Last Updated: January 1, 2026

Consumer Health Data Privacy Policy


This Consumer Health Data Privacy Policy is provided in compliance with the Washington My Health My Data Act (MHMDA), RCW 19.373, and similar state consumer health data privacy laws. This is a standalone document as required by law and must be linked from the SoDNAscan homepage.

This policy supplements our general Privacy Policy and applies to all consumer health data collected, used, or shared by SoDNAscan.


1. About SoDNAscan

SoDNAscan is operated by Samuel Virag, a sole proprietorship.

SoDNAscan provides a wellness platform that generates personalized Health Books using AI-powered analysis of genetic data, blood work, wearable health data, and self-reported health information.


2. Categories of Consumer Health Data Collected

SoDNAscan collects the following categories of consumer health data:

2.1 Genetic Data

2.2 Blood Work Data

2.3 Wearable Health Data

2.4 Self-Reported Health Information

2.5 Health Insights Derived by AI


3. Sources of Health Data

All consumer health data is collected directly from you through the following mechanisms:

Source Data Type
File upload Genetic files (23andMe/AncestryDNA format), blood work PDFs, wearable device exports (XML, ZIP, CSV)
Text input Pasted blood work results, health history, family history, demographics, goals
AI processing Health insights derived by analyzing your uploaded data with AI

SoDNAscan does not purchase, receive, or infer consumer health data from third-party sources.


4. Purposes of Collection, Use, and Sharing

Consumer health data is collected and used for the following purposes:

Purpose Description
Service delivery Parsing, storing, and analyzing your health data to generate your personalized Health Book
AI processing Transmitting your health data to Anthropic's Claude API for analysis and report generation
Blood work extraction Using AI to extract structured biomarker data from uploaded PDFs or pasted text
Data storage Storing your health data in our database and file storage systems for your ongoing access
Account management Maintaining your user profile and health data in association with your account
Security Protecting the integrity and confidentiality of your health data

We do not use consumer health data for:


5. Third Parties Receiving Consumer Health Data

The following third parties receive consumer health data from SoDNAscan. Each is identified by name as required by MHMDA:

Anthropic, PBC

Supabase, Inc.

Stripe, Inc.

No other third parties receive consumer health data from SoDNAscan.


6. Consent

6.1 Consent for Collection

SoDNAscan collects consumer health data only when you actively upload files or enter information. No health data is collected passively or without your direct action.

6.2 Consent for AI Processing

AI-powered analysis of your health data requires your explicit, separate consent via our Data Use Policy. You may use your SoDNAscan account without enabling AI features.

6.3 No Sale of Consumer Health Data

SoDNAscan does not sell consumer health data. Any future sale of consumer health data would require a separate, signed authorization from you — which we have no plans to request.


7. Consumer Rights

Under MHMDA and applicable state consumer health data privacy laws, you have the following rights:

7.1 Right to Access

You may request a copy of all consumer health data we have collected about you. We will provide this data in a structured, machine-readable format.

7.2 Right to Deletion

You may request deletion of all consumer health data we hold. Deletion:

7.3 Right to Know Third Parties

You may request a list of all third parties to whom we have shared your consumer health data. See Section 5 of this policy for the current complete list.

7.4 Right to Withdraw Consent

You may withdraw consent for any purpose at any time. Withdrawal does not affect the lawfulness of processing that occurred before withdrawal.


8. How to Exercise Your Rights

To exercise any of the rights described in this policy:

We will acknowledge your request within 10 business days and complete it within 30 calendar days.


9. Enforcement

MHMDA provides consumers with a private right of action for violations of this policy. You may bring legal action in Washington state courts without first filing a complaint with a regulatory agency.


10. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be communicated by email and by updating the "Last Updated" date.


11. Contact