🇪🇺 GDPR Compliance

How FuelYourDNA protects your data under European regulations

Our Commitment to GDPR

FuelYourDNA is fully committed to compliance with the General Data Protection Regulation (GDPR). As a company handling sensitive genetic data, we take data protection extremely seriously and have implemented comprehensive measures to protect your rights.

Lawful Basis

We process your data based on your explicit consent and contractual necessity to provide our service.

Data Minimization

We only collect data strictly necessary for providing our genetic nutrition analysis.

Storage Limitation

Raw DNA files are deleted after processing. We retain only essential analyzed data.

Security by Design

Privacy and security are built into every aspect of our service from the ground up.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right Description How to Exercise
Right of Access Request a copy of all personal data we hold about you Email privacy@fuelyourdna.com
Right to Rectification Correct any inaccurate or incomplete data Account settings or email
Right to Erasure Request deletion of all your data ("right to be forgotten") Account settings > Delete Account
Right to Portability Receive your data in a machine-readable format Account settings > Export Data
Right to Object Object to certain types of data processing Email privacy@fuelyourdna.com
Right to Restrict Limit how we process your data Email privacy@fuelyourdna.com
Withdraw Consent Withdraw your consent at any time Account settings or email

We will respond to all requests within 30 days as required by GDPR.

Special Category Data (Genetic Data)

Genetic data is classified as "special category data" under GDPR Article 9, which requires additional protections. We process your genetic data only with your explicit consent for the specific purpose of providing personalized nutrition recommendations.

Our Genetic Data Handling:

  • Raw DNA files are permanently deleted within 24 hours of analysis
  • Only relevant nutritional markers are retained (not your entire genome)
  • All genetic data is encrypted at rest using AES-256
  • Access is strictly limited to essential automated processes
  • Your genetic data is NEVER shared with third parties

Data Processing Activities

Data We Process

  • Account Data: Name, email, password (hashed) — for account management
  • Genetic Data: Uploaded DNA files, analyzed SNPs — for nutrition analysis
  • Payment Data: Transaction records (no card numbers) — for billing
  • Technical Data: IP address, browser info — for security and functionality

Legal Bases for Processing

  • Consent: For processing genetic data and marketing communications
  • Contract: For providing our analysis service
  • Legal Obligation: For tax and accounting records
  • Legitimate Interest: For security and fraud prevention

Data Transfers

Your data is primarily stored and processed within the European Union. If any data transfer outside the EU is necessary (e.g., for payment processing), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data processing agreements with all sub-processors

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected users without undue delay if the breach poses a high risk
  • Document the breach and remediation measures

Contact Our Data Protection Officer

Data Protection Officer

Email: privacy@fuelyourdna.com

Address: FuelYourDNA - DPO, Pornichet, France

Response Time: Within 30 days

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr

This page was last updated on January 6, 2026.

🇪🇺 Conformité RGPD

Vos droits en vertu du Règlement général sur la protection des données

Notre engagement envers le RGPD

FuelYourDNA s'engage pleinement à respecter le Règlement général sur la protection des données (RGPD). En tant qu'entreprise traitant des données génétiques sensibles, nous prenons la protection des données très au sérieux et avons mis en place des mesures complètes pour protéger vos droits.

Protection intégrée

La vie privée et la sécurité sont intégrées à chaque aspect de notre service dès la conception.

Chiffrement des données

Toutes les données sont chiffrées avec AES-256 au repos et TLS 1.3 en transit.

Suppression automatique

Les fichiers ADN bruts sont automatiquement supprimés après analyse.

Consentement explicite

Nous collectons uniquement les données pour lesquelles vous avez donné un consentement explicite.

Vos droits RGPD

En vertu du RGPD, vous disposez des droits suivants concernant vos données personnelles :

📋 Droit d'accès

Demander une copie de toutes vos données personnelles que nous détenons.

✏️ Droit de rectification

Corriger toute donnée inexacte ou incomplète vous concernant.

🗑️ Droit à l'effacement

Demander la suppression de vos données personnelles (« droit à l'oubli »).

📦 Droit à la portabilité

Recevoir vos données dans un format structuré et lisible par machine.

🚫 Droit d'opposition

Vous opposer au traitement de vos données personnelles dans certaines circonstances.

⏸️ Droit à la limitation

Demander la limitation du traitement de vos données dans certaines situations.

↩️ Retrait du consentement

Retirer votre consentement à tout moment sans que cela n'affecte la légalité du traitement antérieur.

📞 Droit de réclamation

Déposer une réclamation auprès de l'autorité de contrôle compétente (CNIL en France).

Nous répondrons à toutes les demandes dans un délai de 30 jours conformément au RGPD.

Données génétiques — Données de catégorie spéciale

Les données génétiques sont classées comme « données de catégorie spéciale » au titre de l'article 9 du RGPD, ce qui exige des protections supplémentaires. Nous ne traitons vos données génétiques qu'avec votre consentement explicite dans le seul but de vous fournir des recommandations nutritionnelles personnalisées.

Base légale du traitement

Nous traitons vos données sur les bases légales suivantes :

  • Consentement explicite : Pour le traitement des données génétiques (article 9 du RGPD)
  • Exécution du contrat : Pour fournir le service commandé
  • Obligation légale : Pour la conformité aux lois et réglementations applicables
  • Intérêt légitime : Pour la sécurité et la prévention de la fraude

Conservation des données

  • Fichiers ADN bruts : Supprimés dans les 24 heures suivant l'analyse
  • Marqueurs génétiques analysés : Conservés tant que votre compte est actif
  • Données de compte : Conservées tant que le compte est actif + 30 jours
  • Données de paiement : Selon les exigences légales (généralement 7 ans)

Exercer vos droits

Pour exercer l'un de vos droits RGPD, contactez notre délégué à la protection des données :

  • E-mail : privacy@fuelyourdna.com
  • Délai de réponse : Dans les 30 jours suivant la réception de votre demande
  • Vérification d'identité : Nous pouvons vous demander de vérifier votre identité avant de traiter certaines demandes

Autorité de contrôle

Si vous n'êtes pas satisfait de notre traitement de vos données, vous avez le droit de déposer une réclamation auprès de :

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Site web : www.cnil.fr

Mises à jour de cette politique

Nous révisons périodiquement nos pratiques de conformité RGPD. Toute modification importante vous sera notifiée par e-mail ou via notre service.

Dernière mise à jour : Janvier 2026

🇪🇺 DSGVO-Konformität

Ihre Rechte gemäß der Datenschutz-Grundverordnung

Our Commitment to GDPR

FuelYourDNA is fully committed to compliance with the General Data Protection Regulation (GDPR). As a company handling sensitive genetic data, we take data protection extremely seriously and have implemented comprehensive measures to protect your rights.

Lawful Basis

We process your data based on your explicit consent and contractual necessity to provide our service.

Data Minimization

We only collect data strictly necessary for providing our genetic nutrition analysis.

Storage Limitation

Raw DNA files are deleted after processing. We retain only essential analyzed data.

Security by Design

Privacy and security are built into every aspect of our service from the ground up.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right Description How to Exercise
Right of Access Request a copy of all personal data we hold about you Email privacy@fuelyourdna.com
Right to Rectification Correct any inaccurate or incomplete data Account settings or email
Right to Erasure Request deletion of all your data ("right to be forgotten") Account settings > Delete Account
Right to Portability Receive your data in a machine-readable format Account settings > Export Data
Right to Object Object to certain types of data processing Email privacy@fuelyourdna.com
Right to Restrict Limit how we process your data Email privacy@fuelyourdna.com
Withdraw Consent Withdraw your consent at any time Account settings or email

We will respond to all requests within 30 days as required by GDPR.

Special Category Data (Genetic Data)

Genetic data is classified as "special category data" under GDPR Article 9, which requires additional protections. We process your genetic data only with your explicit consent for the specific purpose of providing personalized nutrition recommendations.

Our Genetic Data Handling:

  • Raw DNA files are permanently deleted within 24 hours of analysis
  • Only relevant nutritional markers are retained (not your entire genome)
  • All genetic data is encrypted at rest using AES-256
  • Access is strictly limited to essential automated processes
  • Your genetic data is NEVER shared with third parties

Data Processing Activities

Data We Process

  • Account Data: Name, email, password (hashed) — for account management
  • Genetic Data: Uploaded DNA files, analyzed SNPs — for nutrition analysis
  • Payment Data: Transaction records (no card numbers) — for billing
  • Technical Data: IP address, browser info — for security and functionality

Legal Bases for Processing

  • Consent: For processing genetic data and marketing communications
  • Contract: For providing our analysis service
  • Legal Obligation: For tax and accounting records
  • Legitimate Interest: For security and fraud prevention

Data Transfers

Your data is primarily stored and processed within the European Union. If any data transfer outside the EU is necessary (e.g., for payment processing), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data processing agreements with all sub-processors

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected users without undue delay if the breach poses a high risk
  • Document the breach and remediation measures

Contact Our Data Protection Officer

Data Protection Officer

Email: privacy@fuelyourdna.com

Address: FuelYourDNA - DPO, Pornichet, France

Response Time: Within 30 days

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr

This page was last updated on January 6, 2026.

🇪🇺 Conformità GDPR

I tuoi diritti ai sensi del Regolamento generale sulla protezione dei dati

Our Commitment to GDPR

FuelYourDNA is fully committed to compliance with the General Data Protection Regulation (GDPR). As a company handling sensitive genetic data, we take data protection extremely seriously and have implemented comprehensive measures to protect your rights.

Lawful Basis

We process your data based on your explicit consent and contractual necessity to provide our service.

Data Minimization

We only collect data strictly necessary for providing our genetic nutrition analysis.

Storage Limitation

Raw DNA files are deleted after processing. We retain only essential analyzed data.

Security by Design

Privacy and security are built into every aspect of our service from the ground up.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right Description How to Exercise
Right of Access Request a copy of all personal data we hold about you Email privacy@fuelyourdna.com
Right to Rectification Correct any inaccurate or incomplete data Account settings or email
Right to Erasure Request deletion of all your data ("right to be forgotten") Account settings > Delete Account
Right to Portability Receive your data in a machine-readable format Account settings > Export Data
Right to Object Object to certain types of data processing Email privacy@fuelyourdna.com
Right to Restrict Limit how we process your data Email privacy@fuelyourdna.com
Withdraw Consent Withdraw your consent at any time Account settings or email

We will respond to all requests within 30 days as required by GDPR.

Special Category Data (Genetic Data)

Genetic data is classified as "special category data" under GDPR Article 9, which requires additional protections. We process your genetic data only with your explicit consent for the specific purpose of providing personalized nutrition recommendations.

Our Genetic Data Handling:

  • Raw DNA files are permanently deleted within 24 hours of analysis
  • Only relevant nutritional markers are retained (not your entire genome)
  • All genetic data is encrypted at rest using AES-256
  • Access is strictly limited to essential automated processes
  • Your genetic data is NEVER shared with third parties

Data Processing Activities

Data We Process

  • Account Data: Name, email, password (hashed) — for account management
  • Genetic Data: Uploaded DNA files, analyzed SNPs — for nutrition analysis
  • Payment Data: Transaction records (no card numbers) — for billing
  • Technical Data: IP address, browser info — for security and functionality

Legal Bases for Processing

  • Consent: For processing genetic data and marketing communications
  • Contract: For providing our analysis service
  • Legal Obligation: For tax and accounting records
  • Legitimate Interest: For security and fraud prevention

Data Transfers

Your data is primarily stored and processed within the European Union. If any data transfer outside the EU is necessary (e.g., for payment processing), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data processing agreements with all sub-processors

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected users without undue delay if the breach poses a high risk
  • Document the breach and remediation measures

Contact Our Data Protection Officer

Data Protection Officer

Email: privacy@fuelyourdna.com

Address: FuelYourDNA - DPO, Pornichet, France

Response Time: Within 30 days

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr

This page was last updated on January 6, 2026.

🇪🇺 Conformidade RGPD

Os seus direitos ao abrigo do Regulamento Geral sobre a Proteção de Dados

Our Commitment to GDPR

FuelYourDNA is fully committed to compliance with the General Data Protection Regulation (GDPR). As a company handling sensitive genetic data, we take data protection extremely seriously and have implemented comprehensive measures to protect your rights.

Lawful Basis

We process your data based on your explicit consent and contractual necessity to provide our service.

Data Minimization

We only collect data strictly necessary for providing our genetic nutrition analysis.

Storage Limitation

Raw DNA files are deleted after processing. We retain only essential analyzed data.

Security by Design

Privacy and security are built into every aspect of our service from the ground up.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right Description How to Exercise
Right of Access Request a copy of all personal data we hold about you Email privacy@fuelyourdna.com
Right to Rectification Correct any inaccurate or incomplete data Account settings or email
Right to Erasure Request deletion of all your data ("right to be forgotten") Account settings > Delete Account
Right to Portability Receive your data in a machine-readable format Account settings > Export Data
Right to Object Object to certain types of data processing Email privacy@fuelyourdna.com
Right to Restrict Limit how we process your data Email privacy@fuelyourdna.com
Withdraw Consent Withdraw your consent at any time Account settings or email

We will respond to all requests within 30 days as required by GDPR.

Special Category Data (Genetic Data)

Genetic data is classified as "special category data" under GDPR Article 9, which requires additional protections. We process your genetic data only with your explicit consent for the specific purpose of providing personalized nutrition recommendations.

Our Genetic Data Handling:

  • Raw DNA files are permanently deleted within 24 hours of analysis
  • Only relevant nutritional markers are retained (not your entire genome)
  • All genetic data is encrypted at rest using AES-256
  • Access is strictly limited to essential automated processes
  • Your genetic data is NEVER shared with third parties

Data Processing Activities

Data We Process

  • Account Data: Name, email, password (hashed) — for account management
  • Genetic Data: Uploaded DNA files, analyzed SNPs — for nutrition analysis
  • Payment Data: Transaction records (no card numbers) — for billing
  • Technical Data: IP address, browser info — for security and functionality

Legal Bases for Processing

  • Consent: For processing genetic data and marketing communications
  • Contract: For providing our analysis service
  • Legal Obligation: For tax and accounting records
  • Legitimate Interest: For security and fraud prevention

Data Transfers

Your data is primarily stored and processed within the European Union. If any data transfer outside the EU is necessary (e.g., for payment processing), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data processing agreements with all sub-processors

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected users without undue delay if the breach poses a high risk
  • Document the breach and remediation measures

Contact Our Data Protection Officer

Data Protection Officer

Email: privacy@fuelyourdna.com

Address: FuelYourDNA - DPO, Pornichet, France

Response Time: Within 30 days

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr

This page was last updated on January 6, 2026.

🇪🇺 Conformidad RGPD

Sus derechos bajo el Reglamento General de Protección de Datos

Our Commitment to GDPR

FuelYourDNA is fully committed to compliance with the General Data Protection Regulation (GDPR). As a company handling sensitive genetic data, we take data protection extremely seriously and have implemented comprehensive measures to protect your rights.

Lawful Basis

We process your data based on your explicit consent and contractual necessity to provide our service.

Data Minimization

We only collect data strictly necessary for providing our genetic nutrition analysis.

Storage Limitation

Raw DNA files are deleted after processing. We retain only essential analyzed data.

Security by Design

Privacy and security are built into every aspect of our service from the ground up.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right Description How to Exercise
Right of Access Request a copy of all personal data we hold about you Email privacy@fuelyourdna.com
Right to Rectification Correct any inaccurate or incomplete data Account settings or email
Right to Erasure Request deletion of all your data ("right to be forgotten") Account settings > Delete Account
Right to Portability Receive your data in a machine-readable format Account settings > Export Data
Right to Object Object to certain types of data processing Email privacy@fuelyourdna.com
Right to Restrict Limit how we process your data Email privacy@fuelyourdna.com
Withdraw Consent Withdraw your consent at any time Account settings or email

We will respond to all requests within 30 days as required by GDPR.

Special Category Data (Genetic Data)

Genetic data is classified as "special category data" under GDPR Article 9, which requires additional protections. We process your genetic data only with your explicit consent for the specific purpose of providing personalized nutrition recommendations.

Our Genetic Data Handling:

  • Raw DNA files are permanently deleted within 24 hours of analysis
  • Only relevant nutritional markers are retained (not your entire genome)
  • All genetic data is encrypted at rest using AES-256
  • Access is strictly limited to essential automated processes
  • Your genetic data is NEVER shared with third parties

Data Processing Activities

Data We Process

  • Account Data: Name, email, password (hashed) — for account management
  • Genetic Data: Uploaded DNA files, analyzed SNPs — for nutrition analysis
  • Payment Data: Transaction records (no card numbers) — for billing
  • Technical Data: IP address, browser info — for security and functionality

Legal Bases for Processing

  • Consent: For processing genetic data and marketing communications
  • Contract: For providing our analysis service
  • Legal Obligation: For tax and accounting records
  • Legitimate Interest: For security and fraud prevention

Data Transfers

Your data is primarily stored and processed within the European Union. If any data transfer outside the EU is necessary (e.g., for payment processing), we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Data processing agreements with all sub-processors

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Notify affected users without undue delay if the breach poses a high risk
  • Document the breach and remediation measures

Contact Our Data Protection Officer

Data Protection Officer

Email: privacy@fuelyourdna.com

Address: FuelYourDNA - DPO, Pornichet, France

Response Time: Within 30 days

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr

This page was last updated on January 6, 2026.