Skip to main content

Privacy Policy

Last Updated: December 2024

1. Introduction

NeuroDot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our genetic analysis platform.

2. Information We Collect

2.1 Genetic Data

We process genetic information you provide through file uploads (23andMe, AncestryDNA, VCF files). This data is:

  • Processed locally in your browser when possible
  • Transmitted securely using encryption
  • Analyzed to generate personalized product recommendations
  • Stored securely in our database with encryption at rest

2.2 Personal Information

  • Email address and account credentials
  • Name and profile information
  • Purchase history and order information
  • Symptom assessments and health questionnaires

2.3 Technical Data

  • IP address and device information
  • Browser type and version
  • Usage data and analytics

3. How We Use Your Information

  • Generate personalized product recommendations based on your genetic profile
  • Process orders and manage subscriptions
  • Improve our services and develop new features
  • Communicate with you about your account and orders
  • Comply with legal obligations

4. Data Sharing and Disclosure

We DO NOT sell your genetic data to third parties. We may share information with:

  • Service Providers: Third-party vendors who assist in operating our platform (hosting, payment processing)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for stored data
  • Regular security audits and updates
  • Access controls and authentication

Important: No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a structured format
  • Objection: Object to certain processing activities
  • Withdrawal: Withdraw consent at any time

To exercise these rights, contact us at privacy@shopneurodot.com

7. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

8. Data Retention

We retain your information for as long as necessary to provide services and comply with legal obligations. You may request deletion of your account and data at any time.

9. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect information from children. If you believe we have collected data from a child, contact us immediately.

10. Compliance with Regulations

Users are responsible for ensuring their use of NeuroDot complies with applicable laws in their jurisdiction, including:

  • HIPAA (United States) - Health Insurance Portability and Accountability Act
  • GDPR (European Union) - General Data Protection Regulation
  • PIPEDA (Canada) - Personal Information Protection and Electronic Documents Act
  • LGPD (Brazil) - Lei Geral de Proteção de Dados
  • POPIA (South Africa) - Protection of Personal Information Act
  • PDPA (Singapore) - Personal Data Protection Act

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or prominent notice on our platform. Continued use after changes constitutes acceptance.