Back to Home

Privacy Policy

Last updated: June 2, 2026

1. Introduction

At GeneHealth, we take your privacy and the security of your health data extremely seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our platform, including our genomic analysis and AI-driven health insights.

GeneHealth is designed to align with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), and we apply GDPR principles for our international users.

2. Information We Collect

a. Account Information

When you register, we collect your name, email address, and date of birth to create your personalised health profile.

b. Genomic Data

If you choose to upload genomic data (e.g., VCF, FASTQ files), we process this data to provide clinical insights. Your raw genomic files are encrypted at rest using AES-256 encryption.

c. Health & Wearable Data

With your explicit consent, we may collect data from Apple Health, Google Health Connect, or other wearable devices (e.g., heart rate, HRV, sleep data) to provide a holistic view of your health.

d. Location Data

When you track an outdoor activity (a run, walk or ride), we collect precise GPS location only while tracking is active to map your route and calculate distance, pace and elevation. We do not collect your location in the background.

e. Payment Information

Payments for provider bookings are processed by our payment provider, Stripe. We do not store your full card details on our servers.

3. How We Use Your Data

  • To provide personalised health risk scores and AI-driven coaching.
  • To check for drug-gene interactions (Pharmacogenomics).
  • To match you with relevant clinical trials.
  • To facilitate appointments with verified specialists in our marketplace.

4. Data Sharing and Consent

We never sell your personal health data to third parties. We only share your data in the following circumstances:

  • With your consent: sharing specific reports with a specialist you have booked.
  • Aggregated / anonymised: for public-health research, only if you opt in to research sharing.
  • Service providers: trusted infrastructure that helps us run the platform — Oracle Cloud (hosting), Cloudflare R2 (encrypted file storage), Vercel (web) and Stripe (payments). They process data only to provide their service.

5. Your Rights

You have the right to access, correct, or delete your data at any time. GeneHealth provides a "Delete My Account" feature that permanently removes all your sensitive health data from our active systems within 30 days of the request.

6. Security Measures

We employ industry-standard security measures, including end-to-end encryption for data transfers (TLS 1.3), database encryption, and regular security audits.

7. Contact Us

If you have any questions about this Privacy Policy, please contact our Data Protection Officer at privacy@pratham.au.