Privacy Policy Highlights

These “Privacy Highlights” provide an overview of some core components of our data handling practices.

Information We Collect

We generally collect the following information:
Information we receive when you use our Services.​ We collect Web-Behavior Information via cookies and other similar tracking technologies when you use and access our website.

  • Information you share with us.​ We collect and process your information when you place an order via our consent and indemnity form.
  • Information from our DNA testing services.​ With your consent, we extract your DNA from your DNA sample and analyze it to produce your Genetic Information (the As, Ts, Cs, and Gs at particular locations in your genome) in order to provide you with MMG reports.

How We Use Information

We generally process Personal Information for the following reasons:

  • To provide our Services.​ We process Personal Information in order to provide our Service, which includes processing payments, shipping kits to customers, DNA samples and DNA, and delivering results and powering tools that benefit our customers.
  • To analyze and improve our Services.​ We constantly work to improve and provide new reports, tools, and Services. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience or assess our marketing campaigns.

Control: Your Choices

You have the ability to make decisions about how your data is shared and used. You choose:

  • To store or discard your DNA sample after it has been analyzed.
  • When and with whom you share your information, including friends, family members, health care professionals, or others outside our Services, including through third party services that accept MMG data and social networks.

Access To Your Information

Your Personal Information may be shared in the following ways:

  • With our service providers as necessary for them to provide their services to us.
  • MMG will not sell, lease, or rent your individual-level protected health information to a third party for research purposes without your consent.
  • We will not share your data with any public databases.
  • We will not provide any person’s data (genetic or non-genetic) to an insurance company or employer.
  • We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information.

How We Secure Information

MMG implements measures and systems to ensure confidentiality, integrity, and availability of MMG data. These practices include, but are not limited to, the following areas:

  • Anonymization, encryption, and data segmentation. Registration Information is stripped from Sensitive Information, including genetic and phenotypic data. This data is then assigned a random ID so the person who provided the data cannot reasonably be identified. MMG uses industry-standard security measures to encrypt sensitive personal data both when it is stored (data-at-rest) and when it is being transmitted (data-in-flight). Additionally, data are segmented across logical database systems to further prevent re-identifiability.
  • Encryption.​ MMG uses industry-standard security measures to encrypt Sensitive Information both when it is stored and when it is being transmitted.
  • Limited access to essential personnel.​ We limit access to information to authorized personnel, based on job function and role. MMG access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.

MapMyGene Mobile App – Privacy, Data Collection, and User Rights

Last updated: 23 June 2026

This Privacy Policy explains how Map My Gene (“MMG”, “we”, “us”) collects, uses, shares, and protects your information when

you use the MapMyGene mobile app and related services. Because we process genetic data, we treat your privacy with the

highest level of care. By creating an account and using MapMyGene, you agree to this Policy.

1. Information we collect

Personal information you provide. When you create an account and use MapMyGene, we collect your name, email address, phone number, postal/shipping and billing address, date of birth, and gender. You provide this during registration, profile setup, and checkout.

Genetic and health information. With your explicit consent, we collect and process the DNA sample you submit and the genetic information derived from it, along with the test results and reports generated for you. We treat this as sensitive personal information and apply additional safeguards, including encryption, strict access controls, and, where applicable, deidentification.

Payment information. Purchases are processed by our payment provider, Stripe. Your full card details are handled directly by Stripe and are not stored on our servers. We retain only limited transaction details such as order amount, status, and payment references.

Device and usage information. To deliver and improve the app, we collect device identifiers, pushnotification tokens, and limited app analytics/usage information.

2. How we use your information

We use collected information to: manage accounts; process orders; deliver DNA reports; provide customer support; send notifications; improve the app; maintain security; and comply with legal obligations. We process your genetic and health data only with your explicit consent and solely to provide and support the testing services you request.

3. Medical disclaimer

MapMyGene reports are provided for informational and educational purposes only and are not intended to diagnose, treat, cure, or prevent any disease. They are not a substitute for professional medical advice, diagnosis, or treatment. Always consult a qualified healthcare provider regarding any health questions or before making decisions based on your results.

4. Consent

We rely on your explicit, informed consent to collect and process your DNA sample and genetic information. You may withdraw consent at any time (see Your rights). Withdrawing consent or deleting your account stops further processing and triggers deletion of your data as described in Data retention.

5. Third parties who process data on our behalf

We share data only with service providers who process it on our behalf under contract:

Amazon Web Services (AWS) — hosting, authentication, and storage

Stripe — payment processing

Google / Firebase — push notifications and analytics

Authorized laboratory and sequencing service providers — sample processing and genetic analysis

We do not sell personal or genetic information, and we do not share it with insurers or employers.

6. Where your data is processed

Your data is hosted and processed on AWS infrastructure located in ‹Singapore (Asia Pacific)›. Where data is transferred or processed across borders by our service providers, we apply appropriate safeguards consistent with applicable law (e.g., GDPR, PDPA).

7. Data retention

Active accounts: personal information is retained while your account remains active. Account deletion: when you delete your account, your personal and genetic data are permanently erased after a 30day grace period. During this window the account is deactivated and inaccessible; you may contact us within the window if the deletion was unintended.

Genetic data and reports: deleted as part of the erasure above unless you request earlier deletion.

Legal/accounting records: limited transaction and audit records (e.g., order amount, status, payment references) are retained only as required by law for up to ‹7 years›, then deleted.

8. Your rights — access and deletion

You may:

Delete your account and data — directly in the app (Profile → Settings → Delete Account) or by emailing info@mapmygene.com.

Access a copy of your personal data, correct inaccuracies, and request data portability where applicable.

Withdraw consent to genetic data processing at any time.

We action verified deletion requests by permanently erasing your personal and genetic data after the 30day grace period described above, retaining only records we are legally required to keep. To protect your data, we may verify your identity before fulfilling a request. Depending on your location, you may also have the right to lodge a complaint with your data protection authority.

9. Security

Data is encrypted in transit and at rest, with access restricted to authorized personnel only. We maintain technical and organizational measures appropriate to the sensitivity of genetic data.

10. Children

MapMyGene is intended for individuals aged 18 and over. We do not knowingly create accounts for, or process the genetic data of, individuals under 18. If you believe a minor has provided us data, contact

info@mapmygene.com and we will delete it.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be notified in the app or by email, and the “Last

updated” date above will be revised.

12. Contact us

For privacyrelated requests or questions, contact MMG at info@mapmygene.com, or write to: Map My Gene, 2 Kallang Ave, Singapore 339407