1. Introduction

Gene2AI ("we," "our," or "us") is operated by OmicsIO PTE LTD. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Gene2AI platform at gene2.ai (the "Service"). We are committed to protecting your privacy and handling your data with the highest standards of care, especially given the sensitive nature of genomic and health information.

2. Information We Collect

We collect the following types of information:

Account Information: Email address and display name provided during registration.
Genomic Data: Raw genetic data files (e.g., from 23andMe, AncestryDNA, or WeGene) that you upload for analysis. These files are transmitted securely and are not stored permanently after analysis is complete.
Health Documents: Lab reports, medical records, checkup results, and other health documents you upload to the Health Data Vault. These are processed by AI to extract structured health indicators.
Health Records: Structured health data including lab values, self-reported metrics, and AI-extracted indicators stored in your Health Data Vault.
Payment Information: Payment processing is handled entirely by Stripe. We do not store credit card numbers, CVVs, or full payment details. We only retain Stripe transaction identifiers for order tracking.
Usage Data: Basic analytics data including page views and feature usage to improve the Service.

3. How We Use Your Information

To process and analyze your genomic data and generate structured JSON results.
To parse health documents and extract structured health indicators using AI.
To store and manage your health data in the Health Data Vault.
To provide API access to your health data for authorized AI agents and applications.
To process payments and manage your account.
To send transactional emails (e.g., analysis completion notifications).
To improve and optimize the Service.

4. Data Security

We implement industry-standard security measures to protect your data:

All data transmission is encrypted using TLS/HTTPS.
Genomic raw data files are transmitted securely and are not stored permanently on our servers after analysis.
Health data is stored in encrypted databases with access controls.
API access requires Bearer token authentication with user-scoped keys.
Payment processing is handled by Stripe, a PCI-DSS compliant payment processor.

5. Data Sharing

We do not sell your personal or health data. We may share data only in the following circumstances:

With your consent: When you explicitly authorize sharing through API keys or third-party integrations.
Service providers: With trusted third-party services that help us operate the platform (e.g., Stripe for payments, cloud hosting providers). These providers are bound by confidentiality agreements.
Legal requirements: When required by law, regulation, or legal process.

6. Your Rights

You have the right to:

Access your personal and health data stored on the platform.
Export your data through the API at any time.
Delete individual health documents and records from the Health Data Vault.
Revoke API keys to prevent third-party access.
Request complete account deletion by contacting us.

7. Data Retention

Genomic analysis results are retained as long as your account is active. Health Data Vault records are retained until you delete them or request account deletion. Raw genomic data files are not stored permanently — they are processed and discarded after analysis. Payment records are retained as required by applicable financial regulations.

8. Cookies

We use essential cookies for authentication and session management. We use minimal analytics cookies to understand how the Service is used. We do not use advertising cookies or tracking pixels.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at [email protected].