GENETIQ
Privacy Policy
1. Overview and Scope
GenetiQ is a digital health and medical-record platform operated by Prepaire, with its registered office at IRENA Building, Masdar City, Abu Dhabi, United Arab Emirates ("GenetiQ," "Prepaire," "we," "us," or "our").
This Privacy Policy explains how we collect, use, disclose, store, transfer, secure, and otherwise process personal data in connection with the GenetiQ mobile application, patient wallet, provider connectivity services, digital-twin and AI features, laboratory and biomarker services, integrations, support functions, and related enterprise services (together, the "Services"). This policy applies to patients, clinicians, hospitals, clinics, enterprise customers, and regulators.
Where we process personal data on behalf of a clinic, hospital, laboratory, employer-sponsored health program, insurer, or other enterprise customer, that customer may act as the controller or equivalent regulated entity, and we may act as its processor or, in U.S. HIPAA settings, its business associate. In those cases, the applicable enterprise agreement, DPA, BAA, Notice of Privacy Practices, or customer privacy notice may also apply. Where we determine the purposes and means of processing ourselves — such as for direct account administration, support, platform security, and fraud prevention — we act as a Data Controller.
Roles and Responsibilities
The role of GenetiQ in relation to personal data depends on the context in which the Services are used.
| Processing Context | GenetiQ Role |
|---|---|
| Individual consumer account created directly by a user | Data Controller |
| Healthcare provider, clinic, hospital, laboratory, insurer, employer, research institution, or enterprise customer using GenetiQ on behalf of individuals | Data Processor acting on documented instructions of the relevant organization, unless otherwise stated |
| Laboratory result routing and delivery through the platform | Generally Data Processor, unless GenetiQ independently determines the purposes and means of processing |
| Enterprise wellness, health-monitoring, or employer-sponsored programs | Data Processor for the sponsoring organization, unless otherwise disclosed |
| Research collaborations and certain platform-improvement activities | Controller, Joint Controller, or Processor depending on the specific arrangement and applicable law |
Where GenetiQ acts as a Data Processor, the relevant customer, healthcare provider, institution, laboratory, or organization generally remains responsible for determining the purposes and means of processing and for responding to certain data-subject requests.
Where GenetiQ acts as a Controller or Joint Controller, GenetiQ will identify the applicable responsibilities through this Privacy Policy, contractual documentation, supplemental notices, or other transparency mechanisms.
Where GenetiQ acts as a Joint Controller with another organization, the parties will allocate responsibilities relating to data-subject requests, regulatory notifications, compliance obligations, and other privacy requirements through an applicable joint-controller arrangement. The essence of such arrangements may be made available upon request where required by law.
2. Key Definitions
"Personal Data" means information relating to an identified or identifiable natural person.
"Genetic Data" means personal data relating to inherited or acquired genetic characteristics that give unique information about a person's physiology or health, resulting in particular from analysis of a biological sample.
"Health Data" means personal data related to a person's physical or mental health, including the provision of healthcare services, that reveals information about health status.
Under GDPR-style regimes, health data and genetic data are special-category data requiring additional safeguards and conditions for lawful processing.
3. Personal Data We Process
Depending on how you use the Services, we may process different categories of personal data. The categories of personal data we process are summarized in the table below. The specific categories and items processed depend on the features you use, the permissions you grant, the services you access, and, where applicable, the role of any healthcare provider, enterprise customer, research partner, or organization associated with your use of the Services.
| Category | Examples relevant to GenetiQ |
|---|---|
| Account and identity data | email address, blinded email lookup values, encrypted operational email record, account identifiers, verification status, UAE Pass status, support identity-check data |
| Profile data | first name, last name, age, date of birth, gender, demographic information, including ethnicity where voluntarily provided or required for healthcare purposes, smoker status, other profile fields you provide |
| Wallet health data | medical records, prescriptions, lab reports, imaging reports, discharge summaries, diagnoses, medications, allergies, provider metadata, document notes, visit notes, file metadata, access receipts |
| Genetic and biomarker data | genomic files, clinical genetics results, variant data, assay results, biomarker values, phenotype/risk mappings |
| Fitness and lifestyle data | journal entries, exercise frequency/intensity/type, activity trends, wearable-derived fitness indicators, passive lifestyle measurements from approved ecosystem apps |
| Device, authentication, and security data | public keys, key versions, certificate data, challenge-response events, session identifiers, refresh tokens, hardware-authentication metadata, certificate metadata, anti-enumeration signals, fraud-detection signals |
| AI interaction data | prompts, queries, extracted structured fields, embeddings or vector references, generated outputs, explanation artifacts, confidence or provenance metadata |
| Customer support and communications data | emails, tickets, chat, complaint records, audit correspondence |
| Technical and audit data | access logs, security logs, ledger events, consent events, revocations, data-import events, error records, append-only audit log entries |
| Commercial and contractual data | enterprise contract details, invoicing, payments, tax records, service configuration, customer-admin contact details |
UAE Pass
UAE Pass is used solely for optional identity verification after you have signed in. It is not a method of account creation or login. Connecting UAE Pass is optional and at your initiative.
Blinded Email Lookup Values
To help users securely locate and access their accounts, GenetiQ may generate privacy-preserving lookup values derived from account email addresses. These values support account-matching, authentication, recovery, and related operational functions without routinely exposing underlying email addresses during system operations. They are used solely for security, account-management, and operational purposes and are not intended to reveal whether a particular individual is a user of the Services.
4. Sources of Personal Data
We may obtain personal data directly from you; from your device and secure wallet operations; from hospitals, clinics, healthcare providers, laboratories, and enterprise customers acting on your behalf; from wearable devices and integrations you intentionally connect; from third-party health ecosystem applications you authorize; from identity-verification and authentication services; and from service providers that support hosting, communications, security, analytics, infrastructure, or operational functions.
We may also derive or infer certain information, such as structured document fields, biomarker mappings, health indicators, risk signals, trends, or other analytical outputs, from records, files, and information made available through the Services.
GenetiQ may collaborate with healthcare institutions, research organizations, laboratories, enterprise customers, and other authorized participants using privacy-preserving methods designed to support research, healthcare innovation, validation, quality improvement, scientific development, security, and platform improvement, subject to applicable legal, contractual, technical, organizational, and governance safeguards.
5. Purposes and Lawful Bases
We process personal data for the following purposes and, where GDPR or analogous laws apply, on the corresponding lawful bases:
| Purpose | Typical lawful basis |
|---|---|
| Create and administer accounts; authenticate patients and providers; recover access; maintain sessions | Contract; legitimate interests in account security |
| Provide the health wallet, document storage, receiving and sending records, consents, revocations, access dashboards, and core app features | Contract; in enterprise settings, processor instructions from the controller |
| Provide provider connections, consented sharing, inbound records, access receipts, and organizational visit history | Contract; consent where the user authorizes a provider or third-party connection; legitimate interests in maintaining secure audit records |
| Perform AI-assisted document understanding, biomarker extraction, digital-twin responses, and supportive health insights you request | Explicit consent or another valid Article 9 condition plus an Article 6 basis; in enterprise settings, documented controller instructions |
| Provide wearable and ecosystem integrations | Consent; contract where enabled by the user |
| Deliver laboratory, biomarker, and assay services | Contract; health or social care/healthcare management condition; explicit consent where required |
| Secure the platform, prevent fraud, investigate incidents, maintain logs, and defend legal claims | Legitimate interests; legal obligation; vital interests where applicable |
| Comply with laws, regulator requests, accounting, tax, sanctions, and healthcare recordkeeping rules | Legal obligation; substantial public interest or healthcare condition where applicable |
| Communicate about the service, major changes, security alerts, and support matters | Contract; legitimate interests; legal obligation |
| Improve service quality, monitor performance, troubleshoot, and produce anonymized, aggregated, or pseudonymized analytics, as appropriate to the relevant processing activity | Legitimate interests; processor instructions; appropriate Article 9 condition where special-category data is involved |
Under GDPR-style regimes, special-category data processing requires both an Article 6 lawful basis and a separate Article 9 condition — these are cumulative and must be documented before processing begins.
6. Special-Category, Health, and Genetic Data
We process health and genetic data only where doing so is necessary for the provision of the Services, for healthcare delivery or management, for safety and security, for laboratory and biomarker functions, or on the basis of your explicit consent or another applicable condition permitted by law.
We apply enhanced safeguards to health and genetic data, including role separation, least-privilege access controls, audit logging, contractual restrictions, and heightened transfer and security controls. We require separate explicit consent for genomics, wearable-device linking, AI analysis of health records, and any research or model-improvement activity that is not strictly necessary to provide the core Services.
Human Genomic Data and UAE Human Genome Law
Where GenetiQ processes human genomic, genetic, sequencing, hereditary, or related biological information, such processing will be conducted in accordance with applicable law, including Federal Decree-Law No. 49 of 2023 concerning the Regulation of the Use of the Human Genome, where applicable.
GenetiQ will obtain appropriate informed consent before collecting, processing, analyzing, storing, sharing, or otherwise using genomic data where required by applicable law. Such consent may be purpose-specific, documented, and revocable, subject to applicable legal, regulatory, healthcare, research, audit, security, or record-retention requirements.
GenetiQ does not use genomic data for insurance underwriting, employment screening, discriminatory decision-making, eligibility determinations, or any other prohibited purpose under applicable law. GenetiQ does not knowingly disclose, transfer, or make genomic data available to third parties for such purposes.
Where genomic data is processed for healthcare, research, scientific, educational, validation, quality- assurance, or platform-improvement purposes, such processing will be conducted only where supported by an appropriate legal basis, consent, authorization, anonymization process, pseudonymization process, or other lawful mechanism permitted by applicable law.
6.1. HealthKit (Apple devices only)
Certain fitness and health data may be obtained from Apple HealthKit where you connect a compatible wearable or health integration on an Apple device. Where HealthKit data is accessed, the following commitments apply:
- We do not use HealthKit data for advertising or for any other use-based data-mining purposes.
- We do not disclose HealthKit data to third parties for advertising or for any other use-based data-mining purposes.
- HealthKit data is used solely to provide health, medical, or fitness services to you within the Services.
- HealthKit data is not stored in iCloud or any other third-party cloud storage outside of Apple's HealthKit framework on your device.
- If you do not connect HealthKit on your device, no HealthKit data is collected or processed.
7. How the Platform Works Technically
The GenetiQ platform implements a patient-controlled health wallet in which the central wallet backend stores encrypted data, encrypted content, wrapped cryptographic keys, and related security metadata, and is designed not to store patient private keys in plaintext. The platform incorporates privacy-preserving account-discovery mechanisms, patient signing keys, append-only audit logs, immutable records of material consent and sharing events, hardware-backed credentials, cryptographic access controls, and other technical safeguards designed to support security, integrity, accountability, and user control.
Certain features of the Services require health, genomic, biometric, or other protected data to be processed in decrypted form within controlled and authorized environments in order to provide requested functionality. Examples may include healthcare-provider systems, authorized clinical environments, laboratory workflows, secured artificial-intelligence processing services, trusted execution environments, document-processing services, and other approved processing contexts.
In each case, processing is limited to defined and authorized purposes, subject to access controls, audit logging, contractual confidentiality obligations, technical safeguards, and security measures designed to protect personal data and sensitive health information throughout the processing lifecycle. GenetiQ's privacy and security commitments are based on purpose limitation, authorization controls, cryptographic protections, data minimization, and accountability measures appropriate to the nature of the processing activity.
When privacy-preserving lookup mechanisms are used, GenetiQ implements controls designed to reduce unnecessary exposure of account identifiers and to limit the ability of unauthorized parties to determine whether a specific email address or individual is associated with the Services.
8. Recipients and Disclosures
We may disclose personal data to:
- Your authorized clinicians, hospitals, laboratories, and linked ecosystem applications, in accordance with your instructions and the applicable access controls and consent scopes.
- Subprocessors and service providers that host, secure, support, maintain, monitor, integrate, or otherwise operate the Services on our behalf under written instructions and appropriate contractual, confidentiality, security, and data-protection safeguards.
- Such service providers may include cloud-hosting providers, authentication and identity-management providers, analytics and monitoring providers, communication providers, security providers, laboratory integration providers, healthcare technology providers, and other technology or operational partners engaged to support the Services. GenetiQ operates its artificial-intelligence and machine-learning models in-house and does not share personal data with third-party AI vendors for inference.
- Regulators, courts, law-enforcement authorities, government agencies, or other third parties where required by law, necessary to protect rights, safety, security, or public interests, or as part of a merger, acquisition, financing, restructuring, or other corporate transaction subject to appropriate safeguards.
We do not sell personal data, health data, genetic data, genomic data, biometric data, or other sensitive personal information. Transfers to service providers processing on our behalf, and disclosures resulting from user-directed actions, remain disclosures for privacy-law purposes and are described in this Privacy Policy.
We do not use health, genetic, genomic, biometric, or other sensitive health-related data for advertising, targeted marketing, behavioral profiling for advertising purposes, or marketing personalization. We do not share, license, disclose, monetize, or sell such data to advertising networks, data brokers, marketing platforms, or third parties acting for their own advertising, marketing, or commercial purposes.
9. International Transfers
We may process data in the jurisdictions in which we, our affiliates, enterprise customers, or our subprocessors operate. When personal data is transferred from the EEA, UK, DIFC, or ADGM to another jurisdiction, we rely on an applicable transfer mechanism — such as adequacy, approved Standard Contractual Clauses (SCCs), approved model clauses, or binding corporate rules — together with supplementary technical or organizational measures.
UAE Health Data Residency
Where health data is generated, collected, or processed within the United Arab Emirates, GenetiQ will store and process such health data within the United Arab Emirates by default, subject to applicable law.
Where a transfer, access, disclosure, processing activity, research activity, telemedicine interaction, healthcare collaboration, patient-directed sharing activity, or other cross-border data flow is permitted or required, GenetiQ will only permit such activity where an appropriate legal basis, user authorization, consent, regulatory authorization, statutory exception, or other lawful mechanism exists under applicable UAE law.
Where required by applicable law, GenetiQ will implement appropriate technical, organizational, contractual, and security safeguards designed to protect health data and personal data during any authorized transfer or processing activity.
Nothing in this Privacy Policy authorizes unrestricted international transfers of UAE-origin health data. Such transfers will be evaluated and managed in accordance with applicable UAE healthcare, health- data, privacy, and regulatory requirements.
10. Security Controls
We implement technical and organizational measures designed to protect confidentiality, integrity, availability, and resilience, taking account of the sensitivity of health and genetic data and applicable legal requirements under GDPR-style regimes and HIPAA security standards. These measures may include:
- Encryption of content at rest using industry-standard cryptographic protections
- Hardware-backed key storage on user and provider devices (Secure Enclave / StrongBox); wrapped key material and key versioning
- Role-based and attribute-based access control; privileged-access management; least-privilege segmentation
- Certificate-based authentication, device-trust mechanisms, challenge-response controls, and hardware-backed security technologies where supported by the applicable deployment environment
- Advanced cryptographic protections, including hybrid or post-quantum cryptographic mechanisms, where supported by the relevant infrastructure, deployment architecture, and operational environment
- Append-only audit records, tamper-evident logging mechanisms, signed authorization events, and other integrity-protection controls designed to support accountability and security
- Security logging, monitoring, and vulnerability management; incident-response runbooks; change control
- Staff confidentiality commitments; subprocessor due diligence; contractual security obligations
11. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, the instructions of the applicable enterprise customer, and our legal, regulatory, security, accounting, evidentiary, compliance, and operational obligations.
Consumer Account Retention
For individual consumer accounts, account information, health-wallet information, preferences, settings, and related personal data are generally retained for the duration of the user's active account and for such additional periods as are reasonably necessary to comply with legal, regulatory, security, audit, dispute-resolution, fraud-prevention, continuity, or operational requirements.
Where a user deletes their account through the Services, active account data is generally removed from production systems within thirty (30) days. Backup copies and disaster-recovery records are generally removed, overwritten, or rendered inaccessible within ninety (90) days, unless a longer retention period is required by applicable law, regulatory obligations, security requirements, legal claims, contractual commitments, healthcare-record obligations, or legitimate business needs.
Certain healthcare, clinical, laboratory, genomic, audit, compliance, consent, or regulatory records may be retained for longer periods where required by applicable law.
UAE Healthcare Record Retention
Where UAE law requires the retention of healthcare or clinical records, GenetiQ may retain such records for the legally required retention period, including retention obligations arising under Federal Law No. 2 of 2019 and related regulations. Where applicable, legally required records may be isolated, access-restricted, archived, or otherwise protected following account deletion while remaining subject to applicable legal-retention requirements.
Enterprise and Institutional Accounts
For healthcare providers, hospitals, laboratories, research institutions, enterprise customers, and other organizational users, retention periods may additionally be governed by applicable contracts, data- processing agreements, regulatory obligations, healthcare-record requirements, institutional policies, and implementation schedules.
| Data type | Retention position |
|---|---|
| Account identifiers and contact data | Account life plus 6 years after closure for legal claims, fraud prevention, security, and tax/audit purposes, unless shorter or longer periods are required by law |
| Encrypted wallet blobs, wrapped keys, encrypted catalogue data, file references | Until user deletion, customer instruction, or contract termination, subject to backup purge cycles |
| Consent records, revocations, access receipts, legal evidence | For as long as needed to demonstrate authorization, compliance, and legal claims handling |
| Immutable ledger entries / blockchain proofs | Retained as tamper-evident proof where deletion is not technically supported; operational links severed or rendered non-attributable on erasure request |
| Security logs and audit logs | 12–24 months rolling retention, longer where required for active investigations or legal obligations |
| Support tickets and complaint files | 24–36 months after closure unless required longer for disputes or health-safety investigations |
| Break-glass recovery records and identity-verification materials | 30–90 days after completion, unless investigation, legal obligations, security requirements, or applicable law require longer retention |
| AI prompts, temporary inference data, extracted text and transient processing artifacts | Ephemeral/in-memory where configured; if persisted for service continuity, the shortest documented period necessary and only where disclosed |
| Anonymized or aggregated analytics | For as long as the data remains anonymized in a manner that is not reasonably reversible, aggregated, and lawful to use |
| Enterprise contract, billing, and finance records | Statutory accounting, tax, and audit period in the relevant jurisdiction (typically 7 years) |
Break-Glass Recovery
In limited circumstances, a user may require emergency account recovery or restoration of access to critical health information. GenetiQ may therefore maintain identity-verification materials and recovery records used solely for account-recovery, fraud-prevention, security, compliance, continuity, and related operational purposes.
Access to such recovery processes is restricted, logged, subject to authorization controls, and may require identity verification, waiting periods, additional approvals, or other security procedures designed to prevent unauthorized access. All recovery-related actions are recorded for security, compliance, and audit purposes.
Where required by applicable law, additional consent, authorization, or identity-verification requirements relating to recovery processes may be described in the applicable consent materials, account-recovery workflows, or Section 13 of this Privacy Policy.
12. Your Rights
Subject to applicable law and contractual role allocation, you may have the right to:
- Request access to your personal data;
- Request correction of inaccurate or incomplete personal data;
- Request erasure, restriction of processing, or data portability;
- Object to certain processing activities;
- Withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal;
- Review, contest, or request human review of certain automated decisions where applicable.
Under GDPR-style regimes, we generally respond to valid requests within one calendar month, subject to lawful extensions where requests are complex or numerous. Where HIPAA applies, covered entities generally must respond to a right-of-access request within thirty (30) days, subject to any lawful extension.
Under applicable UAE data-protection laws, including the UAE Personal Data Protection Law, individuals may also have rights relating to access, correction, restriction, deletion, portability, objection, and other rights provided by applicable law.
These rights may include rights provided under Articles 13–19 of the UAE Personal Data Protection Law, subject to applicable limitations, exemptions, and role allocation requirements.
If we process personal data on behalf of a hospital, clinic, laboratory, enterprise customer, or other controller, we may direct your request to that controller or assist it in responding.
You may delete your account and personal data associated with your account from within the GenetiQ application at any time via Settings → Account → Delete Account.
Active account data is generally removed from production systems within thirty (30) days following a verified deletion request. Backup copies and disaster-recovery records are generally removed or overwritten within ninety (90) days, unless a longer retention period is required by applicable law, regulatory obligations, legal claims, healthcare-record requirements, security requirements, or other lawful obligations.
Where applicable healthcare, clinical, audit, consent, laboratory, or regulatory record-retention requirements apply, including under UAE Federal Law No. 2 of 2019 and other applicable healthcare laws, such records may be retained for the legally required retention period. Any retained records will remain isolated, access-restricted, and used only for legally authorized purposes.
We may need to verify your identity before acting on a request. You may also lodge a complaint with your local supervisory authority or, where applicable, the UK Information Commissioner's Office (ICO), the ADGM Office of Data Protection, the DIFC Commissioner of Data Protection, the UAE Data Office, or the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR).
13. Consent Management
Where consent is required, GenetiQ seeks consent at the time the relevant feature, service, processing activity, disclosure, or integration is initiated. Consent requests are designed to be clear, specific, and appropriate to the processing involved.
Users may be provided with separate consent options for different categories of processing, including health data, genetic data, artificial-intelligence features, wearable-device integrations, research activities, and third-party ecosystem connections where applicable.
Users may withdraw consent at any time through available account settings, consent-management tools, or other mechanisms provided by the Services, subject to applicable legal, regulatory, contractual, clinical, security, retention, evidentiary, or operational requirements.
14. Artificial Intelligence, Profiling, and Explainability
GenetiQ uses or may use artificial-intelligence, machine-learning, advanced analytics, document- analysis tools, knowledge-graph retrieval systems, biomarker-extraction technologies, medication and wearable-data interpretation tools, and other computational methods to generate explanations, summaries, recommendations, trends, and supportive health insights. These outputs are provided for informational and educational purposes only, are not a medical diagnosis or treatment recommendation, and do not replace professional clinical judgment.
We do not represent these features as replacing a clinician's diagnosis, treatment decision, prescription, or emergency judgment. Unless expressly stated otherwise for a specific regulated feature, we do not use solely automated processing to make decisions that produce legal effects or similarly significant effects about you without meaningful human oversight and an appropriate legal basis.
Where artificial intelligence or automated processing materially influences an output about you, we may provide meaningful information regarding the principal factors involved, the primary data sources used, the significance and limitations of the output, and any available route to human review, challenge, or further assessment, where required by applicable law.
Certain advanced analytics, machine-learning, artificial-intelligence, research, validation, and model- improvement activities may require additional disclosures, legal bases, consent mechanisms, contractual arrangements, governance controls, or safeguards beyond those described in this Privacy Policy. Where required, GenetiQ will provide supplemental notices, feature-specific disclosures, additional transparency information, or separate consent mechanisms before such processing occurs.
Artificial Intelligence Regulation
Where GenetiQ provides Services within jurisdictions that regulate artificial-intelligence systems, including the European Economic Area, GenetiQ may implement additional notices, disclosures, transparency measures, user-rights mechanisms, risk-management processes, documentation requirements, or governance controls required by applicable law. Such requirements may be communicated through supplemental privacy notices, feature-specific disclosures, trust-center documentation, or other compliance materials.
15. Personal Data Breach Management
We maintain an incident-response process designed to identify, contain, investigate, document, remediate, and notify relevant parties of personal data breaches and security incidents.
Where we act as processor: we notify the controller without undue delay after becoming aware of a breach affecting the controller's data.
Where required by applicable law, GenetiQ will notify affected individuals, regulators, supervisory authorities, healthcare institutions, partners, or other relevant parties of qualifying personal-data incidents without undue delay and in accordance with applicable legal and regulatory requirements, including the GDPR where applicable and any requirements established by the UAE Data Office, ADGM Office of Data Protection, DIFC Commissioner of Data Protection, or other competent authorities.
Where HIPAA applies: covered entities must notify HHS without unreasonable delay and no later than 60 calendar days for breaches affecting 500 or more individuals; smaller breaches are reported to HHS annually within 60 days after year-end.
16. Children and Minors
GenetiQ does not knowingly collect personal data directly from children or minors without an appropriate legal basis. Where the Services are provided to individuals under the age of eighteen (18), GenetiQ will obtain any consent, authorization, or approval required by applicable law from a parent, legal guardian, healthcare institution, or other legally authorized person or entity, as applicable.
Healthcare providers do not replace parental or guardian consent where such consent is required by applicable law.
17. Changes to This Policy
We may update this policy from time to time to reflect changes in law, regulation, processor chain, product functionality, security controls, or business operations. Where changes are material, we will provide notice through the app, enterprise account channels, or other appropriate means.
18. Language Versions
This document is provided in English. In the event that translated versions are made available, the English version shall prevail in the event of any inconsistency, unless applicable law requires otherwise.
19. Contact Details
If you have questions about this Privacy Policy, the processing of your personal data, your privacy rights, consent withdrawal, access requests, correction requests, deletion requests, or any other privacy- related matter, please contact us using the details below.
| Role | Contact |
|---|---|
| Legal Entity | Prepaire |
| Registered Address | IRENA Building, Masdar City, Abu Dhabi, United Arab Emirates |
| Privacy Contact | privacy@genetiq.ai |
| Security Contact | security@genetiq.ai |