Privacy Policy Highlights
These “Privacy Highlights” provide an overview of some core components of our data handling practices.
Information We Collect
We generally collect the following information:
Information we receive when you use our Services. We collect Web-Behavior Information via cookies and other similar tracking technologies when you use and access our website.
- Information you share with us. We collect and process your information when you place an order via our consent and indemnity form.
- Information from our DNA testing services. With your consent, we extract your DNA from your DNA sample and analyze it to produce your Genetic Information (the As, Ts, Cs, and Gs at particular locations in your genome) in order to provide you with MMG reports.
How We Use Information
We generally process Personal Information for the following reasons:
- To provide our Services. We process Personal Information in order to provide our Service, which includes processing payments, shipping kits to customers, DNA samples and DNA, and delivering results and powering tools that benefit our customers.
- To analyze and improve our Services. We constantly work to improve and provide new reports, tools, and Services. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience or assess our marketing campaigns.
Control: Your Choices
You have the ability to make decisions about how your data is shared and used. You choose:
- To store or discard your DNA sample after it has been analyzed.
- When and with whom you share your information, including friends, family members, health care professionals, or others outside our Services, including through third party services that accept MMG data and social networks.
Access To Your Information
Your Personal Information may be shared in the following ways:
- With our service providers as necessary for them to provide their services to us.
- MMG will not sell, lease, or rent your individual-level protected health information to a third party for research purposes without your consent.
- We will not share your data with any public databases.
- We will not provide any person’s data (genetic or non-genetic) to an insurance company or employer.
- We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information.
How We Secure Information
MMG implements measures and systems to ensure confidentiality, integrity, and availability of MMG data. These practices include, but are not limited to, the following areas:
- Anonymization, encryption, and data segmentation. Registration Information is stripped from Sensitive Information, including genetic and phenotypic data. This data is then assigned a random ID so the person who provided the data cannot reasonably be identified. MMG uses industry-standard security measures to encrypt sensitive personal data both when it is stored (data-at-rest) and when it is being transmitted (data-in-flight). Additionally, data are segmented across logical database systems to further prevent re-identifiability.
- Encryption. MMG uses industry-standard security measures to encrypt Sensitive Information both when it is stored and when it is being transmitted.
- Limited access to essential personnel. We limit access to information to authorized personnel, based on job function and role. MMG access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.
MapMyGene Mobile App – Privacy, Data Collection, and User Rights
Last updated: 23 June 2026
This Privacy Policy explains how Map My Gene (“MMG”, “we”, “us”) collects, uses, shares, and protects your information when
you use the MapMyGene mobile app and related services. Because we process genetic data, we treat your privacy with the
highest level of care. By creating an account and using MapMyGene, you agree to this Policy.
1. Information we collect
Personal information you provide. When you create an account and use MapMyGene, we collect your name, email address, phone number, postal/shipping and billing address, date of birth, and gender. You provide this during registration, profile setup, and checkout.
Genetic and health information. With your explicit consent, we collect and process the DNA sample you submit and the genetic information derived from it, along with the test results and reports generated for you. We treat this as sensitive personal information and apply additional safeguards, including encryption, strict access controls, and, where applicable, de–identification.
Payment information. Purchases are processed by our payment provider, Stripe. Your full card details are handled directly by Stripe and are not stored on our servers. We retain only limited transaction details such as order amount, status, and payment references.
Device and usage information. To deliver and improve the app, we collect device identifiers, push–notification tokens, and limited app analytics/usage information.
2. How we use your information
We use collected information to: manage accounts; process orders; deliver DNA reports; provide customer support; send notifications; improve the app; maintain security; and comply with legal obligations. We process your genetic and health data only with your explicit consent and solely to provide and support the testing services you request.
3. Medical disclaimer
MapMyGene reports are provided for informational and educational purposes only and are not intended to diagnose, treat, cure, or prevent any disease. They are not a substitute for professional medical advice, diagnosis, or treatment. Always consult a qualified healthcare provider regarding any health questions or before making decisions based on your results.
4. Consent
We rely on your explicit, informed consent to collect and process your DNA sample and genetic information. You may withdraw consent at any time (see Your rights). Withdrawing consent or deleting your account stops further processing and triggers deletion of your data as described in Data retention.
5. Third parties who process data on our behalf
We share data only with service providers who process it on our behalf under contract:
• Amazon Web Services (AWS) — hosting, authentication, and storage
• Stripe — payment processing
• Google / Firebase — push notifications and analytics
• Authorized laboratory and sequencing service providers — sample processing and genetic analysis
We do not sell personal or genetic information, and we do not share it with insurers or employers.
6. Where your data is processed
Your data is hosted and processed on AWS infrastructure located in ‹Singapore (Asia Pacific)›. Where data is transferred or processed across borders by our service providers, we apply appropriate safeguards consistent with applicable law (e.g., GDPR, PDPA).
7. Data retention
• Active accounts: personal information is retained while your account remains active.• Account deletion: when you delete your account, your personal and genetic data are permanently erased after a 30–day grace period. During this window the account is deactivated and inaccessible; you may contact us within the window if the deletion was unintended.
• Genetic data and reports: deleted as part of the erasure above unless you request earlier deletion.
• Legal/accounting records: limited transaction and audit records (e.g., order amount, status, payment references) are retained only as required by law for up to ‹7 years›, then deleted.
8. Your rights — access and deletion
You may:
• Delete your account and data — directly in the app (Profile → Settings → Delete Account) or by emailing info@mapmygene.com.
• Access a copy of your personal data, correct inaccuracies, and request data portability where applicable.
• Withdraw consent to genetic data processing at any time.
We action verified deletion requests by permanently erasing your personal and genetic data after the 30–day grace period described above, retaining only records we are legally required to keep. To protect your data, we may verify your identity before fulfilling a request. Depending on your location, you may also have the right to lodge a complaint with your data protection authority.
9. Security
Data is encrypted in transit and at rest, with access restricted to authorized personnel only. We maintain technical and organizational measures appropriate to the sensitivity of genetic data.
10. Children
MapMyGene is intended for individuals aged 18 and over. We do not knowingly create accounts for, or process the genetic data of, individuals under 18. If you believe a minor has provided us data, contact
info@mapmygene.com and we will delete it.
11. Changes to this Policy
We may update this Policy from time to time. Material changes will be notified in the app or by email, and the “Last
updated” date above will be revised.
12. Contact us
For privacy–related requests or questions, contact MMG at info@mapmygene.com, or write to: Map My Gene, 2 Kallang Ave, Singapore 339407