Privacy Policy

Who we are

LinkMyDNA ("we", "us") operates https://linkmydna.com, a privacy-first social platform that uses encrypted genomic data to help people discover others with shared ancestry. Identity on the platform is proven through Ethereum wallet ownership. No email address or password is ever required.

This policy explains what data we collect at each stage, how it is processed, who we share it with, and what you can do about it.

What we collect and why

Wallet and identity data

When you connect a wallet and sign the authentication message to join the waitlist or sign in, we store:

• Your Ethereum wallet address, stored in lowercase. This is your permanent identity on the platform.
• Your ENS name, if one resolves on Ethereum mainnet. Optional and nullable.
• The chain ID you signed on.
• Timestamps for when you signed and when the record was created.

We never store private keys, seed phrases, or wallet credentials.

DNA file data

If you upload a DNA file, your browser does the following before anything reaches our servers:

• Parses the file to extract ancestry SNPs from a curated panel of non-medical markers only.
• Derives a 256-bit AES encryption key from a signature produced by your wallet. This key is flagged non-exportable by the browser's Web Crypto API and cannot leave your device.
• Encrypts both your raw file and your SNP fingerprint separately using AES-256-GCM.

After encryption, we store in Cloudflare R2:

• An encrypted copy of your original DNA file (raw.enc). We cannot read this. Only the wallet that encrypted it can decrypt it.
• An encrypted SNP fingerprint (snps.enc) containing only the ancestry markers used for matching.

We also store in our database:

• A SHA-256 hash of the encrypted file and a SHA-256 hash of the SNP data, used for integrity checks.
• The provider label detected from your file format (for example, 23andme or ancestry).
• The number of SNP markers found and the timestamp of upload.

Ancestry matching sketch (opt-in)

If you choose to participate in ancestry matching, your browser decrypts your SNP fingerprint locally and computes a 128-band MinHash sketch. This sketch is a compact mathematical summary of which ancestry markers are present in your data. It is uploaded to our database and used to find other users who share enough genetic background to be worth introducing.

The sketch cannot be used to reconstruct your raw DNA. Your actual DNA data never leaves your browser during this process.

Profile data

If you choose to fill in a display name or bio on your account page, we store those values linked to your wallet address. Both fields are optional. Your wallet address is always your primary identifier regardless of whether you have a profile.

Connection data

When you send, accept, decline, or withdraw a connection request, we store a record of that event including the wallets involved, the connection status, and the genetic similarity score that made the request eligible. Pending requests do not reveal the requesting wallet to the recipient until the connection is mutually accepted.

Session data

Your active session is stored in your browser's sessionStorage as a signed JWT that expires after 8 hours. If you check "Remember this device" at sign-in, we also set an HttpOnly secure cookie containing a refresh token that lasts up to 30 days. Only a SHA-256 hash of the raw token value is stored in our database. The token itself is never stored in a readable form.

Analytics

We use PostHog to understand basic site usage: pages visited, device and browser type, general location, and timestamps. IP addresses may be processed for analytics and security purposes.

Server logs

Our hosting infrastructure generates standard access logs. These are used to keep the site reliable and to detect abuse. They are not used for advertising or profiling.

Email you send us

If you contact contact@linkmydna.com, we receive your email address and message and keep them only as long as needed to respond or resolve your request.

How we use your data

We use the data described above to operate the platform: to verify wallet identity, store encrypted DNA files, compute ancestry matches, maintain connection records, and respond to support requests. Analytics help us understand how the site is being used so we can improve it.

We do not sell personal data. We do not use your data for advertising. We do not provide medical, diagnostic, or ancestry interpretation of any kind.

Data sharing and third parties

We use the following infrastructure providers to operate the platform. Each processes data on our behalf under their own terms:

• Cloudflare — hosting, CDN, security (WAF and rate limiting), and R2 object storage for encrypted DNA blobs.
• Supabase — Postgres database and serverless Edge Functions that handle server-side authentication and business logic.
• PostHog — product analytics.
• Reown / WalletConnect — wallet connection infrastructure used when connecting wallets other than MetaMask or Coinbase Wallet via browser extension. WalletConnect facilitates the connection handshake but does not see your DNA data.

We do not share your data with any other third parties.

Data retention

• Wallet and waitlist records are retained while your account is active.
• Encrypted DNA files are retained in Cloudflare R2 until you request deletion.
• Ancestry matching sketch is retained until you request removal or delete your upload.
• Connection records are retained while your account is active.
• Profile data is retained until you edit or delete it.
• Session refresh tokens have a 30-day maximum lifetime, are rotated on every use, and are revoked when you sign out.
• Authentication nonces expire after 10 minutes and are purged automatically every hour.
• Analytics data is retained per our PostHog configuration.
• Email correspondence is kept as long as needed to respond.

Deleting your data

You can request deletion of your uploaded DNA data from your account page at /account. Deletion works in two stages:

• Soft delete removes your upload from view immediately. The encrypted blobs remain in storage and can be restored within 7 days if you change your mind.
• Hard delete permanently destroys both encrypted blobs from Cloudflare R2. This is irreversible. A 7-day cooling-off window applies before the system carries out the purge automatically.

To request removal of your entire account record or waitlist entry, email contact@linkmydna.com. We will process the request in line with applicable law.

Cookies and analytics

PostHog may set cookies to provide analytics. We use a single HttpOnly secure cookie for persistent sessions when you opt in to "Remember this device." You can manage or clear cookies through your browser settings. Clearing cookies will end any active persistent session.

Your rights

If you are in the EU, UK, or another region with data protection laws, you have the right to access, correct, or delete personal data we hold about you, and to object to or restrict certain processing. To exercise any of these rights, email contact@linkmydna.com. Because your wallet address is your identity, we may ask you to verify wallet ownership before acting on a request.

Children

LinkMyDNA is not directed at anyone under 18. We do not knowingly collect data from minors. If you believe a minor has registered, please contact us and we will remove the account.

Medical disclaimer

LinkMyDNA is a social discovery platform. It does not provide medical, diagnostic, or ancestry interpretation services of any kind. Genetic data is sensitive. You are responsible for following the laws in your jurisdiction when sharing or processing it.

Changes to this policy

We may update this policy as the platform evolves. When we do, we will revise the date at the top of this page. Continued use of the platform after a change is posted constitutes acceptance of the updated policy.

Contact

Questions, access requests, or deletion requests: contact@linkmydna.com