Initializing Vogelview...

Performing medical cross-referencing...

Transparency, in plain English

What happens to your data — from the moment you upload to the moment it’s shredded.

No legalese. No buried clauses. This page walks through every step your DNA file or lab report takes inside Vogelview, and it tells you exactly where the off switch is at each stage.

Walk me through it Manage my data

Prefer the legal version? Privacy Policy · Security technical details · Terms of Service

Cascading delete

When you hit delete, your record goes through a real shredder — raw file, parsed variants, findings, all of it. Strips, not folders.

The five stops

Your data’s journey, step by step.

Step 01
You upload a file
It travels from your device to our servers over an encrypted tunnel (TLS 1.3). No one in between can read it — not your coffee-shop Wi-Fi, not us in transit.
Your raw file lands in a private folder that only your account can open. We label it with your user ID and a random token. If anyone ever peeked at the storage bucket directly, they would see locked boxes — no names, no emails, no lab details.
What you control
You can delete the file any time from Settings. One click, no approval needed.
Step 02
We read and interpret it
Our system opens the file, extracts the variants or biomarker values, and matches them against our curated knowledge base.
This is the only moment the data is "decoded" — and it happens inside a secured server process, not on your browser, and not on a third party. We never send your raw DNA or full lab results to any AI provider. We do send anonymous snippets (a trait name, a level bucket like "low" or "normal") to our AI backend so it can help write the plain-English explanation.
What you control
You can opt out of AI-enhanced summaries in Settings → Privacy. The template-based report still works without any AI call.
Step 03
We store the parsed results separately
After interpretation, your raw file and your parsed results live in two different places.
The raw file is cold storage — rarely touched after the first parse. The parsed results (your variants, biomarkers, and the rendered findings) live in a per-user locked Firestore collection. Everything sensitive is encrypted at rest with AES-256. We never use your real name or email as a database key — just an opaque user ID.
What you control
You can export everything as JSON or CSV at any time, and you can delete any single upload without losing your other reports.
Step 04
Only you see the report
When you open your report, a server process verifies your identity, unlocks your data, renders the report just for you, and sends it back over the same encrypted tunnel.
No other user can ever load your report, not even one who guesses your report ID. Every API request is verified server-side against your Firebase identity token. Admin staff cannot browse user reports casually — any production read is recorded in an audit log. Affiliate partners never see your data: we send them a click, they send us a paid-conversion ping. Nothing else.
What you control
You can generate a share link to send a report to your doctor or a family member. You choose whether it is view-only and when it expires. Revoke with one click.
Step 05
We shred it when you say so
Deletion is a cascade — the raw file, the parsed variants, the findings, the recommendations, the notifications tied to that report. All gone.
A permanent, irreversible purge starts the moment you click delete. Backups follow on a 30-day rolling window — once the window rolls past, nothing can be recovered. We do not keep a "just in case" copy. We do not keep a "for research" copy.
What you control
You can delete anything from one upload up to your entire account and every piece of history. The delete-account button actually deletes.

Retention windows

How long anything stays around.

Everything below either has a clear expiry or a one-click delete. Nothing is “kept forever just in case.”

What	How long	Why
While your account is active Your uploads and reports stay as long as you want them, or until you delete them.	You decide	Your uploads and reports stay as long as you want them, or until you delete them.
Auto-delete option Turn on an automatic shredder for uploads in Settings → Privacy. Great if you want to look once and move on.	30 / 90 / 365 days	Turn on an automatic shredder for uploads in Settings → Privacy. Great if you want to look once and move on.
Anonymous leads from the free quiz If you try the quiz without creating an account, your responses auto-delete after 30 days.	30 days	If you try the quiz without creating an account, your responses auto-delete after 30 days.
Account closed A cascading delete begins immediately. Encrypted backup rotation completes within 30 days.	Within 30 days	A cascading delete begins immediately. Encrypted backup rotation completes within 30 days.
Payment records Required by accounting regulations. No health data — only transaction IDs, amounts, and dates.	7 years	Required by accounting regulations. No health data — only transaction IDs, amounts, and dates.
Anonymous usage metrics Aggregate numbers (e.g. "400 reports generated this week") only. No individual data, no way to link back to you.	Retained	Aggregate numbers (e.g. "400 reports generated this week") only. No individual data, no way to link back to you.

Things we will never do

The short list of hard “no”s.

Sell your genetic or medical data to anyone — ever.

Share your data with insurers, employers, or pharma.

Use your data to target ads at you or anyone else.

Train AI models on your personal data without explicit opt-in.

Let affiliate partners see your data in any form.

Hold on to anything after you request deletion.

A few questions people actually ask.

When I click delete, is it really gone?: Yes. The moment you click delete, the file, the parsed variants, the derived findings, and any notifications tied to them are removed. Our backups rotate on a 30-day window and inherit the same deletion. After that window, nothing can be recovered — not by us, not by anyone.
Does your team read my DNA or lab results?: No. Production data access is restricted to a small on-call group and is audit-logged. Our day-to-day staff build features and fix bugs against anonymized test fixtures, not real user data.
Do AI providers get to see my raw data?: No. We send short, de-identified snippets (a trait name, a risk bucket, a reference range) so the AI can phrase the plain-English summary. Your raw genome, your full lab panel, your name, your email — none of that leaves our servers.
What if Vogelview gets hacked?: Our goal is that even a worst-case breach yields very little. Data is encrypted at rest, files are separated from parsed data, user IDs are opaque, and identifiers are not your real name. We detect unusual access patterns and would email every affected user within 72 hours of confirming an incident. Full technical details live on our security page.
Can I take my data with me?: Yes. Export your parsed results as JSON or CSV from Settings → Privacy → Export. A PDF copy of any report is one click away from the report page itself.

Still reading? Ask us anything.

If something on this page is unclear, that is our bug, not yours.

Email privacy questions, request a copy of everything we hold about you, or ask how a specific step works. We reply within three business days.

privacy@vogelview.health Manage my data →

Transparency, in plain English

What happens to your data — from the moment you upload to the moment it’s shredded.

No legalese. No buried clauses. This page walks through every step your DNA file or lab report takes inside Vogelview, and it tells you exactly where the off switch is at each stage.

Walk me through it Manage my data

Prefer the legal version? Privacy Policy · Security technical details · Terms of Service

Cascading delete

When you hit delete, your record goes through a real shredder — raw file, parsed variants, findings, all of it. Strips, not folders.

The five stops

Your data’s journey, step by step.

Step 01
You upload a file
It travels from your device to our servers over an encrypted tunnel (TLS 1.3). No one in between can read it — not your coffee-shop Wi-Fi, not us in transit.
Your raw file lands in a private folder that only your account can open. We label it with your user ID and a random token. If anyone ever peeked at the storage bucket directly, they would see locked boxes — no names, no emails, no lab details.
What you control
You can delete the file any time from Settings. One click, no approval needed.
Step 02
We read and interpret it
Our system opens the file, extracts the variants or biomarker values, and matches them against our curated knowledge base.
This is the only moment the data is "decoded" — and it happens inside a secured server process, not on your browser, and not on a third party. We never send your raw DNA or full lab results to any AI provider. We do send anonymous snippets (a trait name, a level bucket like "low" or "normal") to our AI backend so it can help write the plain-English explanation.
What you control
You can opt out of AI-enhanced summaries in Settings → Privacy. The template-based report still works without any AI call.
Step 03
We store the parsed results separately
After interpretation, your raw file and your parsed results live in two different places.
The raw file is cold storage — rarely touched after the first parse. The parsed results (your variants, biomarkers, and the rendered findings) live in a per-user locked Firestore collection. Everything sensitive is encrypted at rest with AES-256. We never use your real name or email as a database key — just an opaque user ID.
What you control
You can export everything as JSON or CSV at any time, and you can delete any single upload without losing your other reports.
Step 04
Only you see the report
When you open your report, a server process verifies your identity, unlocks your data, renders the report just for you, and sends it back over the same encrypted tunnel.
No other user can ever load your report, not even one who guesses your report ID. Every API request is verified server-side against your Firebase identity token. Admin staff cannot browse user reports casually — any production read is recorded in an audit log. Affiliate partners never see your data: we send them a click, they send us a paid-conversion ping. Nothing else.
What you control
You can generate a share link to send a report to your doctor or a family member. You choose whether it is view-only and when it expires. Revoke with one click.
Step 05
We shred it when you say so
Deletion is a cascade — the raw file, the parsed variants, the findings, the recommendations, the notifications tied to that report. All gone.
A permanent, irreversible purge starts the moment you click delete. Backups follow on a 30-day rolling window — once the window rolls past, nothing can be recovered. We do not keep a "just in case" copy. We do not keep a "for research" copy.
What you control
You can delete anything from one upload up to your entire account and every piece of history. The delete-account button actually deletes.

Retention windows

How long anything stays around.

Everything below either has a clear expiry or a one-click delete. Nothing is “kept forever just in case.”

What	How long	Why
While your account is active Your uploads and reports stay as long as you want them, or until you delete them.	You decide	Your uploads and reports stay as long as you want them, or until you delete them.
Auto-delete option Turn on an automatic shredder for uploads in Settings → Privacy. Great if you want to look once and move on.	30 / 90 / 365 days	Turn on an automatic shredder for uploads in Settings → Privacy. Great if you want to look once and move on.
Anonymous leads from the free quiz If you try the quiz without creating an account, your responses auto-delete after 30 days.	30 days	If you try the quiz without creating an account, your responses auto-delete after 30 days.
Account closed A cascading delete begins immediately. Encrypted backup rotation completes within 30 days.	Within 30 days	A cascading delete begins immediately. Encrypted backup rotation completes within 30 days.
Payment records Required by accounting regulations. No health data — only transaction IDs, amounts, and dates.	7 years	Required by accounting regulations. No health data — only transaction IDs, amounts, and dates.
Anonymous usage metrics Aggregate numbers (e.g. "400 reports generated this week") only. No individual data, no way to link back to you.	Retained	Aggregate numbers (e.g. "400 reports generated this week") only. No individual data, no way to link back to you.

Things we will never do

The short list of hard “no”s.

Sell your genetic or medical data to anyone — ever.

Share your data with insurers, employers, or pharma.

Use your data to target ads at you or anyone else.

Train AI models on your personal data without explicit opt-in.

Let affiliate partners see your data in any form.

Hold on to anything after you request deletion.

A few questions people actually ask.

When I click delete, is it really gone?: Yes. The moment you click delete, the file, the parsed variants, the derived findings, and any notifications tied to them are removed. Our backups rotate on a 30-day window and inherit the same deletion. After that window, nothing can be recovered — not by us, not by anyone.
Does your team read my DNA or lab results?: No. Production data access is restricted to a small on-call group and is audit-logged. Our day-to-day staff build features and fix bugs against anonymized test fixtures, not real user data.
Do AI providers get to see my raw data?: No. We send short, de-identified snippets (a trait name, a risk bucket, a reference range) so the AI can phrase the plain-English summary. Your raw genome, your full lab panel, your name, your email — none of that leaves our servers.
What if Vogelview gets hacked?: Our goal is that even a worst-case breach yields very little. Data is encrypted at rest, files are separated from parsed data, user IDs are opaque, and identifiers are not your real name. We detect unusual access patterns and would email every affected user within 72 hours of confirming an incident. Full technical details live on our security page.
Can I take my data with me?: Yes. Export your parsed results as JSON or CSV from Settings → Privacy → Export. A PDF copy of any report is one click away from the report page itself.

Still reading? Ask us anything.

If something on this page is unclear, that is our bug, not yours.

Email privacy questions, request a copy of everything we hold about you, or ask how a specific step works. We reply within three business days.

privacy@vogelview.health Manage my data →

What happens to your data — from the moment you upload to the moment it’s shredded.

Your data’s journey, step by step.

You upload a file

We read and interpret it

We store the parsed results separately

Only you see the report

We shred it when you say so

How long anything stays around.

The short list of hard “no”s.

A few questions people actually ask.

If something on this page is unclear, that is our bug, not yours.

What happens to your data — from the moment you upload to the moment it’s shredded.

Your data’s journey, step by step.

You upload a file

We read and interpret it

We store the parsed results separately

Only you see the report

We shred it when you say so

How long anything stays around.

The short list of hard “no”s.

A few questions people actually ask.

If something on this page is unclear, that is our bug, not yours.