Last updated: February 2026
This Privacy Policy explains how DecodeLabs Ltd ("we", "us", "our") handles information in connection with BioDecode and the biodecode.io website.
The key point: BioDecode processes your genetic data entirely on your local machine. We never receive, access, store, or transmit your genomic data.
DecodeLabs Ltd is a company registered in England and Wales. We are the provider of BioDecode, a downloadable desktop application for genomic variant analysis.
Email: hello@biodecode.io
BioDecode processes VCF (Variant Call Format) files containing genomic variant data. This processing happens entirely on your local machine. Specifically:
We have no access to your genetic data, your VCF files, or the reports generated by the Software. We are not a data controller or processor of your genetic data.
We collect limited data through our website and payment process:
| Data Type | Source | Purpose | Lawful Basis (GDPR) |
|---|---|---|---|
| Name, email address | Purchase via Stripe | Order fulfillment, download delivery | Contract performance |
| Payment information | Stripe | Payment processing | Contract performance |
| IP address, browser info | Website visit | Security, analytics | Legitimate interest |
We do not collect, store, or process any genetic data, VCF files, health information, or analysis results.
Payments are processed by Stripe, a PCI-compliant payment processor. Your payment information is handled directly by Stripe. We do not have access to your full credit card or payment details — only a transaction reference, your name, and email for order fulfillment.
Stripe's privacy policy applies to payment processing: stripe.com/privacy
BioDecode includes a Markdown export feature that generates de-identified variant reports (containing only gene names, positions, and ClinVar classifications — no personally identifiable information). If you choose to share this Markdown file with a third-party AI service (such as ChatGPT, Claude, or Gemini), you do so voluntarily and at your own discretion. We are not responsible for how those services handle data you share with them.
Our website uses only essential cookies required for the website to function. We do not use advertising or tracking cookies. If we implement analytics in the future, we will update this policy and implement a cookie consent mechanism.
Depending on your location, you may have the following rights regarding the personal data we hold (purchase information):
To exercise any of these rights, contact us at hello@biodecode.io.
You have the right to know what personal information we collect and how we use it, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.
Our lawful bases for processing are contract performance (purchase fulfillment) and legitimate interest (website security). You have the right to lodge a complaint with your local supervisory authority (in the UK: the Information Commissioner's Office at ico.org.uk).
Purchase records (name, email, transaction details) are retained for as long as required by applicable tax and accounting laws (typically 6 years in the UK). Website server logs are retained for 90 days.
We use industry-standard security measures to protect the limited personal data we hold. Since we do not store genetic data, there is no genetic data to breach.
BioDecode is not intended for use by individuals under 18. We do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. The "Last updated" date at the top indicates when changes were last made.
For privacy questions or to exercise your data rights:
DecodeLabs Ltd
Email: hello@biodecode.io