MY DNA MAP S.L. hereby informs users of the web page about its policy regarding processing and protection of personal data from users and clients that may be collected as they browse the website, purchase products or hire services through its website. MY DNA MAP S.L. ensures compliance with current regulations regarding personal data protection, contemplated in Organic Act 15/1999 of 13th December on Personal Data Protection and Royal Decree 1720/2007, of 21st December, approving the Development Regulation of the LOPD, and in the General Data Protection Regulation (GDPR) (EU) 2016/679.



In compliance with current personal data protection legislation, users are hereby informed that MY DNA MAP, S.L. has adopted technical and organisational measures in accordance with the provisions of said regulations.


At MY DNA MAP, S.L. we are committed to preservation of privacy and security of personal and genetic information of users throughout the whole process. Personal data collected in forms are only processed by MY DNA MAP S.L. staff or by Data Processors herein established.

We have designed and implemented a set of organisational and technological measures to avoid loss, theft, modification, improper use, alteration, dissemination or unauthorised use of the information provided by users. Some of these measures include:

-Promote awareness and training regarding information security to the whole team.

-Confidentiality agreements

-Password policies.

-Backup systems.

-Encryption of information.


Also, inside our team we have a Data Protection Officer (DPO) as provided for in the General Data Protection Regulation (GDPR) of the European Union, in charge of ensuring compliance with regulations and supervision of all processes.

In case of infiltration by an unauthorised person or system, both the user and the Agencia Española de Protección de Datos shall be promptly notified.


Data security:

MY DNA MAP S.L. shall store users’ data in three different platforms, that include, respectively:

· Personal data

· Genome Data

· Medical data, geographical data, life habits

MY DNA MAP S.L shall not be able, under any circumstances, to relate users’ personal data to their other data.  

Only users, making use of their personal keys, may be able to link their identity to their genetic profile. Users are responsible for keeping their keys confidential, as well as all the activities that take place while they are logged in with their names and keys.

If the user loses his/her keys, a molecular identification test must be performed to find a match between the user and his/her genetic profile and generate new keys. The costs of this analysis shall be on account of the user.


MY DNA MAP S.L. uses several security measures to protect personal information, however, no method of transmission over the Internet is 100% secure. Although we use all appropriate means to protect your personal information, we cannot guarantee its complete security.


Anonymity of the sample:

Personal identification data of the user shall be separated from genomic/medical data, so that anonymity is guaranteed as a general rule.


Users hereby represent that data provided is true and correct and undertake to keep it updated and to inform MY DNA MAP, S.L. of any modification to them. Users shall be liable for the accuracy of their data and shall be solely liable for any conflicts or disputes that may arise due to falseness of said data. In order for us to keep personal data updated, users must inform MY DNA MAP S.L. in case there is any changes to the data provided. Otherwise, we will not be able to guarantee their accuracy.


LOPD and GDPR offer Data Subjects the possibility of exercising a number of rights regarding personal data processing. As far as users’ data are processed by MY DNA MAP S.L., users may exercise their rights. To do so, users may contact us, providing documents accrediting their identity (ID card or passport), via e-mail at ,or by written notice to the address stated in our legal notice. Said notice must include the following information: User name and surname, request, address and identification data.

Users themselves must exercise their own rights. However, they may be exercised by a person authorised as legal representative by the user. In this case, such representation must be proved by the relevant documentation.

Users may request exercise of the following rights:

§  Right to access personal data.

§  Right to request rectification (if they are incorrect) or deletion.

§  Right to request limitation of their processing, in which case they shall be held by MY DNA MAP order to lodge or defend claims.

§  Right to oppose to the processing: MY DNA MAP S.L. shall stop processing your data, unless they must be processed due to legitimate reasons or to defend legal claims.

§  Right to portability of data: in case you wish your data to be processed by another company, MY DNA MAP S.L. shall provide portability of your data to the new processor.

If consent has been given for a specific purpose, users have the right to withdraw their consent at any time, and this shall not affect the legality of processing based on such consent prior to its withdrawal.

If users believe there is a problem in the way MY DNA MAP S.L. is processing their data, they may address their claims to the Security Manager or to the relevant data protection authority, which, in the case of Spain, is the Agencia Española de Protección de Datos.



Disaggregated data shall be held without deletion deadline. Regarding users’ personal data, the conservation period may vary depending on the service hired by the user. In all events, it shall be the minimum needed to comply with the purpose for which they were collected, even in order to comply with any legal, tax, accounting or reporting requirement.

Mailing lists users shall be kept until users withdraw their consents.


MY DNA MAP S.L. is required to inform users of its web page on collection of personal data that may take place, either during e-mail sending or when filling in forms included on the web site. In this sense, MY DNA MAP, S.L. shall be considered the Controller of any data collected using said means.

Also, MY DNA MAP, S.L. hereby informs users that the purpose of the processing of data collected is to respond to requests by users, inclusion in the contacts database, provision of products or services and management of the business relationship. Any operations, procedures and technical processes performed in an automated or not automated way, and that allow for collection, storage, modification, transfer and other actions on personal data, are considered Processing of personal data.

MY DNA MAP S.L. makes available to users a number of telematic mechanisms to collect and process their personal data for the above-mentioned purposes. Personal data provided by telematic means, either by e-mail, through contact forms included on the website or through online hiring, shall be used for commercial and administrative management of users.

Data relating to e-mail address and name shall be entered into our database for sending commercial communications and manage subscription to the services requested by the user.

You may unsubscribe at any time by clicking on the link included in all our communications, or by sending a request for exercise of your right to the Data Processor or to MY DNA MAP S.L.

Our e-mail service provider is Office 365 by Microsoft Corporation. E-mail shall be the means we use to communicate with you.

As provided for in the LSSICE, MY DNA MAP S.L. undertakes not to send commercial communications without identifying them as such. To these effects, information sent to clients to maintain the existing contractual relationship shall not be considered commercial communication.

In all events, only data that is necessary for performance of the service contracted or to adequately answer information requests by the users shall be collected.

Occasionally, personal data shall be provided through links to third-party web pages. In these cases, MY DNA MAP S.L. shall not have access to personal data that users provide to said third parties.




MY DNA MAP S.L. shall not transfer or communicate your data to third parties, except in those cases provided by law or when provision of a service implies the need for a contractual relationship with a data processor; and, in any case, in accordance with the general conditions approved by the user prior to contracting.

Thus, by contracting our services, users accept that some of these may be, wholly or partially, subcontracted to other people or companies, which shall be considered Data Processors, that have subscribed the relevant confidentiality agreement or privacy policies, established in their relevant websites. Users also agree that some of the personal data collected be transferred to these Data Processors, whenever this is necessary for the effective performance of the service contracted. Users may refuse to their data being transferred to Processors, by written request, using any of the above-mentioned means.


Information provided by clients shall be considered confidential in all cases, and it cannot be used for any purposes other than those related to the services contracted or products purchased from MY DNA MAP S.L. MY DNA MAP S.L. undertakes to not disclose or reveal information on users’ intentions, the reasons for the counselling or the duration of their relationship.


In case of merger, takeover or sale of assets by the Company, we shall request all entities involved to comply with the important provisions of our privacy policy at the time of executing said business transaction.




The owner of this website may change this Privacy Policy according to legal or regulatory requirements or in order to adapt said policy to the directions issued by Agencia Española de Protección de Datos. Consequently, users are encouraged to review it from time to time.