We are required by law to maintain the privacy and security of your data, and we take the following steps to store and transfer your genetic data, risk scores, and results as safely as we can:
- Passwords - We have strict password policies at Genomics to minimize the risk of information security breaches. You can help keep your data secure by choosing a strong password and keeping it private (e.g. by using a password manager). Genomics will never contact you to ask for your password by phone or email.
- Data security - We follow industry standards for physical, technical and procedural safeguards. We encrypt your genetic data, risk scores, and results using robust security applications.
- Data location - Your genetic data, risk scores, and results are all stored and processed in secure, private locations, accessible only to authorized personnel, and hosted in the cloud by Amazon Web Services (AWS) in the US. This region is isolated and independent of other AWS regions. All of the data in AWS can be accessed by us from any location (e.g. UK or US) however your data does not leave the USA. You will be able to download your own personal copies of the laboratory report.
- Data sharing - In addition to encryption, we limit the genetic data, risk scores, and results, we share with our partners to the minimum amount needed to provide Health Insights. See the section on our partners to understand what information is provided and to whom.
Data Retention
- We will retain your genetic data, risk scores, and results for as long as required to provide Health Insights. Once this is completed, these will be securely archived for 10 years in order to meet legal and regulatory requirements. They will not be used for any other purposes. The same rules apply to our partners.
- We will retain the de-identified data indefinitely and use it in our research and development work aimed at improving health and preventing disease.
- We will retain the Survey Data, Support Data, and Web Behavior Data indefinitely and use them to improve Health Insights and future products. We will remove information that could identify you before we use it.
We do not sell your data
Genomics will not sell your genetic data, risk scores, and results for any reason. All of your data is used only for the provision of Health Insights, in accordance with the law and as outlined in this privacy notice.
Data breach notifications
We will let you, and appropriate regulatory authorities, know promptly if a breach occurs that may have compromised the privacy or security of your data, or otherwise adversely affect your rights relating to your data.
For more information, see our privacy notice.