Privacy Policy

Last updated: June 11, 2026

This policy explains what DNA Rider collects, why, where it lives, and who can see it. The product's core idea — a tag a stranger can tap — makes the public/private boundary the heart of this policy, so it is stated precisely.

1. What we collect

Data	Source	Purpose
Profile: name, contact phone numbers and relations, email, gear details (make, model, color, serial), notes	Entered by you	Displayed per your visibility choices when a tag is tapped
Tag data: chip UID, cryptographic keys, read counter	Tag provisioning / taps	Authenticating taps, preventing cloning and replays
Scan events: time, IP address, coarse IP-based location, and — only if the person scanning grants it — browser GPS location	Each tap	Scan history shown to the owner; security auditing
Passkey public key (WebAuthn credential)	Owner enrollment	Owner authentication. We never receive your biometrics — Face ID / fingerprint never leaves your device.
PIN (stored only as a salted bcrypt hash)	Owner setup	Fallback owner authentication

We do not run third-party analytics or advertising trackers, and we do not sell or rent personal data to anyone.

2. Public vs. private — who sees what

Anyone who taps your tag (or has its URL) sees only the fields you marked public. Defaults at claim are conservative; you control every field's visibility from the owner page.
You (authenticated by passkey or PIN) see and edit everything, including scan history.
Verified first responders using organization activation codes can read the emergency data stored on the chip itself during an emergency scan.
Service operators can access stored data for support, security, and operations.

3. Where data lives and how it is protected

Profiles are stored as encrypted records (AES-256-GCM, random per-record IVs) on servers currently hosted on Fly.io in the United States.
Transport is HTTPS everywhere. Tap URLs are cryptographically signed by the chip and verified server-side.
PINs are salted bcrypt hashes; organization codes are hashed at rest; admin endpoints require API keys.

No system is perfectly secure. Treat the public fields of your profile as public information.

4. Retention and deletion

Profile data is kept while your tag remains claimed.
Unclaiming a tag deletes your profile data and returns the tag to a blank, claimable state.
Scan events are retained for security auditing; ask us to purge yours at the contact below.
Backups age out on a rolling basis after deletion.

5. Your choices and rights

Edit any field, or its public/private setting, at any time.
Unclaim/delete from the owner page — no support ticket needed.
Ask us what we hold about you, or request correction or deletion: support@dnarider.com.

Depending on where you live (e.g., EU/EEA, UK, California, Colorado), you may have statutory rights to access, correct, delete, or port your data, and to object to certain processing. Requests go to the same address.

6. Children

The Service is not directed to children under 13, and we do not knowingly collect their data. A parent or guardian may manage a tag on a minor's gear.

7. Changes

We will update this policy as the Service evolves and revise the date above. Material changes will be highlighted on this page.