Menu
Ancestry
Core Reports
Exclusive Admixture Report Comprehensive ancestry breakdowns
Maternal Haplogroup (MTDNA) Trace your maternal lineage
Paternal Haplogroup (YDNA) Discover your paternal ancestry
Historical Population Origins Ancient population connections
Contemporary Population Origins Modern ethnic composition
Deep Analysis
Shared Roots Matches Global ancient matches
Ancient Global Composition 12,000 years of ancient matches
Deep Ancestry Chromosomal Analysis Pre-historic ancestry composition
HLA Heritage Report Immune system genetic origins
DNA Low Coverage Report Ancient signals in low coverage regions
X-Chromosome Admixture X-Chromosome ancestry analysis
HGDP K72 Global Ancestry 72 global populations analysis
Specialized Reports
Celtic Ancestry Report Celtic heritage analysis
Denisovan Report Denisovan DNA percentage
Farmers and Hunter-Gatherers Report Neolithic migration patterns
Jewish Ancestry Report Jewish genetic heritage
Neanderthal Report Neanderthal DNA percentage
Viking Ancestry Report Norse ancestry connection
See All Ancestry Reports
Studio
G25 Analysis
G25 Studio Free Advanced genetic distance analysis
G25 Coordinates Your personal G25 coordinates
G25 Genetic Story Cinematic journey through your ancestry
G25 Calculator Explorer Free Explore G25 calculators database
G25 Advanced Tools Fit Modeler, PCA, Heatmaps and more
Admixture Analysis
Admixture Calculators Free Analyze your ancestry composition
Admixture Studio Desktop Professional desktop application
AI Assistant AI-powered ancestry insights
AI Custom Images AI-generated infographics in 6 styles
Data and Research
Samples Database Explorer Browse 9,000+ ancient samples from 3,000+ sites
Haplogroup Explorer Explore Y-DNA and mtDNA haplogroups
Ancestry Publications Explorer Research papers and studies
Research Insights Podcast AI-narrated research summaries
Ancestral Cultures Explore ancient cultures and civilizations
DNA Matches Analyzer Analyze DNA relative matches
See All Studio Tools
Traits
Analysis
Traits Overview Comprehensive traits analysis
Traits Reports Individual trait reports
Traits Ancestry Origins Chromosome-level trait analysis
Health & Traits Publications Scientific publications database
Predictions
Predicted Appearance Physical traits prediction
Predicted Blood Type Free Blood type prediction
Are Your Parents Related? Free Parental relatedness analysis
Personality Report Personality traits prediction
Economic & Political Preferences Genetic influence on preferences
See All Traits Reports
Data & Research
Databases
Samples Database Explorer Browse 9,000+ ancient samples from 3,000+ sites
Haplogroup Explorer Explore Y-DNA and mtDNA haplogroups
Ancestral Cultures Explore ancient cultures and civilizations
Publications & Methods
Ancestry Publications Explorer Research papers and studies
Research Insights Podcast AI-narrated research summaries
Health & Traits Publications Scientific publications database
Analysis Methods Learn about DNA analysis techniques
DNA Tools
DNA Enhancement
DNA Imputation Extend your DNA coverage
DNA Merging Create DNA Superkit
DNA Phasing Separate maternal and paternal DNA lines
RAW File Maximizer Maximize RAW file compatibility
DNA Kit Studio Desktop Free Professional DNA analysis suite
File Converters
VCF to RAW Converter Convert VCF files to RAW format
RAW to VCF Converter Convert RAW files to VCF format
PLINK to RAW Converter Convert PLINK files to RAW format
BCF to RAW Converter Convert BCF files to RAW format
23andMe Imputed Converter Convert 23andMe imputed to RAW
Sequencing Tools
WGS (BAM/CRAM) to RAW Convert WGS files to RAW format
FASTQ Alignment to T2T Align FASTQ to T2T reference
FASTQ to RAW Converter Convert FASTQ files to RAW format
Analysis Tools
Kit Comparer Free Compare two DNA kits directly
RAW File Comparer Free Compare raw DNA files
RAW File Analyzer Free Analyze DNA file quality
Compatibility
Supported DNA Providers View all compatible RAW formats
See All DNA Services
Packages Store Upload RAW Create Account Sign In

Privacy Policy

Protecting Your Personal Data in Accordance with GDPR and Spanish Data Protection Laws

Last updated: May 19, 2026

Quick Navigation

Data Controller Data Collection Legal Basis Data Storage Website Tools Data Retention Recipients Your Rights Social Networks Contact Us

Introduction

The purpose of this policy is to inform data subjects about the various processing carried out by this organization through the website and affecting their personal data in accordance with the provisions of Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

Data Controller Information

Controller Details

Organization: DNA GENICS Limited Society

Address: Paseo de la Castellana 81, p15, 28046 (Madrid) and Avd. De la Industria 16, 28760 Tres Cantos (Madrid), Europe

Email: info@dnagenics.com

Data Collection & Usage

What data do we collect?

DNA Genics collects the following data:

  • Personal identification information (Name, email address)
  • Genomic data from other DNA companies
  • DNA matches list in text files format

How do we collect your data?

You directly provide DNA GENICS with most of the data we collect. We collect data and process data when you:

  • Register online or place an order for any of our products or services.
  • Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
  • Use or view our website via your browser's cookies.
  • Upload your genetic data in the accepted formats.

How will we use your data?

DNA Genics collects your data so that we can:

  • Process your DNA and relatives match for generating reports
  • Process your order and manage your account.
  • Email you with special offers on other products and services we think you might like.

Data Protection Commitment

We do not share your genomic data or reports with any other company. This data is anonymized and does not contain your name or your email address.

Purpose of Processing for Users/Navigators

We will process your personal data provided through our web forms to:

  • To attend to requests, complaints and incidents transferred through our contact channels incorporated in the website.
  • Understand the behavior of the user within the web in order to detect possible computer attacks on our website.
  • Comply with legal obligations that are directly applicable to us and regulate our activity.
  • To protect and exercise our rights or to respond to claims of any kind.
  • Where applicable, sending commercial communications regarding the goods or services that make up our activity and / or news or newsletters related to our sector. Your refusal to provide us with the authorization will imply the impossibility of sending you information from the entity.
  • If applicable, to manage your participation in contests and special offers that the entity carries out. Your refusal to provide us with authorization will make it impossible for you to participate.
  • If applicable, to send satisfaction and/or quality surveys. Your refusal to provide us with the authorization will imply the impossibility to evaluate the service provided.
  • Manage your registration on the entity's web platform and generate a username and password. Your refusal to provide us with authorization will make it impossible for us to register you on the platform.
  • Manage, monitor and supervise your activity on the blog/forum. Your refusal to provide us with authorization will make it impossible for you to participate.

Purpose of Processing for Clients

We will process your personal data provided through our web forms for:

  • The management of the business relationship.
  • Provide the services you have contracted through this website.
  • The execution of precontractual measures in which you participate in case you have purchased or contracted our goods or services.
  • Carry out all the necessary steps in order to ensure the reception of the purchased product through this website.
  • Administrative, accounting and tax management of the relationship established with our clients when they have hired us.
  • To attend to requests, complaints and incidents transferred through our contact channels incorporated in the website.
  • To understand the behavior of the navigator within the web in order to detect possible computer attacks on our web.
  • Comply with legal obligations that are directly applicable to us and regulate our activity.
  • To manage your data and to facilitate them, if necessary, to external suppliers for the proper functioning of our business.
  • To protect and exercise our rights or to respond to claims of any kind.

Data Storage & Security

DNAGENICS securely stores your data at Microsoft Azure cloud environment, following standard security measures. The data is stored in a European data center provisioned by Microsoft Corp.

EU Data Storage

Your personal data is stored securely within the European Union, ensuring compliance with GDPR requirements and providing the highest level of data protection.

Website Tools & Third-Party Services

CAPTCHA/reCAPTCHA

We use the Google CAPTCHA/reCAPTCHA service to detect, based on legitimate interest, if the website is being used by bots, in order to protect the portal and prevent abusive and fraudulent practices, such as sending spam. You can access our supplier's privacy policy by clicking here https://policies.google.com/privacy?hl=en-US

Google Analytics

Provided that we have your consent, we will use Google Analytics for statistical purposes in order to understand how you interact with our website or, where appropriate, to know the performance of their advertising campaigns, through the so-called cookies. For these purposes, you should note that, by using the service, Google will collect and store information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity.

International Data Transfer Notice

We inform you that the use of Google may involve International Data Transfers not based on an adequacy decision of the European Commission or on the provision of adequate safeguards, and therefore do not have an adequate level of protection in accordance with the provisions of the GDPR. For appropriate purposes, we inform you that this fact may entail certain risks for the protection of your personal data. Such risks may include the absence of an equivalent supervisory protection authority and/or equivalent data processing protection principles and/or data subject protection rights.

We therefore recommend that you first carefully read our provider's privacy policy: https://policies.google.com/privacy?hl=en-US

YouTube

Our website uses plugins of the YouTube platform with technology provided by Google. YouTube will only associate your browsing behavior with your personal profile if you are logged in to your account. You can prevent this by logging out.

We recommend that you carefully read our provider's privacy policy beforehand: https://policies.google.com/privacy?hl=es

Data Retention Periods

Personal data is kept only for as long as necessary to fulfill the purposes for which it was collected, in accordance with Article 5(1)(e) GDPR. The concrete periods that apply to each category of data are listed below.

Retention of Genetic Data and Accounts

Data Category Retention Period Trigger / Notes
DNA raw files (uploaded, no associated purchase made) Stored encrypted at rest; permanently erased no later than 3 years from the date of upload if no associated product has been purchased during that period Art. 5(1)(e) GDPR storage limitation principle; Art. 9 GDPR special category data. The 3-year cap applies regardless of account activity.
DNA raw files (uploaded, associated product purchased) Erased immediately from production; purged from encrypted backups within 30 days Triggered by account deletion, withdrawal of explicit consent under Article 9(2)(a) GDPR, or a verified erasure request
Derived analyses (ancestry, traits, health, G25 coordinates, haplogroups) Same lifecycle as the DNA file: subject to the 3-year cap if no purchase; immediate from production on deletion/withdrawal, 30 days from backups if a purchase has been made Linked to the underlying DNA file and consent
User account and profile (email, name, preferences) Active for the duration of the account; warning email at 24 months of inactivity; on cancellation or inactivity-driven deletion, data moves to blocked status for 5 years before permanent erasure (see "Blocked Status After Account Cancellation" below) Inactivity is measured by absence of login and absence of report activity. Blocked data is not used for any active purpose.
Authentication and security logs 12 months Article 6(1)(f) GDPR, legitimate interest in service security
Marketing consent and newsletter Until withdrawal of consent; reviewed every 24 months. You may withdraw consent at any time without justification by emailing info@dnagenics.com with subject "UNSUBSCRIBE", or by clicking the unsubscribe link in any commercial email. See also "Unsubscribe from Communications" below. Article 6(1)(a) GDPR
Cookies and analytics Maximum 13 months See the Cookies Policy for the per-cookie lifetime
Encrypted backups containing personal data Overwritten on a rolling cycle, no longer than 30 days after deletion from production Right to erasure, Article 17 GDPR

Maximum Retention of Unpurchased Genetic Data

Uploaded genetic data constitutes special category personal data under Article 9 GDPR and is subject to heightened protection and strict storage limitation (Article 5(1)(e) GDPR). The following rules apply specifically to genetic data for which no associated product has been purchased:

  • All uploaded DNA raw files and all data derived from them (ancestry analyses, traits, G25 coordinates, haplogroups, and similar) are stored encrypted at rest at all times.
  • If no associated product is purchased within 3 years of the date of upload, all genetic data - including the raw file and all derived analyses - is permanently and irreversibly erased from our production systems. Encrypted backups containing that data are purged within 30 days of the deletion from production.
  • This 3-year maximum retention period applies independently of account activity. An active account that has not made a purchase does not extend the period.
  • Appropriate technical and organisational security measures are applied throughout the retention period and during erasure.

Once a product associated with the uploaded genetic data has been purchased, the DNA file and derived analyses follow the standard account lifecycle described in the table above and in the "Withdrawal of Explicit Consent for Genetic Data" section below.

Withdrawal of Explicit Consent for Genetic Data

Genetic data is a special category of personal data under Article 9 GDPR and is processed solely on the basis of your explicit consent (Article 9(2)(a) GDPR). You may withdraw that consent at any time from your Personal Data page. Withdrawal triggers the immediate erasure of your DNA files and derived analyses from our production systems, with backup purge completed within 30 days. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

Blocked Status After Account Cancellation (Art. 32 LOPDGDD)

When a user cancels their account or requests its deletion, their personal data (name, email address, account preferences, order history, and similar non-genetic personal data) does not enter immediate erasure. Instead, it is placed in a blocked status in accordance with Article 32 of the Spanish Organic Law 3/2018 (LOPDGDD) on the duty to block (deber de bloqueo). The following conditions apply during blocked status:

  • The data is not used for any active purpose: no processing, no profiling, no commercial communications, and no inclusion in any active service.
  • Access to blocked data is restricted to authorised personnel only, and solely for the purpose of responding to legal claims, administrative proceedings, or judicial requests.
  • Blocked personal data is retained for a maximum of 5 years, in accordance with the general limitation period for personal actions established in Article 1964.2 of the Spanish Civil Code (as amended by Law 42/2015).
  • Once the 5-year blocking period has elapsed without any pending claim or legal obligation requiring retention, the data is permanently and irreversibly erased.
  • Billing, tax, and commercial records subject to separate mandatory retention obligations (see "Legal Retention Obligations" table below) continue to be retained for those legally required periods, independently of the blocking period.

Note on genetic data and blocked status: Genetic data (DNA raw files and derived analyses) constitutes special category personal data under Article 9 GDPR. Upon account cancellation or withdrawal of explicit consent, genetic data is erased immediately from production systems and purged from backups within 30 days. Genetic data is not placed in blocked status; it is permanently deleted.

Use for Research, Publication, or AI Training

DNA Genics does not use your genetic data, in any form (raw, derived, aggregated, or anonymized), for research, scientific publication, or the training of artificial intelligence or machine learning models. Your data is processed exclusively to provide the analysis services you requested.

Minimum Age

Our services are not intended for users under 16 years of age. We do not knowingly process personal data from minors under 16. If we discover that an account belongs to a person under 16, we will delete the account and all associated data (including DNA files and derived analyses) immediately.

Legal Retention Obligations

Independently of account status, certain billing and tax records are retained on a restricted-access basis for the periods required by Spanish and European law:

Legal Framework Retention Period Applies To
Spanish Civil Code, Article 1964.2 (as amended by Law 42/2015) 5 years General statute of limitations for personal actions
Spanish Commercial Code, Article 30 6 years Invoices issued and received, tickets, corrective invoices, bank documents, and other commercial records
Spanish General Tax Law, Articles 66 to 70 4 years Information related to tax obligations

Automated Decisions and Profiling

The website does not make automated decisions or create profiles.

Data Recipients & International Transfers

Recipients

During the duration of the processing of your personal data, the organization may transfer your data to the following recipients:

  • Judges/Court
  • State Security Forces and Corps
  • Other competent public authorities or bodies, where the controller has a legal obligation to provide personal data

International Data Transfers

EU Data Storage

The organization does not make any International Data Transfer. Your data remains within the European Union.

Your GDPR Rights

DNA Genics would like to make sure you are fully aware of all of your data protection rights. The interested parties may exercise at any time and totally free of charge the rights of access, rectification and erasure, as well as request that the processing of their personal data be limited or request the portability of them (where technically possible) or withdraw the consent given, and where appropriate, not to be the subject of a decision based solely on automated processing, including profiling.

Your Rights at a Glance

Right to Access

You have the right to request DNA Genics for copies of your personal data. We may charge you a small fee for this service.

Right to Rectification

You have the right to request that DNA Genics correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure

You have the right to request that DNA Genics erase your personal data, under certain conditions. If you have an account, you can request account deletion from your Personal Data page.

Right to Restrict Processing

You have the right to request that DNA Genics restrict the processing of your personal data, under certain conditions.

Right to Object

You have the right to object to DNA Genics's processing of your personal data, under certain conditions.

Right to Data Portability

You have the right to request that DNA Genics transfer the data that we have collected to another organization, or directly to you, under certain conditions. You can download your personal data from your account.

How to Exercise Your Rights

Self-Service: Manage Your Data Online

If you have a DNAGENICS account, you can exercise your data rights directly from your Personal Data page. From there you can download your personal data, request your raw DNA file, or request account deletion.

To exercise these rights, you can use the forms enabled by the organization, or send a letter to the email address indicated above. In any case, your application must be accompanied by a photocopy of your ID or equivalent document, in order to prove your identity.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: info@dnagenics.com

Right to Lodge a Complaint

In the event that you feel your rights regarding the protection of your personal data have been violated, especially when you have not obtained satisfaction in the exercise of your rights, you can file a complaint with the competent Data Protection Control Authority.

Unsubscribe from Communications

In compliance with Directive 2000/31/EC, if you do not wish to receive further information about our services, you may unsubscribe by sending an email to the address info@dnagenics.com, with "UNSUBSCRIBE" subject or by clicking on the unsubscribe link.

Data Veracity & Truthfulness

The data subject guarantees that the data provided are true, accurate, complete and up-to-date; committing to report any changes with respect to the data that it provided, by the channels enabled for this purpose and indicated in point one of this policy. You will be liable for any damages, both direct and indirect, that you may cause as a result of the breach of this obligation.

In the event that the user provides data of third parties, declares that he has the consent of the interested parties and undertakes to transfer the information contained in this clause, exempting the organization from any liability arising from the failure to comply with this obligation.

In the event that third party data is provided, the user must declare that the consent of the interested parties has been obtained, committing to transfer the information contained in this clause. The organization will be exempt from any liability arising from the failure to comply with this obligation.

Social Networks

In order to let you participate in our activity, and so that you can be aware of our news, we inform you that DNA GENICS SL has created a profile in the Social Networks.

All users have the opportunity to join our social networks or groups. However, you should be aware that, unless we request your data directly (for example, through marketing actions, contests, promotions, or any other valid way), your data will belong to the corresponding Social Network, so we recommend that you carefully read its terms of use and privacy policies, as well as, make sure to configure your preferences regarding the processing of data.

Below, we detail the link to the privacy policy to the various Social Networks in which we have presence:

Policy Modifications

This privacy policy may be modified/updated according to the legal requirements established or in order to adapt this policy to the instructions issued by the Data Protection Supervisory Authority (Spanish Data Protection Agency), or changes to our website. For this reason, we advise users to periodically visit our Privacy Policy.

If you have any questions about this policy, you can contact with DNA GENICS SL through the forms provided by the organization, or send a letter to the postal address or e-mail address referenced in the heading.

Contact Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

Contact Information

Organization: DNA GENICS Limited Society

Address: Paseo de la Castellana 81, p15, 28046 (Madrid)

Address: Avd. De la Industria 16, 28760 Tres Cantos (Madrid), Europe

General Inquiries: info@dnagenics.com

We aim to respond to all privacy-related inquiries as promptly as possible.

Related Documents

Home Contact Us About Us Manage Your Data

GDPR Privacy Highlights

EU-based data storage Your data stays in the European Union
No data selling We never sell your personal information
Full GDPR rights Access, rectify, delete, or port your data
Encryption All data transmitted over HTTPS/TLS
Data anonymization Genomic data is anonymized
Secure cloud storage Microsoft Azure EU data centers
Data export Download your data anytime
Account deletion Delete your account and data easily