DNAi Privacy Policy
Last Updated: March 20261. Introduction
DNAi ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our app and the choices you have associated with that data.
By accessing or using our App, you agree to the terms of this Privacy Policy. If you disagree, discontinue use immediately.
2. Information We Collect
2.1 Directly Provided Information
・Account & Identity: Email address, username, digital signatures.
・Health Data: Health reports and HealthKit data (e.g., Heart Rate, Sleep Data).
2.2 Automatically Collected Information
・Technical Data: IP address, device identifiers, browser type, operating system, network logs.
・Usage Data: Service interactions (e.g., API calls, data transactions).
2.3 Sensitive Information
We may collect:
・Health Data: For personalized reports (with explicit consent, such as HealthKit data).
3. Purposes of Data Use
Your information is used to:
・Deliver Services: Provide and maintain the app, allow you to participate in interactive features of our app when you choose to do so, provide customer care and support.
・Research & Development: Analyze anonymized data via zero-knowledge machine learning (zkML).
・Fraud Prevention: Detect cheating, stolen accounts, or suspicious activity using location and behavioral data.
・Compliance: Meet legal obligations under GDPR, HIPAA, AML/CTF Act 2006 (Cth), and other regulations.
4. AI Services & Automated Processing
DNAi provides AI-powered analysis and personalized insights through third-party artificial intelligence service providers.
4.1 Use of AI Services
When you voluntarily use AI-powered features, certain data you choose to submit may be securely transmitted to our AI service providers for processing.
This may include:
・Health and analysis reports
・Genetic data (including VCF files you upload)
・Wearable device data
・Brain-computer interface data (including sleep and meditation data)
・Chat messages and questionnaire responses
Data is transmitted only when you actively use AI features.
4.2 Purpose of Processing
AI processing is used solely to:
・Generate personalized insights and reports
・Provide automated responses within the App
・Assist with interpretation of health and genetic information
We do not sell personal data.
We do not use genetic, health, or chat data for advertising purposes.
Genetic and health-related data are not used for AI model training.
4.3 AI Service Providers
AI-related data may be processed by one or more of the following service providers, depending on system routing and feature requirements:
・OpenAI (AI service provider)
・DeepSeek (AI service provider)
These providers process data solely on our behalf to generate analysis and responses within the App.
Each provider is contractually obligated to provide the same or higher level of data protection as required under applicable privacy laws.
We do not authorize these providers to use your data for their independent purposes.
4.4 User Consent
Explicit user consent is obtained before any personal data is transmitted to an AI service provider.
You may withdraw consent at any time in the App settings. If consent is withdrawn, AI features will be unavailable.
5. Data Sharing & Disclosure
We share information only when necessary:
・Service Providers: Payment processors, cloud storage providers, AI service providers (including OpenAI and DeepSeek), auditors.
・Legal Requirements: Respond to court orders, government requests, or protect user safety.
All third parties sign data protection agreements compliant with GDPR, HIPAA, and other standards.
6. Data Storage & Security
・Technical Safeguards: AES-256 encryption for health data; zero-knowledge proofs (zkML) for anonymous analysis.
・Organizational Measures: Restricted employee access, regular security audits, and bug bounty programs.
・Retention: Data is retained only as long as necessary and securely deleted afterward.
7. International Data Transfers
Data may be stored or processed globally. Transfers comply with GDPR Article 46 mechanisms (e.g., Standard Contractual Clauses).
AI service providers may process data in jurisdictions outside your country of residence. Such transfers comply with applicable legal safeguards, including Standard Contractual Clauses where required.
8. User Rights
You have the right to:
・Access/Correct Data: Review or update information via your account dashboard.
・Delete Data: Request removal of non-blockchain records.
・Withdraw Consent: Revoke data access via ERC-5484 protocol.
・Object to Processing: Opt-out of specific data uses.
To exercise rights, contact: support@dnai.network.
9. Children's Privacy
Our Services are not intended for users under 18. We delete inadvertently collected child data.
10. Compliance Statements
・GDPR: EU/UK users may contact our Data Protection Officer (DPO) at support@dnai.network.
・HIPAA: Health data is encrypted and access-controlled.
・CCPA: California residents may request data collection details.
11. Policy Updates
Changes will be notified via email or platform announcements. Significant updates include a 30-day review period.
12. Contact Us
For questions or complaints:
・General Inquiries: support@dnai.network
・Legal Team: support@dnai.network
・Data Protection Officer: support@dnai.network