Privacy Policy

We collect the following categories of information:

We use your information for the following purposes:

• Creating and displaying your emotional profile and personality analysis
• Providing AI-powered coaching, personalized insights, and profile comparisons
• Processing payments and managing your subscription
• Improving our services, algorithms, and user experience
• Providing customer support and responding to your inquiries
• Fulfilling legal obligations and enforcing our terms of service
• Sending transactional emails (verification codes, subscription confirmations)

SenseDNA uses artificial intelligence to generate emotional profiles, coaching content, and comparative insights. Here is how your data is processed by AI:

• Quiz responses and profile data are sent to our AI API services for analysis.
• AI is used for profile generation, personalized coaching recommendations, and profile comparisons.
• Our AI service providers do not use API data to train their models. Data sent via API is subject to their data processing agreements and API data usage policies.
• Data sent to AI providers uses your internal profile ID. Your name, email address, and other directly identifying information are not sent to AI providers.
• AI-generated results are cached for up to 30 days in our cache layer to improve performance and reduce redundant processing.

We use the following third-party service providers to operate SenseDNA. Each provider processes only the data necessary for their specific function:

We retain your data for the following periods:

• Account information: retained until you delete your account
• Quiz responses and answers: retained until you delete your account
• Emotional profile and dimension scores: retained until you delete your account
• AI-generated cache (coaching, insights): 30 days (Redis TTL auto-expiry)
• Payment records: 7 years (as required by financial regulations and tax law)
• Server and application logs: 90 days

When you delete your account, all personal data is permanently removed from our active databases. Backup copies may persist for up to 30 days before being automatically purged.

GDPR Rights (EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: You can request a copy of all personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate personal data.
• Right to Erasure: You can request deletion of your personal data ("right to be forgotten").
• Right to Restriction: You can request that we limit how we process your data.
• Right to Data Portability: You can request your data in a structured, machine-readable format.
• Right to Object: You can object to processing of your personal data for specific purposes.

CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about what personal data we collect, use, and share.
• Right to Delete: You can request deletion of your personal data.
• Right to Opt-Out of Sale: We do NOT sell your personal data to third parties.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

All Users

Regardless of your location, you can exercise the following rights:

• Delete your account: Go to Settings > Delete Account
• Export your data: Go to Settings > Export Data (JSON format)
• Contact us: Email [email protected] with any privacy-related request

We will respond to all rights requests within 30 days. If we need additional time, we will notify you of the extension and the reason.

We implement the following security measures to protect your personal data:

• All data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
• Database access is protected by Row Level Security (RLS), ensuring users can only access their own data.
• API endpoints are protected by rate limiting to prevent abuse and unauthorized access.
• Authentication cookies are signed using HMAC to prevent tampering.
• Passwords are hashed using bcrypt. We never store plaintext passwords.
• Server-side middleware validates authentication on every protected request.
• We maintain a banned user system to prevent access by terminated accounts.

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using commercially reasonable measures.

We use the following cookies to operate SenseDNA:

Third-party cookies may be set by our payment processor and hosting provider (if analytics are enabled). These cookies are subject to the respective providers' cookie policies.

SenseDNA is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13, we will take immediate steps to delete that information from our servers. If you believe that a child under 13 has provided us with personal information, please contact us immediately at [email protected].

Your personal data is stored and processed on servers located in the United States.

For users in the European Union, data transfers to the United States are conducted in compliance with applicable data protection laws, including the use of Standard Contractual Clauses (SCCs) where required.

Our AI service providers also process data in the United States and maintain their own data protection agreements compliant with international standards.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

For significant changes, we will notify you by email before the changes take effect.

Your continued use of SenseDNA after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us: