top of page
Global Privacy Policy

Last Updated: October 1, 2021


Medicestry LLC. (“Medicestry”, “us”, “we”, or “our”) operates the Medicestry Platform, which consists of the website and the app Medicestry (collectively known as the “Service”).


This page informs all users of our policies regarding the collection, use, and disclosure of your personal data when you use our Service and the choices you have associated with that data.


We manage your data in our platform and enable you to share it amongst family members, as well as, healthcare providers of your choosing. By using the Service, you agree to the collection, storing, and use of your data in accordance with this policy.



We collect several different types of information for various purposes to provide and improve our Service to you.



If you download, install, and/or create an account in our Medicestry platform, we collect information on your personal health history and also health history information on any of your relatives. This information allows us to provide our Services, which include the ability for you to share your health history information, as well as, that of your relatives with your healthcare provider, so they can assess your risk of hereditary diseases. Our Services DO NOT in any way make recommendations independent of your healthcare provider related to your health. We are simply a platform that allows you to self-report health history information on yourself and your relatives, which you can then share with appropriate healthcare providers of your choosing.


Medicestry only requires you enter a name and email address to create an account on the platform. Medicestry provides additional optional data entry screens to allow you to enter health information related to yourself or other family members.  You can enter as much, or as little data as you want. In order to help your healthcare provider best assess your risk of hereditary disease, you should enter as much information as they deem necessary.


You should always consult your healthcare provider related to any medical decisions you make. Let’s go over the data that we allow you to store in our platform.



Information entered into the platform is collected for the sole purpose of determining what types of diseases you might be at risk for based on your family health history. Information you self-report on yourself and other family members, is stored in our platform and may include, but is not limited to the following:


  • Email address

  • First name and Last name

  • Address

  • Phone number

  • Date of Birth

  • Blood Type

  • Biological Sex

  • Gender Identity

  • Race/Ethnicity

  • Doctor Information

  • Diseases/Medical Conditions and the age they occurred

  • Relationship information as to how you are related to other relatives

  • Other medical information necessary for your healthcare provider to assess your hereditary risk of disease




Platform users can choose to invite family members to connect via the platform. By inviting a family member to the platform, a user is consenting that their family health history record is to be shared with the invited family member. No data from Optional Surveys or healthcare provider specific surveys will be shared with other family members.


No user data will be consented over to another family member without the user’s consent.




We also collect some information automatically:


Log Information: The products we offer via our platform follow a standard procedure of using log files. These files log visitors when they visit our website, as well as login to our platform. All hosting companies do this and are a part of the hosting services’ analytics. We collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.


Usage Data:  We may also collect information about how the Service is accessed and used. This Usage Data may include information such as your smartphone’s and/or computer’s operating system, your Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, device information (e.g., screen size, name of cellular network, and mobile device manufacturer) and other diagnostic data. We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.


Tracking and Cookies Data:  We use cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness if you receive emails from us. 


A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails.


You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.


Examples of Cookies we use:


  • Session Cookies

    • We use Session Cookies to operate our Service.

  • Preference Cookies

    • We use Preference Cookies to remember your preferences and various settings.

  • Security Cookies

    • We use Security Cookies for security purposes.




We use information about you as mentioned above and for the purposes listed below:


  • To provide and maintain the Service

  • To notify you about changes to our Service

  • To allow you to participate in interactive features of our Service when you choose to do so

  • To provide customer care and support

  • To provide analysis or valuable information so that we can improve the Service

  • To monitor the usage of the Service

  • To detect, prevent and address technical issues




A note here for those in the European Union about our legal grounds for processing information about you under EU data protection laws, which is that our use of your information is based on the grounds that: (1) The use is necessary in order to fulfill our commitments to you under the applicable terms of service or other agreements with you or is necessary to administer your account–for example, in order to enable access to our website on your device or charge you for a paid plan; or (2) The use is necessary for compliance with a legal obligation; or (3) The use is necessary in order to protect your vital interests or those of another person; or (4) We have a legitimate interest in using your information — for example, to provide and update our Services; to improve our Services so that we can offer you an even better user experience; to safeguard our Services; to communicate with you; to measure, gauge, and improve the effectiveness of our advertising; to understand our user retention and attrition; to monitor and prevent any problems with our Services; and to personalize your experience; or (5) You have given us your consent.


The user has the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Consent can be withdrawn by following the steps outlined in our Data Deletion policy found at the bottom of this document.


Should the purpose of data collection and processing change, you will be notified via the Medicestry Platform and your consent will need to be re-obtained for you to continue using the Medicestry platform.



Service users’ data is typically retained for a period of 6 years, dating from their most recent login. After 6 years without account activity, the user account will be deleted. In accordance with our Data Deletion Policy, Medicestry will permanently destroy the user data held on our servers, with the exception of data that has been shared with family members or healthcare providers. If data has been shared with a healthcare provider, the user must contact the healthcare provider directly to request deletion of their data.


Service users can request the deletion of their data and closure of their Service account at any point in accordance with our Data Deletion Policy.


Service users should be aware that most nations have laws requiring healthcare providers to retain records for a minimum period of time and as such, it might not be possible to delete the copy of the Service user data which the healthcare provider(s) holds.


Service users who have opted in a healthcare provider(s) should contact their healthcare provider(s) directly in order to request deletion of the copy of their data the healthcare provider(s) holds.



Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.


If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to servers in the United States and process it there.


Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.


Medicestry LLC will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.


Medicestry will not share or process user data for any other reason than those outlined in this privacy policy.




We do not sell your private personal information you share with us. We may disclose your personal data (with appropriate safeguards on your privacy) in the good faith belief that such action is necessary to:


  • To comply with a legal obligation

  • To protect and defend the rights or property of Medicestry LLC

  • To prevent or investigate possible wrongdoing in connection with the Service

  • To protect the personal safety of users of the Service or the public

  • To protect against legal liability




The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.


Your data is encrypted at all times, meaning while the data is at rest on our servers, as well as when data is transmitted from your device to our platform.




You have several choices available when it comes to information about you:


  • Limit Access to Information on Your Mobile Device: Your mobile device operating system should provide you with the ability to discontinue our ability to collect stored information.

  • Opt-Out of Marketing Communications: You may opt out of receiving promotional communications from us. Just follow the instructions in those communications or let us know. If you opt out of promotional communications, we may still send you other communications, like those about your account and legal notices.

  • Set Your Browser to Reject Cookies: You can usually choose to set your browser to remove or reject browser cookies before using Medicestry LLC. websites, with the drawback that certain features of our websites may not function properly without the aid of cookies.




If you are located in certain countries, including those that fall under the scope of the European General Data Protection Regulation (aka the “GDPR”), data protection laws give you rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:


  • Request access to your personal data

  • Request correction or deletion of your personal data

  • Object to our use and processing of your personal data

  • Request that we limit our use and processing of your personal data

  • Request portability of your personal data


If you would like to make a request to exercise any of these rights, please contact us below:


By email:

By visiting our website:


If you have a concern with the handling of your personal information, you have the right to lodge a complaint with the applicable Data Protection Authority in the country in which you reside, however, we ask that you first contact our Data Protection Officer, David Rogers, at so that we may attempt to fully resolve the issue.




We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.


These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose



We may use third-party Service Providers to monitor and analyze the use of our Service.


Google Analytics:  Google Analytics is a web analytics service offered by Google that tracks and reports website traffic.  In using Google Analytics, our website employs the extension “anonymizeIp”. In doing so, Google abbreviates and thereby anonymizes your IP address.  Google does not identify individual users or associate your IP address with any other data held by Google.  Google uses this information to analyze your use of our site, to compile reports for us on internet activity and to provide other services relating to our website.


You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on:  The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.


For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:




The Medicestry Platform and all data derived through its use, are provided "as is" with no warranty, express or implied, of any kind and Medicestry expressly disclaims any and all warranties and conditions, including but not limited to, any implied warranty of availability, security, title and non-infringement. You are solely responsible for any damage that results from the use of any Medicestry Platform and any data derived through such Platform including, but not limited to, any damage to your computer system or loss of data.




Medicestry LLC shall not, under any circumstances, be liable to you for any indirect, incidental, consequential, special or exemplary damages arising out of or in connection with use of the Medicestry Platform and any data derived through such Platform, whether based on breach of contract, breach of warranty, tort (including negligence, product liability or otherwise), or any other pecuniary loss, whether or not Medicestry LLC has been advised of the possibility of such damages. Under no circumstances shall Medicestry LLC be liable to you for any amount.





Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.


We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.



Our Service does not address anyone under the age of 18 (“Children”).


We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.



We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.


We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.


You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.




If you wish to have your account and all your data associated with your account deleted from our platform, you may contact us at any of the mediums below to formally request your account to be deleted. You will be asked to provide a government issued ID to verify that you are in fact the rightful owner of the account and therefore have the authority to delete the account and all the information contained within it.


Once your request to delete your data has been verified and confirmed your account will be closed and we will dispose of all copies of your data on our servers within 30 days, provided you have not shared data with a healthcare provider(s). If you have shared data with a healthcare provider(s), they will retain a copy of your record for a determinate time period in accordance with local record retention laws. You can contact your healthcare provider directly in order to request deletion of your data.




If you have any questions about this Privacy Policy, please contact us:


By email:

By visiting our website:


We try to respond to user requests in as short a timeframe as possible, however sometimes it may take us slightly longer to respond to certain requests. Please allow up to 30 days for a response to your request.

bottom of page