🇪🇺

GDPR Compliance

Regulation EU 2016/679 — General Data Protection Regulation

Legal Basis for Processing

We process your personal data under the following legal bases:

Contract performance — order processing, PDF report delivery
Legitimate interest — account security, fraud prevention
Legal obligation — accounting records (French law)
Consent — optional cookies, marketing communications

Special Category Data — Genetic Information (Article 9)

✅ Genetic data (Article 9 GDPR) is NEVER collected, transmitted, or stored by FindYourNeurotype. The Free DNA Analyzer processes all genetic data 100% locally in your browser using JavaScript — nothing is sent to our servers.

If a paid DNA analysis service is enabled in the future, genetic data would be processed transiently and deleted immediately after report generation — never retained beyond the processing session.

Your Rights Under GDPR

You may exercise the following rights at any time by contacting privacy@findyourneurotype.com:

Right	Description	Timeframe
Access	Copy of all data held	30 days
Rectification	Correct inaccurate personal data	30 days
Erasure	Delete account and all personal data	30 days
Portability	Export in JSON/CSV format	30 days
Objection	Object to specific processing activities	30 days

Data Transfers

We use Anthropic's Claude API (US-based) for AI report generation. Only anonymized test scores are transmitted — no name, email, or personal identifiers. This transfer is covered by Standard Contractual Clauses (SCCs) and Anthropic's GDPR compliance commitments.

Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

CNIL — Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
www.cnil.fr

Contact

Data Controller: J. Stephan — SIRET 511 058 869 00013 — Pornichet, France
Privacy Officer: privacy@findyourneurotype.com