Browse

Want to chat?

Call us toll free +1 789 2000

Social

Privacy Policy

Privacy Policy

Effective Date: December 05, 2025

Oracle Genomics
20 Gainsborough Dr, Athlone, Durban North, 4051, South Africa
Phone: +27 6412 56421
Email: info@oraclegenomics.com

1. Introduction

At Oracle Genomics, we recognize that your genetic data is your most personal property. We are committed to protecting the privacy and security of your personal, medical, and genetic information. This Privacy Policy outlines how we collect, use, store, and protect your data in compliance with South Africa’s Protection of Personal Information Act (POPIA) and applicable international standards.

2. Information We Collect

2.1 Personal and Medical Information
When you use our services, we may collect the following:

  • Personal Identifiers: Name, South African ID or Passport number, date of birth, physical address, email address, and phone number.

  • Health Information: Medical history, family history, medication details, and information provided by your referring doctor (if applicable).

  • Payment Information: Billing address and payment records (processed securely via third-party payment gateways).

2.2 Genetic Data
We collect and generate:

  • Biological Samples: Saliva, buccal swabs, or blood samples provided for testing.

  • Raw Genetic Data: The uninterpreted sequence of your DNA generated by our sequencing machines.

  • Genetic Reports: Interpreted results relating to ancestry, health predispositions, carrier status, or paternity.

3. Consent and Authorization

3.1 Obtaining Consent
We operate on a model of informed, specific consent. You will be asked to provide separate consents for:

  1. Testing: Authorization to process your sample and generate a report.

  2. Storage: Permission to store your sample or data for future use (Biobanking).

  3. Research: Optional consent to use de-identified data for internal research or scientific studies.

3.2 Anonymous Testing
For “Peace of Mind” tests, you may request to use a pseudonym. However, for Legal/Court-Admissible tests (e.g., paternity for maintenance or Home Affairs), we are legally required to verify the identity of all participants using official government ID documents.

4. How We Use Your Information

4.1 Internal Use

  • Service Delivery: To process your sample, analyze your DNA, and generate your requested reports.

  • Quality Control: To monitor laboratory performance and ensure accuracy.

  • Communication: To send you status updates and release your results.

4.2 Research and Development
We will never use your data for research, AI model training, or product development without your explicit, separate consent. If you consent, your data will be fully de-identified (stripped of personal identifiers) before being used in any study.

5. Data Sharing and Third Parties

5.1 Medical Providers
We do not share your results with your doctor or hospital unless you explicitly authorize us to do so during the registration process or in writing.

5.2 Insurance and Employers

  • Absolute Prohibition: We do not sell, trade, or share your genetic data with insurance companies, employers, medical aids, or pharmaceutical companies.

  • Impact on Insurance: Your results remain confidential. However, please note that under South African insurance law, if you apply for new life or disability cover, you may have a duty to disclose known genetic information if asked. This is your responsibility; we will not voluntarily disclose it.

5.3 Government and Law Enforcement
We will only disclose your personal or genetic information to government authorities or law enforcement if compelled to do so by a valid court ordersubpoena, or search warrant issued by a South African court.

6. Identifiability and De-identification

6.1 De-identification Process
Upon receipt at our laboratory, your sample is assigned a unique barcode. Your personal information (name, ID) is stored in a separate, encrypted database (Information Management System) distinct from the genetic data (Laboratory Information System).

6.2 Re-identification Risk
While we strip identifiers for analysis, the raw genetic code itself is unique to you. We strictly control the “key” that links the barcode back to your personal identity. This key is accessible only to authorized senior personnel (e.g., Laboratory Director, Information Officer).

7. Security and Storage

7.1 Data Protection Measures

  • Encryption: All data is encrypted both in transit (using TLS/SSL) and at rest (AES-256 encryption) on our servers.

  • Access Control: We utilize strict role-based access controls. Only the technicians directly involved in your case can access your sample data.

  • Audits: We conduct regular security audits and vulnerability assessments to prevent hacking or unauthorized access.

7.2 Data Location and Cross-Border Transfer
Your data is primarily stored on secure servers within South Africa. If specialized testing requires collaboration with international partner laboratories (e.g., in the USA or Europe), we ensure they are bound by data protection laws (like GDPR or HIPAA) that offer protection equivalent to or stronger than POPIA.

8. Sample and Data Retention

8.1 Biological Samples

  • Standard Practice: Physical samples are typically destroyed 3 months after the final report is issued, in accordance with standard laboratory biohazard disposal protocols.

  • Biobanking: If you consent to storage, we may retain samples for a longer period as agreed upon. You may request the destruction of your sample at any time by contacting us.

8.2 Data Retention
We retain your genetic reports and account information for a minimum period as required by the National Health Act and pathology regulations (typically 5–10 years) to allow for future report retrieval or legal verification. After this period, or upon your request (where legally permissible), data is securely deleted.

9. Your Rights and Control

Under POPIA, you have the following rights:

  • Right to Access: You may request a copy of your personal data, lab reports, and in some cases, your raw genetic data files.

  • Right to Correction: You may update or correct any personal information that is inaccurate.

  • Right to Deletion (“Right to be Forgotten”): You may request the deletion of your account and genetic data. Note that we may be required by law to retain certain medical records for a specific statutory period even after your request.

  • Right to Withdraw Consent: You may withdraw your consent for research or biobanking at any time. This will prevent future use of your data, though data already anonymized and included in completed studies cannot be retrieved.

  • Opt-Out: You can opt out of marketing communications at any time via the “unsubscribe” link in our emails.

10. Data Breach Protocol

In the unlikely event of a data breach that compromises your personal or genetic information, Oracle Genomics will:

  1. Notify the Information Regulator of South Africa.

  2. Notify you directly via email or phone as soon as reasonably possible.

  3. Take immediate steps to contain the breach and prevent further unauthorized access.

11. Changes to This Policy

We review and update this Privacy Policy regularly to reflect changes in legislation or our business practices. Significant changes will be communicated to you via email or a prominent notice on our website.

Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact our Information Officer:

Information Officer
Oracle Genomics
20 Gainsborough Dr, Athlone, Durban North, 4051
Email: info@oraclegenomics.com
Phone: +27 6412 56421

Clinical-Grade Accuracy

ISO-certified lab with 99.9% accurate results

Fast Turnaround Times

Results delivered within 7-14 days nationwide.

Comprehensive Test Menu

7000+ genetic tests through one trusted partner

Dedicated Clinical Support

Board-certified counselors for case consultations available.