Your Data. Your Device.

We never see your genetic data. We never store it. We never sell it. It never leaves your device.

The short version

When you upload your raw data file, it's read by a small program (written in Rust, compiled to WebAssembly) that runs entirely in your web browser. Your file goes from your hard drive into your browser's memory. It is never transmitted over the internet. It never touches our servers. We have no servers to receive it. When you close the page, your data is gone. We cannot retrieve it, because we never had it.

What actually happens to your file

Your browser reads the file from your device

Into local memory using the standard File API. The file never leaves your machine at this step.

A WebAssembly module runs the analysis

Compiled from Rust — it executes directly in your browser with zero network access. It cannot make HTTP requests or communicate with any external service. This is not a setting we turned off. It is how WebAssembly works.

The raw genotypes are discarded

The parser extracts interpreted results — semantic labels like "typical" or "one risk-associated variant" — and the raw data is released from memory. We store nothing that could identify a specific genotype.

Interpreted results are held in sessionStorage

Temporary browser storage cleared automatically when you close the tab. Only interpreted results, never raw genotype data.

The report renders from that temporary data

Close the tab, and it is gone. We cannot retrieve it, because we never had it.

What we don't do

✓ We do not upload your file to any server.

✓ We do not store your genetic data in any database.

✓ We do not log rsIDs, genotype calls, or any variant-level information.

✓ We do not sell, share, license, or transfer user data to any third party.

✓ We do not treat your genetic data as an asset. It is yours — we are not borrowing it.

Why this matters — a note on 23andMe

23andMe stored millions of people's genetic data on their servers. When the company went bankrupt in 2025, that data became an asset in a bankruptcy proceeding — something to be sold.

Elpis cannot have a 23andMe moment because we never have your data. There is nothing to sell, nothing to breach, nothing to subpoena. Your file never leaves your device.

Verify it yourself

Open your browser's developer tools, go to the Network tab, and use Elpis Biosciences. You will see that no outbound requests carry genetic data. The source code of the parser is available for inspection. The architecture is visible. This is what transparency looks like when it's real.