis that:
In addition, the processing of "special category data" is only permitted where a relevant exemption exists. Special category data includes genetic information. The special category data is processed on the basis of your explicit consent. Where the basis of processing is your consent, you have the right to withdraw your consent, and therefore prevent that processing, at any time.
You may request deletion of your account and all associated data at any time by contacting us through the contact form on our Website. Upon account deletion, we will delete your DNA Data Files, Reports, and personal information from our servers.
To delete data stored locally by the App (medications, symptoms, mood entries, dose tracking, and cached genetic results), you may uninstall the App from your device. Uninstalling the App permanently removes all locally stored data.
If you have an active subscription purchased through the App, you must cancel it separately through the App Store before or after deleting your account. Gene2Rx cannot cancel App Store subscriptions on your behalf.
If you are a child under the age of 18, please do not use our service. We will not knowingly contact or engage with children under the age of 18. If you have reason to believe that a child has provided us with their personal information, please contact us using the contact form on our website and we will endeavor to delete that information from our databases.
Your use of the Service (including the Website and/or the App) constitutes your agreement to follow and be bound by this Privacy Policy. We reserve the right to update or modify this Privacy Policy at any time. For this reason, we encourage you to review this Privacy Policy whenever you use the Service.
If we decide to modify our Privacy Policy, we will issue an updated version of this Privacy Policy with an updated date legend (and notify you via email or by other appropriate means if the changes are material) so that you will be aware of what information we collect, how we use it and under what circumstances we disclose it in accordance with applicable law. If you do not consent to the Privacy Policy or to any changes thereto and as a result you would like us not to use or hold your information in accordance with the revised terms, you may delete your DNA Data and/or delete your account.
Use of the Service following any changes constitutes your acceptance of the revised Privacy Policy then in effect.
You have the right to request access to your personal data that we process, and further have such personal data rectified or erased.
If you feel like your data protection rights under the GDPR have been violated, you may lodge a complaint at the supervisory authority in the Member State in which you reside, or alternatively with the ICO.
California residents are entitled to ask us for a notice describing what categories of personal customer information we share with third parties or corporate affiliates for those third parties or corporate affiliates' direct marketing purposes. We do not share your personal information with third parties or corporate affiliates for their direct marketing purposes.
The Website may use analytics services (such as Google Analytics) to help us understand usage patterns. These services may collect information about your use of the Website using cookies and similar technologies.
The App does not use any third-party analytics, advertising, or tracking frameworks. The App does not collect device identifiers, advertising identifiers, or any information for the purpose of tracking you across apps or websites. No data from the App is shared with third-party analytics or advertising services.
Important: If you do not agree to this Privacy Policy, please do not use the Service.
If you have any questions or concerns about this privacy policy or how we handle your data, please contact us. We're here to help and ensure your privacy is protected.