Privacy Policy
Effective March 28, 2026
DNAForge (“we,” “our,” “us”) is operated by Peter Ciaccia. This policy describes how we collect, use, and protect your information when you use our website (dnaforge.com), desktop application, and related services.
1. Information We Collect
Beta access. When you redeem an invite code, we collect your email address and basic platform information to manage the beta program and communicate updates.
Account data. If you create an account via GitHub or Google OAuth, we receive and store your display name, email address, and avatar URL as provided by the identity provider.
Feedback. When you submit feedback from the desktop app, we store your message along with your app version, platform, and an anonymous installation identifier.
Analytics. We use PostHog to understand how the product is used. We identify devices using a one-way hash of the system hostname. Autocapture and session recording are disabled. No personal information is collected through analytics.
Error reporting. We use Sentry to capture crash reports including stack traces and device context. Error replays are recorded only when an error occurs. No personal information is included in crash reports.
2. How We Use Your Information
We use the information we collect to operate and improve DNAForge, communicate with beta testers, diagnose and fix bugs, and understand how the product is used. We do not sell, rent, or share your personal information with third parties for marketing purposes.
3. Third-Party Services
We rely on the following services to operate DNAForge. Each processes data in accordance with its own privacy policy.
| Service | Purpose | Location |
|---|---|---|
| Supabase | Database, authentication, file storage | United States |
| PostHog | Product analytics | United States |
| Sentry | Error tracking | United States |
| Cloudflare | DNS, CDN, download hosting | Global |
| Vercel | Website hosting | United States |
4. Desktop Application
DNAForge is local-first. Your sequences, projects, and workspace data are stored on your machine in a local database and are never transmitted to our servers. Data leaves your device only when you explicitly submit feedback or publish a design to the Genome Design Commons.
5. Cookies
We use a single session cookie for authentication. We do not use advertising or tracking cookies. Analytics data is stored in memory only, not persisted via cookies.
6. Data Security
All data is transmitted over HTTPS. Database access is protected by row-level security policies and service-role authentication. Access codes are stored as one-way SHA-256 hashes. We follow industry-standard practices to protect your information, though no method of transmission or storage is completely secure.
7. Children's Privacy
DNAForge is designed for researchers, students, and professionals in molecular biology. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it promptly.
8. Your Rights
You may request access to, correction of, or deletion of your personal data at any time by contacting us. We will respond to all requests within 30 days. If you are located in the European Economic Area, you may also have the right to data portability and the right to lodge a complaint with a supervisory authority.
9. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you via email or through the application. The effective date at the top of this page indicates when the policy was last revised.
10. Contact
For questions about this policy or to exercise your data rights, contact us at peter@dnaforge.com.
Cookie Preferences
You can update your analytics preference at any time.