CUSTOMER SERVICE AWARD WINNER

PRIVACY POLICY

Please read our Privacy Policy carefully and make sure you understand it before placing an order. This Privacy Policy should be read in conjunction with our full Terms and Conditions, Cookie Policy, Refund Policy, and Genetic Information Processing Consent.

Last Updated: June 26, 2026

1. INTRODUCTION

EDL International, LLC (“homeDNAdirect,” “we,” “our,” or “us”) is committed to protecting the privacy and security of our customers, website visitors, and test participants. This Privacy Policy explains how we collect, use, disclose, transfer, retain, and protect personal information and genetic information obtained through our websites, customer support channels, DNA testing services, and related activities.

This Privacy Policy is intended to comply with applicable privacy and data protection laws, including:

  • The European Union General Data Protection Regulation (EU) 2016/679 (“GDPR”);
  • The United Kingdom General Data Protection Regulation (“UK GDPR”);
  • The Swiss Federal Act on Data Protection (“FADP”);
  • The California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”);
  • Australia’s Privacy Act 1988 (Cth) & Australian Privacy Principles;
  • The Canada Personal Information Protection and Electronic Documents Act (“PIPEDA”) and substantially similar provincial privacy laws where applicable; and
  • Other applicable privacy and genetic data protection laws.

By using our website, purchasing our services, submitting samples, or otherwise interacting with homeDNAdirect, you acknowledge the practices described in this Privacy Policy.

If you do not agree with this Privacy Policy, do not use our website or services.

2. COMPANY INFORMATION

The “Company” is homeDNAdirect.

The Company is a brand operated by EDL International, LLC.

The Company is not a laboratory. All testing services are performed by independent accredited partner laboratories selected by the Company.

3. DATA CONTROLLER

The data controller responsible for your personal information is EDL International, LLC (“EDLI”). Where required by applicable law, the Company has appointed representatives for data protection matters in the United States of America, the United Kingdom, and the European Economic Area.

For privacy-related inquiries, requests, or complaints, you may contact our Data Officer at:

  • Email: [email protected]
  • Postal Address: EDLI, 500 South Main Street, Las Cruces, New Mexico, 88001, United States of America
  • Postal Address: EDLI, 60 Lansdowne Place, Hove, East Sussex, BN3 1FG, United Kingdom
  • Postal Address: EDLI, Dr Trueta Street, No 168, Floor 2 Flat 2, Office 6, 08005, Barcelona, Spain

4. CATEGORIES OF INFORMATION WE COLLECT

4.1 Personal Information

We may collect:

  • Name
  • Mailing address
  • Email address
  • Telephone number
  • Date of birth
  • Billing information
  • Shipping information
  • Government-issued identification where required for legal testing
  • Immigration or legal case reference information when applicable

4.2 Genetic Information

Depending upon the testing service requested, we may collect:

  • DNA samples
  • DNA profiles
  • Genetic markers necessary to perform testing
  • Relationship testing results
  • Ancestry-related genetic information
  • Other genetic information necessary to complete the requested service

Genetic information is considered a special category of personal data under GDPR and similar laws.

4.3 Website Usage Information

We automatically collect certain information regarding website use, including:

  • IP address
  • Browser type
  • Device information
  • Pages visited
  • Referring websites
  • Session duration
  • Website interaction information

4.4 Marketing Information

We may collect information regarding communication preferences, newsletter subscriptions, and marketing interactions. Service-related communications, such as order confirmations, sample instructions, status updates, result availability notices and policy updates, are not marketing communications and may be sent as necessary to provide services. Promotional marketing emails will be sent only where permitted by applicable law and may be opted out of at any time.

5. SOURCES OF INFORMATION

We collect information directly from:

  • Customers
  • Test participants
  • Authorized representatives
  • Legal guardians
  • Immigration sponsors
  • Attorneys
  • Government agencies when legally authorized

We also collect information automatically through our website technologies.

6. PURPOSES OF PROCESSING

We process personal information and genetic information for the following purposes:

6.1 Service Delivery

  • Processing orders
  • Coordinating sample collection
  • Identity verification
  • Laboratory testing
  • Quality assurance
  • Delivering reports

6.2 Customer Support

  • Responding to inquiries
  • Managing complaints
  • Providing technical assistance

6.3 Legal and Regulatory Compliance

  • Accreditation requirements
  • Chain-of-custody verification
  • Immigration requirements
  • Tax and accounting obligations
  • Fraud prevention

6.4 Business Operations

  • Internal administration
  • Quality management
  • Auditing
  • Service improvement

6.5 Research and Development

With your explicit consent, the Company may use de-identified genetic information for:

  • Internal research
  • Validation studies
  • Product development
  • Quality improvement initiatives

De-identified information used for these purposes will not reasonably identify you.

7. LEGAL BASIS FOR PROCESSING

For individuals located in the European Economic Area, United Kingdom, and Switzerland, we rely on one or more of the following legal bases:

7.1 Contractual Necessity

Processing necessary to process orders and provide requested testing services.

7.2 Consent

Processing genetic information and special category data when consent is required.

7.3 Legal Obligation

Compliance with applicable laws, regulations, accreditation standards, court orders, accounting, tax and business records, and governmental requirements.

7.4 Legitimate Interests

Business operations, fraud prevention, security, customer support, complaint handling and service improvement where such interests are not overridden by individual rights.

7.5 Explicit Consent for Genetic Information

Where required by law, we process genetic information based upon explicit consent.

7.6 Explicit Consent for Website Analytics

Where consent is required by applicable law.

7.7 Explicit Consent for Marketing Communications

Where permitted by applicable direct marketing laws.

8. PARTNER LABORATORIES

The Company does not operate its own laboratory facilities.

All testing services are performed by accredited partner laboratories selected based upon quality standards, accreditation status, technical expertise, and regulatory compliance.

Partner laboratories may be located in:

  • United States
  • European Union
  • United Kingdom
  • Australia
  • Canada
  • Other jurisdictions necessary to provide specific testing services

Laboratories receive only the information reasonably necessary to perform requested testing services.

9. INTERNATIONAL DATA TRANSFERS

Due to the international nature of our operations, personal information and genetic information may be disclosed to overseas recipients, including laboratories, support teams and service providers located in the United States, United Kingdom, European Union, Canada, Australia, and other jurisdictions necessary to provide the requested service. The specific countries may vary depending on the test type, laboratory used and customer location.

Such transfers may occur when:

  • Samples are analyzed by partner laboratories;
  • Customer support is provided by regional teams;
  • Service providers assist in business operations.

Where required by law, the Company implements appropriate safeguards, including:

  • Standard Contractual Clauses approved by the European Commission;
  • UK International Data Transfer Addendum;
  • Australian Privacy Principles;
  • Contractual confidentiality obligations;
  • Security and technical safeguards.

10. DISCLOSURE OF INFORMATION

We may disclose personal information to:

10.1 Service Providers

  • Accredited laboratories
  • Shipping providers
  • Payment processors
  • Technology providers
  • Customer support providers

10.2 Legal Authorities

When required by:

  • Court orders
  • Subpoenas
  • Immigration authorities
  • Government agencies
  • Applicable laws

10.3 Business Transactions

If the Company participates in a merger, acquisition, restructuring, or sale of assets.

We do not sell personal information.

We do not sell genetic information.

We do not share personal information for cross-context behavioral advertising.

We do not engage in targeted advertising using genetic information.

11. CALIFORNIA PRIVACY NOTICE

11.1 No Sale or Sharing of Personal Information

The Company does not:

  • Sell personal information;
  • Sell genetic information;
  • Share personal information for cross-context behavioral advertising.

11.2 California Consumer Rights

California residents may have the right to:

  • Know what information we collect;
  • Access personal information;
  • Correct inaccurate information;
  • Delete personal information;
  • Limit use of sensitive personal information where applicable;
  • Receive information regarding disclosures.

11.3 Sensitive Personal Information

The Company may collect sensitive personal information, including genetic information, government-issued identification where required for legal testing, account login information, payment-related information processed by payment providers, and information necessary to provide requested DNA testing services.

The Company uses sensitive personal information only for purposes reasonably necessary to provide requested services, verify identity, maintain security, prevent fraud, comply with legal and accreditation obligations, manage customer support, and perform related business operations. The Company does not use sensitive personal information to infer characteristics for unrelated purposes or for cross-context behavioral advertising.

11.4 California Genetic Information

The Company does not sell genetic information. The Company does not disclose genetic information to third parties for marketing, advertising, insurance, employment, or unrelated research purposes without an appropriate legal basis and, where required, separate express consent. California residents may request access to, deletion of, or information about disclosures of genetic information, subject to verification and applicable legal exceptions.

Requests may be submitted through our Data Officer.

The Company will not discriminate against individuals who exercise privacy rights.

12. DATA RETENTION

The Company retains information only as long as reasonably necessary for legitimate business, legal, regulatory, and accreditation purposes.

12.1 DNA Samples

May be retained for up to six (6) months following completion of testing.

12.2 Ancestry, Health, Drug, and Pet Tests

DNA profiles and reports retained for up to twelve (12) months.

12.3 Peace of Mind DNA Tests

DNA profiles and reports retained for up to twelve (12) months.

12.4 Legal and Immigration DNA Tests

DNA profiles and reports retained for up to sixty (60) months.

12.5 Order Records

Customer order information may be retained for up to seven (7) years for accounting, tax, legal, accreditation, and regulatory purposes.

Retention periods may be extended where required by law, litigation holds, accreditation standards, or regulatory obligations.

13. SECURITY

The Company maintains administrative, technical, and physical safeguards designed to protect information from:

  • Unauthorized access
  • Unauthorized disclosure
  • Loss
  • Misuse
  • Alteration
  • Destruction

Security measures include:

  • Encryption where appropriate
  • Access controls
  • Employee confidentiality obligations
  • Secure data storage
  • Vendor security assessments

No security system is completely secure, and we cannot guarantee absolute security.

14. YOUR PRIVACY RIGHTS

Depending upon your jurisdiction, you may have rights to:

  • Access information;
  • Correct inaccurate information;
  • Delete information;
  • Restrict processing;
  • Object to processing;
  • Withdraw consent;
  • Request data portability;
  • Lodge complaints with supervisory authorities.

Requests may be submitted to our Data Officer.

Identity verification will be required before fulfilling requests.

15. COOKIES AND ANALYTICS

The Company uses cookies and similar technologies to operate and improve our website.

We currently utilize:

Google Analytics

Used to understand website usage patterns, visitor behavior, and website performance. Where required by applicable law, analytics technologies are used only after obtaining the user’s consent.

Google Tag Manager

Used to manage website tags and analytics technologies.

You may control cookies through browser settings and available consent mechanisms.

Additional information regarding Google’s data practices can be found at Google’s Privacy Policy.

16. CHILDREN’S PRIVACY

The Company’s testing services may involve minors when authorized by a parent, legal guardian, or legally authorized representative.

We do not knowingly collect information directly from children through our website without appropriate authorization.

17. AUTOMATED DECISION-MAKING

The Company does not make decisions producing legal or similarly significant effects based solely on automated processing.

Laboratory reports are reviewed under applicable quality management procedures before release.

18. COMPLAINTS

Individuals located within the European Economic Area, United Kingdom, Switzerland, Canada, Australia, California, and other jurisdictions may lodge complaints with applicable regulatory authorities.

We encourage individuals to contact the Company first so we may attempt to resolve concerns directly.

19. CHANGES TO THIS PRIVACY POLICY

The Company may update this Privacy Policy periodically.

Updated versions will be posted on our website with a revised effective date.

Continued use of our services following publication of updates constitutes acceptance of the revised Privacy Policy.

20. CONTACT INFORMATION

For questions regarding this Privacy Policy or privacy rights requests, contact:

Data Officer
EDL International, LLC
Email: [email protected]
Postal Address: EDLI, 500 South Main Street, Las Cruces, New Mexico, 88001, United States of America
Postal Address: EDLI, 60 Lansdowne Place, Hove, East Sussex, BN3 1FG, United Kingdom
Postal Address: EDLI, Dr Trueta Street, No 168, Floor 2 Flat 2, Office 6, 08005, Barcelona, Spain

x

We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. Read about how we use cookies and how you can control them by clicking "Cookie Settings." If you continue to use this site, you consent to our use of cookies.