In plain words:
- We will never share or sell your data
- The service is designed to be anonymous (does not request your name). The most anonymous way to use this service is to upload your raw file
- Canary: We have never received a subpoena, court order or any other legal request so far. Our policy: when in doubt delete.
- We have no conflict of interest: we pay with our own money for the platform, we use our own time to develop, we do not sell anything, we are not affiliated with any organization
- This does not mean codegen is hack proof and are unlikely to withstand a complex/government sponsored attack. We assume that at one point we will get hacked and code accordingly.
- The infrastructure is AWS and the devs are based in Europe.
- You can always erase your data (see 'Erase Your Data' paragraph below)
Codegen.eu believes that privacy is important to the success and use of the
Internet and a fundamental human right
This statement sets forth Codegen.eu policy and describes the practices
that we will follow with respect to the privacy of the information of users of
this site. Should you have any questions about this policy or our practices,
please send an email to firstname.lastname@example.org
What personal information we collect
Codegen.eu collects your personal information online when you voluntarily provide
it to us. We collect the following information: your raw genome data and your
email address. The email address was collected only if you used the option to
connect to 23andMe in order to provide us with your raw genome data.
How We Use Personal Information That We Collect Online
We will use your raw genome data within Codegen.eu to provide you with personalized information regarding
your genome. The raw genome data file that you upload is deleted immediately after the genetic report has
been generated. The generated report contains only anonymized data and is deleted after 7 days if it wasn't
already erased by clicking on the Erase and logout
The generated report might be used to improve the service we provide by applying machine learning algorithms.
We may use your email address within Codegen.eu: (1) to inform you of recent advances or updates;
and (2) to contact you about the products and services that we offer. Currently we do not send any newsletters.
Disclosure of Personal Information to Third Parties
We use Google Analytics and embed Facebook and Twitter widgets on our front page for optimizing our services.
This does NOT disclose your PII (genetic data, email or searched items) to Google, Twitter or Facebook.
We will not disclose or sell any personal information to any third party unless we are legally required to
do so, for example, in response to a subpoena, court order or other legal process.
Canary: We have never received a subpoena, court order or any other legal request so far.
Erase Your Data
You have the option to erase all your personal information at any time: the generated report (which is always
deleted after 7 days from when it was generated), your email address (if you logged in with 23andMe SSO) and
your bookmarked genotypes (your list of Favorites
). The raw genome data file is always deleted after
being processed, as explained above in the Internal Uses
How to erase all your personal information: login via SSO or re-upload your file to authenticate and then
select the Erase all data from the Logout drop-down menu. Warning: This operation is irreversible.
Codegen.eu uses a single cookie containing a session id and no identifiable data.
Cookies were designed to help a website operator determine that a particular user
had visited the site previously and thus save and remember any preferences that
may have been set. Our cookies expire in 6 hours.
How We Protect Information Online
We exercise great care to protect your personal information. All traffic is
encrypted via https and your upload is temporarily stored, encrypted, in a well
protected location (AWS datacenters).
While we strive to protect your personal information, we cannot ensure or warrant
the security of any information you transmit to us or receive from us. This is
especially true for information you transmit to us via email since we have no way
of protecting that information until it reaches us since email does not have the
security features that are built into our website.
If you choose not to erase your data, it will be stored anonymized and encrypted,
and may be used to improve the quality of our service through aggregated statistics.
From time to time, we may change this privacy statement. For example, as we update
and improve our services, new features may require modifications to the privacy
statement. Accordingly, please check back periodically.
Date: September, 2018
-----BEGIN PGP PUBLIC KEY BLOCK-----
-----END PGP PUBLIC KEY BLOCK-----