Privacy Policy

Last updated: May 2026

1. Data Controller DNAlyse OÜ does not collect or process personal data related to genetic services. DNAlyse™ acts solely as a commercial facilitator, enabling access to third-party laboratory services that operate under their own privacy policies and as independent data controllers for all genetic data. DNAlyse OÜ is the data controller only for the limited commercial and technical data described in Section 2 below.

2. Information We Collect DNAlyse™ collects only minimal technical or commercial data necessary for operating this Website and managing B2B relationships:

— Business contact information provided voluntarily (e.g. company name, professional email address)
— Website usage metadata collected automatically (e.g. IP address, browser type, device type, pages visited)

No genetic, health, or patient data is processed or stored by DNAlyse™ at any point.

3. Use of Collected Information The minimal data collected is used solely for:
— Communicating with professional partners and responding to enquiries
— Ensuring Website functionality and security
— Improving user experience

4. Legal Basis The processing of business contact data and website metadata is based on DNAlyse™'s legitimate interest (GDPR Article 6(1)(f)) in conducting B2B operations, ensuring website security, and responding to professional enquiries. Where you voluntarily submit contact information, processing is based on your consent or on steps taken prior to entering a contract.

5. Data Retention Business contact data is retained for as long as necessary to manage the professional relationship, and deleted upon request. Technical website metadata (e.g. server logs, IP records) is retained for up to 12 months for security and analytical purposes, then deleted.

6. Third-Party Providers All genetic analysis services accessed via DNAlyse™ are fulfilled by a GDPR-compliant accredited laboratory acting as an independent data controller for all end-user genetic data. DNAlyse™ has no access to genetic or patient data held by this provider. The provider's identity is disclosed directly to patients at the point of informed consent, prior to any sample collection. Professional partners may request further information by contacting info@dnalyse.com.

7. Your Rights Depending on which data is in question, rights are exercisable against different entities:

— Genetic and patient data (held by our accredited laboratory): rights of access, rectification, erasure, restriction, and portability must be directed to the laboratory. Contact details are provided to patients in their informed consent documentation and are available from DNAlyse™ upon request.
— Commercial and website data held by DNAlyse OÜ: rights of access, rectification, erasure, restriction, objection, and portability may be exercised by contacting info@dnalyse.com.
— Right to complain: you may lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee) if you believe your rights have been violated.

8. Cookies This Website uses only strictly necessary cookies required for basic website operation. These do not require user consent under GDPR. No tracking, analytics, or marketing cookies are used. See our Cookie Policy for full details.

9. Changes to This Policy DNAlyse™ reserves the right to modify this Privacy Policy at any time. Any changes will be reflected on this page with an updated date.

10. Contact For any privacy-related enquiries, please contact: info@dnalyse.com